[RPKI-Discuss] Cloudflare's new RPKI Invalid Beacons

Ben Maddison benm at workonline.africa
Sat Apr 18 12:21:51 UTC 2020


On Sat, 2020-04-18 at 13:56 +0200, Job Snijders wrote:

> On Sat, Apr 18, 2020, at 13:34, Frank Habicht wrote:

> > Thanks Job for tweeting this- "New RPKI Invalid Beacons" :

> >

https://blog.cloudflare.com/is-bgp-safe-yet-rpki-routing-security-initiative/

> >

> > https://bgp.he.net/net/103.21.244.0/24

> > https://bgp.he.net/net/2606:4700:7000::/48

> > # both RPKI invalid

> >

> > ...but:

> >

> > http://lg.seacomnet.com

> >

> > Router: lg-01-jnb.za

> > Command: show bgp ipv6 unicast 2606:4700:7000::/48

> >

> > BGP routing table entry for 2606:4700:7000::/48,

>

> Probably because of the legal barrier the ARIN RPKI TAL RPA imposes:

> https://youtu.be/oBwAQep7Q7o

>

> As a result, ARIN prefixes simply are less protected than AFRINIC

> prefixes.

>

Correct. You should expect to see the same thing in AS37271.

Cheers,

Ben



More information about the RPKI-Discuss mailing list