Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWNTT/qksYBCh8Z4Vlyb6A27SABO58jtA.roa
File:                     qksYBCh8Z4Vlyb6A27SABO58jtA.roa (raw, json)
Hash identifier:          6uhSWM6NXvaTlIt0omsMLY+VtmyF84E80b/ZsgcUq9U=
Subject key identifier:   AA:4B:18:04:28:7C:67:85:65:C9:BE:80:DB:B4:80:04:EE:7C:8E:D0
Certificate issuer:       /CN=9E2697FA70252F83F41D121EC0B5CB458B6FF214
Certificate serial:       0B6B
Authority key identifier: 9E:26:97:FA:70:25:2F:83:F4:1D:12:1E:C0:B5:CB:45:8B:6F:F2:14
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/niaX-nAlL4P0HRIewLXLRYtv8hQ.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNTT/qksYBCh8Z4Vlyb6A27SABO58jtA.roa
Signing time:             Fri 01 Sep 2023 10:13:54 +0000
ROA not before:           Fri 01 Sep 2023 10:13:54 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     18018
IP address blocks:        122.255.95.128/25 maxlen: 25

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2923 (0xb6b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9E2697FA70252F83F41D121EC0B5CB458B6FF214
        Validity
            Not Before: Sep  1 10:13:54 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=AA4B1804287C678565C9BE80DBB48004EE7C8ED0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:11:3b:e2:ba:fe:d0:98:32:ee:1f:32:95:1c:
                    49:8a:c9:31:8a:74:c9:68:e4:4e:ec:1f:2f:3b:4b:
                    f9:c9:5b:1f:af:6a:85:53:b1:d5:08:7a:68:43:b9:
                    33:f5:95:90:60:b7:e0:68:41:a3:6a:a0:fa:00:69:
                    00:ea:11:79:1b:5a:b8:ee:4d:67:4a:60:42:44:ff:
                    5d:75:36:96:c8:62:1b:05:26:09:98:de:9a:39:49:
                    e8:24:56:87:1c:dc:47:28:c7:e2:a3:d2:05:8f:40:
                    1d:7c:4c:d5:e2:85:df:97:9c:40:4a:ab:93:e5:29:
                    87:3b:47:67:c8:4f:f3:05:e3:38:94:93:9a:7c:b3:
                    05:94:65:96:1f:b4:96:45:55:af:11:08:4e:f1:e2:
                    10:2c:87:0a:e0:5b:da:ca:ce:d5:77:ca:cf:f2:c7:
                    63:19:6e:a4:99:4f:9f:40:55:87:be:de:22:b5:38:
                    b0:e3:b1:db:8a:f7:87:f6:63:0d:6c:ea:ec:fa:c8:
                    c7:57:e5:16:28:b9:e1:97:4a:08:4f:ff:f3:10:3b:
                    05:a8:76:02:95:89:f9:7c:9c:3c:16:a3:e3:f0:b5:
                    2a:5b:d6:5e:92:93:c7:63:76:b3:fe:f8:91:88:4c:
                    83:e7:51:22:38:e1:a3:84:9c:11:ef:6a:7e:dd:f7:
                    80:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:4B:18:04:28:7C:67:85:65:C9:BE:80:DB:B4:80:04:EE:7C:8E:D0
            X509v3 Authority Key Identifier:
                keyid:9E:26:97:FA:70:25:2F:83:F4:1D:12:1E:C0:B5:CB:45:8B:6F:F2:14

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNTT/niaX-nAlL4P0HRIewLXLRYtv8hQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/niaX-nAlL4P0HRIewLXLRYtv8hQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNTT/qksYBCh8Z4Vlyb6A27SABO58jtA.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  122.255.95.128/25

    Signature Algorithm: sha256WithRSAEncryption
         1a:dd:d3:2c:93:a7:d9:9b:02:2d:fa:06:96:79:c9:3f:ea:bc:
         ff:53:92:d2:cd:5c:89:b2:89:04:6b:84:b4:a6:de:89:f8:f1:
         c3:3a:ed:af:91:66:87:fa:0c:42:26:f5:99:48:b5:98:dc:06:
         5e:0e:85:47:de:b3:d4:b7:af:b0:b0:78:61:6c:69:b5:4a:d5:
         1e:26:c0:d4:81:b2:4c:fb:c7:34:41:f6:06:d1:e2:c6:66:85:
         42:fb:89:f9:85:12:f3:4c:48:78:ab:5e:6b:4e:22:01:03:e6:
         40:00:10:31:22:92:bd:f3:1d:bf:22:f7:c5:f8:57:28:b3:37:
         3c:c4:60:71:e5:03:4c:3d:e1:14:69:df:04:1a:c4:1e:61:e7:
         07:9d:87:38:6c:8d:36:06:49:f9:69:8d:2c:87:dd:31:53:3d:
         3c:d6:81:f8:7c:c9:f3:83:d9:eb:f8:ff:43:e1:4d:47:9c:c4:
         0d:dc:1f:aa:e0:f2:f1:96:38:4b:25:90:09:22:4a:ed:cf:ae:
         ea:00:79:4d:d0:87:cf:89:b0:de:8f:40:54:61:d3:e4:20:96:
         72:3c:42:ce:f3:85:7c:d0:f0:05:1c:fa:d0:ad:75:55:bf:77:
         59:38:61:bc:53:ed:90:51:b5:8e:56:4d:6e:c9:4b:a8:09:ef:
         cc:dc:2a:6a
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgICC2swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOUUy
Njk3RkE3MDI1MkY4M0Y0MUQxMjFFQzBCNUNCNDU4QjZGRjIxNDAeFw0yMzA5MDEx
MDEzNTRaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEFBNEIxODA0Mjg3QzY3
ODU2NUM5QkU4MERCQjQ4MDA0RUU3QzhFRDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDXETviuv7QmDLuHzKVHEmKyTGKdMlo5E7sHy87S/nJWx+vaoVT
sdUIemhDuTP1lZBgt+BoQaNqoPoAaQDqEXkbWrjuTWdKYEJE/111NpbIYhsFJgmY
3po5SegkVocc3Ecox+Kj0gWPQB18TNXihd+XnEBKq5PlKYc7R2fIT/MF4ziUk5p8
swWUZZYftJZFVa8RCE7x4hAshwrgW9rKztV3ys/yx2MZbqSZT59AVYe+3iK1OLDj
sduK94f2Yw1s6uz6yMdX5RYoueGXSghP//MQOwWodgKVifl8nDwWo+PwtSpb1l6S
k8djdrP++JGITIPnUSI44aOEnBHvan7d94DrAgMBAAGjggHtMIIB6TAdBgNVHQ4E
FgQUqksYBCh8Z4Vlyb6A27SABO58jtAwHwYDVR0jBBgwFoAUniaX+nAlL4P0HRIe
wLXLRYtv8hQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdOVFQv
bmlhWC1uQWxMNFAwSFJJZXdMWExSWXR2OGhRLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9uaWFYLW5BbEw0UDBIUklld0xYTFJZdHY4aFEuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UV05UVC9xa3NZQkNoOFo0Vmx5YjZBMjdT
QUJPNThqdEEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAATAHAwUHev9f
gDANBgkqhkiG9w0BAQsFAAOCAQEAGt3TLJOn2ZsCLfoGlnnJP+q8/1OS0s1cibKJ
BGuEtKbeifjxwzrtr5Fmh/oMQib1mUi1mNwGXg6FR96z1LevsLB4YWxptUrVHibA
1IGyTPvHNEH2BtHixmaFQvuJ+YUS80xIeKtea04iAQPmQAAQMSKSvfMdvyL3xfhX
KLM3PMRgceUDTD3hFGnfBBrEHmHnB52HOGyNNgZJ+WmNLIfdMVM9PNaB+HzJ84PZ
6/j/Q+FNR5zEDdwfquDy8ZY4SyWQCSJK7c+u6gB5TdCHz4mw3o9AVGHT5CCWcjxC
zvOFfNDwBRz60K11Vb93WThhvFPtkFG1jlZNbslLqAnvzNwqag==
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:20 2024 by rpki-client on console-ams.rpki-client.org