RPKI chain of trust

• Previous message (by thread): RPKI chain of trust
• Next message (by thread): Centurylink having a bad morning?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi Fabiano,

> On 26 Aug 2020, at 11:03, Fabiano D'Agostino <fabiano.dagostino96 at gmail.com> wrote:
> 
> Hi Alex,
> thank you. I read that documentation and I was reading this one from page 201:
> https://www.ripe.net/support/training/material/bgp-operations-and-security-training-course/BGP-Slides-Single.pdf  
> 
> It seems that RIRs have a self-signed root certificate. They use this certificate to sign LIR's certificates and LIR's private key is used to sign ROAs. I am not very sure about the use of public keys.

The “LIR”’s public key is on the certificate signed by the RIR and that makes the chain.

-Alex

• Previous message (by thread): RPKI chain of trust
• Next message (by thread): Centurylink having a bad morning?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]