Resource Public Key Infrastructure (RPKI)
- Created
- 2011-09-08
- Last Updated
- 2024-12-19
- Available Formats
-
XML
HTML
Plain text
Registries included below
- RPKI Signed Objects
- RPKI Repository Name Schemes
- rpki-rtr-pdu
- rpki-rtr-error
- rpki-rtr-afi
- BGPsec Capability
- BGPsec_Path Flags
- BGPsec Algorithm Suites
RPKI Signed Objects
- Registration Procedure(s)
-
Standards Action
- Reference
- [RFC6488]
- Note
-
Objects of the types listed in this registry, as well as RPKI resource certificates and CRLs, are expected to be validated using the RPKI.
- Available Formats
-
CSV
Name | OID | Reference |
---|---|---|
Route Origination Authorization | 1.2.840.113549.1.9.16.1.24 | [RFC9582] |
Manifest | 1.2.840.113549.1.9.16.1.26 | [RFC9286] |
Ghostbusters | 1.2.840.113549.1.9.16.1.35 | [RFC6493] |
Autonomous System Provider Authorization (TEMPORARY - registered 2021-11-08, extension registered 2024-10-10, expires 2025-11-08) | 1.2.840.113549.1.9.16.1.49 | [draft-ietf-sidrops-aspa-profile-16] |
Trust Anchor Key | 1.2.840.113549.1.9.16.1.50 | [RFC9691, Section 2.1] |
Signed Checklist | 1.2.840.113549.1.9.16.1.48 | [RFC9323] |
RPKI Repository Name Schemes
- Registration Procedure(s)
-
IETF Review
- Reference
- [RFC6481]
- Available Formats
-
CSV
Filename Extension | RPKI Object | Reference |
---|---|---|
.asa | Autonomous System Provider Authorization (TEMPORARY - registered 2021-11-08, extension registered 2024-10-10, expires 2025-11-08) | [draft-ietf-sidrops-aspa-profile-16] |
.cer | Certificate | [RFC6481] |
.crl | Certificate Revocation List | [RFC6481] |
.gbr | Ghostbusters Record | [RFC6493] |
.mft | Manifest | [RFC6481] |
.roa | Route Origination Authorization | [RFC9582] |
.sig | Signed Checklist | [RFC9323] |
.tak | Trust Anchor Key | [RFC9691] |
rpki-rtr-pdu
- Registration Procedure(s)
-
RFC Required (Standards Track or Experimental)
- Reference
- [RFC6810]
- Available Formats
-
CSV
Protocol Version | PDU Type | Description | Reference |
---|---|---|---|
0-2 | 0 | Serial Notify | [RFC6810][RFC8210][RFC-ietf-sidrops-8210bis-10] |
0-2 | 1 | Serial Query | [RFC6810][RFC8210][RFC-ietf-sidrops-8210bis-10] |
0-2 | 2 | Reset Query | [RFC6810][RFC8210][RFC-ietf-sidrops-8210bis-10] |
0-2 | 3 | Cache Response | [RFC6810][RFC8210][RFC-ietf-sidrops-8210bis-10] |
0-2 | 4 | IPv4 Prefix | [RFC6810][RFC8210][RFC-ietf-sidrops-8210bis-10] |
0-2 | 5 | Unassigned | |
0-2 | 6 | IPv6 Prefix | [RFC6810][RFC8210][RFC-ietf-sidrops-8210bis-10] |
0-2 | 7 | End of Data | [RFC6810][RFC8210][RFC-ietf-sidrops-8210bis-10] |
0-2 | 8 | Cache Reset | [RFC6810][RFC8210][RFC-ietf-sidrops-8210bis-10] |
0 | 9 | Reserved | [RFC8210] |
1-2 | 9 | Router Key | [RFC8210][RFC-ietf-sidrops-8210bis-10] |
0-2 | 10 | Error Report | [RFC6810][RFC8210][RFC-ietf-sidrops-8210bis-10] |
0-1 | 11 | Reserved | [RFC8210][RFC-ietf-sidrops-8210bis-10] |
2 | 11 | ASPA | [RFC-ietf-sidrops-8210bis-10] |
0-2 | 12-254 | Unassigned | |
0-2 | 255 | Reserved | [RFC6810][RFC8210][RFC-ietf-sidrops-8210bis-10] |
rpki-rtr-error
- Registration Procedure(s)
-
Expert Review
- Expert(s)
-
Keyur Patel (Primary), John G. Scudder (Secondary)
- Reference
- [RFC6810]
- Available Formats
-
CSV
Error Code | Description | Reference |
---|---|---|
0 | Corrupt Data | [RFC6810] |
1 | Internal Error | [RFC6810] |
2 | No Data Available | [RFC6810] |
3 | Invalid Request | [RFC6810] |
4 | Unsupported Protocol Version | [RFC6810] |
5 | Unsupported PDU Type | [RFC6810] |
6 | Withdrawal of Unknown Record | [RFC6810] |
7 | Duplicate Announcement Received | [RFC6810] |
8 | Unexpected Protocol Version | [RFC8210] |
9-254 | Unassigned | |
255 | Reserved | [RFC6810] |
rpki-rtr-afi
- Registration Procedure(s)
-
Expert Review
- Expert(s)
-
Unassigned
- Reference
- [RFC-ietf-sidrops-8210bis-10]
- Available Formats
-
CSV
Bit | Bit Name | Reference |
---|---|---|
0 | AFI (IPv4 == 0, IPv6 == 1) | [RFC-ietf-sidrops-8210bis-10] |
1-7 | Reserved, MUST be zero | [RFC-ietf-sidrops-8210bis-10] |
BGPsec Capability
- Registration Procedure(s)
-
Standards Action
- Reference
- [RFC8205]
- Available Formats
-
CSV
Bits | Field | Reference |
---|---|---|
0-3 | Version Value = 0x0 |
[RFC8205] |
4 | Direction (Both possible values 0 and 1 are fully specified by [RFC8205]) |
[RFC8205] |
5-7 | Unassigned Value = 000 (in binary) |
[RFC8205] |
BGPsec_Path Flags
- Registration Procedure(s)
-
Standards Action
- Reference
- [RFC8205]
- Available Formats
-
CSV
Flag | Description | Reference |
---|---|---|
0 | Confed_Segment Bit value = 1 means Flag set (indicates Confed_Segment) Bit value = 0 is default |
[RFC8205] |
1-7 | Unassigned Value: All 7 bits set to zero |
[RFC8205] |
BGPsec Algorithm Suites
- Registration Procedure(s)
-
Standards Action
- Reference
- [RFC8608]
- Available Formats
-
CSV
Algorithm Suite Identifier | Digest Algorithm | Signature Algorithm | Reference |
---|---|---|---|
0x00 | Reserved | Reserved | [RFC8608] |
0x01 | SHA-256 | ECDSA P-256 | [National Institute of Standards and Technology (NIST), U.S. Department of Commerce, "Digital Signature Standard", FIPS Publication 186-4, July 2013.][National Institute of Standards and Technology (NIST), U.S. Department of Commerce, "Secure Hash Standard", FIPS Publication 180-4, August 2015.][RFC6090][RFC8608] |
0x02-0xF6 | Unassigned | Unassigned | |
0xF7-0xFA | Experimentation | Experimentation | [RFC8608] |
0xFB-0xFE | Documentation | Documentation | [RFC8608] |
0xFF | Reserved | Reserved | [RFC8608] |