Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWNIC/_yQIV9_-eRWeYvfag4gv2rH7rZQ.roa
File:                     _yQIV9_-eRWeYvfag4gv2rH7rZQ.roa (raw, json)
Hash identifier:          BeiB9pX6qQ0X5FdYg0kZbVdpjMpa0S9RfMrXDzgQ/5M=
Subject key identifier:   FF:24:08:57:DF:FE:79:15:9E:62:F7:DA:83:88:2F:DA:B1:FB:AD:94
Certificate issuer:       /CN=DFA8C454815C3017456EA3B4A7D00213BB85C965
Certificate serial:       1170
Authority key identifier: DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/_yQIV9_-eRWeYvfag4gv2rH7rZQ.roa
Signing time:             Fri 01 Sep 2023 03:14:21 +0000
ROA not before:           Fri 01 Sep 2023 03:14:21 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     131621
IP address blocks:        101.102.103.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4464 (0x1170)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=DFA8C454815C3017456EA3B4A7D00213BB85C965
        Validity
            Not Before: Sep  1 03:14:21 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=FF240857DFFE79159E62F7DA83882FDAB1FBAD94
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:32:7e:b4:80:29:78:1b:90:66:82:cf:ed:86:
                    38:70:fa:ed:9c:25:bb:c3:82:54:f0:29:cf:4b:95:
                    a1:b5:9a:d2:74:39:00:f1:5f:cf:c3:0d:89:4e:95:
                    f6:61:46:e7:18:44:b4:4a:52:f8:02:d3:83:9a:2e:
                    31:c8:e9:ec:6c:6e:55:54:f5:f2:42:2d:fa:40:6b:
                    27:a2:2e:57:b7:d1:4e:4f:63:c9:38:0d:88:05:ae:
                    b7:51:0e:62:6f:fd:3c:7a:bc:1c:34:81:08:03:6c:
                    95:f4:fb:1c:58:15:0b:b8:57:01:fe:71:33:05:dc:
                    91:92:3b:71:6c:dd:08:00:5c:22:36:e2:a9:f7:a2:
                    31:60:d6:ed:a4:9d:1c:c6:a8:90:64:ba:7c:9b:89:
                    83:4d:15:f3:bc:cc:2b:4a:19:bd:67:12:a7:b4:d2:
                    0c:6c:0f:ea:f7:c9:78:d5:54:a7:9e:0f:3c:69:43:
                    31:2d:ee:e6:15:d3:cf:63:a0:f1:e9:b9:bd:85:ba:
                    d8:ab:19:2e:2f:10:e5:25:a3:86:41:7d:69:9e:86:
                    cc:05:90:4a:df:aa:4e:ab:e3:a5:59:c7:3b:24:45:
                    70:55:e8:f1:b5:80:ca:8a:43:6d:6a:b0:d4:c0:69:
                    1e:85:18:50:69:0c:17:0a:a7:45:f2:7e:76:c7:3d:
                    60:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:24:08:57:DF:FE:79:15:9E:62:F7:DA:83:88:2F:DA:B1:FB:AD:94
            X509v3 Authority Key Identifier:
                keyid:DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/36jEVIFcMBdFbqO0p9ACE7uFyWU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/_yQIV9_-eRWeYvfag4gv2rH7rZQ.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  101.102.103.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0a:c3:3c:b6:e8:56:e6:b7:71:93:0e:a6:16:74:dd:9c:ec:65:
         ea:5f:e0:d9:fe:05:37:09:ee:a5:79:c8:9e:57:2c:7c:25:24:
         0b:92:fd:fe:e6:23:70:40:3e:55:4e:28:55:b4:b6:12:e3:80:
         af:e9:31:49:c5:a6:a8:5f:48:41:eb:5b:62:e1:5a:e0:e0:19:
         3a:94:30:55:ed:db:ad:ba:08:0f:c7:92:2d:1f:bb:50:bc:69:
         78:bf:57:91:5d:75:5c:c3:e0:80:44:93:0e:80:9b:5e:df:58:
         60:a6:7b:2e:e7:ea:40:4c:2c:de:f8:c9:ac:1f:a8:e8:14:91:
         ce:b8:bc:41:47:8c:59:f8:4d:9f:40:61:2d:f8:6c:3b:c6:2a:
         ed:51:8f:71:64:de:e4:30:df:e8:64:3f:dc:89:54:1b:57:31:
         e8:51:b5:8d:1e:e4:fd:0f:1c:03:6c:4b:5d:b9:77:c8:11:e9:
         4b:ef:98:7c:20:7c:79:8d:da:81:a0:09:ac:0c:8d:35:f3:02:
         41:42:e0:b1:7d:c5:d8:76:e6:68:4c:76:dd:d8:81:a0:b4:04:
         c0:e8:38:88:7f:9b:29:9d:a4:78:be:03:59:03:80:b6:ac:15:
         f6:d6:df:c8:75:f5:ab:9e:f8:88:c5:8d:af:bf:2d:9e:d0:e6:
         80:18:2f:7f
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICEXAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREZB
OEM0NTQ4MTVDMzAxNzQ1NkVBM0I0QTdEMDAyMTNCQjg1Qzk2NTAeFw0yMzA5MDEw
MzE0MjFaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEZGMjQwODU3REZGRTc5
MTU5RTYyRjdEQTgzODgyRkRBQjFGQkFEOTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6Mn60gCl4G5Bmgs/thjhw+u2cJbvDglTwKc9LlaG1mtJ0OQDx
X8/DDYlOlfZhRucYRLRKUvgC04OaLjHI6exsblVU9fJCLfpAayeiLle30U5PY8k4
DYgFrrdRDmJv/Tx6vBw0gQgDbJX0+xxYFQu4VwH+cTMF3JGSO3Fs3QgAXCI24qn3
ojFg1u2knRzGqJBkunybiYNNFfO8zCtKGb1nEqe00gxsD+r3yXjVVKeeDzxpQzEt
7uYV089joPHpub2FutirGS4vEOUlo4ZBfWmehswFkErfqk6r46VZxzskRXBV6PG1
gMqKQ21qsNTAaR6FGFBpDBcKp0XyfnbHPWCfAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQU/yQIV9/+eRWeYvfag4gv2rH7rZQwHwYDVR0jBBgwFoAU36jEVIFcMBdFbqO0
p9ACE7uFyWUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdOSUMv
MzZqRVZJRmNNQmRGYnFPMHA5QUNFN3VGeVdVLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS8zNmpFVklGY01CZEZicU8wcDlBQ0U3dUZ5V1UuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UV05JQy9feVFJVjlfLWVSV2VZdmZhZzRn
djJySDdyWlEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZWZn
MA0GCSqGSIb3DQEBCwUAA4IBAQAKwzy26Fbmt3GTDqYWdN2c7GXqX+DZ/gU3Ce6l
ecieVyx8JSQLkv3+5iNwQD5VTihVtLYS44Cv6TFJxaaoX0hB61ti4Vrg4Bk6lDBV
7dutuggPx5ItH7tQvGl4v1eRXXVcw+CARJMOgJte31hgpnsu5+pATCze+MmsH6jo
FJHOuLxBR4xZ+E2fQGEt+Gw7xirtUY9xZN7kMN/oZD/ciVQbVzHoUbWNHuT9DxwD
bEtduXfIEelL75h8IHx5jdqBoAmsDI018wJBQuCxfcXYduZoTHbd2IGgtATA6DiI
f5spnaR4vgNZA4C2rBX21t/IdfWrnviIxY2vvy2e0OaAGC9/
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:27 2024 by rpki-client on console-fra.rpki-client.org