key points & (QA) about RPKI
@1:
Q: What does ROA look like?
Since ROA means which ASes are allowed for originating routes to some specific address spaces. So I think there maybe many ASes corresponding to a specific address space.
Since ROA means which ASes are allowed for originating routes to some specific address spaces. So I think there maybe many ASes corresponding to a specific address space.
A: No, actually the format of ROA is like this:
----------------------------------
| AS1 --> 16.1.0.0/16 |
| AS1 --> 16.2.0.0/16 |
| AS1 --> 16.2.0.0/16 |
----------------------------------
Note that a ROA contains only a single AS number.
An ROA might look like this for example
"ISP 4 permits AS 65000 to originate a route for the prefix 192.2.200.0/24"
@2: