[174150] in North American Network Operators' Group
RPKI
daemon@ATHENA.MIT.EDU (Pelsser Cristel)
Wed Aug 27 05:21:12 2014
X-Original-To: nanog@nanog.org
From: Pelsser Cristel <cristel@iij.ad.jp>
Date: Wed, 27 Aug 2014 18:18:16 +0900
To: nanog@nanog.org
Errors-To: nanog-bounces@nanog.org
Hi,
With Daniele Iamartino, we are validating BGP routes with the objects =
stored in the RPKI.
On 2014/07/26, for the routes at the LINX RouteViews monitor, we observe =
the following set of prefixes that are announced both with the correct =
origin AS and a wrong origin AS. There are very few of them.=20
We believe they could be anycast where there is no ROA for some origin =
ASs or they could be misconfiguration/attacks.
RIB Dump time: 2014/08/26 08:00 UTC
prefix,valid AS,invalid AS
5.128.0.0/14,31200,50923
37.19.8.0/21,49964,198585
94.199.232.0/21,49413,5089
179.61.194.0/23,61440,37692
190.94.182.0/24,262195,18678
193.42.215.0/24,30880,50827
193.227.174.0/24,9051,24634
195.69.144.0/22,1200,41313
200.35.183.0/24,26617,27742
213.192.242.0/23,8903,12541
217.113.242.0/24,197860,20721
217.113.244.0/24,197860,20721
217.113.245.0/24,20721,197860
2a02:2928::/32,39288,197530
Prefixes containing private AS numbers
prefix,valid AS,invalid AS
176.56.192.0/19,8426,65489
185.36.76.0/22,8426,65489
194.45.46.0/24,286,64951
2a00:fd00::/32,29695,65026
Any feedback is welcome,
Cristel=
