Re: RPKI (was: Re: Cogent sales reps who actually respond)

[Christopher Morrow <morrowc.lists () gmail com>]

On Tue, Sep 17, 2019 at 5:49 PM Ronald F. Guilmette
<rfg () tristatelogic com> wrote:
> In message <MN2PR17MB402947F79FD83ABB9BBF429B9E8F0 () MN2PR17MB4029 namprd17 prod outlook com>,
> Martijn Schmidt <martijnschmidt () i3d net> wrote:
>
> > Hi Elad,
> >
> > If you were to create RPKI ROAs for the IPs in question...
>
> Thanks Martijn, for reminding me of a follow-up point that I had intended
> to make regarding my recent post about the 143.95.0.0/16 (Athenix) block.
>
> RPKI is the best we have and I cannot wait for the day when it will see
> universal deployment.  But it isn't actually the 100% solution that
> everyone has been hoping it would be.
>
> As the case of the 143.95.0.0/16 block illustrates, if the RIR has itself
> been snookered into believing that party X actually owns party Y's block,
> then that's it.  Game over, and RPKI doesn't help, because if the

I really don't think this part of the problem matters.
If a block is moved from one entity to another, that's it, nothing to
be done/seen here.

it's sad and someone should weep for the lost integers, but.. meh.
The RIR abuse process can cleanup as required mr curran's notes about:
"please send to fraud@"
would apply here directly.

-chris