Autonomous System Provider Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/edffbb-1082-4482-8a08-65f8247ffa91/1/aKOg2Qlf1jhwBI08TxCbNxaldGM.asa
File:                     aKOg2Qlf1jhwBI08TxCbNxaldGM.asa (raw, json)
Hash identifier:          +qzCT97QYuXyotwiBxnGvPknSk4Zw2ZUn8hoKsEK4QU=
Subject key identifier:   68:A3:A0:D9:09:5F:D6:38:70:04:8D:3C:4F:10:9B:37:16:A5:74:63
Certificate issuer:       /CN=a322f229edc2f314a2fa5ef0d7af1dddb499ea31
Certificate serial:       019DB3F27D2470F3230FE33FC97F76A77743
Authority key identifier: A3:22:F2:29:ED:C2:F3:14:A2:FA:5E:F0:D7:AF:1D:DD:B4:99:EA:31
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oyLyKe3C8xSi-l7w168d3bSZ6jE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7d/edffbb-1082-4482-8a08-65f8247ffa91/1/aKOg2Qlf1jhwBI08TxCbNxaldGM.asa
Signing time:             Wed 22 Apr 2026 06:48:26 +0000
ASPA not before:          Wed 22 Apr 2026 06:48:26 +0000
ASPA not after:           Thu 01 Jul 2027 00:00:00 +0000
Customer ASID:            42309
Providers:                AS: 8473
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7d/edffbb-1082-4482-8a08-65f8247ffa91/1/oyLyKe3C8xSi-l7w168d3bSZ6jE.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7d/edffbb-1082-4482-8a08-65f8247ffa91/1/oyLyKe3C8xSi-l7w168d3bSZ6jE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/oyLyKe3C8xSi-l7w168d3bSZ6jE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 01 May 2026 03:01:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:b3:f2:7d:24:70:f3:23:0f:e3:3f:c9:7f:76:a7:77:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a322f229edc2f314a2fa5ef0d7af1dddb499ea31
        Validity
            Not Before: Apr 22 06:48:26 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=68a3a0d9095fd63870048d3c4f109b3716a57463
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:c0:64:7b:e9:8a:c3:cd:5d:ca:f7:ac:44:12:
                    fd:5a:8d:f1:1e:9e:82:ec:1b:7d:a2:e5:75:da:01:
                    63:6b:d3:18:9f:6b:ef:29:c7:e0:62:a6:2f:c6:e4:
                    fd:b1:0f:85:2e:d7:59:96:55:28:ea:1b:ad:ec:98:
                    e2:8a:15:49:9a:55:01:1b:05:66:cc:ee:50:7f:a9:
                    a9:95:ca:bf:22:64:37:a1:77:40:3f:4c:26:12:33:
                    fb:17:41:fa:33:d5:c1:9d:20:4b:71:3d:26:29:da:
                    f6:45:62:66:0f:c7:c0:60:1c:29:b9:8e:27:f9:66:
                    64:88:01:38:98:71:ca:cc:99:23:8a:34:66:9f:fb:
                    5a:3a:34:37:29:43:55:89:1b:ec:71:7f:72:f2:08:
                    5c:30:29:5c:c0:8f:52:05:ef:93:6b:92:bd:42:22:
                    ae:d9:a3:55:e7:b0:33:6f:43:96:fc:3d:d6:fb:51:
                    4e:86:62:53:c0:b0:0d:24:04:ea:ed:93:57:95:37:
                    b3:e1:e6:66:c0:82:29:0e:bc:55:67:14:df:59:94:
                    d3:c7:09:70:51:4c:f1:3c:31:1e:6a:5d:2e:ca:f4:
                    85:13:77:fd:44:f4:0e:d0:98:2b:58:bd:21:ba:a0:
                    ff:25:4e:b6:55:05:46:65:f5:d7:3a:0b:48:37:47:
                    6b:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:A3:A0:D9:09:5F:D6:38:70:04:8D:3C:4F:10:9B:37:16:A5:74:63
            X509v3 Authority Key Identifier:
                keyid:A3:22:F2:29:ED:C2:F3:14:A2:FA:5E:F0:D7:AF:1D:DD:B4:99:EA:31

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oyLyKe3C8xSi-l7w168d3bSZ6jE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/edffbb-1082-4482-8a08-65f8247ffa91/1/aKOg2Qlf1jhwBI08TxCbNxaldGM.asa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/edffbb-1082-4482-8a08-65f8247ffa91/1/oyLyKe3C8xSi-l7w168d3bSZ6jE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  42309

    Signature Algorithm: sha256WithRSAEncryption
         b1:d0:94:3b:a6:37:61:91:5a:25:e7:19:27:21:23:3b:18:b3:
         65:a6:65:94:5b:de:18:7a:01:2a:77:8a:4d:d9:ea:e6:ca:c6:
         7d:36:26:ee:71:25:65:0e:9a:86:d8:da:4f:f6:00:a4:e6:74:
         cd:c9:57:99:66:4d:f4:42:c0:b2:e0:63:a1:ae:ff:9c:7d:bc:
         5f:c7:cb:f8:d0:12:0f:55:bd:20:f1:f8:25:e5:e2:57:4a:54:
         f6:82:ac:43:ec:0b:33:16:66:c9:0f:09:3b:62:f5:05:a2:b0:
         29:75:2c:df:0d:22:54:f2:b3:d2:89:be:bc:44:c4:03:75:84:
         a1:c6:07:11:29:3c:a6:81:9c:16:a1:44:07:64:0d:e9:ae:8d:
         ef:15:d7:1e:b6:18:7a:99:22:ae:80:2e:6f:3a:9f:9e:7d:8a:
         8a:c2:9e:a3:9e:1c:65:d2:24:c0:63:86:d2:6b:12:e1:66:fb:
         17:fb:9b:7e:f4:17:6a:b5:25:79:e5:20:ec:29:88:b6:42:0e:
         d2:5c:ab:24:f3:72:2d:79:79:17:d8:65:63:00:69:59:f9:9a:
         af:a0:30:fc:78:29:5a:42:1a:94:cb:04:4e:22:4b:1c:e8:5d:
         0f:8d:76:31:e3:50:b2:d9:28:5e:81:09:a8:b2:4b:d6:0a:84:
         97:af:13:9f
-----BEGIN CERTIFICATE-----
MIIE+DCCA+CgAwIBAgISAZ2z8n0kcPMjD+M/yX92p3dDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMjJmMjI5ZWRjMmYzMTRhMmZhNWVmMGQ3YWYxZGRkYjQ5
OWVhMzEwHhcNMjYwNDIyMDY0ODI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGEzYTBkOTA5NWZkNjM4NzAwNDhkM2M0ZjEwOWIzNzE2YTU3NDYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAscBke+mKw81dyvesRBL9Wo3xHp6C
7Bt9ouV12gFja9MYn2vvKcfgYqYvxuT9sQ+FLtdZllUo6hut7JjiihVJmlUBGwVm
zO5Qf6mplcq/ImQ3oXdAP0wmEjP7F0H6M9XBnSBLcT0mKdr2RWJmD8fAYBwpuY4n
+WZkiAE4mHHKzJkjijRmn/taOjQ3KUNViRvscX9y8ghcMClcwI9SBe+Ta5K9QiKu
2aNV57Azb0OW/D3W+1FOhmJTwLANJATq7ZNXlTez4eZmwIIpDrxVZxTfWZTTxwlw
UUzxPDEeal0uyvSFE3f9RPQO0JgrWL0huqD/JU62VQVGZfXXOgtIN0drYQIDAQAB
o4ICBDCCAgAwHQYDVR0OBBYEFGijoNkJX9Y4cASNPE8QmzcWpXRjMB8GA1UdIwQY
MBaAFKMi8intwvMUovpe8NevHd20meoxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3lMeUtlM0M4eFNpLWw3dzE2OGQzYlNaNmpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9lZGZmYmItMTA4Mi00NDgyLThhMDgt
NjVmODI0N2ZmYTkxLzEvYUtPZzJRbGYxamh3QkkwOFR4Q2JOeGFsZEdNLmFzYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9lZGZmYmItMTA4Mi00NDgyLThhMDgtNjVmODI0N2ZmYTkx
LzEvb3lMeUtlM0M4eFNpLWw3dzE2OGQzYlNaNmpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwClRTANBgkqhkiG
9w0BAQsFAAOCAQEAsdCUO6Y3YZFaJecZJyEjOxizZaZllFveGHoBKneKTdnq5srG
fTYm7nElZQ6ahtjaT/YApOZ0zclXmWZN9ELAsuBjoa7/nH28X8fL+NASD1W9IPH4
JeXiV0pU9oKsQ+wLMxZmyQ8JO2L1BaKwKXUs3w0iVPKz0om+vETEA3WEocYHESk8
poGcFqFEB2QN6a6N7xXXHrYYepkiroAubzqfnn2KisKeo54cZdIkwGOG0msS4Wb7
F/ubfvQXarUleeUg7CmItkIO0lyrJPNyLXl5F9hlYwBpWfmar6Aw/HgpWkIalMsE
TiJLHOhdD412MeNQstkoXoEJqLJL1gqEl68Tnw==
-----END CERTIFICATE-----