[SANOG] AS0 RPKI system deployed in production (Prop132)
Srinivas (Sunny) Chendi
sunny at apnic.net
Wed Sep 2 00:52:53 UTC 2020
________________________________________________________________________
AS0 RPKI system deployed in production (Prop132)
________________________________________________________________________
The AS0 RPKI system previously in test has now been deployed to
production. This completes implementation of APNIC Policy Prop132
"RPKI ROAs for unallocated and unassigned APNIC address space"
https://www.apnic.net/community/policy/proposals/prop-132
A new TAL is being used which can be fetched from:
https://tal.apnic.net/apnic-as0.tal
Alternate forms of this TAL are also available and are documented at:
https://www.apnic.net/community/security/resource-certification/tal-archive/
Please replace any prior TAL configuration in your RPKI validation
systems. If you are not using this TAL consider adding it to get
notification of authenticated denial of unallocated resources in
the APNIC region.
A report on deployment will be presented at APNIC50. This service
will be discussed in the APNIC Routing SIG at the meeting, and
subsequently on the mailing list:
https://www.apnic.net/community/participate/sigs/routing-sig/
A blog article describing the deployment methodology is available at:
https://blog.apnic.net/2020/09/02/policy-prop-132-as0-for-unallocated-space-deployed-in-service/
Caveats and warnings about the use of this AS0 ROA are documented at:
https://www.apnic.net/community/security/resource-certification/apnic-limitations-of-liability-for-rpki/#caveatsandwarnings
________________________________________________________________________
APNIC Secretariat secretariat at apnic.net
Asia Pacific Network Information Centre (APNIC) Tel: +61 7 3858 3100
PO Box 3646 South Brisbane, QLD 4101 Australia Fax: +61 7 3858 3199
6 Cordelia Street, South Brisbane, QLD http://www.apnic.net
________________________________________________________________________
More information about the sanog
mailing list