Route Origin Authorization

$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/WALKSCLOUD/dArIiwU69FBuOhqGavrYhMDMGM4.roa
File:                     dArIiwU69FBuOhqGavrYhMDMGM4.roa (raw, json)
Hash identifier:          4iUxzYSySvUOex1as/Pd5GvCsfYB5jZpwvq1N7ggE88=
Subject key identifier:   74:0A:C8:8B:05:3A:F4:50:6E:3A:1A:86:6A:FA:D8:84:C0:CC:18:CE
Certificate issuer:       /CN=1E79C6C033BB9D469E0CE8164538DF39E9F1C3BC
Certificate serial:       02AF
Authority key identifier: 1E:79:C6:C0:33:BB:9D:46:9E:0C:E8:16:45:38:DF:39:E9:F1:C3:BC
Authority info access:    rsync://rpkica.twnic.tw/rpki/TWNICCA/HnnGwDO7nUaeDOgWRTjfOenxw7w.cer
Subject info access:      rsync://rpkica.twnic.tw/rpki/TWNICCA/WALKSCLOUD/dArIiwU69FBuOhqGavrYhMDMGM4.roa
Signing time:             Fri 01 Sep 2023 10:19:54 +0000
ROA not before:           Fri 01 Sep 2023 10:19:54 +0000
ROA not after:            Sat 31 Aug 2024 03:10:53 +0000
asID:                     38856
IP address blocks:        2406:d040::/32 maxlen: 64

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 687 (0x2af)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1E79C6C033BB9D469E0CE8164538DF39E9F1C3BC
        Validity
            Not Before: Sep  1 10:19:54 2023 GMT
            Not After : Aug 31 03:10:53 2024 GMT
        Subject: CN=740AC88B053AF4506E3A1A866AFAD884C0CC18CE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:cc:78:4d:18:75:c7:9e:98:97:4c:0f:f3:8a:
                    c8:ab:d1:5e:f1:7e:62:04:a0:de:4b:99:8b:94:9f:
                    e7:c1:b2:bc:c8:59:57:ec:82:ef:a4:c4:69:72:ef:
                    7b:79:46:44:8e:9d:d0:c1:b1:64:f1:1d:b4:4e:4d:
                    0b:89:e0:b3:74:96:8c:34:9d:c9:19:39:23:97:48:
                    32:7b:2e:b1:98:dc:44:69:ed:a8:b0:30:24:c4:89:
                    eb:c2:fb:b2:3c:7e:b3:41:e4:f6:e5:df:b8:d2:45:
                    de:9a:f3:e8:35:6f:62:87:91:37:63:9f:39:c6:d2:
                    36:20:4e:bc:cf:bc:f3:cf:7e:64:b9:97:aa:9d:29:
                    ec:fc:a8:98:f0:58:28:67:17:45:f4:d4:82:8e:1d:
                    4b:d6:4c:6e:c8:bd:2a:90:d5:f8:64:8e:69:06:61:
                    c3:ec:85:69:4f:cb:ad:43:20:3c:71:a7:ed:84:31:
                    64:66:4d:a2:cc:b1:3e:f2:03:a5:e9:3e:ed:48:f9:
                    cc:d3:1d:e0:0f:c2:98:ff:7e:5a:b2:f7:d5:e5:a7:
                    ae:e9:99:a0:04:68:66:50:25:64:7b:fc:aa:9e:c1:
                    de:e3:c7:96:0b:11:62:5a:8d:7d:0b:31:bf:16:4d:
                    e0:f9:a2:22:e8:8e:de:bc:3e:24:0e:1a:67:06:f1:
                    14:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:0A:C8:8B:05:3A:F4:50:6E:3A:1A:86:6A:FA:D8:84:C0:CC:18:CE
            X509v3 Authority Key Identifier:
                keyid:1E:79:C6:C0:33:BB:9D:46:9E:0C:E8:16:45:38:DF:39:E9:F1:C3:BC

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/WALKSCLOUD/HnnGwDO7nUaeDOgWRTjfOenxw7w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HnnGwDO7nUaeDOgWRTjfOenxw7w.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/WALKSCLOUD/dArIiwU69FBuOhqGavrYhMDMGM4.roa
                RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:d040::/32

    Signature Algorithm: sha256WithRSAEncryption
         84:2c:9e:f5:c3:e4:9b:87:b3:04:1b:b4:4d:dd:57:d9:39:fd:
         c5:cd:3e:07:1e:92:ae:15:1a:05:6b:6b:38:48:09:82:9a:ff:
         d7:61:ef:f0:ef:3e:aa:fc:50:64:0a:1f:5f:ad:ba:8d:50:54:
         c6:76:60:5c:c1:9a:26:f7:2a:57:76:31:59:fe:13:bb:e6:ce:
         1e:49:95:0e:1b:77:dc:11:f6:7b:37:c1:b1:80:38:9f:10:58:
         77:47:26:3b:dc:63:12:72:4c:df:42:bf:d8:5f:96:c1:ad:52:
         92:5f:53:db:cc:05:13:dd:a3:ed:9c:41:57:18:a5:f7:77:92:
         01:35:b1:f7:c1:ed:87:b0:49:14:06:40:59:09:ca:4b:0d:0d:
         d6:6b:17:38:c1:e9:7c:6d:5e:4f:1c:f9:fb:02:46:38:8e:47:
         d2:42:50:0a:d4:5a:05:87:3f:bb:17:8d:4a:91:2b:dd:66:f4:
         eb:1f:fa:42:7c:9d:86:3a:7a:ae:3e:fb:d6:db:60:fe:d4:7b:
         a8:b8:9f:62:4e:ca:6a:8d:82:c6:8d:52:59:2d:cb:96:f8:2b:
         27:6a:95:87:11:43:30:41:1a:a4:fe:71:c7:72:ac:fe:f7:4b:
         e0:de:8b:e7:af:ed:81:c4:e7:96:1c:dd:f8:87:2f:9d:48:13:
         4b:24:92:41
-----BEGIN CERTIFICATE-----
MIIE2zCCA8OgAwIBAgICAq8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMUU3
OUM2QzAzM0JCOUQ0NjlFMENFODE2NDUzOERGMzlFOUYxQzNCQzAeFw0yMzA5MDEx
MDE5NTRaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDc0MEFDODhCMDUzQUY0
NTA2RTNBMUE4NjZBRkFEODg0QzBDQzE4Q0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDLzHhNGHXHnpiXTA/zisir0V7xfmIEoN5LmYuUn+fBsrzIWVfs
gu+kxGly73t5RkSOndDBsWTxHbROTQuJ4LN0low0nckZOSOXSDJ7LrGY3ERp7aiw
MCTEievC+7I8frNB5Pbl37jSRd6a8+g1b2KHkTdjnznG0jYgTrzPvPPPfmS5l6qd
Kez8qJjwWChnF0X01IKOHUvWTG7IvSqQ1fhkjmkGYcPshWlPy61DIDxxp+2EMWRm
TaLMsT7yA6XpPu1I+czTHeAPwpj/flqy99Xlp67pmaAEaGZQJWR7/Kqewd7jx5YL
EWJajX0LMb8WTeD5oiLojt68PiQOGmcG8RTnAgMBAAGjggH3MIIB8zAdBgNVHQ4E
FgQUdArIiwU69FBuOhqGavrYhMDMGM4wHwYDVR0jBBgwFoAUHnnGwDO7nUaeDOgW
RTjfOenxw7wwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBgBgNVHR8EWTBXMFWg
U6BRhk9yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvV0FMS1ND
TE9VRC9Ibm5Hd0RPN25VYWVET2dXUlRqZk9lbnh3N3cuY3JsMGAGCCsGAQUFBwEB
BFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9U
V05JQ0NBL0hubkd3RE83blVhZURPZ1dSVGpmT2VueHc3dy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGgBggrBgEFBQcBCwSBkzCBkDBbBggrBgEFBQcwC4ZPcnN5bmM6Ly9y
cGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NBL1dBTEtTQ0xPVUQvZEFySWl3VTY5
RkJ1T2hxR2F2clloTURNR000LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRw
LnR3bmljLnR3L3JyZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQC
AAIwBwMFACQG0EAwDQYJKoZIhvcNAQELBQADggEBAIQsnvXD5JuHswQbtE3dV9k5
/cXNPgcekq4VGgVrazhICYKa/9dh7/DvPqr8UGQKH1+tuo1QVMZ2YFzBmib3Kld2
MVn+E7vmzh5JlQ4bd9wR9ns3wbGAOJ8QWHdHJjvcYxJyTN9Cv9hflsGtUpJfU9vM
BRPdo+2cQVcYpfd3kgE1sffB7YewSRQGQFkJyksNDdZrFzjB6XxtXk8c+fsCRjiO
R9JCUArUWgWHP7sXjUqRK91m9Osf+kJ8nYY6eq4++9bbYP7Ue6i4n2JOymqNgsaN
Ulkty5b4KydqlYcRQzBBGqT+ccdyrP73S+Dei+ev7YHE55Yc3fiHL51IE0skkkE=
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:22 2024 by rpki-client on console-ams.rpki-client.org