Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWNIC/Ye1JRRrrcMGd0uYAhE-A9et-zAs.roa
File:                     Ye1JRRrrcMGd0uYAhE-A9et-zAs.roa (raw, json)
Hash identifier:          t7Y22yrovi7pEgF+pA4wnsdF5XhlcUjZ3DReGBF7/Gg=
Subject key identifier:   61:ED:49:45:1A:EB:70:C1:9D:D2:E6:00:84:4F:80:F5:EB:7E:CC:0B
Certificate issuer:       /CN=DFA8C454815C3017456EA3B4A7D00213BB85C965
Certificate serial:       11CF
Authority key identifier: DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/Ye1JRRrrcMGd0uYAhE-A9et-zAs.roa
Signing time:             Wed 27 Dec 2023 02:30:58 +0000
ROA not before:           Wed 27 Dec 2023 02:30:58 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     131644
IP address blocks:        119.75.240.0/22 maxlen: 22

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4559 (0x11cf)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=DFA8C454815C3017456EA3B4A7D00213BB85C965
        Validity
            Not Before: Dec 27 02:30:58 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=61ED49451AEB70C19DD2E600844F80F5EB7ECC0B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:39:e5:58:43:42:8e:cb:ee:d5:35:ce:5e:4d:
                    c7:1f:ce:08:b3:8f:9d:ed:8b:70:a6:be:d4:fd:0b:
                    84:71:38:d9:32:68:c5:59:5b:8c:82:2f:98:6f:f9:
                    72:3a:3f:85:61:c0:1a:2d:f1:7a:40:a3:b7:6d:9f:
                    64:cd:b6:57:d9:7b:5e:49:b0:08:03:d7:1c:b8:f0:
                    64:48:09:2b:da:17:b5:e9:78:6b:38:9b:26:5a:c2:
                    e1:5a:0d:ba:fc:c1:cd:56:31:01:80:84:08:a6:a5:
                    fe:57:50:b9:ec:0f:2b:93:4a:e1:a3:19:5b:aa:b9:
                    bc:7d:2a:2e:79:61:8c:19:86:12:6c:a7:12:26:0a:
                    31:66:50:e4:02:5c:72:c9:98:88:28:dd:ca:98:a4:
                    c4:34:c8:c9:48:c8:12:22:cc:13:da:fb:a2:84:26:
                    c4:a2:7a:6c:5b:48:c5:83:d7:13:8f:e7:21:a9:63:
                    29:e8:d0:65:b3:5e:14:e9:32:c7:3f:f3:5e:d5:70:
                    72:b8:18:9c:dc:d1:fc:31:e0:06:86:93:3d:ac:aa:
                    a6:ad:2a:43:f1:6a:ae:47:45:f3:a7:b8:3d:eb:83:
                    b2:8d:bf:a1:b1:cf:cb:48:0d:d0:e5:ee:95:b8:d3:
                    5c:89:8e:23:15:1f:0d:6c:c5:81:91:d6:b4:d8:d1:
                    56:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:ED:49:45:1A:EB:70:C1:9D:D2:E6:00:84:4F:80:F5:EB:7E:CC:0B
            X509v3 Authority Key Identifier:
                keyid:DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/36jEVIFcMBdFbqO0p9ACE7uFyWU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/Ye1JRRrrcMGd0uYAhE-A9et-zAs.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  119.75.240.0/22

    Signature Algorithm: sha256WithRSAEncryption
         92:ee:8a:24:57:d9:f2:68:44:39:77:a8:0e:cf:7d:1e:dc:46:
         34:8b:38:8e:2b:d1:55:df:6c:cf:80:6e:99:9e:c4:0e:a3:fe:
         4e:2e:93:64:58:ea:4b:75:64:a9:b0:74:6e:a5:d9:ae:81:23:
         26:10:1d:98:bf:92:6e:2d:58:bc:fd:03:5a:1a:5c:71:33:a9:
         2e:49:a6:0c:37:5e:bb:2c:75:78:54:be:55:52:f0:c0:55:66:
         2e:3a:79:28:6b:40:59:a2:a2:8c:01:3f:f9:a3:8a:f7:68:ea:
         c9:a1:8c:ec:c4:44:23:c7:d8:09:1d:06:ce:cf:e1:eb:2e:6f:
         0d:90:b6:63:8d:1f:35:9e:b5:6c:c2:5a:e7:8f:a0:f4:8b:a5:
         47:0b:a2:9c:0d:db:c9:5d:05:1d:f3:c4:10:42:88:ee:fb:7d:
         6b:c6:40:b1:6c:43:4a:f8:4c:b4:2e:e5:30:77:3a:d8:51:d3:
         84:f9:82:54:65:16:87:63:18:ec:1a:d8:59:c3:20:8b:68:37:
         8b:ba:6d:24:5f:9c:50:9a:ed:fb:9a:ba:2d:8a:f0:4f:b9:b9:
         9a:e8:00:5b:88:35:5d:89:80:2e:06:f9:29:55:f2:40:6b:af:
         cc:b7:01:aa:a8:56:8b:53:a9:90:47:bf:90:2e:13:71:e6:ab:
         ba:9d:9e:17
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICEc8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREZB
OEM0NTQ4MTVDMzAxNzQ1NkVBM0I0QTdEMDAyMTNCQjg1Qzk2NTAeFw0yMzEyMjcw
MjMwNThaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDYxRUQ0OTQ1MUFFQjcw
QzE5REQyRTYwMDg0NEY4MEY1RUI3RUNDMEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvOeVYQ0KOy+7VNc5eTccfzgizj53ti3CmvtT9C4RxONkyaMVZ
W4yCL5hv+XI6P4VhwBot8XpAo7dtn2TNtlfZe15JsAgD1xy48GRICSvaF7XpeGs4
myZawuFaDbr8wc1WMQGAhAimpf5XULnsDyuTSuGjGVuqubx9Ki55YYwZhhJspxIm
CjFmUOQCXHLJmIgo3cqYpMQ0yMlIyBIizBPa+6KEJsSiemxbSMWD1xOP5yGpYyno
0GWzXhTpMsc/817VcHK4GJzc0fwx4AaGkz2sqqatKkPxaq5HRfOnuD3rg7KNv6Gx
z8tIDdDl7pW401yJjiMVHw1sxYGR1rTY0VYXAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUYe1JRRrrcMGd0uYAhE+A9et+zAswHwYDVR0jBBgwFoAU36jEVIFcMBdFbqO0
p9ACE7uFyWUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdOSUMv
MzZqRVZJRmNNQmRGYnFPMHA5QUNFN3VGeVdVLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS8zNmpFVklGY01CZEZicU8wcDlBQ0U3dUZ5V1UuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UV05JQy9ZZTFKUlJycmNNR2QwdVlBaEUt
QTlldC16QXMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCd0vw
MA0GCSqGSIb3DQEBCwUAA4IBAQCS7ookV9nyaEQ5d6gOz30e3EY0iziOK9FV32zP
gG6ZnsQOo/5OLpNkWOpLdWSpsHRupdmugSMmEB2Yv5JuLVi8/QNaGlxxM6kuSaYM
N167LHV4VL5VUvDAVWYuOnkoa0BZoqKMAT/5o4r3aOrJoYzsxEQjx9gJHQbOz+Hr
Lm8NkLZjjR81nrVswlrnj6D0i6VHC6KcDdvJXQUd88QQQoju+31rxkCxbENK+Ey0
LuUwdzrYUdOE+YJUZRaHYxjsGthZwyCLaDeLum0kX5xQmu37mrotivBPubma6ABb
iDVdiYAuBvkpVfJAa6/MtwGqqFaLU6mQR7+QLhNx5qu6nZ4X
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:20 2024 by rpki-client on console-ams.rpki-client.org