Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/zaL2FjVpcYZDhQXC95vWuhv0s7U.roa
File:                     zaL2FjVpcYZDhQXC95vWuhv0s7U.roa (raw, json)
Hash identifier:          0eI78V02f1KWwLqyOvn0KNOT6RPpv05alalg2AeJlL8=
Subject key identifier:   CD:A2:F6:16:35:69:71:86:43:85:05:C2:F7:9B:D6:BA:1B:F4:B3:B5
Certificate issuer:       /CN=EB675F938C85021374CAB1E1AF5099319B110B07
Certificate serial:       28EA
Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/zaL2FjVpcYZDhQXC95vWuhv0s7U.roa
Signing time:             Fri 01 Sep 2023 10:05:55 +0000
ROA not before:           Fri 01 Sep 2023 10:05:55 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     38841
IP address blocks:        106.1.228.0/22 maxlen: 22

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10474 (0x28ea)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07
        Validity
            Not Before: Sep  1 10:05:55 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=CDA2F61635697186438505C2F79BD6BA1BF4B3B5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:be:5f:51:cb:f5:6c:8d:cf:02:29:b7:fb:50:
                    d2:f0:94:e9:aa:7f:60:3c:6d:7b:59:91:79:69:e1:
                    1f:4e:42:0d:0e:56:8b:c1:ea:25:9a:dc:4a:17:72:
                    56:ab:1d:8d:29:a4:7d:22:f1:c4:24:cd:3b:36:ff:
                    5b:bf:fb:d5:9a:b6:19:23:88:1b:73:ed:78:9c:a8:
                    a5:79:1d:f8:11:05:e1:a4:b2:43:36:be:01:0b:40:
                    41:21:15:fc:75:4b:9c:cd:e3:5d:72:c1:8d:71:1c:
                    74:74:ab:02:23:a5:4b:f6:33:19:b5:1d:4c:c5:6b:
                    f8:a6:f8:23:d6:86:9f:1b:dd:e6:fb:75:8d:7d:ff:
                    43:30:db:8b:43:a3:63:be:96:46:c1:cd:77:b5:03:
                    95:6a:d3:77:c1:e2:1d:0b:7c:1e:6d:87:83:05:bb:
                    ed:f2:2d:0d:14:0d:c4:55:ce:b2:2d:81:5e:c7:e5:
                    3c:9f:de:19:4a:8e:f4:59:c2:83:25:ae:6c:aa:6a:
                    8e:a9:22:6e:42:f2:8a:39:a2:8f:47:d0:e9:0a:5f:
                    ad:c2:3d:16:6e:eb:5b:ec:68:23:16:57:a6:12:91:
                    5c:78:c6:78:0a:80:a8:fd:d8:3a:c4:87:ab:73:9a:
                    e0:fb:96:2b:5b:32:a9:54:1e:ce:78:1b:e4:51:32:
                    58:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:A2:F6:16:35:69:71:86:43:85:05:C2:F7:9B:D6:BA:1B:F4:B3:B5
            X509v3 Authority Key Identifier:
                keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/zaL2FjVpcYZDhQXC95vWuhv0s7U.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  106.1.228.0/22

    Signature Algorithm: sha256WithRSAEncryption
         8a:05:13:e3:b3:2f:00:42:a5:d9:91:cc:85:09:fa:2d:9b:4c:
         ce:d1:0c:02:fd:a6:0f:07:27:30:80:4e:2f:b6:75:1e:89:dd:
         e7:c1:ca:d9:ab:23:80:24:18:05:45:2d:12:34:4c:ad:19:4b:
         4a:45:b3:63:e7:58:c0:2e:24:1f:ab:35:f9:ef:60:30:5e:5b:
         56:64:46:33:f3:f8:7d:1a:a5:39:6f:6b:a2:60:69:16:11:a6:
         80:b9:02:4a:e7:93:a6:a0:2f:31:4d:cd:44:a2:7f:45:75:6c:
         b6:15:ea:8c:56:07:e0:2d:97:e1:7a:5d:50:70:b1:80:f5:9e:
         d4:bf:d2:79:e8:ca:30:af:8e:fe:0b:66:e6:6b:43:bc:c1:f9:
         15:bd:09:02:f0:e0:ab:42:b4:bd:d4:f9:34:1f:15:a1:6c:e0:
         a5:24:71:19:09:5c:e6:0f:47:ff:e6:c3:e6:4f:7a:9a:37:fb:
         3a:a6:a9:6d:e8:32:9a:ce:f0:b2:87:c3:9e:a8:80:78:af:5b:
         88:de:a3:ba:4d:8e:66:8a:60:8e:b9:a1:f5:e8:9b:a1:a2:ac:
         86:c2:33:63:43:be:b1:a8:43:00:4e:ea:95:fb:f9:4e:42:63:
         c6:73:34:f7:9e:b6:6f:0c:38:36:1b:88:07:b8:e8:89:ee:8d:
         ca:17:0f:42
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICKOowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2
NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yMzA5MDEx
MDA1NTVaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKENEQTJGNjE2MzU2OTcx
ODY0Mzg1MDVDMkY3OUJENkJBMUJGNEIzQjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDwvl9Ry/Vsjc8CKbf7UNLwlOmqf2A8bXtZkXlp4R9OQg0OVovB
6iWa3EoXclarHY0ppH0i8cQkzTs2/1u/+9WathkjiBtz7XicqKV5HfgRBeGkskM2
vgELQEEhFfx1S5zN411ywY1xHHR0qwIjpUv2Mxm1HUzFa/im+CPWhp8b3eb7dY19
/0Mw24tDo2O+lkbBzXe1A5Vq03fB4h0LfB5th4MFu+3yLQ0UDcRVzrItgV7H5Tyf
3hlKjvRZwoMlrmyqao6pIm5C8oo5oo9H0OkKX63CPRZu61vsaCMWV6YSkVx4xngK
gKj92DrEh6tzmuD7litbMqlUHs54G+RRMlj1AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUzaL2FjVpcYZDhQXC95vWuhv0s7UwHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh
r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP
LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPL3phTDJGalZwY1laRGhRWEM5
NXZXdWh2MHM3VS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJq
AeQwDQYJKoZIhvcNAQELBQADggEBAIoFE+OzLwBCpdmRzIUJ+i2bTM7RDAL9pg8H
JzCATi+2dR6J3efBytmrI4AkGAVFLRI0TK0ZS0pFs2PnWMAuJB+rNfnvYDBeW1Zk
RjPz+H0apTlva6JgaRYRpoC5Akrnk6agLzFNzUSif0V1bLYV6oxWB+Atl+F6XVBw
sYD1ntS/0nnoyjCvjv4LZuZrQ7zB+RW9CQLw4KtCtL3U+TQfFaFs4KUkcRkJXOYP
R//mw+ZPepo3+zqmqW3oMprO8LKHw56ogHivW4jeo7pNjmaKYI65ofXom6GirIbC
M2NDvrGoQwBO6pX7+U5CY8ZzNPeetm8MODYbiAe46InujcoXD0I=
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:27 2024 by rpki-client on console-fra.rpki-client.org