Route Origin Authorization
$ rpki-client -vvf rsync.fiti.net.cn/repo/fiti-sub002/0/AS143708.roa
File: AS143708.roa (raw, json)
Hash identifier: DZ6wMM/ysWSVyXMhCKIkQ0oBhSU+4pOz+3QUhgH3vL4=
Subject key identifier: E2:3A:F4:5C:91:E3:66:DA:16:FF:9F:D2:B6:BA:B2:B0:9A:36:6D:86
Certificate issuer: /CN=57B973F8727F1165368D1DA3F1858FD7660A4960
Certificate serial: 34FFE477D34E89C5F641EBEE2CE8CFD78A7A764E
Authority key identifier: 57:B9:73:F8:72:7F:11:65:36:8D:1D:A3:F1:85:8F:D7:66:0A:49:60
Authority info access: rsync://rpki.cernet.net/repo/cernet/0/57B973F8727F1165368D1DA3F1858FD7660A4960.cer
Subject info access: rsync://rsync.fiti.net.cn/repo/fiti-sub002/0/AS143708.roa
Signing time: Mon 25 May 2026 06:28:24 +0000
ROA not before: Mon 25 May 2026 06:23:24 +0000
ROA not after: Mon 24 May 2027 06:28:24 +0000
asID: 143708
IP address blocks: 240a:a422::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:ff:e4:77:d3:4e:89:c5:f6:41:eb:ee:2c:e8:cf:d7:8a:7a:76:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57B973F8727F1165368D1DA3F1858FD7660A4960
Validity
Not Before: May 25 06:23:24 2026 GMT
Not After : May 24 06:28:24 2027 GMT
Subject: CN=E23AF45C91E366DA16FF9FD2B6BAB2B09A366D86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:ef:85:72:59:e2:8f:a1:82:7a:4a:fa:5f:42:
3a:2c:c8:98:13:26:52:62:c4:0b:3f:95:01:1f:cd:
67:19:be:bc:34:bd:d2:34:50:b3:6f:37:57:4c:c8:
20:61:aa:c2:7a:49:c0:e9:2e:b1:aa:e9:f1:ec:2c:
7c:b1:63:df:25:6d:5d:42:91:0d:5a:5b:4d:d2:e8:
b1:da:46:3e:cd:c9:ec:59:72:47:82:f7:07:f8:9a:
b0:d2:82:e3:6a:69:d1:f9:43:16:28:3a:04:ca:89:
53:d3:54:27:5e:2c:d2:8f:6b:b8:02:be:dc:f1:f9:
07:f4:62:19:a9:c4:47:e3:0a:6e:55:4b:47:d9:ec:
7e:f9:f7:1c:2c:42:94:bb:79:ae:14:b4:15:42:6b:
86:47:84:09:d6:3f:49:2f:cc:79:59:2a:d7:cd:23:
72:a5:28:60:70:7f:49:ea:e7:8d:43:76:e8:89:8c:
a7:ae:27:f0:cf:c5:49:2e:df:fe:f9:ca:2a:86:64:
8d:05:59:3c:cd:0a:39:20:6e:58:2b:4b:b1:e1:31:
84:0b:92:fc:03:dd:f0:ea:c9:15:ac:45:87:3a:d7:
be:74:8a:4b:f1:b5:9b:b9:70:fb:46:68:7e:39:d0:
21:67:44:97:7c:35:17:d1:cc:01:5e:a0:36:ab:c4:
0c:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:3A:F4:5C:91:E3:66:DA:16:FF:9F:D2:B6:BA:B2:B0:9A:36:6D:86
X509v3 Authority Key Identifier:
keyid:57:B9:73:F8:72:7F:11:65:36:8D:1D:A3:F1:85:8F:D7:66:0A:49:60
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.fiti.net.cn/repo/fiti-sub002/0/57B973F8727F1165368D1DA3F1858FD7660A4960.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cernet.net/repo/cernet/0/57B973F8727F1165368D1DA3F1858FD7660A4960.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.fiti.net.cn/repo/fiti-sub002/0/AS143708.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
240a:a422::/32
Signature Algorithm: sha256WithRSAEncryption
88:68:2f:7b:25:45:1a:9d:00:09:86:63:5a:a1:35:ae:93:8a:
6a:b9:f2:ca:0f:04:38:73:f0:d7:f2:5e:c9:bc:da:0c:c1:4b:
6a:f9:a3:dc:21:e8:52:7d:d5:6a:fe:2c:b4:d8:4e:1a:46:96:
2e:2a:03:13:3e:d2:f3:ec:cb:e4:31:e7:74:3b:b0:57:05:6a:
a3:5e:d0:b9:29:7e:1c:0e:02:89:5b:75:d4:30:e7:3f:d5:65:
04:40:08:a4:db:fd:1e:e6:b6:90:14:66:a0:f3:f4:73:ad:38:
a2:e4:30:f7:c6:d7:7b:9f:fc:cc:4c:53:26:ca:f6:a2:9a:0a:
52:49:0d:d1:fb:1c:6f:2a:32:14:a3:95:dd:17:a4:2d:db:5e:
17:af:86:07:61:1b:b6:3b:ed:14:ab:84:0b:e1:66:27:9d:7e:
c3:18:55:f1:c0:b9:ab:23:a8:65:24:04:92:5e:3d:0b:96:2a:
bd:ed:9a:f6:8e:89:c0:e6:b6:15:f4:0b:41:81:7a:67:53:82:
16:fb:76:20:f2:32:93:33:4c:ac:c7:9b:09:ee:48:4e:0f:8c:
d8:fd:19:0e:7d:06:90:70:da:67:c9:cb:6c:ee:27:40:7e:a9:
13:e9:49:0c:f8:8d:a2:a8:ef:83:e1:3a:ba:57:b6:a7:28:67:
76:83:6b:4c
-----BEGIN CERTIFICATE-----
MIIEuTCCA6GgAwIBAgIUNP/kd9NOicX2QevuLOjP14p6dk4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTdCOTczRjg3MjdGMTE2NTM2OEQxREEzRjE4NThGRDc2
NjBBNDk2MDAeFw0yNjA1MjUwNjIzMjRaFw0yNzA1MjQwNjI4MjRaMDMxMTAvBgNV
BAMTKEUyM0FGNDVDOTFFMzY2REExNkZGOUZEMkI2QkFCMkIwOUEzNjZEODYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCt74VyWeKPoYJ6SvpfQjosyJgT
JlJixAs/lQEfzWcZvrw0vdI0ULNvN1dMyCBhqsJ6ScDpLrGq6fHsLHyxY98lbV1C
kQ1aW03S6LHaRj7NyexZckeC9wf4mrDSguNqadH5QxYoOgTKiVPTVCdeLNKPa7gC
vtzx+Qf0YhmpxEfjCm5VS0fZ7H759xwsQpS7ea4UtBVCa4ZHhAnWP0kvzHlZKtfN
I3KlKGBwf0nq541DduiJjKeuJ/DPxUku3/75yiqGZI0FWTzNCjkgblgrS7HhMYQL
kvwD3fDqyRWsRYc61750ikvxtZu5cPtGaH450CFnRJd8NRfRzAFeoDarxAynAgMB
AAGjggHDMIIBvzAdBgNVHQ4EFgQU4jr0XJHjZtoW/5/StrqysJo2bYYwHwYDVR0j
BBgwFoAUV7lz+HJ/EWU2jR2j8YWP12YKSWAwDgYDVR0PAQH/BAQDAgeAMGoGA1Ud
HwRjMGEwX6BdoFuGWXJzeW5jOi8vcnN5bmMuZml0aS5uZXQuY24vcmVwby9maXRp
LXN1YjAwMi8wLzU3Qjk3M0Y4NzI3RjExNjUzNjhEMURBM0YxODU4RkQ3NjYwQTQ5
NjAuY3JsMG4GCCsGAQUFBwEBBGIwYDBeBggrBgEFBQcwAoZScnN5bmM6Ly9ycGtp
LmNlcm5ldC5uZXQvcmVwby9jZXJuZXQvMC81N0I5NzNGODcyN0YxMTY1MzY4RDFE
QTNGMTg1OEZENzY2MEE0OTYwLmNlcjBVBggrBgEFBQcBCwRJMEcwRQYIKwYBBQUH
MAuGOXJzeW5jOi8vcnN5bmMuZml0aS5uZXQuY24vcmVwby9maXRpLXN1YjAwMi8w
L0FTMTQzNzA4LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUF
BwEHAQH/BBEwDzANBAIAAjAHAwUAJAqkIjANBgkqhkiG9w0BAQsFAAOCAQEAiGgv
eyVFGp0ACYZjWqE1rpOKarnyyg8EOHPw1/JeybzaDMFLavmj3CHoUn3Vav4stNhO
GkaWLioDEz7S8+zL5DHndDuwVwVqo17QuSl+HA4CiVt11DDnP9VlBEAIpNv9Hua2
kBRmoPP0c604ouQw98bXe5/8zExTJsr2opoKUkkN0fscbyoyFKOV3RekLdteF6+G
B2EbtjvtFKuEC+FmJ51+wxhV8cC5qyOoZSQEkl49C5Yqve2a9o6JwOa2FfQLQYF6
Z1OCFvt2IPIykzNMrMebCe5ITg+M2P0ZDn0GkHDaZ8nLbO4nQH6pE+lJDPiNoqjv
g+E6ule2pyhndoNrTA==
-----END CERTIFICATE-----
Generated at Wed Jun 17 10:27:41 2026 by rpki-client