Autonomous System Provider Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/551522-7afc-4886-bae6-fc59dedb1d2b/1/1-bdGIvW_X_kzS8h3Q-adTU2sQis.asa
File:                     1-bdGIvW_X_kzS8h3Q-adTU2sQis.asa (raw, json)
Hash identifier:          JettIuA1gX0+QMVMH7iW5kF7SdcoVUg+AKyyLPE0BkU=
Subject key identifier:   F9:B7:46:22:F5:BF:5F:F9:33:4B:C8:77:43:E6:9D:4D:4D:AC:42:2B
Certificate issuer:       /CN=40e3581addd6b99dd8744b9e2886fbb02ae918e3
Certificate serial:       019CD69C42FBC446708627947EBCDD78D469
Authority key identifier: 40:E3:58:1A:DD:D6:B9:9D:D8:74:4B:9E:28:86:FB:B0:2A:E9:18:E3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/QONYGt3WuZ3YdEueKIb7sCrpGOM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/47/551522-7afc-4886-bae6-fc59dedb1d2b/1/1-bdGIvW_X_kzS8h3Q-adTU2sQis.asa
Signing time:             Tue 10 Mar 2026 07:18:10 +0000
ASPA not before:          Tue 10 Mar 2026 07:18:10 +0000
ASPA not after:           Thu 01 Jul 2027 00:00:00 +0000
Customer ASID:            198257
Providers:                AS: 203462
                          AS: 207594
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/47/551522-7afc-4886-bae6-fc59dedb1d2b/1/QONYGt3WuZ3YdEueKIb7sCrpGOM.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/47/551522-7afc-4886-bae6-fc59dedb1d2b/1/QONYGt3WuZ3YdEueKIb7sCrpGOM.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/QONYGt3WuZ3YdEueKIb7sCrpGOM.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 16 Mar 2026 22:00:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:d6:9c:42:fb:c4:46:70:86:27:94:7e:bc:dd:78:d4:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=40e3581addd6b99dd8744b9e2886fbb02ae918e3
        Validity
            Not Before: Mar 10 07:18:10 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=f9b74622f5bf5ff9334bc87743e69d4d4dac422b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:8d:21:f2:6a:21:24:08:e5:78:b3:b2:68:10:
                    9e:02:ce:b5:9e:92:23:d4:7f:ef:2a:07:f7:2a:31:
                    8b:9f:20:b4:ad:33:0d:0e:49:ce:a8:95:4a:c8:4a:
                    37:53:78:2d:1c:a2:1c:b9:8d:f4:6c:41:8b:45:d6:
                    7f:1f:e3:51:2a:d6:85:28:6b:b9:87:90:bb:84:7c:
                    95:da:59:ea:a4:e2:87:79:9e:52:f9:df:02:af:11:
                    f6:78:69:b8:ec:f2:e7:bc:2b:5d:9b:cc:c6:93:22:
                    0f:e0:f8:1a:f3:7f:cf:02:a2:e1:25:61:90:56:e8:
                    fd:aa:b9:b7:ca:cf:f4:ac:a9:cd:e4:3a:af:2c:62:
                    16:85:76:05:c8:b0:2a:b3:02:d5:d1:a8:bb:bb:df:
                    31:09:e4:70:ac:e7:63:08:3b:bc:b6:93:da:3e:38:
                    cd:5f:2d:56:8d:c4:67:9d:db:03:b7:4c:89:27:23:
                    10:e4:cc:b1:4a:68:c6:9c:f0:ca:92:bd:d8:f4:e0:
                    7a:aa:1c:68:ff:51:80:cb:4a:4b:02:eb:18:32:67:
                    79:df:39:13:20:fe:9d:ef:c3:e8:95:fe:5a:92:08:
                    9b:59:2f:ac:92:87:94:d0:df:ed:d8:3b:f4:1a:b2:
                    e3:1f:71:8d:34:68:da:8f:56:10:88:94:a6:6c:69:
                    76:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:B7:46:22:F5:BF:5F:F9:33:4B:C8:77:43:E6:9D:4D:4D:AC:42:2B
            X509v3 Authority Key Identifier:
                keyid:40:E3:58:1A:DD:D6:B9:9D:D8:74:4B:9E:28:86:FB:B0:2A:E9:18:E3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QONYGt3WuZ3YdEueKIb7sCrpGOM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/551522-7afc-4886-bae6-fc59dedb1d2b/1/1-bdGIvW_X_kzS8h3Q-adTU2sQis.asa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/47/551522-7afc-4886-bae6-fc59dedb1d2b/1/QONYGt3WuZ3YdEueKIb7sCrpGOM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  198257

    Signature Algorithm: sha256WithRSAEncryption
         b7:f1:fe:66:be:13:b5:60:0a:14:5e:0b:70:43:35:4b:47:d8:
         7b:dd:4c:0b:5d:06:2a:b7:ab:36:c5:d3:e9:dc:67:2e:21:d5:
         26:ac:4a:ac:da:f7:47:e1:cb:e5:31:45:a0:30:69:d0:d8:3d:
         75:ee:b2:82:6a:89:dc:05:98:5f:b8:02:6b:f5:71:7e:69:2d:
         6e:3a:0e:7b:d7:87:b0:f5:1d:70:9e:1c:1e:3b:88:32:e3:8e:
         00:64:38:98:b7:3e:40:ad:71:22:83:00:02:40:33:2b:6b:85:
         f5:4c:bd:3e:af:8b:b9:8e:ca:5a:db:93:ce:10:76:37:4e:da:
         0f:6c:28:d8:c6:fd:32:d3:be:4c:9b:68:11:63:17:ee:a9:b9:
         d8:6c:7f:a6:e2:e9:82:ef:33:60:6a:c6:3a:93:5e:27:a0:ba:
         5f:d4:b1:f8:f6:00:a1:c1:94:80:b6:4b:6f:d8:1d:34:3c:22:
         41:b0:ad:eb:ec:68:7d:7d:50:8b:45:26:d5:21:30:ae:1e:75:
         35:87:44:52:29:4f:2a:6c:b0:1e:4d:98:08:aa:32:b0:78:68:
         03:47:84:14:95:81:cb:6a:cb:aa:c8:98:1f:37:14:dd:66:ea:
         ee:b5:13:64:41:bb:f8:f0:eb:dc:7a:61:99:26:3d:8d:3a:48:
         b3:30:a6:2b
-----BEGIN CERTIFICATE-----
MIIE+TCCA+GgAwIBAgISAZzWnEL7xEZwhieUfrzdeNRpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwZTM1ODFhZGRkNmI5OWRkODc0NGI5ZTI4ODZmYmIwMmFl
OTE4ZTMwHhcNMjYwMzEwMDcxODEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWI3NDYyMmY1YmY1ZmY5MzM0YmM4Nzc0M2U2OWQ0ZDRkYWM0MjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm40h8mohJAjleLOyaBCeAs61npIj
1H/vKgf3KjGLnyC0rTMNDknOqJVKyEo3U3gtHKIcuY30bEGLRdZ/H+NRKtaFKGu5
h5C7hHyV2lnqpOKHeZ5S+d8CrxH2eGm47PLnvCtdm8zGkyIP4Pga83/PAqLhJWGQ
Vuj9qrm3ys/0rKnN5DqvLGIWhXYFyLAqswLV0ai7u98xCeRwrOdjCDu8tpPaPjjN
Xy1WjcRnndsDt0yJJyMQ5MyxSmjGnPDKkr3Y9OB6qhxo/1GAy0pLAusYMmd53zkT
IP6d78Polf5akgibWS+skoeU0N/t2Dv0GrLjH3GNNGjaj1YQiJSmbGl2qQIDAQAB
o4ICBTCCAgEwHQYDVR0OBBYEFPm3RiL1v1/5M0vId0PmnU1NrEIrMB8GA1UdIwQY
MBaAFEDjWBrd1rmd2HRLniiG+7Aq6RjjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUU9OWUd0M1d1WjNZZEV1ZUtJYjdzQ3JwR09NLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny81NTE1MjItN2FmYy00ODg2LWJhZTYt
ZmM1OWRlZGIxZDJiLzEvMS1iZEdJdldfWF9relM4aDNRLWFkVFUyc1Fpcy5hc2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNDcvNTUxNTIyLTdhZmMtNDg4Ni1iYWU2LWZjNTlkZWRiMWQy
Yi8xL1FPTllHdDNXdVozWWRFdWVLSWI3c0NycEdPTS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAaBggrBgEFBQcBCAEB/wQLMAmgBzAFAgMDBnEwDQYJKoZI
hvcNAQELBQADggEBALfx/ma+E7VgChReC3BDNUtH2HvdTAtdBiq3qzbF0+ncZy4h
1SasSqza90fhy+UxRaAwadDYPXXusoJqidwFmF+4Amv1cX5pLW46DnvXh7D1HXCe
HB47iDLjjgBkOJi3PkCtcSKDAAJAMytrhfVMvT6vi7mOylrbk84QdjdO2g9sKNjG
/TLTvkybaBFjF+6pudhsf6bi6YLvM2BqxjqTXiegul/Usfj2AKHBlIC2S2/YHTQ8
IkGwrevsaH19UItFJtUhMK4edTWHRFIpTypssB5NmAiqMrB4aANHhBSVgctqy6rI
mB83FN1m6u61E2RBu/jw69x6YZkmPY06SLMwpis=
-----END CERTIFICATE-----