Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/VISION4YES/S7BsKAJ8Ry-n9jDAX4N3SU4qCDw.roa
File:                     S7BsKAJ8Ry-n9jDAX4N3SU4qCDw.roa (raw, json)
Hash identifier:          dFME4V/hJXpAffCL4o66K579a5bSjNfxvblUDTBaF80=
Subject key identifier:   4B:B0:6C:28:02:7C:47:2F:A7:F6:30:C0:5F:83:77:49:4E:2A:08:3C
Certificate issuer:       /CN=63400AA6E6C68B13DDDC9C00B82586124273FA9B
Certificate serial:       0B37
Authority key identifier: 63:40:0A:A6:E6:C6:8B:13:DD:DC:9C:00:B8:25:86:12:42:73:FA:9B
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/Y0AKpubGixPd3JwAuCWGEkJz-ps.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/VISION4YES/S7BsKAJ8Ry-n9jDAX4N3SU4qCDw.roa
Signing time:             Fri 01 Sep 2023 10:19:28 +0000
ROA not before:           Fri 01 Sep 2023 10:19:28 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     131618
IP address blocks:        103.122.226.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2871 (0xb37)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63400AA6E6C68B13DDDC9C00B82586124273FA9B
        Validity
            Not Before: Sep  1 10:19:28 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=4BB06C28027C472FA7F630C05F8377494E2A083C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:20:59:b7:77:62:0d:96:51:fc:83:2e:92:96:
                    45:68:43:4c:4c:3e:6f:4d:0b:5d:b7:be:a0:f8:e7:
                    75:8e:eb:ed:af:78:6f:3a:47:c9:a1:7e:ae:57:9e:
                    b1:de:7d:2f:60:56:09:53:59:7e:08:56:87:00:44:
                    43:c9:e6:98:d7:fd:55:dc:f2:b4:27:7d:98:d1:29:
                    77:b6:ed:83:07:99:93:e8:19:63:08:77:fd:e8:d0:
                    05:9d:17:d6:d6:36:f0:c4:a8:33:d7:d7:37:42:53:
                    f7:1c:dc:7e:9b:0b:96:ab:7f:94:79:10:93:9c:f2:
                    fb:99:27:8b:c9:9b:f7:b6:cb:5c:cb:ad:d5:ec:5c:
                    31:c3:cb:16:43:bc:73:02:6f:5c:ef:d2:95:ee:04:
                    f7:af:61:8d:43:67:09:f4:59:13:2b:db:58:35:cf:
                    0d:90:09:b7:fc:06:31:2b:6b:7d:7d:95:02:d3:c2:
                    64:ae:40:e1:47:8a:a2:be:f7:2f:b1:e4:ba:41:ef:
                    42:21:e5:41:ba:cb:52:d9:9c:93:2a:4b:f5:6c:12:
                    e5:8a:f0:2d:7c:1e:59:5c:9d:cd:95:41:51:62:dd:
                    52:3b:8b:2e:15:0e:12:03:ac:03:b0:a2:c4:19:9a:
                    93:50:d7:c3:d7:cd:19:f5:ad:6a:a3:5a:21:ad:63:
                    7a:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:B0:6C:28:02:7C:47:2F:A7:F6:30:C0:5F:83:77:49:4E:2A:08:3C
            X509v3 Authority Key Identifier:
                keyid:63:40:0A:A6:E6:C6:8B:13:DD:DC:9C:00:B8:25:86:12:42:73:FA:9B

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/VISION4YES/Y0AKpubGixPd3JwAuCWGEkJz-ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Y0AKpubGixPd3JwAuCWGEkJz-ps.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/VISION4YES/S7BsKAJ8Ry-n9jDAX4N3SU4qCDw.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.122.226.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1a:94:1c:fa:be:55:a6:2e:a3:ed:5e:04:e7:6b:b8:09:94:fd:
         a7:e0:bd:aa:75:35:95:5b:83:52:2c:de:5f:1b:65:a6:2d:71:
         91:89:2f:18:80:26:e8:b8:a1:6d:f9:75:10:ed:c1:6e:d2:e2:
         f1:61:9f:79:d5:b4:d9:18:ee:3f:40:86:3a:7c:e4:6c:5b:cf:
         a9:97:67:50:f8:a5:a0:33:60:a5:6b:95:7a:a2:b1:67:bf:57:
         f1:6d:5d:ce:78:e2:5c:c2:1d:03:0d:7e:6a:0d:69:a9:83:72:
         8c:10:93:eb:1b:02:e5:97:83:b6:10:27:c0:67:eb:27:61:8e:
         75:77:10:3c:55:42:e9:bc:1a:b5:cc:0c:45:e3:e2:8d:d4:0a:
         0c:1c:18:37:95:7c:24:eb:5b:05:14:44:6f:0e:ad:33:69:0a:
         cf:a4:7a:f0:e8:1d:f6:5c:62:0d:fa:72:ca:f2:de:a0:01:f1:
         37:c1:fe:51:1d:0d:77:4c:3f:c5:6f:e2:15:73:ee:80:dc:74:
         fa:13:66:1f:ef:a2:cc:74:e3:44:60:15:f8:56:a0:fa:44:d4:
         85:61:b2:c9:1e:bb:48:1c:a7:e3:92:49:60:3c:2f:b5:0a:0f:
         d2:d6:3f:c6:ef:8b:71:33:7c:f4:7b:ca:7e:9d:4e:57:92:77:
         c7:c3:6a:59
-----BEGIN CERTIFICATE-----
MIIE2jCCA8KgAwIBAgICCzcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjM0
MDBBQTZFNkM2OEIxM0REREM5QzAwQjgyNTg2MTI0MjczRkE5QjAeFw0yMzA5MDEx
MDE5MjhaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDRCQjA2QzI4MDI3QzQ3
MkZBN0Y2MzBDMDVGODM3NzQ5NEUyQTA4M0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6IFm3d2INllH8gy6SlkVoQ0xMPm9NC123vqD453WO6+2veG86
R8mhfq5XnrHefS9gVglTWX4IVocAREPJ5pjX/VXc8rQnfZjRKXe27YMHmZPoGWMI
d/3o0AWdF9bWNvDEqDPX1zdCU/cc3H6bC5arf5R5EJOc8vuZJ4vJm/e2y1zLrdXs
XDHDyxZDvHMCb1zv0pXuBPevYY1DZwn0WRMr21g1zw2QCbf8BjEra319lQLTwmSu
QOFHiqK+9y+x5LpB70Ih5UG6y1LZnJMqS/VsEuWK8C18Hllcnc2VQVFi3VI7iy4V
DhIDrAOwosQZmpNQ18PXzRn1rWqjWiGtY3qtAgMBAAGjggH2MIIB8jAdBgNVHQ4E
FgQUS7BsKAJ8Ry+n9jDAX4N3SU4qCDwwHwYDVR0jBBgwFoAUY0AKpubGixPd3JwA
uCWGEkJz+pswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBgBgNVHR8EWTBXMFWg
U6BRhk9yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVklTSU9O
NFlFUy9ZMEFLcHViR2l4UGQzSndBdUNXR0VrSnotcHMuY3JsMGAGCCsGAQUFBwEB
BFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9U
V05JQ0NBL1kwQUtwdWJHaXhQZDNKd0F1Q1dHRWtKei1wcy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGgBggrBgEFBQcBCwSBkzCBkDBbBggrBgEFBQcwC4ZPcnN5bmM6Ly9y
cGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NBL1ZJU0lPTjRZRVMvUzdCc0tBSjhS
eS1uOWpEQVg0TjNTVTRxQ0R3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRw
LnR3bmljLnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAGd64jANBgkqhkiG9w0BAQsFAAOCAQEAGpQc+r5Vpi6j7V4E52u4CZT9
p+C9qnU1lVuDUizeXxtlpi1xkYkvGIAm6Lihbfl1EO3BbtLi8WGfedW02RjuP0CG
OnzkbFvPqZdnUPiloDNgpWuVeqKxZ79X8W1dznjiXMIdAw1+ag1pqYNyjBCT6xsC
5ZeDthAnwGfrJ2GOdXcQPFVC6bwatcwMRePijdQKDBwYN5V8JOtbBRREbw6tM2kK
z6R68Ogd9lxiDfpyyvLeoAHxN8H+UR0Nd0w/xW/iFXPugNx0+hNmH++izHTjRGAV
+Fag+kTUhWGyyR67SByn45JJYDwvtQoP0tY/xu+LcTN89HvKfp1OV5J3x8NqWQ==
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:22 2024 by rpki-client on console-ams.rpki-client.org