We use a unique dataset containing all RPKI Route Origin Authorizations (ROAs) from the moment RPKI was first deployed, more than 8 years ago. We combine this dataset with BGP announcements from more than 3,300 BGP collectors worldwide. Our analysis shows the after a gradual start, RPKI has seen a rapid increase in adoption over the past two years. We also show that although misconfigurations were rampant when RPKI was first deployed (causing many announcements to appear as invalid) they are quite rare today. We develop a taxonomy of invalid RPKI announcements, then quantify their prevalence. We further identify suspicious announcements indicative of prefix hijacking and present case studies of likely hijacks.
Overall, we conclude that while misconfigurations still do occur, RPKI is “ready for the big screen,” and routing security can be increased by dropping invalid announcements. To foster reproducibility and further studies, we release all RPKI data and the tools we used to analyze it into the public domain.
|Title of host publication||IMC '19|
|Subtitle of host publication||ACM Internet Measurement Conference, Amsterdam Netherlands, October, 2019|
|Place of Publication||New York|
|Publisher||Association for Computing Machinery (ACM)|
|Number of pages||14|
|Publication status||Published - 21 Oct 2019|
|Event||Internet Measurement Conference, IMC 2019 - Koninklijk Instituut voor de Tropen, Amsterdam, Netherlands|
Duration: 21 Oct 2019 → 23 Oct 2019
|Conference||Internet Measurement Conference, IMC 2019|
|Period||21/10/19 → 23/10/19|
- Routing security