RFC 6486 · PROPOSED STANDARD · 2012 SUN · 14 JUN 2026

Manifests for the Resource Public Key Infrastructure

By R. Austein, G. Huston, S. Kent, M. Lepinski · Published February 2012 · DOI 10.17487/RFC6486

Overview

RFC 6486, “Manifests for the Resource Public Key Infrastructure”, is a Proposed Standard document published in February 2012 by R. Austein, G. Huston, S. Kent, M. Lepinski. It has been obsoleted by RFC 9286 — refer to the newer document for the authoritative version. The canonical text is published by the RFC Editor.

Abstract

This document defines a "manifest" for use in the Resource Public Key Infrastructure (RPKI). A manifest is a signed object (file) that contains a listing of all the signed objects (files) in the repository publication point (directory) associated with an authority responsible for publishing in the repository. For each certificate, Certificate Revocation List (CRL), or other type of signed objects issued by the authority that are published at this repository publication point, the manifest contains both the name of the file containing the object and a hash of the file content. Manifests are intended to enable a relying party (RP) to detect certain forms of attacks against a repository. Specifically, if an RP checks a manifest's contents against the signed objects retrieved from a repository publication point, then the RP can detect "stale" (valid) data and deletion of signed objects. [STANDARDS-TRACK]

Abstract as published in the RFC, via rfc-editor.org.

What “Proposed Standard” means

An entry-level standards-track specification: stable, peer-reviewed and a solid basis for implementation, though it may still evolve before becoming an Internet Standard.

Read this RFC

The canonical text of RFC 6486 is hosted at rfc-editor.org. Available in TXT,HTML.

Read on rfc-editor.org Plain text › HTML › IETF Datatracker › DOI link ›

Relationships to other RFCs

Obsoleted by: RFC 9286

Other RFCs from 2012

Abstract

What “Proposed Standard” means

Who Is Online