Resource Public Key Infrastructure (RPKI)

Created: 2011-09-08
Last Updated: 2023-12-15
Available Formats: XML
HTML
Plain text

Registries included below

RPKI Signed Objects
RPKI Repository Name Schemes
rpki-rtr-pdu
rpki-rtr-error
rpki-rtr-afi
BGPsec Capability
BGPsec_Path Flags
BGPsec Algorithm Suites

RPKI Signed Objects

Registration Procedure(s)

Standards Action

Reference

[RFC6488]

Available Formats

CSV

Name	OID	Reference
Route Origination Authorization	1.2.840.113549.1.9.16.1.24	[RFC-ietf-sidrops-rfc6482bis-09]
Manifest	1.2.840.113549.1.9.16.1.26	[RFC9286]
Ghostbusters	1.2.840.113549.1.9.16.1.35	[RFC6493]
Autonomous System Provider Authorization (TEMPORARY - registered 2021-11-08, extension registered 2023-10-05, expires 2024-11-08)	1.2.840.113549.1.9.16.1.49	[draft-ietf-sidrops-aspa-profile-16]
Trust Anchor Key (TEMPORARY - registered 2022-08-04, extension registered 2023-06-30, expires 2024-08-04)	1.2.840.113549.1.9.16.1.50	[draft-ietf-sidrops-signed-tal-11, Section 3.1]
Signed Checklist	1.2.840.113549.1.9.16.1.48	[RFC9323]

RPKI Repository Name Schemes

Registration Procedure(s)

IETF Review

Reference

[RFC6481]

Available Formats

CSV

Filename Extension	RPKI Object	Reference
.asa	Autonomous System Provider Authorization (TEMPORARY - registered 2021-11-08, extension registered 2023-10-05, expires 2024-11-08)	[draft-ietf-sidrops-aspa-profile-16]
.cer	Certificate	[RFC6481]
.crl	Certificate Revocation List	[RFC6481]
.gbr	Ghostbusters Record	[RFC6493]
.mft	Manifest	[RFC6481]
.roa	Route Origination Authorization	[RFC-ietf-sidrops-rfc6482bis-09]
.sig	Signed Checklist	[RFC9323]
.tak	Trust Anchor Key (TEMPORARY - registered 2022-07-27, extension registered 2023-06-30, expires 2024-07-27)	[draft-ietf-sidrops-signed-tal-11]

rpki-rtr-pdu

Registration Procedure(s)

RFC Required (Standards Track or Experimental)

Reference

[RFC6810]

Available Formats

CSV

Protocol Version	PDU Type	Description	Reference
0-2	0	Serial Notify	[RFC6810][RFC8210][RFC-ietf-sidrops-8210bis-10]
0-2	1	Serial Query	[RFC6810][RFC8210][RFC-ietf-sidrops-8210bis-10]
0-2	2	Reset Query	[RFC6810][RFC8210][RFC-ietf-sidrops-8210bis-10]
0-2	3	Cache Response	[RFC6810][RFC8210][RFC-ietf-sidrops-8210bis-10]
0-2	4	IPv4 Prefix	[RFC6810][RFC8210][RFC-ietf-sidrops-8210bis-10]
0-2	5	Unassigned
0-2	6	IPv6 Prefix	[RFC6810][RFC8210][RFC-ietf-sidrops-8210bis-10]
0-2	7	End of Data	[RFC6810][RFC8210][RFC-ietf-sidrops-8210bis-10]
0-2	8	Cache Reset	[RFC6810][RFC8210][RFC-ietf-sidrops-8210bis-10]
0	9	Reserved	[RFC8210]
1-2	9	Router Key	[RFC8210][RFC-ietf-sidrops-8210bis-10]
0-2	10	Error Report	[RFC6810][RFC8210][RFC-ietf-sidrops-8210bis-10]
0-1	11	Reserved	[RFC8210][RFC-ietf-sidrops-8210bis-10]
2	11	ASPA	[RFC-ietf-sidrops-8210bis-10]
0-2	12-254	Unassigned
0-2	255	Reserved	[RFC6810][RFC8210][RFC-ietf-sidrops-8210bis-10]

rpki-rtr-error

Registration Procedure(s)

Expert Review

Expert(s)

Keyur Patel (Primary), John G. Scudder (Secondary)

Reference

[RFC6810]

Available Formats

CSV

Error Code	Description	Reference
0	Corrupt Data	[RFC6810]
1	Internal Error	[RFC6810]
2	No Data Available	[RFC6810]
3	Invalid Request	[RFC6810]
4	Unsupported Protocol Version	[RFC6810]
5	Unsupported PDU Type	[RFC6810]
6	Withdrawal of Unknown Record	[RFC6810]
7	Duplicate Announcement Received	[RFC6810]
8	Unexpected Protocol Version	[RFC8210]
9-254	Unassigned
255	Reserved	[RFC6810]

rpki-rtr-afi

Registration Procedure(s)

Expert Review

Expert(s)

Unassigned

Reference

[RFC-ietf-sidrops-8210bis-10]

Available Formats

CSV

Bit	Bit Name	Reference
0	AFI (IPv4 == 0, IPv6 == 1)	[RFC-ietf-sidrops-8210bis-10]
1-7	Reserved, MUST be zero	[RFC-ietf-sidrops-8210bis-10]

BGPsec Capability

Registration Procedure(s)

Standards Action

Reference

[RFC8205]

Available Formats

CSV

Bits	Field	Reference
0-3	Version Value = 0x0	[RFC8205]
4	Direction (Both possible values 0 and 1 are fully specified by [RFC8205])	[RFC8205]
5-7	Unassigned Value = 000 (in binary)	[RFC8205]

BGPsec_Path Flags

Registration Procedure(s)

Standards Action

Reference

[RFC8205]

Available Formats

CSV

Flag	Description	Reference
0	Confed_Segment Bit value = 1 means Flag set (indicates Confed_Segment) Bit value = 0 is default	[RFC8205]
1-7	Unassigned Value: All 7 bits set to zero	[RFC8205]

BGPsec Algorithm Suites

Registration Procedure(s)

Standards Action

Reference

[RFC8608]

Available Formats

CSV

Algorithm Suite Identifier	Digest Algorithm	Signature Algorithm	Reference
0x00	Reserved	Reserved	[RFC8608]
0x01	SHA-256	ECDSA P-256	[National Institute of Standards and Technology (NIST), U.S. Department of Commerce, "Digital Signature Standard", FIPS Publication 186-4, July 2013.][National Institute of Standards and Technology (NIST), U.S. Department of Commerce, "Secure Hash Standard", FIPS Publication 180-4, August 2015.][RFC6090][RFC8608]
0x02-0xF6	Unassigned	Unassigned
0xF7-0xFA	Experimentation	Experimentation	[RFC8608]
0xFB-0xFE	Documentation	Documentation	[RFC8608]
0xFF	Reserved	Reserved	[RFC8608]