Reaching out to ARIN members about their RPKI INVALID prefixes

Jared Mauch jared at puck.nether.net
Thu Sep 20 01:02:18 UTC 2018


> On Sep 19, 2018, at 8:55 PM, Owen DeLong <owen at delong.com> wrote:
> 
> Actually, from my perspective, neither one is practical/useful due to the lack of supporting data to achieve it.

I suggest you look at some of the cool research that was done with various prefixes from different regions.

You can see the problem with ARIN prefixes fairly easily and how they’re harder to secure as a result.  This seems to be broken by design on the part of ARIN based on my limited experiences interacting with the community folk.

https://nlnog.net/static/nlnogday2018/8_Measuring_RPKI_ben_NLNOG_2018.pdf

And the video here:

https://www.youtube.com/watch?v=uDIQDpGObdc

It’s super interesting to see which RIR prefixes perform better when it comes to the same security technology.

- Jared


More information about the NANOG mailing list