Autonomous System Provider Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/25oZjtsXGt-n2WY2ltVfz0hHWzE.asa
File:                     25oZjtsXGt-n2WY2ltVfz0hHWzE.asa (raw, json)
Hash identifier:          cAJ1A4GbTa/DjrR5J7Hx50xOdea/6PB89hhjqA5MTnI=
Subject key identifier:   DB:9A:19:8E:DB:17:1A:DF:A7:D9:66:36:96:D5:5F:CF:48:47:5B:31
Certificate issuer:       /CN=2209a4dc13a5304a7aa24be1c178ba42e1792f85
Certificate serial:       019C841EF3B76FDD552603019EDD02A0E3BC
Authority key identifier: 22:09:A4:DC:13:A5:30:4A:7A:A2:4B:E1:C1:78:BA:42:E1:79:2F:85
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Igmk3BOlMEp6okvhwXi6QuF5L4U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/25oZjtsXGt-n2WY2ltVfz0hHWzE.asa
Signing time:             Sun 22 Feb 2026 06:52:26 +0000
ASPA not before:          Sun 22 Feb 2026 06:52:26 +0000
ASPA not after:           Thu 01 Jul 2027 00:00:00 +0000
Customer ASID:            214079
Providers:                AS: 213449
                          AS: 215828
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Igmk3BOlMEp6okvhwXi6QuF5L4U.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 02 Mar 2026 06:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9c:84:1e:f3:b7:6f:dd:55:26:03:01:9e:dd:02:a0:e3:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2209a4dc13a5304a7aa24be1c178ba42e1792f85
        Validity
            Not Before: Feb 22 06:52:26 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=db9a198edb171adfa7d9663696d55fcf48475b31
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:81:87:24:36:1e:20:e3:78:42:03:2f:42:5d:
                    1d:24:96:d2:94:dd:69:36:b1:3d:e3:cd:0b:de:e3:
                    a1:ca:d4:69:e6:a3:a3:b2:96:fd:da:63:ff:ec:c6:
                    fd:fd:a1:e6:be:1e:9d:14:62:6f:ad:e8:0e:f9:1c:
                    f3:c2:d9:c0:81:64:8e:96:9d:ca:50:14:3b:26:c0:
                    08:b2:76:05:c9:ca:a1:b5:84:9a:8f:10:11:cd:ba:
                    31:07:bf:98:a4:ac:03:64:e3:9d:27:1d:24:fa:55:
                    fd:c2:18:ee:1c:f3:46:db:56:55:9a:82:cd:04:14:
                    91:d0:0d:2c:3d:3b:d0:62:16:24:87:64:68:7d:c2:
                    d2:01:6a:15:2a:e4:58:9e:08:af:35:31:7e:64:db:
                    f6:98:ac:8b:93:e6:7b:78:60:00:d9:b7:b3:1d:5b:
                    85:70:b3:15:34:78:79:2c:7e:3f:0d:b4:21:a0:41:
                    56:f5:de:77:35:11:51:a8:79:10:96:86:e8:5f:48:
                    88:b6:37:e6:56:c4:cd:05:51:d8:52:3a:51:e1:68:
                    24:6f:d3:ac:d5:14:67:7a:92:58:6a:48:d1:66:19:
                    30:bf:a8:7e:d7:b7:cb:4b:27:3b:9d:7a:4f:50:6f:
                    84:f8:18:49:44:04:7d:42:0f:9a:dd:72:68:d2:a3:
                    49:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:9A:19:8E:DB:17:1A:DF:A7:D9:66:36:96:D5:5F:CF:48:47:5B:31
            X509v3 Authority Key Identifier:
                keyid:22:09:A4:DC:13:A5:30:4A:7A:A2:4B:E1:C1:78:BA:42:E1:79:2F:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Igmk3BOlMEp6okvhwXi6QuF5L4U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/25oZjtsXGt-n2WY2ltVfz0hHWzE.asa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/80/e4862a-511e-4c0c-951f-68afd4745149/1/Igmk3BOlMEp6okvhwXi6QuF5L4U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  214079

    Signature Algorithm: sha256WithRSAEncryption
         63:6b:4d:aa:3e:e0:4e:98:bc:32:bf:37:d6:43:a3:c1:35:f8:
         6c:94:f4:40:f7:51:7b:56:9b:11:02:2f:f4:13:68:66:43:76:
         35:c3:b8:f7:41:d6:69:c9:6e:1d:29:b1:5b:ed:ff:89:50:8c:
         9e:cc:e6:08:ad:93:ae:1a:e9:99:eb:0e:fc:d5:0a:fe:34:41:
         75:fc:ae:03:45:ab:42:dc:c5:5d:a6:7a:56:b6:ed:12:ce:b7:
         18:8b:f2:80:a0:ab:ee:74:4d:8b:6d:5a:96:b9:ad:7b:11:41:
         81:49:a6:ac:27:e7:01:ee:c3:81:8b:1f:61:7c:76:e8:b1:89:
         35:b0:34:4f:5e:9e:d7:8c:4e:78:eb:18:87:65:1b:66:3a:13:
         82:7a:e0:54:62:e2:fc:59:66:10:4d:d3:83:db:d2:71:d6:25:
         50:a1:57:85:1b:9b:02:77:f1:14:0f:66:a5:e4:f0:0f:c2:c0:
         ae:45:fc:2d:4a:c7:7f:8f:07:70:8a:bd:39:a6:8e:86:40:bd:
         32:50:5f:3f:02:76:6e:68:39:0d:c6:9e:af:6b:7b:db:75:e3:
         1e:78:24:42:a6:1d:fd:c6:bb:83:a4:7d:17:b1:ce:46:74:98:
         15:ad:b6:d6:e5:bf:3d:ab:9f:22:db:7e:96:d1:3c:97:d4:51:
         08:cb:e8:7e
-----BEGIN CERTIFICATE-----
MIIE+DCCA+CgAwIBAgISAZyEHvO3b91VJgMBnt0CoOO8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMDlhNGRjMTNhNTMwNGE3YWEyNGJlMWMxNzhiYTQyZTE3
OTJmODUwHhcNMjYwMjIyMDY1MjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjlhMTk4ZWRiMTcxYWRmYTdkOTY2MzY5NmQ1NWZjZjQ4NDc1YjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtoGHJDYeION4QgMvQl0dJJbSlN1p
NrE9480L3uOhytRp5qOjspb92mP/7Mb9/aHmvh6dFGJvregO+RzzwtnAgWSOlp3K
UBQ7JsAIsnYFycqhtYSajxARzboxB7+YpKwDZOOdJx0k+lX9whjuHPNG21ZVmoLN
BBSR0A0sPTvQYhYkh2RofcLSAWoVKuRYngivNTF+ZNv2mKyLk+Z7eGAA2bezHVuF
cLMVNHh5LH4/DbQhoEFW9d53NRFRqHkQloboX0iItjfmVsTNBVHYUjpR4Wgkb9Os
1RRnepJYakjRZhkwv6h+17fLSyc7nXpPUG+E+BhJRAR9Qg+a3XJo0qNJ+wIDAQAB
o4ICBDCCAgAwHQYDVR0OBBYEFNuaGY7bFxrfp9lmNpbVX89IR1sxMB8GA1UdIwQY
MBaAFCIJpNwTpTBKeqJL4cF4ukLheS+FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWdtazNCT2xNRXA2b2t2aHdYaTZRdUY1TDRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9lNDg2MmEtNTExZS00YzBjLTk1MWYt
NjhhZmQ0NzQ1MTQ5LzEvMjVvWmp0c1hHdC1uMldZMmx0VmZ6MGhIV3pFLmFzYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9lNDg2MmEtNTExZS00YzBjLTk1MWYtNjhhZmQ0NzQ1MTQ5
LzEvSWdtazNCT2xNRXA2b2t2aHdYaTZRdUY1TDRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwNEPzANBgkqhkiG
9w0BAQsFAAOCAQEAY2tNqj7gTpi8Mr831kOjwTX4bJT0QPdRe1abEQIv9BNoZkN2
NcO490HWacluHSmxW+3/iVCMnszmCK2TrhrpmesO/NUK/jRBdfyuA0WrQtzFXaZ6
VrbtEs63GIvygKCr7nRNi21alrmtexFBgUmmrCfnAe7DgYsfYXx26LGJNbA0T16e
14xOeOsYh2UbZjoTgnrgVGLi/FlmEE3Tg9vScdYlUKFXhRubAnfxFA9mpeTwD8LA
rkX8LUrHf48HcIq9OaaOhkC9MlBfPwJ2bmg5Dcaer2t723XjHngkQqYd/ca7g6R9
F7HORnSYFa221uW/PaufItt+ltE8l9RRCMvofg==
-----END CERTIFICATE-----