Autonomous System Provider Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/2f98cb-6d94-48a1-8dba-d646767c5f13/1/TsdNQD-ii_AJJKvRxzoA6e18eOY.asa
File:                     TsdNQD-ii_AJJKvRxzoA6e18eOY.asa (raw, json)
Hash identifier:          MN5JLEUCVUn9RZ966N3nhNhFms77tb7Wz1RFZB7pjz0=
Subject key identifier:   4E:C7:4D:40:3F:A2:8B:F0:09:24:AB:D1:C7:3A:00:E9:ED:7C:78:E6
Certificate issuer:       /CN=6dfc1438ee0815a9bf8b73f9a7ced094f21ac79e
Certificate serial:       019CE27BD1661B7A03D09FEE736C19F31D29
Authority key identifier: 6D:FC:14:38:EE:08:15:A9:BF:8B:73:F9:A7:CE:D0:94:F2:1A:C7:9E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bfwUOO4IFam_i3P5p87QlPIax54.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/74/2f98cb-6d94-48a1-8dba-d646767c5f13/1/TsdNQD-ii_AJJKvRxzoA6e18eOY.asa
Signing time:             Thu 12 Mar 2026 14:38:11 +0000
ASPA not before:          Thu 12 Mar 2026 14:38:11 +0000
ASPA not after:           Thu 01 Jul 2027 00:00:00 +0000
Customer ASID:            43256
Providers:                AS: 6774
                          AS: 13335
                          AS: 33763
                          AS: 37431
                          AS: 37451
                          AS: 63293
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/74/2f98cb-6d94-48a1-8dba-d646767c5f13/1/bfwUOO4IFam_i3P5p87QlPIax54.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/74/2f98cb-6d94-48a1-8dba-d646767c5f13/1/bfwUOO4IFam_i3P5p87QlPIax54.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/bfwUOO4IFam_i3P5p87QlPIax54.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 16 Mar 2026 23:01:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:e2:7b:d1:66:1b:7a:03:d0:9f:ee:73:6c:19:f3:1d:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6dfc1438ee0815a9bf8b73f9a7ced094f21ac79e
        Validity
            Not Before: Mar 12 14:38:11 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=4ec74d403fa28bf00924abd1c73a00e9ed7c78e6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:d8:25:81:88:41:52:92:1f:81:e9:4a:f0:5a:
                    e0:40:87:c7:90:24:e0:da:4e:89:0a:7e:a0:e5:58:
                    a1:11:49:1c:f9:3e:8e:85:20:0e:ab:64:42:01:52:
                    90:50:f3:cf:14:2a:f8:8a:07:1e:ca:d2:6a:be:06:
                    20:4a:51:d1:23:3b:04:3a:c9:be:54:5a:0a:a1:2a:
                    42:18:b6:0f:98:4e:07:e1:de:44:1e:62:02:ba:af:
                    30:36:5a:3d:f8:45:ec:8e:f6:bd:bf:3a:87:1c:90:
                    e4:dd:44:f0:e5:8e:cb:89:f0:0b:e8:63:72:df:1c:
                    35:27:67:f8:a3:a8:9f:ce:ec:e4:f6:d4:45:17:ef:
                    1e:72:ff:81:92:b5:78:c6:d7:d4:71:46:73:87:ac:
                    70:12:ab:db:0b:3a:56:71:ed:86:75:70:2f:f8:14:
                    76:6d:a6:6c:96:b9:56:2a:7b:3b:43:05:06:bc:09:
                    9f:0c:dd:2a:74:f3:12:a7:b1:b1:f1:cc:99:85:d1:
                    8e:a8:64:62:b2:4f:07:ed:27:96:65:3c:64:00:0d:
                    e4:f2:97:04:20:9e:1c:36:97:b5:94:a2:3c:ca:23:
                    96:41:d8:48:2f:12:32:eb:bc:d8:00:94:c3:39:31:
                    bb:71:0a:e9:ef:1f:2b:b9:1a:a1:e1:ea:5e:42:9c:
                    22:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:C7:4D:40:3F:A2:8B:F0:09:24:AB:D1:C7:3A:00:E9:ED:7C:78:E6
            X509v3 Authority Key Identifier:
                keyid:6D:FC:14:38:EE:08:15:A9:BF:8B:73:F9:A7:CE:D0:94:F2:1A:C7:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bfwUOO4IFam_i3P5p87QlPIax54.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/2f98cb-6d94-48a1-8dba-d646767c5f13/1/TsdNQD-ii_AJJKvRxzoA6e18eOY.asa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/74/2f98cb-6d94-48a1-8dba-d646767c5f13/1/bfwUOO4IFam_i3P5p87QlPIax54.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  43256

    Signature Algorithm: sha256WithRSAEncryption
         0f:9d:b2:ce:32:b9:0f:74:4f:e7:10:27:b8:30:cb:7d:d2:10:
         d2:eb:8c:ff:fe:c8:f5:4a:9c:0f:57:13:e7:53:1a:db:d7:58:
         e1:e9:44:9a:d7:5d:1d:a6:52:7b:fa:7b:8f:59:7e:80:f6:27:
         cb:32:9e:77:f2:e5:3b:d7:20:b6:fd:a5:65:bf:f1:3c:ef:d6:
         ae:f2:82:56:4a:b3:38:92:93:65:bf:54:e2:c0:41:3d:b3:39:
         1c:29:73:32:19:37:01:aa:5b:6e:c3:5f:0b:d9:30:ed:97:64:
         c8:7b:dd:f7:20:06:75:df:41:88:f4:a6:67:c1:8d:dc:be:f6:
         59:3f:94:2d:bb:3a:91:6e:a4:9a:19:74:38:f1:25:75:1b:4e:
         86:b7:0d:fb:37:e4:d1:5e:ee:81:3e:b7:7e:55:d2:95:a7:f5:
         a7:a8:d3:a4:52:85:6c:1f:24:a7:5b:9a:6c:ba:92:f9:6f:9d:
         32:17:eb:dc:98:30:6f:d7:b2:06:52:90:12:0c:48:6f:86:b3:
         a0:4e:80:84:57:4d:50:58:a9:df:c4:f7:c0:ce:3e:88:c8:13:
         aa:94:c8:02:cc:7b:4c:d0:3f:89:84:52:cd:cc:54:49:e5:51:
         d8:fc:d4:7d:45:f8:ce:58:c3:ef:8d:45:d3:1f:3b:05:f6:e0:
         92:b5:b6:7d
-----BEGIN CERTIFICATE-----
MIIE+DCCA+CgAwIBAgISAZzie9FmG3oD0J/uc2wZ8x0pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZmMxNDM4ZWUwODE1YTliZjhiNzNmOWE3Y2VkMDk0ZjIx
YWM3OWUwHhcNMjYwMzEyMTQzODExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWM3NGQ0MDNmYTI4YmYwMDkyNGFiZDFjNzNhMDBlOWVkN2M3OGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzNglgYhBUpIfgelK8FrgQIfHkCTg
2k6JCn6g5VihEUkc+T6OhSAOq2RCAVKQUPPPFCr4igceytJqvgYgSlHRIzsEOsm+
VFoKoSpCGLYPmE4H4d5EHmICuq8wNlo9+EXsjva9vzqHHJDk3UTw5Y7LifAL6GNy
3xw1J2f4o6ifzuzk9tRFF+8ecv+BkrV4xtfUcUZzh6xwEqvbCzpWce2GdXAv+BR2
baZslrlWKns7QwUGvAmfDN0qdPMSp7Gx8cyZhdGOqGRisk8H7SeWZTxkAA3k8pcE
IJ4cNpe1lKI8yiOWQdhILxIy67zYAJTDOTG7cQrp7x8ruRqh4epeQpwijwIDAQAB
o4ICBDCCAgAwHQYDVR0OBBYEFE7HTUA/oovwCSSr0cc6AOntfHjmMB8GA1UdIwQY
MBaAFG38FDjuCBWpv4tz+afO0JTyGseeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmZ3VU9PNElGYW1faTNQNXA4N1FsUElheDU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8yZjk4Y2ItNmQ5NC00OGExLThkYmEt
ZDY0Njc2N2M1ZjEzLzEvVHNkTlFELWlpX0FKSkt2Unh6b0E2ZTE4ZU9ZLmFzYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC8yZjk4Y2ItNmQ5NC00OGExLThkYmEtZDY0Njc2N2M1ZjEz
LzEvYmZ3VU9PNElGYW1faTNQNXA4N1FsUElheDU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwCo+DANBgkqhkiG
9w0BAQsFAAOCAQEAD52yzjK5D3RP5xAnuDDLfdIQ0uuM//7I9UqcD1cT51Ma29dY
4elEmtddHaZSe/p7j1l+gPYnyzKed/LlO9cgtv2lZb/xPO/WrvKCVkqzOJKTZb9U
4sBBPbM5HClzMhk3AapbbsNfC9kw7ZdkyHvd9yAGdd9BiPSmZ8GN3L72WT+ULbs6
kW6kmhl0OPEldRtOhrcN+zfk0V7ugT63flXSlaf1p6jTpFKFbB8kp1uabLqS+W+d
Mhfr3Jgwb9eyBlKQEgxIb4azoE6AhFdNUFip38T3wM4+iMgTqpTIAsx7TNA/iYRS
zcxUSeVR2PzUfUX4zljD741F0x87BfbgkrW2fQ==
-----END CERTIFICATE-----