Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWNTT/EqiLtE0FaXxC5DMBocoqM37-7Fc.roa
File:                     EqiLtE0FaXxC5DMBocoqM37-7Fc.roa (raw, json)
Hash identifier:          ocHrLzg03Tmxxut4SgmMJSADsGfWqlmFht4fC/zsZyo=
Subject key identifier:   12:A8:8B:B4:4D:05:69:7C:42:E4:33:01:A1:CA:2A:33:7E:FE:EC:57
Certificate issuer:       /CN=9E2697FA70252F83F41D121EC0B5CB458B6FF214
Certificate serial:       0B66
Authority key identifier: 9E:26:97:FA:70:25:2F:83:F4:1D:12:1E:C0:B5:CB:45:8B:6F:F2:14
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/niaX-nAlL4P0HRIewLXLRYtv8hQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNTT/EqiLtE0FaXxC5DMBocoqM37-7Fc.roa
Signing time:             Fri 01 Sep 2023 10:13:52 +0000
ROA not before:           Fri 01 Sep 2023 10:13:52 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     18018
IP address blocks:        122.255.94.0/28 maxlen: 28

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2918 (0xb66)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9E2697FA70252F83F41D121EC0B5CB458B6FF214
        Validity
            Not Before: Sep  1 10:13:52 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=12A88BB44D05697C42E43301A1CA2A337EFEEC57
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:37:48:70:09:4e:13:6f:5a:f3:7c:eb:c6:58:
                    74:c1:a2:55:89:45:db:12:d6:96:7f:1c:60:bf:04:
                    42:77:ea:67:87:76:2d:c6:83:d1:44:64:f5:65:4d:
                    a0:f7:aa:8d:67:f3:af:72:56:61:25:23:db:ff:bf:
                    4c:82:62:4b:97:6a:d6:8e:13:03:22:84:d6:9c:cf:
                    0a:ec:d4:04:6e:f3:c5:aa:7e:30:8d:26:2c:f8:ca:
                    c2:16:5e:1c:b6:95:94:74:ec:91:bf:b4:8c:fe:3d:
                    4c:fe:a8:e7:b6:95:92:c7:3e:33:77:87:2a:46:66:
                    9b:6f:39:cb:7d:9a:41:3e:11:f0:a5:50:c1:b4:85:
                    6f:10:5a:b0:a0:a2:b9:a4:3b:33:35:1a:b6:b2:54:
                    5f:4f:59:ff:ba:89:f9:8f:80:f5:cf:6b:74:d0:86:
                    02:75:54:a6:ea:66:a0:21:04:32:10:15:e6:2b:b8:
                    83:81:50:e5:19:55:93:ff:4e:cc:bd:a5:08:21:10:
                    2d:9c:a5:9f:72:e3:4c:46:7b:30:bf:31:f2:e6:c9:
                    d9:9e:3c:9c:c4:6c:0d:64:05:7f:d9:b1:7b:e6:06:
                    8e:cb:89:87:56:38:ac:53:66:42:5f:9c:c0:98:f1:
                    69:f2:8f:a4:57:da:1f:60:cc:fa:0d:01:11:ce:54:
                    c0:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:A8:8B:B4:4D:05:69:7C:42:E4:33:01:A1:CA:2A:33:7E:FE:EC:57
            X509v3 Authority Key Identifier:
                keyid:9E:26:97:FA:70:25:2F:83:F4:1D:12:1E:C0:B5:CB:45:8B:6F:F2:14

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNTT/niaX-nAlL4P0HRIewLXLRYtv8hQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/niaX-nAlL4P0HRIewLXLRYtv8hQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNTT/EqiLtE0FaXxC5DMBocoqM37-7Fc.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  122.255.94.0/28

    Signature Algorithm: sha256WithRSAEncryption
         5b:17:31:1a:4c:a0:08:54:21:07:a9:ae:04:46:e7:10:ff:ce:
         39:3a:c5:d2:48:6c:74:97:35:7b:41:6b:e0:fe:7f:63:28:af:
         2b:5c:63:ec:00:b6:e2:bf:ca:06:80:4f:07:73:0e:cc:8a:62:
         5b:15:d0:b3:2e:e9:43:3d:9b:84:79:96:a2:4f:9e:7e:dd:ac:
         fc:e8:80:37:e3:99:70:09:71:e2:a5:24:a9:d6:09:a3:66:70:
         74:e5:5d:3b:ef:c9:52:61:1e:f6:a7:9d:2e:2b:af:4d:78:9a:
         f9:99:ba:f2:f4:7a:57:90:cf:6b:b7:16:30:3d:cf:25:d1:0a:
         36:a3:af:ce:9f:88:91:d2:51:00:4b:bc:f4:4b:e2:01:b8:14:
         80:32:f0:ad:b0:19:a4:1a:d4:31:f9:44:28:30:28:21:a9:74:
         9e:a7:9b:7d:95:03:86:8d:7a:16:81:3e:21:fd:35:84:6f:85:
         5d:28:e5:0b:7b:65:9f:36:46:be:a1:37:99:10:6e:ac:2e:19:
         03:aa:9c:9b:e9:e4:a6:07:a3:0e:d7:8e:92:3c:9d:30:66:ff:
         ee:6c:b5:ec:4a:bc:fa:62:b7:ac:bb:9d:fb:a3:dd:20:b5:f8:
         12:f6:5f:64:3c:30:9b:38:ba:2a:0f:89:41:17:c2:9b:57:a4:
         34:58:d8:55
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgICC2YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOUUy
Njk3RkE3MDI1MkY4M0Y0MUQxMjFFQzBCNUNCNDU4QjZGRjIxNDAeFw0yMzA5MDEx
MDEzNTJaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDEyQTg4QkI0NEQwNTY5
N0M0MkU0MzMwMUExQ0EyQTMzN0VGRUVDNTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3N0hwCU4Tb1rzfOvGWHTBolWJRdsS1pZ/HGC/BEJ36meHdi3G
g9FEZPVlTaD3qo1n869yVmElI9v/v0yCYkuXataOEwMihNaczwrs1ARu88WqfjCN
Jiz4ysIWXhy2lZR07JG/tIz+PUz+qOe2lZLHPjN3hypGZptvOct9mkE+EfClUMG0
hW8QWrCgormkOzM1GrayVF9PWf+6ifmPgPXPa3TQhgJ1VKbqZqAhBDIQFeYruIOB
UOUZVZP/Tsy9pQghEC2cpZ9y40xGezC/MfLmydmePJzEbA1kBX/ZsXvmBo7LiYdW
OKxTZkJfnMCY8Wnyj6RX2h9gzPoNARHOVMBTAgMBAAGjggHtMIIB6TAdBgNVHQ4E
FgQUEqiLtE0FaXxC5DMBocoqM37+7FcwHwYDVR0jBBgwFoAUniaX+nAlL4P0HRIe
wLXLRYtv8hQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdOVFQv
bmlhWC1uQWxMNFAwSFJJZXdMWExSWXR2OGhRLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9uaWFYLW5BbEw0UDBIUklld0xYTFJZdHY4aFEuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UV05UVC9FcWlMdEUwRmFYeEM1RE1Cb2Nv
cU0zNy03RmMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAATAHAwUEev9e
ADANBgkqhkiG9w0BAQsFAAOCAQEAWxcxGkygCFQhB6muBEbnEP/OOTrF0khsdJc1
e0Fr4P5/YyivK1xj7AC24r/KBoBPB3MOzIpiWxXQsy7pQz2bhHmWok+eft2s/OiA
N+OZcAlx4qUkqdYJo2ZwdOVdO+/JUmEe9qedLiuvTXia+Zm68vR6V5DPa7cWMD3P
JdEKNqOvzp+IkdJRAEu89EviAbgUgDLwrbAZpBrUMflEKDAoIal0nqebfZUDho16
FoE+If01hG+FXSjlC3tlnzZGvqE3mRBurC4ZA6qcm+nkpgejDteOkjydMGb/7my1
7Eq8+mK3rLud+6PdILX4EvZfZDwwmzi6Kg+JQRfCm1ekNFjYVQ==
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:20 2024 by rpki-client on console-ams.rpki-client.org