rfc6487 — Search

US RFC 6480 - An Infrastructure to Support Secure Internet Routing

https://datatracker.ietf.org/doc/html/rfc6480

…ce certificates, and conform to the certificate profile for such certificates [ RFC6487 ]. Resource certificates attest to the allocation by the (certificate) issuer of IP addresses or AS numbers to the subject. They do this by binding the public key contained in the resource cer…

2026-04-24 14:35 View archive →

US draft-ietf-sidrops-constraining-rpki-trust-anchors-00

https://datatracker.ietf.org/doc/html/draft-ietf-sidrops-constraining-rpki-trust-anchors

…, uses, and interpretations described in the following: RFC3779 RFC6480 RFC6481 RFC6487 , and RFC6488 A process to construct and sign RPKI Trust Anchor constraints is specified in I-D.nro-sidrops-ta-constraints Such signed distributed constraints can serve as an input to the meth…

2026-04-24 12:00 View archive →

US RFC 9582: A Profile for Route Origin Authorizations (ROAs)

https://www.rfc-editor.org/rfc/rfc9582.html

…ile makes use of certificates adhering to the RPKI resource certificate profile RFC6487 ; thus, familiarity with that profile is also assumed. 3. The ROA Content Type The content-type for a ROA is defined as id-ct-routeOriginAuthz and has the numerical value 1.2.840.113549.1.9.16…

2026-04-24 17:16 View archive →

US RFC 9323: A Profile for RPKI Signed Checklists (RSCs)

https://www.rfc-editor.org/rfc/rfc9323.html

…of EE certificate is termed a "one-time-use" EE certificate (see Section 3 of [ RFC6487 ). 3. The RSC eContentType The eContentType for an RSC is defined as id-ct-signedChecklist, with Object Identifier (OID) 1.2.840.113549.1.9.16.1.48. This OID MUST appear within both the eConte…

2026-04-24 15:13 View archive →

US draft-ietf-sidrops-rpki-prefixlist-05

https://datatracker.ietf.org/doc/html/draft-ietf-sidrops-rpki-prefixlist

…d in this fashion is termed a "one-time-use" EE certificate (see Section 3 of [ RFC6487 ). 6.2. Object Filenames A guideline for naming Signed Prefix List objects is that the file name chosen in the repository be a value derived from the public key of the EE certificate. One such…

2026-04-24 15:12 View archive →

US draft-ietf-sidrops-aspa-profile-26

https://datatracker.ietf.org/doc/html/draft-ietf-sidrops-aspa-profile

…of EE certificate is termed a "one-time-use" EE certificate (see Section 3 of [ RFC6487 ). 5.3. ASPA Object Filenames CAs are RECOMMENDED to follow the guidelines for naming ASPA objects based on Section 2.2 of [ RFC6481 , i.e., convert the 160-bit hash of the EE's public key val…

2026-04-24 15:01 View archive →

US RFC Errata Report » RFC Editor

http://www.rfc-editor.org/errata_search.php

… of id-ad-caRepository in the CURRENT CA certificate's SIA extension. Notes: An RFC6487-compliant CA certificate's SIA extension has AccessDescriptions for both its repository (id-ad-caRepository) and its manifest (id-ad-rpkiManifest). Section 2 of RFC6489 also states, "While the…

2026-04-24 09:24 View archive →

US RFC Errata Report » RFC Editor

https://www.rfc-editor.org/errata_search.php

… of id-ad-caRepository in the CURRENT CA certificate's SIA extension. Notes: An RFC6487-compliant CA certificate's SIA extension has AccessDescriptions for both its repository (id-ad-caRepository) and its manifest (id-ad-rpkiManifest). Section 2 of RFC6489 also states, "While the…

2026-04-24 07:35 View archive →