Skip to Main Content
We examine a form of an X.509 Public Key certificate that is used to bind IP address and AS number resources to a public/private key pair. These certificates are used to attest to resource allocation actions, so that digitally signed attestations relating to a party's right-of-use of IP addresses and AS numbers can be validated by relying parties, using a related Resource Certificate Public Key Infrastructure. This has particular application in the area of demonstrable attestations related to the right-of-use of IP addresses, and in the area of inter-domain routing security. The issues related to the application of this PKI to inter-domain routing security are considered, and the design, management and use of resource certificates, and the structure of the related Public Key Infrastructure are described in detail.