Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWNIC/KMHgg4R6govtme_q7NYfC-RytJI.roa
File:                     KMHgg4R6govtme_q7NYfC-RytJI.roa (raw, json)
Hash identifier:          kEYZMo5m88U2uMhfPoxFh1yWIv1g84jTshANowTEPFI=
Subject key identifier:   28:C1:E0:83:84:7A:82:8B:ED:99:EF:EA:EC:D6:1F:0B:E4:72:B4:92
Certificate issuer:       /CN=DFA8C454815C3017456EA3B4A7D00213BB85C965
Certificate serial:       116B
Authority key identifier: DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/KMHgg4R6govtme_q7NYfC-RytJI.roa
Signing time:             Fri 01 Sep 2023 03:14:20 +0000
ROA not before:           Fri 01 Sep 2023 03:14:20 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     14618
IP address blocks:        103.235.88.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4459 (0x116b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=DFA8C454815C3017456EA3B4A7D00213BB85C965
        Validity
            Not Before: Sep  1 03:14:20 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=28C1E083847A828BED99EFEAECD61F0BE472B492
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:82:01:1f:22:b7:98:bc:39:f0:89:9c:b4:99:
                    2b:82:06:49:b7:f4:57:38:1e:0a:43:bb:a2:99:0e:
                    6e:4d:d2:94:dc:f7:db:70:42:87:d0:85:98:61:c4:
                    46:43:be:b1:af:67:02:d0:34:eb:91:ee:4a:a0:16:
                    96:2d:e3:be:ec:11:97:77:ee:6b:4d:c3:4b:c0:88:
                    f7:2e:a3:52:70:e0:e7:63:75:2b:60:23:34:82:f2:
                    45:e3:34:9e:ab:b6:57:39:43:42:2c:fb:0e:48:85:
                    d4:4c:98:6e:df:61:c3:3d:87:9e:a6:cd:ac:71:e2:
                    78:4c:5c:f3:07:f1:38:f3:89:4f:be:94:cb:22:6f:
                    87:e0:83:d6:37:e9:eb:27:9f:8e:4d:b2:51:4d:3e:
                    9e:c1:d8:7b:02:83:e4:ce:8a:44:7b:b0:03:55:6f:
                    e5:c4:38:ed:0f:59:26:dc:9e:5c:a9:e9:51:59:b8:
                    0a:52:b1:af:d4:7e:b0:e3:02:e6:00:0b:e8:a1:63:
                    08:66:84:26:1f:9a:e3:cc:62:11:c2:7a:cf:f9:85:
                    45:dc:fe:3b:23:70:3b:bb:b3:2d:e9:e7:7b:e6:6f:
                    0a:a6:6e:5c:2c:06:98:0e:2d:38:0c:9c:5d:74:49:
                    2b:fd:d8:b4:13:b4:3e:14:da:18:08:1d:02:7c:29:
                    b8:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:C1:E0:83:84:7A:82:8B:ED:99:EF:EA:EC:D6:1F:0B:E4:72:B4:92
            X509v3 Authority Key Identifier:
                keyid:DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/36jEVIFcMBdFbqO0p9ACE7uFyWU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/KMHgg4R6govtme_q7NYfC-RytJI.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.235.88.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ae:0d:8d:02:40:1e:64:ce:14:7e:c3:88:a5:6e:01:8b:77:bb:
         a7:a1:33:50:55:21:15:cc:74:95:a8:0a:f6:00:86:83:8e:ff:
         21:fa:f6:b3:14:6f:40:85:e4:dc:67:14:64:2f:20:50:26:96:
         de:d3:58:17:4f:77:ff:59:32:47:03:22:69:9a:70:c7:12:51:
         e3:57:65:fa:08:74:d3:35:7b:63:af:3f:cb:d5:8d:c5:64:62:
         36:fd:1b:99:6d:9b:52:27:bf:b7:1b:73:cf:dd:1d:d4:f9:66:
         a8:41:29:25:ea:bd:46:d0:12:82:27:65:02:09:8f:92:80:fd:
         0c:6b:71:85:da:e9:b4:9f:98:9b:bd:d2:45:9c:f3:6f:35:d9:
         30:99:0b:2f:13:1f:84:3c:81:bd:10:25:b1:ca:92:ea:32:26:
         5e:03:da:fe:67:77:7c:e8:62:03:38:10:bf:cc:b3:f8:32:6b:
         1b:39:f7:4a:c0:57:83:4c:84:7b:04:2c:35:3d:a6:89:ed:09:
         ad:1a:d1:3a:13:f0:2e:57:bb:3e:14:bc:26:e2:04:48:6b:39:
         75:34:52:04:1c:a9:aa:cf:d1:b2:aa:9b:3a:bb:34:bc:cd:f8:
         6b:31:fe:8d:60:94:c8:80:d2:7b:3f:a2:0e:0a:ea:75:6a:cd:
         b4:8e:28:a0
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICEWswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREZB
OEM0NTQ4MTVDMzAxNzQ1NkVBM0I0QTdEMDAyMTNCQjg1Qzk2NTAeFw0yMzA5MDEw
MzE0MjBaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDI4QzFFMDgzODQ3QTgy
OEJFRDk5RUZFQUVDRDYxRjBCRTQ3MkI0OTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCgggEfIreYvDnwiZy0mSuCBkm39Fc4HgpDu6KZDm5N0pTc99tw
QofQhZhhxEZDvrGvZwLQNOuR7kqgFpYt477sEZd37mtNw0vAiPcuo1Jw4OdjdStg
IzSC8kXjNJ6rtlc5Q0Is+w5IhdRMmG7fYcM9h56mzaxx4nhMXPMH8TjziU++lMsi
b4fgg9Y36esnn45NslFNPp7B2HsCg+TOikR7sANVb+XEOO0PWSbcnlyp6VFZuApS
sa/UfrDjAuYAC+ihYwhmhCYfmuPMYhHCes/5hUXc/jsjcDu7sy3p53vmbwqmblws
BpgOLTgMnF10SSv92LQTtD4U2hgIHQJ8Kbg/AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUKMHgg4R6govtme/q7NYfC+RytJIwHwYDVR0jBBgwFoAU36jEVIFcMBdFbqO0
p9ACE7uFyWUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdOSUMv
MzZqRVZJRmNNQmRGYnFPMHA5QUNFN3VGeVdVLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS8zNmpFVklGY01CZEZicU8wcDlBQ0U3dUZ5V1UuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UV05JQy9LTUhnZzRSNmdvdnRtZV9xN05Z
ZkMtUnl0Skkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ+tY
MA0GCSqGSIb3DQEBCwUAA4IBAQCuDY0CQB5kzhR+w4ilbgGLd7unoTNQVSEVzHSV
qAr2AIaDjv8h+vazFG9AheTcZxRkLyBQJpbe01gXT3f/WTJHAyJpmnDHElHjV2X6
CHTTNXtjrz/L1Y3FZGI2/RuZbZtSJ7+3G3PP3R3U+WaoQSkl6r1G0BKCJ2UCCY+S
gP0Ma3GF2um0n5ibvdJFnPNvNdkwmQsvEx+EPIG9ECWxypLqMiZeA9r+Z3d86GID
OBC/zLP4MmsbOfdKwFeDTIR7BCw1PaaJ7QmtGtE6E/AuV7s+FLwm4gRIazl1NFIE
HKmqz9Gyqps6uzS8zfhrMf6NYJTIgNJ7P6IOCup1as20jiig
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:27 2024 by rpki-client on console-fra.rpki-client.org