Autonomous System Provider Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/4a244d-51d1-4143-b6af-da4538022ac7/1/VfkNsJUY9G2_hmqiXxuxgqJesHA.asa
File:                     VfkNsJUY9G2_hmqiXxuxgqJesHA.asa (raw, json)
Hash identifier:          ZLxjPhLn0tBvkeoMK+3pGTiTZClSK8ev8L3TuABDeM4=
Subject key identifier:   55:F9:0D:B0:95:18:F4:6D:BF:86:6A:A2:5F:1B:B1:82:A2:5E:B0:70
Certificate issuer:       /CN=ba67bff7bad1eb8384b585df7bef1206f7f19f7e
Certificate serial:       019E16F15BFACD06EBB9DC88F1073FF95F65
Authority key identifier: BA:67:BF:F7:BA:D1:EB:83:84:B5:85:DF:7B:EF:12:06:F7:F1:9F:7E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ume_97rR64OEtYXfe-8SBvfxn34.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/4a244d-51d1-4143-b6af-da4538022ac7/1/VfkNsJUY9G2_hmqiXxuxgqJesHA.asa
Signing time:             Mon 11 May 2026 12:09:36 +0000
ASPA not before:          Mon 11 May 2026 12:09:36 +0000
ASPA not after:           Thu 01 Jul 2027 00:00:00 +0000
Customer ASID:            198839
Providers:                AS: 2027
                          AS: 35661
                          AS: 57797
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/4f/4a244d-51d1-4143-b6af-da4538022ac7/1/ume_97rR64OEtYXfe-8SBvfxn34.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/4f/4a244d-51d1-4143-b6af-da4538022ac7/1/ume_97rR64OEtYXfe-8SBvfxn34.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/ume_97rR64OEtYXfe-8SBvfxn34.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 14:18:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:16:f1:5b:fa:cd:06:eb:b9:dc:88:f1:07:3f:f9:5f:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ba67bff7bad1eb8384b585df7bef1206f7f19f7e
        Validity
            Not Before: May 11 12:09:36 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=55f90db09518f46dbf866aa25f1bb182a25eb070
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:10:ec:39:04:e3:f9:1a:e9:f1:88:80:c0:52:
                    d7:38:0c:34:a9:7d:10:ef:4d:26:6e:df:22:1d:19:
                    e4:9e:59:49:db:83:3f:e6:89:d3:44:eb:e8:2d:b0:
                    c8:8a:25:df:0f:19:ea:80:10:4f:dc:3f:cb:91:c2:
                    19:30:fc:84:48:e6:08:8a:bb:77:5b:50:3e:c7:1b:
                    f2:5c:30:b4:3b:da:96:4e:c4:49:3c:3c:3f:ab:50:
                    12:6e:cd:6c:75:b2:1c:7d:32:77:42:e9:48:bf:2d:
                    0e:d8:9e:2d:18:77:c2:a0:16:e1:22:9a:81:cd:94:
                    68:ae:c1:37:9b:ae:c7:4f:2d:0d:de:1c:22:c5:b4:
                    ae:07:88:aa:2c:74:ba:72:7e:70:9c:14:21:b8:f6:
                    54:60:76:46:89:ea:f9:09:42:bd:ec:b8:b2:d5:94:
                    51:2c:7e:70:72:16:05:d5:43:d4:0f:96:f3:45:1a:
                    fc:be:d2:0f:a8:4c:a6:25:f6:56:ba:1c:bf:58:ab:
                    81:b0:13:af:8d:dc:fe:23:24:5a:78:15:5e:50:5a:
                    e1:76:c6:3c:0b:b8:76:bd:13:62:45:28:e5:2e:a7:
                    af:3b:8f:2a:b6:17:06:08:1d:d3:47:fd:43:65:dc:
                    db:df:46:3f:de:80:00:c3:bb:d8:78:4c:ad:b9:4b:
                    ad:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:F9:0D:B0:95:18:F4:6D:BF:86:6A:A2:5F:1B:B1:82:A2:5E:B0:70
            X509v3 Authority Key Identifier:
                keyid:BA:67:BF:F7:BA:D1:EB:83:84:B5:85:DF:7B:EF:12:06:F7:F1:9F:7E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ume_97rR64OEtYXfe-8SBvfxn34.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/4a244d-51d1-4143-b6af-da4538022ac7/1/VfkNsJUY9G2_hmqiXxuxgqJesHA.asa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/4a244d-51d1-4143-b6af-da4538022ac7/1/ume_97rR64OEtYXfe-8SBvfxn34.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  198839

    Signature Algorithm: sha256WithRSAEncryption
         59:93:ce:2f:b8:7b:3a:cf:c8:ad:ec:d5:e3:a7:d7:ee:44:34:
         83:24:f0:12:c6:35:b0:ff:35:7b:49:5f:0c:4f:f3:7a:99:3a:
         27:75:4a:a7:46:0a:2c:a4:02:e5:7b:39:b3:c3:e0:6f:d9:1d:
         84:e7:c1:c0:fa:31:05:ba:a0:2b:c0:15:a1:21:72:fe:78:0c:
         dd:d3:17:d1:4f:d3:18:51:fe:0c:c0:83:32:31:11:a6:b7:a9:
         7b:d0:06:44:f1:1f:c8:f5:d0:17:c2:c9:11:b9:a9:c8:cd:a6:
         6c:5c:e0:54:ef:ab:14:62:2e:bf:83:8a:eb:08:c9:32:98:ae:
         8c:c7:6b:2c:f2:ab:4a:aa:91:53:df:c3:e4:be:09:2f:f0:2e:
         e7:9c:4e:d2:bd:bc:bc:8b:9e:91:df:d1:df:71:2b:89:86:b6:
         12:51:6c:d8:cf:71:fc:04:8a:24:50:c5:fd:f7:77:24:c3:f5:
         9c:1c:22:3f:83:bc:ef:1c:81:46:1b:f9:ed:1a:7d:ad:72:11:
         4d:3b:1b:8e:0d:a7:53:56:a7:a7:9a:d3:a7:98:1a:d3:3c:00:
         67:dd:1b:64:2f:45:44:47:57:62:ff:5e:23:f6:e4:22:08:e6:
         4d:99:09:b3:75:25:53:0b:b1:d9:c5:00:b8:69:13:94:ae:23:
         81:f5:5e:1b
-----BEGIN CERTIFICATE-----
MIIE+DCCA+CgAwIBAgISAZ4W8Vv6zQbrudyI8Qc/+V9lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNjdiZmY3YmFkMWViODM4NGI1ODVkZjdiZWYxMjA2Zjdm
MTlmN2UwHhcNMjYwNTExMTIwOTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWY5MGRiMDk1MThmNDZkYmY4NjZhYTI1ZjFiYjE4MmEyNWViMDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4RDsOQTj+Rrp8YiAwFLXOAw0qX0Q
700mbt8iHRnknllJ24M/5onTROvoLbDIiiXfDxnqgBBP3D/LkcIZMPyESOYIirt3
W1A+xxvyXDC0O9qWTsRJPDw/q1ASbs1sdbIcfTJ3QulIvy0O2J4tGHfCoBbhIpqB
zZRorsE3m67HTy0N3hwixbSuB4iqLHS6cn5wnBQhuPZUYHZGier5CUK97Liy1ZRR
LH5wchYF1UPUD5bzRRr8vtIPqEymJfZWuhy/WKuBsBOvjdz+IyRaeBVeUFrhdsY8
C7h2vRNiRSjlLqevO48qthcGCB3TR/1DZdzb30Y/3oAAw7vYeEytuUutOQIDAQAB
o4ICBDCCAgAwHQYDVR0OBBYEFFX5DbCVGPRtv4Zqol8bsYKiXrBwMB8GA1UdIwQY
MBaAFLpnv/e60euDhLWF33vvEgb38Z9+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW1lXzk3clI2NE9FdFlYZmUtOFNCdmZ4bjM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi80YTI0NGQtNTFkMS00MTQzLWI2YWYt
ZGE0NTM4MDIyYWM3LzEvVmZrTnNKVVk5RzJfaG1xaVh4dXhncUplc0hBLmFzYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi80YTI0NGQtNTFkMS00MTQzLWI2YWYtZGE0NTM4MDIyYWM3
LzEvdW1lXzk3clI2NE9FdFlYZmUtOFNCdmZ4bjM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwMItzANBgkqhkiG
9w0BAQsFAAOCAQEAWZPOL7h7Os/IrezV46fX7kQ0gyTwEsY1sP81e0lfDE/zepk6
J3VKp0YKLKQC5Xs5s8Pgb9kdhOfBwPoxBbqgK8AVoSFy/ngM3dMX0U/TGFH+DMCD
MjERprepe9AGRPEfyPXQF8LJEbmpyM2mbFzgVO+rFGIuv4OK6wjJMpiujMdrLPKr
SqqRU9/D5L4JL/Au55xO0r28vIuekd/R33EriYa2ElFs2M9x/ASKJFDF/fd3JMP1
nBwiP4O87xyBRhv57Rp9rXIRTTsbjg2nU1anp5rTp5ga0zwAZ90bZC9FREdXYv9e
I/bkIgjmTZkJs3UlUwux2cUAuGkTlK4jgfVeGw==
-----END CERTIFICATE-----