Autonomous System Provider Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/662db3-babb-4f7d-bdf6-a70ab71cfeaf/1/5pQ-bfi33kIelyHj5wfs5UdBIE0.asa
File:                     5pQ-bfi33kIelyHj5wfs5UdBIE0.asa (raw, json)
Hash identifier:          2h4GfTHJtEG4yFe2c9k9qyXukdri+wOp8aMCRZWUU+E=
Subject key identifier:   E6:94:3E:6D:F8:B7:DE:42:1E:97:21:E3:E7:07:EC:E5:47:41:20:4D
Certificate issuer:       /CN=b77145d256b325129d368750cebf49221b6b57c2
Certificate serial:       019EA8F8B42E6BED574345421D50D7DECE8E
Authority key identifier: B7:71:45:D2:56:B3:25:12:9D:36:87:50:CE:BF:49:22:1B:6B:57:C2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/t3FF0lazJRKdNodQzr9JIhtrV8I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fd/662db3-babb-4f7d-bdf6-a70ab71cfeaf/1/5pQ-bfi33kIelyHj5wfs5UdBIE0.asa
Signing time:             Mon 08 Jun 2026 20:42:11 +0000
ASPA not before:          Mon 08 Jun 2026 20:42:11 +0000
ASPA not after:           Thu 01 Jul 2027 00:00:00 +0000
Customer ASID:            208665
Providers:                AS: 20473
                          AS: 20712
                          AS: 41051
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fd/662db3-babb-4f7d-bdf6-a70ab71cfeaf/1/t3FF0lazJRKdNodQzr9JIhtrV8I.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fd/662db3-babb-4f7d-bdf6-a70ab71cfeaf/1/t3FF0lazJRKdNodQzr9JIhtrV8I.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/t3FF0lazJRKdNodQzr9JIhtrV8I.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 13 Jun 2026 23:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:a8:f8:b4:2e:6b:ed:57:43:45:42:1d:50:d7:de:ce:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b77145d256b325129d368750cebf49221b6b57c2
        Validity
            Not Before: Jun  8 20:42:11 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=e6943e6df8b7de421e9721e3e707ece54741204d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:6e:4d:65:02:35:be:32:bb:fe:e4:25:ed:b4:
                    4b:68:93:18:b0:12:37:c3:63:dd:e9:d8:d9:8b:67:
                    05:20:90:0f:ca:89:74:52:59:1a:32:92:62:e9:c7:
                    e9:2b:e9:c3:d6:0b:c3:a8:48:39:4b:04:81:31:37:
                    83:df:dd:e9:6a:f0:dc:de:89:fd:ce:55:26:30:c9:
                    0b:49:98:37:af:54:e5:4a:e7:7d:91:0f:d6:99:f0:
                    58:ba:ed:2d:d1:50:32:67:b5:32:a5:6d:13:a9:34:
                    88:48:5a:26:47:7f:d6:99:b9:69:81:51:7a:d5:fb:
                    7c:3c:79:45:00:99:9a:ed:32:65:61:f5:6f:37:d2:
                    39:9b:7c:83:43:8a:d3:cc:6b:fd:ad:e6:85:ea:17:
                    75:96:1d:e0:68:31:e2:be:e5:0b:0b:a9:89:3c:9a:
                    f2:4c:61:90:d8:3e:90:cf:39:25:c8:06:a8:26:9e:
                    7b:db:da:e0:9a:ef:f5:5d:3d:53:fa:ed:61:fe:ce:
                    65:3a:5d:24:f0:f5:a6:a9:1a:a3:44:88:6e:d7:a4:
                    da:76:b0:2e:ef:7f:34:d6:25:44:a7:45:33:4e:e1:
                    98:19:9a:09:48:7f:95:27:ad:1e:1c:2f:74:05:f0:
                    4f:b1:70:e4:5e:2f:0c:38:b2:7e:f8:0b:d1:be:95:
                    79:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:94:3E:6D:F8:B7:DE:42:1E:97:21:E3:E7:07:EC:E5:47:41:20:4D
            X509v3 Authority Key Identifier:
                keyid:B7:71:45:D2:56:B3:25:12:9D:36:87:50:CE:BF:49:22:1B:6B:57:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t3FF0lazJRKdNodQzr9JIhtrV8I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/662db3-babb-4f7d-bdf6-a70ab71cfeaf/1/5pQ-bfi33kIelyHj5wfs5UdBIE0.asa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/662db3-babb-4f7d-bdf6-a70ab71cfeaf/1/t3FF0lazJRKdNodQzr9JIhtrV8I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  208665

    Signature Algorithm: sha256WithRSAEncryption
         a0:ee:6d:55:5e:d5:9a:c8:ba:e9:8a:7d:5f:3b:41:a8:e3:24:
         25:4b:c3:37:f9:f8:a4:1f:3c:f8:b4:8a:79:1e:ab:b6:e4:a9:
         5c:74:42:17:b8:04:02:f5:d5:cd:a1:f7:74:8b:e0:63:8e:6c:
         2a:19:48:18:15:dc:b8:38:33:7a:6c:9c:d3:d1:a2:ac:48:b3:
         57:34:b7:4a:8d:8e:91:8e:77:55:2a:90:61:bf:ac:63:89:5d:
         19:69:a4:7a:2f:fb:c0:35:8b:b2:ed:8a:ea:8d:6c:6c:9a:81:
         04:b5:be:92:3f:97:f1:90:ba:a4:af:5b:f4:6c:53:5d:94:ab:
         db:61:df:13:27:2c:ea:93:15:77:a4:65:dc:c3:e3:b2:4c:02:
         88:39:21:cf:34:d5:18:a7:fe:dc:f4:f0:87:11:49:f3:3d:8f:
         ae:09:a3:56:64:65:c6:ea:79:af:1c:f4:2f:67:26:57:3f:fd:
         ce:f8:61:f2:84:73:81:10:07:20:a1:8d:7b:36:86:97:bd:43:
         15:25:88:94:eb:c6:42:64:4e:9d:b5:28:59:9c:d0:54:b5:75:
         3a:99:2b:a3:6b:d7:d6:8b:26:30:9d:77:82:52:2e:72:54:33:
         0f:6d:85:c0:3d:2b:b6:fb:50:49:c5:70:26:11:f5:c0:9d:1e:
         05:59:73:74
-----BEGIN CERTIFICATE-----
MIIE+DCCA+CgAwIBAgISAZ6o+LQua+1XQ0VCHVDX3s6OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3NzE0NWQyNTZiMzI1MTI5ZDM2ODc1MGNlYmY0OTIyMWI2
YjU3YzIwHhcNMjYwNjA4MjA0MjExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjk0M2U2ZGY4YjdkZTQyMWU5NzIxZTNlNzA3ZWNlNTQ3NDEyMDRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnG5NZQI1vjK7/uQl7bRLaJMYsBI3
w2Pd6djZi2cFIJAPyol0UlkaMpJi6cfpK+nD1gvDqEg5SwSBMTeD393pavDc3on9
zlUmMMkLSZg3r1TlSud9kQ/WmfBYuu0t0VAyZ7UypW0TqTSISFomR3/WmblpgVF6
1ft8PHlFAJma7TJlYfVvN9I5m3yDQ4rTzGv9reaF6hd1lh3gaDHivuULC6mJPJry
TGGQ2D6QzzklyAaoJp5729rgmu/1XT1T+u1h/s5lOl0k8PWmqRqjRIhu16TadrAu
73801iVEp0UzTuGYGZoJSH+VJ60eHC90BfBPsXDkXi8MOLJ++AvRvpV5dQIDAQAB
o4ICBDCCAgAwHQYDVR0OBBYEFOaUPm34t95CHpch4+cH7OVHQSBNMB8GA1UdIwQY
MBaAFLdxRdJWsyUSnTaHUM6/SSIba1fCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDNGRjBsYXpKUktkTm9kUXpyOUpJaHRyVjhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC82NjJkYjMtYmFiYi00ZjdkLWJkZjYt
YTcwYWI3MWNmZWFmLzEvNXBRLWJmaTMza0llbHlIajV3ZnM1VWRCSUUwLmFzYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC82NjJkYjMtYmFiYi00ZjdkLWJkZjYtYTcwYWI3MWNmZWFm
LzEvdDNGRjBsYXpKUktkTm9kUXpyOUpJaHRyVjhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMBoGCCsGAQUFBwEIAQH/BAswCaAHMAUCAwMvGTANBgkqhkiG
9w0BAQsFAAOCAQEAoO5tVV7Vmsi66Yp9XztBqOMkJUvDN/n4pB88+LSKeR6rtuSp
XHRCF7gEAvXVzaH3dIvgY45sKhlIGBXcuDgzemyc09GirEizVzS3So2OkY53VSqQ
Yb+sY4ldGWmkei/7wDWLsu2K6o1sbJqBBLW+kj+X8ZC6pK9b9GxTXZSr22HfEycs
6pMVd6Rl3MPjskwCiDkhzzTVGKf+3PTwhxFJ8z2PrgmjVmRlxup5rxz0L2cmVz/9
zvhh8oRzgRAHIKGNezaGl71DFSWIlOvGQmROnbUoWZzQVLV1Opkro2vX1osmMJ13
glIuclQzD22FwD0rtvtQScVwJhH1wJ0eBVlzdA==
-----END CERTIFICATE-----