Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWNTT/DUp9xvMUZQjdODlrc7CqK0EIiHg.roa
File:                     DUp9xvMUZQjdODlrc7CqK0EIiHg.roa (raw, json)
Hash identifier:          T8DFg/bLFJRv1bgyEWdzGXYAxY5cstnqiYCz0Vc1Xbc=
Subject key identifier:   0D:4A:7D:C6:F3:14:65:08:DD:38:39:6B:73:B0:AA:2B:41:08:88:78
Certificate issuer:       /CN=9E2697FA70252F83F41D121EC0B5CB458B6FF214
Certificate serial:       0B65
Authority key identifier: 9E:26:97:FA:70:25:2F:83:F4:1D:12:1E:C0:B5:CB:45:8B:6F:F2:14
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/niaX-nAlL4P0HRIewLXLRYtv8hQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNTT/DUp9xvMUZQjdODlrc7CqK0EIiHg.roa
Signing time:             Fri 01 Sep 2023 10:13:52 +0000
ROA not before:           Fri 01 Sep 2023 10:13:52 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     2914
IP address blocks:        61.58.32.0/20 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2917 (0xb65)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9E2697FA70252F83F41D121EC0B5CB458B6FF214
        Validity
            Not Before: Sep  1 10:13:52 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=0D4A7DC6F3146508DD38396B73B0AA2B41088878
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:c9:30:4a:a3:bd:0b:46:09:c1:4b:75:c8:79:
                    20:9d:70:45:f8:24:cd:d1:2e:49:f5:12:1b:b7:d8:
                    4e:36:bd:41:e3:5c:17:de:4e:d9:e6:2f:71:9f:ad:
                    59:42:f9:a5:2f:3f:2f:67:ab:ac:16:59:3e:ee:6a:
                    9d:36:53:db:45:6c:ab:13:ce:2e:00:96:c8:5f:c4:
                    37:ab:09:24:64:a0:c9:69:b8:ef:24:5f:ae:52:c0:
                    7b:00:b3:01:7d:66:81:05:80:ba:25:a1:92:50:a1:
                    b9:4d:a7:e4:8d:8e:24:fd:a1:69:4e:72:be:40:73:
                    90:6f:78:83:7d:65:fa:7b:d7:ce:11:23:ac:5c:66:
                    3d:32:12:c9:30:2a:af:5a:de:01:fa:e0:fd:23:0b:
                    2c:df:69:c3:07:cd:fa:db:19:2b:64:73:a9:ed:1b:
                    2d:87:5a:eb:34:42:9b:57:83:ad:03:fa:e4:a6:45:
                    7a:73:fb:51:1e:d7:cf:67:54:e3:21:d6:a7:0c:3d:
                    63:0d:59:19:69:a5:a0:34:78:7e:f6:26:2c:bc:53:
                    c9:cd:b4:4f:0d:77:42:dc:03:c6:a3:29:c5:34:6d:
                    21:17:f5:c1:f8:41:3d:14:53:32:d9:b3:9a:ba:d0:
                    62:59:58:52:a6:a9:7f:61:23:b1:36:7a:91:a4:72:
                    5e:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:4A:7D:C6:F3:14:65:08:DD:38:39:6B:73:B0:AA:2B:41:08:88:78
            X509v3 Authority Key Identifier:
                keyid:9E:26:97:FA:70:25:2F:83:F4:1D:12:1E:C0:B5:CB:45:8B:6F:F2:14

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNTT/niaX-nAlL4P0HRIewLXLRYtv8hQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/niaX-nAlL4P0HRIewLXLRYtv8hQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNTT/DUp9xvMUZQjdODlrc7CqK0EIiHg.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  61.58.32.0/20

    Signature Algorithm: sha256WithRSAEncryption
         67:56:14:1a:94:e3:d9:2d:f0:ec:69:6f:2e:a8:95:08:76:db:
         cd:39:db:24:04:30:f3:20:e2:01:fb:17:0c:e0:5d:3c:2e:3c:
         54:a9:7d:93:ea:4d:78:84:6b:d0:56:9f:2b:72:a9:e1:63:42:
         66:c8:03:ac:6e:51:1d:e5:79:fb:89:be:4a:40:6a:ea:7a:e3:
         38:54:3a:65:67:3d:42:33:1b:1d:5d:00:76:c8:b1:29:b4:b4:
         1e:c9:de:7e:03:61:07:72:6b:d2:63:87:5f:59:a6:d8:3e:62:
         5f:fc:89:82:5f:9c:eb:85:f0:02:c6:e4:fc:a1:34:22:a9:15:
         66:eb:4e:a6:f1:5d:a5:3a:6e:19:ae:63:ea:6a:07:f9:c9:f0:
         e4:0b:9e:b8:68:40:63:97:d4:23:4a:ee:ac:25:f5:b7:03:a7:
         65:aa:4b:05:77:23:19:d7:e0:1e:61:98:c9:8a:56:df:e7:c5:
         35:8f:07:7c:96:48:e9:e0:05:6c:0b:1b:81:32:f9:1d:2f:1b:
         58:97:10:ab:f5:f2:7a:a7:c4:7f:c8:c4:22:1a:da:34:c4:40:
         b0:7b:17:ae:f4:fb:6e:c4:44:eb:b0:fc:d6:db:5a:c2:27:96:
         4e:28:11:95:11:33:55:0d:da:74:82:a2:00:44:43:6f:6d:66:
         6a:48:be:56
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICC2UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOUUy
Njk3RkE3MDI1MkY4M0Y0MUQxMjFFQzBCNUNCNDU4QjZGRjIxNDAeFw0yMzA5MDEx
MDEzNTJaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDBENEE3REM2RjMxNDY1
MDhERDM4Mzk2QjczQjBBQTJCNDEwODg4NzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDgyTBKo70LRgnBS3XIeSCdcEX4JM3RLkn1Ehu32E42vUHjXBfe
TtnmL3GfrVlC+aUvPy9nq6wWWT7uap02U9tFbKsTzi4AlshfxDerCSRkoMlpuO8k
X65SwHsAswF9ZoEFgLoloZJQoblNp+SNjiT9oWlOcr5Ac5BveIN9Zfp7184RI6xc
Zj0yEskwKq9a3gH64P0jCyzfacMHzfrbGStkc6ntGy2HWus0QptXg60D+uSmRXpz
+1Ee189nVOMh1qcMPWMNWRlppaA0eH72Jiy8U8nNtE8Nd0LcA8ajKcU0bSEX9cH4
QT0UUzLZs5q60GJZWFKmqX9hI7E2epGkcl45AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUDUp9xvMUZQjdODlrc7CqK0EIiHgwHwYDVR0jBBgwFoAUniaX+nAlL4P0HRIe
wLXLRYtv8hQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdOVFQv
bmlhWC1uQWxMNFAwSFJJZXdMWExSWXR2OGhRLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9uaWFYLW5BbEw0UDBIUklld0xYTFJZdHY4aFEuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UV05UVC9EVXA5eHZNVVpRamRPRGxyYzdD
cUswRUlpSGcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEPTog
MA0GCSqGSIb3DQEBCwUAA4IBAQBnVhQalOPZLfDsaW8uqJUIdtvNOdskBDDzIOIB
+xcM4F08LjxUqX2T6k14hGvQVp8rcqnhY0JmyAOsblEd5Xn7ib5KQGrqeuM4VDpl
Zz1CMxsdXQB2yLEptLQeyd5+A2EHcmvSY4dfWabYPmJf/ImCX5zrhfACxuT8oTQi
qRVm606m8V2lOm4ZrmPqagf5yfDkC564aEBjl9QjSu6sJfW3A6dlqksFdyMZ1+Ae
YZjJilbf58U1jwd8lkjp4AVsCxuBMvkdLxtYlxCr9fJ6p8R/yMQiGto0xECwexeu
9PtuxETrsPzW21rCJ5ZOKBGVETNVDdp0gqIARENvbWZqSL5W
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:27 2024 by rpki-client on console-fra.rpki-client.org