Autonomous System Provider Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/8daa29-c857-40c2-b97a-839ad7d093ed/1/_YxvUoR5WB4wYKYvopBg6R1wyQY.asa
File:                     _YxvUoR5WB4wYKYvopBg6R1wyQY.asa (raw, json)
Hash identifier:          yHWWVgA+9d+6bFWZAxgVAfp5/UE5nZYg7alMcUo5W/E=
Subject key identifier:   FD:8C:6F:52:84:79:58:1E:30:60:A6:2F:A2:90:60:E9:1D:70:C9:06
Certificate issuer:       /CN=baa4a6ebdb383e119d6953c77f16866e73ef2db5
Certificate serial:       019E0E008992C81D720C27BEC44716F78F81
Authority key identifier: BA:A4:A6:EB:DB:38:3E:11:9D:69:53:C7:7F:16:86:6E:73:EF:2D:B5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uqSm69s4PhGdaVPHfxaGbnPvLbU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fa/8daa29-c857-40c2-b97a-839ad7d093ed/1/_YxvUoR5WB4wYKYvopBg6R1wyQY.asa
Signing time:             Sat 09 May 2026 18:29:36 +0000
ASPA not before:          Sat 09 May 2026 18:29:36 +0000
ASPA not after:           Thu 01 Jul 2027 00:00:00 +0000
Customer ASID:            211008
Providers:                AS: 31898
                          AS: 34927
                          AS: 41051
                          AS: 44324
                          AS: 212895
                          AS: 214757
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fa/8daa29-c857-40c2-b97a-839ad7d093ed/1/uqSm69s4PhGdaVPHfxaGbnPvLbU.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fa/8daa29-c857-40c2-b97a-839ad7d093ed/1/uqSm69s4PhGdaVPHfxaGbnPvLbU.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/uqSm69s4PhGdaVPHfxaGbnPvLbU.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 13 May 2026 14:18:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:0e:00:89:92:c8:1d:72:0c:27:be:c4:47:16:f7:8f:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=baa4a6ebdb383e119d6953c77f16866e73ef2db5
        Validity
            Not Before: May  9 18:29:36 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=fd8c6f528479581e3060a62fa29060e91d70c906
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f5:ae:70:8c:08:dd:e2:34:e8:3c:48:4c:d3:37:
                    3a:0b:f5:33:fe:14:b2:28:86:60:04:42:ee:c3:9a:
                    2c:0a:62:7a:dc:71:1a:2f:dc:62:88:7d:60:82:49:
                    89:42:a8:fa:9b:d1:5b:3d:81:b3:ef:ca:a2:7f:85:
                    42:64:24:ec:c9:37:33:f3:60:20:ea:8c:d9:2a:6a:
                    4a:79:3f:e0:98:ab:0a:b5:c4:32:6c:ef:db:bb:06:
                    3e:2b:03:c6:32:79:1a:d7:19:20:a2:b7:9f:b0:1d:
                    41:ee:c0:f7:87:32:7d:62:13:76:9f:38:78:00:da:
                    e7:b2:76:1b:3b:9a:f8:15:e4:ef:d7:39:93:61:c0:
                    c5:6c:61:29:d3:4c:7c:30:99:8f:61:3c:68:66:0f:
                    86:ac:0d:03:89:d1:f0:91:52:f4:37:e5:9f:41:56:
                    51:1f:0b:ca:fb:98:bb:4c:00:22:cc:a1:6b:7d:b7:
                    24:2f:0b:c9:b8:b4:9a:a3:4f:17:0f:2f:1f:2a:1c:
                    19:d1:e0:46:63:8f:b1:78:a8:50:11:11:ee:4d:d0:
                    3a:56:38:0b:46:e2:c7:57:e6:93:51:5a:36:39:c9:
                    ef:39:49:1e:29:e7:0e:5e:18:c2:62:d7:73:00:86:
                    41:1f:c2:71:23:6b:c1:98:93:9b:d3:39:91:5d:b5:
                    af:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:8C:6F:52:84:79:58:1E:30:60:A6:2F:A2:90:60:E9:1D:70:C9:06
            X509v3 Authority Key Identifier:
                keyid:BA:A4:A6:EB:DB:38:3E:11:9D:69:53:C7:7F:16:86:6E:73:EF:2D:B5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uqSm69s4PhGdaVPHfxaGbnPvLbU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/8daa29-c857-40c2-b97a-839ad7d093ed/1/_YxvUoR5WB4wYKYvopBg6R1wyQY.asa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/8daa29-c857-40c2-b97a-839ad7d093ed/1/uqSm69s4PhGdaVPHfxaGbnPvLbU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  211008

    Signature Algorithm: sha256WithRSAEncryption
         0a:c8:bf:49:b4:df:21:90:a3:1d:bc:af:9a:f8:a4:09:c7:c6:
         85:ba:3b:ed:5b:ef:5a:e5:1e:3a:f9:61:65:9f:a7:b2:74:df:
         5a:92:cd:a2:e5:7f:2b:0e:50:fa:72:0a:52:79:65:4d:aa:3f:
         27:3d:73:64:af:2c:1c:65:e4:8e:3a:5f:1f:03:38:d2:ed:f7:
         b1:9e:03:7e:65:00:fd:e7:7b:3e:24:75:e3:85:0e:d0:54:3d:
         71:1a:0a:dc:cf:24:84:2e:30:64:38:4f:05:19:65:5b:cc:f3:
         1c:9a:0b:02:a8:45:b9:66:fc:41:a7:df:a4:f6:cf:fc:1c:c2:
         a9:a3:e7:c3:34:b9:51:b8:e7:db:89:49:53:bf:55:8b:a6:b5:
         82:41:56:97:38:48:29:65:a1:87:da:7f:25:53:4a:66:49:a0:
         07:8a:1e:d5:40:01:09:f2:79:a2:73:0e:49:4a:91:7f:70:03:
         9d:25:f0:31:e7:13:5a:90:b2:63:72:9e:12:4a:3c:1a:6b:c6:
         d9:4c:33:5a:28:3e:df:3c:c1:d3:36:1b:10:75:a7:b5:c0:ba:
         77:c7:f8:e1:67:24:87:e9:5b:65:9f:95:1d:4e:8b:c3:68:d0:
         db:5f:6c:d7:02:bf:8b:60:23:2b:7c:76:48:c1:68:27:12:19:
         d3:00:21:5a
-----BEGIN CERTIFICATE-----
MIIE+DCCA+CgAwIBAgISAZ4OAImSyB1yDCe+xEcW94+BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYTRhNmViZGIzODNlMTE5ZDY5NTNjNzdmMTY4NjZlNzNl
ZjJkYjUwHhcNMjYwNTA5MTgyOTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDhjNmY1Mjg0Nzk1ODFlMzA2MGE2MmZhMjkwNjBlOTFkNzBjOTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9a5wjAjd4jToPEhM0zc6C/Uz/hSy
KIZgBELuw5osCmJ63HEaL9xiiH1ggkmJQqj6m9FbPYGz78qif4VCZCTsyTcz82Ag
6ozZKmpKeT/gmKsKtcQybO/buwY+KwPGMnka1xkgorefsB1B7sD3hzJ9YhN2nzh4
ANrnsnYbO5r4FeTv1zmTYcDFbGEp00x8MJmPYTxoZg+GrA0DidHwkVL0N+WfQVZR
HwvK+5i7TAAizKFrfbckLwvJuLSao08XDy8fKhwZ0eBGY4+xeKhQERHuTdA6VjgL
RuLHV+aTUVo2OcnvOUkeKecOXhjCYtdzAIZBH8JxI2vBmJOb0zmRXbWvhQIDAQAB
o4ICBDCCAgAwHQYDVR0OBBYEFP2Mb1KEeVgeMGCmL6KQYOkdcMkGMB8GA1UdIwQY
MBaAFLqkpuvbOD4RnWlTx38Whm5z7y21MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXFTbTY5czRQaEdkYVZQSGZ4YUdiblB2TGJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS84ZGFhMjktYzg1Ny00MGMyLWI5N2Et
ODM5YWQ3ZDA5M2VkLzEvX1l4dlVvUjVXQjR3WUtZdm9wQmc2UjF3eVFZLmFzYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS84ZGFhMjktYzg1Ny00MGMyLWI5N2EtODM5YWQ3ZDA5M2Vk
LzEvdXFTbTY5czRQaEdkYVZQSGZ4YUdiblB2TGJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwM4QDANBgkqhkiG
9w0BAQsFAAOCAQEACsi/SbTfIZCjHbyvmvikCcfGhbo77VvvWuUeOvlhZZ+nsnTf
WpLNouV/Kw5Q+nIKUnllTao/Jz1zZK8sHGXkjjpfHwM40u33sZ4DfmUA/ed7PiR1
44UO0FQ9cRoK3M8khC4wZDhPBRllW8zzHJoLAqhFuWb8QaffpPbP/BzCqaPnwzS5
Ubjn24lJU79Vi6a1gkFWlzhIKWWhh9p/JVNKZkmgB4oe1UABCfJ5onMOSUqRf3AD
nSXwMecTWpCyY3KeEko8GmvG2UwzWig+3zzB0zYbEHWntcC6d8f44Wckh+lbZZ+V
HU6Lw2jQ219s1wK/i2AjK3x2SMFoJxIZ0wAhWg==
-----END CERTIFICATE-----