Resource Public Key Infrastructure (RPKI)
2011-09-08
2023-12-15
RPKI Signed Objects
Standards Action
Route Origination Authorization
1.2.840.113549.1.9.16.1.24
Manifest
1.2.840.113549.1.9.16.1.26
Ghostbusters
1.2.840.113549.1.9.16.1.35
Autonomous System Provider Authorization
(TEMPORARY - registered 2021-11-08, extension registered 2023-10-05, expires 2024-11-08)
1.2.840.113549.1.9.16.1.49
Trust Anchor Key
(TEMPORARY - registered 2022-08-04, extension registered 2023-06-30, expires 2024-08-04)
1.2.840.113549.1.9.16.1.50
draft-ietf-sidrops-signed-tal-11, Section 3.1
Signed Checklist
1.2.840.113549.1.9.16.1.48
RPKI Repository Name Schemes
IETF Review
.asa
Autonomous System Provider Authorization
(TEMPORARY - registered 2021-11-08, extension registered 2023-10-05, expires 2024-11-08)
.cer
Certificate
.crl
Certificate Revocation List
.gbr
Ghostbusters Record
.mft
Manifest
.roa
Route Origination Authorization
.sig
Signed Checklist
.tak
Trust Anchor Key (TEMPORARY - registered 2022-07-27, extension registered 2023-06-30, expires 2024-07-27)
rpki-rtr-pdu
RFC Required (Standards Track or Experimental)
0-2
0
Serial Notify
0-2
1
Serial Query
0-2
2
Reset Query
0-2
3
Cache Response
0-2
4
IPv4 Prefix
0-2
5
Unassigned
0-2
6
IPv6 Prefix
0-2
7
End of Data
0-2
8
Cache Reset
0
9
Reserved
1-2
9
Router Key
0-2
10
Error Report
0-1
11
Reserved
2
11
ASPA
0-2
12-254
Unassigned
0-2
255
Reserved
rpki-rtr-error
Expert Review
Keyur Patel (Primary), John G. Scudder (Secondary)
0
Corrupt Data
1
Internal Error
2
No Data Available
3
Invalid Request
4
Unsupported Protocol Version
5
Unsupported PDU Type
6
Withdrawal of Unknown Record
7
Duplicate Announcement Received
8
Unexpected Protocol Version
9-254
Unassigned
255
Reserved
rpki-rtr-afi
Expert Review
Unassigned
0
AFI (IPv4 == 0, IPv6 == 1)
1-7
Reserved, MUST be zero
BGPsec Capability
Standards Action
0-3
Version
Value = 0x0
4
Direction
(Both possible values 0 and 1 are fully specified by )
5-7
Unassigned
Value = 000 (in binary)
BGPsec_Path Flags
Standards Action
0
Confed_Segment
Bit value = 1 means Flag set (indicates Confed_Segment)
Bit value = 0 is default
1-7
Unassigned
Value: All 7 bits set to zero
BGPsec Algorithm Suites
Standards Action
0x00
Reserved
Reserved
0x01
SHA-256
ECDSA P-256
National Institute of Standards and Technology (NIST), U.S.
Department of Commerce, "Digital Signature Standard", FIPS
Publication 186-4, July 2013.
National Institute of Standards and Technology (NIST), U.S.
Department of Commerce, "Secure Hash Standard", FIPS
Publication 180-4, August 2015.
0x02-0xF6
Unassigned
Unassigned
0xF7-0xFA
Experimentation
Experimentation
0xFB-0xFE
Documentation
Documentation
0xFF
Reserved
Reserved