Cloudflare OCTO RPKI Validator - LACNIC CAs issues
fischerdouglas at gmail.com
Thu Apr 22 19:47:48 UTC 2021
Does anybody else have problems with Cloudflare's RPKI Validator with
prefixes from LACNIC?
Customers were sending us some reports of issues with LACNIC's IPBlocks
using Cloudflare RPKI as source of validation.
A friend and I did some checks. And looks like that some issue is happening
on the Lacnic Trust Anchor, specifically on OctoRPKI.
We took the Registro.Br Prefix to do the tests -> 220.127.116.11/20 -> AS22548
-> On Cloudflare
AS22548_18.104.22.168/20 is Unknown at 19:30 20201-04-22
-> On Ripe
AS22548_22.214.171.124/20 is Valid at 19:30 20201-04-22
An interesting thing is that on the graph of ROAs over Timer of the Lacnic
Trust Anchor shows a big drop on 20201/04/19.
"Volume Removed: 14.761"
"ROAs Removed: 13.392"
Any idea of possible causes?
Any suggestions on how to solve it?
Douglas Fernando Fischer
Engº de Controle e Automação
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the NANOG