Expand description
Certificate Authority related code.
Structs
- This type contains the ASPA definitions for a CA. Generally speaking the [
AspaCustomer
] ASN will be held in a single [ResourceClass
] only, but at least in theory the CA could issue ASPA objects in each RC that holds the ASN. - ASPA objects held by a resource class in a CA.
- An issued BGPSec certificate under a resource class
- The issued BGPSec certificates under a resource class in a CA.
- All BGPSec definitions held by a CA.
- This component is responsible for storing the latest objects for each CA.
- This type defines a Certification Authority (CA).
- Describes a Key that is certified. I.e. it received an incoming certificate and has at least a MFT and CRL.
- Describes an update to the set of ROAs under a ResourceClass.
- The collection of certificates issued under a ResourceClass.
- Contains information about a child CA needed by a parent CertAuth.
- The collection of children under a parent [
CertAuth
]. - Maintains the set of objects published for a key.
- This keeps track of the current revision information for a KeyObjectSet
- A Pending Key in a resource class. Should usually have an open IssuanceRequest, and will be move to a ‘new’ or ‘current’ CertifiedKey when a certificate is received.
- Any item published in the repository.
- A CA may have multiple parents, e.g. two RIRs, and it may not get all its resource entitlements in one set, but in a number of so-called “resource classes”.
- Resource Tagged Attestations
- This type defines information about a ROA object
- This type wraps a
RoaPayload
but implements its own serialization based on the string representation of the definition so that it can be used as a single key in json map representations. - Describes an update to the set of ROAs under a ResourceClass.
- ROAs held by a resource class in a CA.
- Meta-information about a configured RouteAuthorization.
- The current authorizations and corresponding meta-information for a CA.
- A stored BGP Sec CSR.
Enums
- This type contains the keys for a resource class and guards that keys are created, activated, rolled and retired properly.
- Tracks the state of a key used by a child CA. This is needed because RFC 6492 dictates that keys cannot be re-used across resource classes.