Resource Public Key Infrastructure
E766430
Resource Public Key Infrastructure (RPKI) is a security framework designed to protect Internet routing by cryptographically verifying that autonomous systems are authorized to announce specific IP address prefixes.
Statements (53)
| Predicate | Object |
|---|---|
| instanceOf |
Internet security framework
ⓘ
routing security technology ⓘ |
| abbreviation | RPKI NERFINISHED ⓘ |
| addresses | BGP route origin validation ⓘ |
| allocationsDelegatedTo | Regional Internet Registries NERFINISHED ⓘ |
| binds |
AS numbers to public keys
ⓘ
IP address blocks to public keys ⓘ |
| complements | BGP security best practices ⓘ |
| component |
RPKI relying party software
ⓘ
RPKI repositories ⓘ RPKI validators ⓘ RPKI-to-Router protocol NERFINISHED ⓘ Route Origin Authorizations NERFINISHED ⓘ certificate authority hierarchy ⓘ resource certificates ⓘ |
| definedIn | RFC 6480 NERFINISHED ⓘ |
| deploymentStatus | partially deployed on the global Internet ⓘ |
| enables | BGP origin validation ⓘ |
| improves | routing security ⓘ |
| mitigates |
prefix hijacking
ⓘ
route hijacking ⓘ route leaks ⓘ |
| protects | Internet routing ⓘ |
| relatedConcept | BGPsec NERFINISHED ⓘ |
| relatedRFC |
RFC 6481
NERFINISHED
ⓘ
RFC 6482 NERFINISHED ⓘ RFC 6487 NERFINISHED ⓘ RFC 6810 NERFINISHED ⓘ RFC 8210 NERFINISHED ⓘ |
| repositoryAccessMethod |
RRDP
NERFINISHED
ⓘ
rsync ⓘ |
| requires | publication of RPKI objects in repositories ⓘ |
| RIR |
AFRINIC
NERFINISHED
ⓘ
APNIC NERFINISHED ⓘ ARIN NERFINISHED ⓘ LACNIC NERFINISHED ⓘ RIPE NCC NERFINISHED ⓘ |
| ROAFullName | Route Origin Authorization ⓘ |
| rootManagedBy | IANA NERFINISHED ⓘ |
| RRDPFullName | RPKI Repository Delta Protocol NERFINISHED ⓘ |
| standardizedBy |
Internet Engineering Task Force
ⓘ
surface form:
IETF
|
| supports | Route Origin Authorization objects ⓘ |
| supportsResourceType |
AS numbers
ⓘ
IPv4 address space ⓘ IPv6 address space ⓘ |
| trustModel | hierarchical PKI ⓘ |
| usedBy |
Internet exchange points
ⓘ
Internet service providers NERFINISHED ⓘ content delivery networks ⓘ network operators ⓘ |
| uses |
X.509 resource certificates
NERFINISHED
ⓘ
public key cryptography ⓘ |
| verifies | authorization of autonomous systems to announce IP prefixes ⓘ |
Referenced by (1)
Full triples — surface form annotated when it differs from this entity's canonical label.
subject surface form:
Internet Routing Registry