Dear Zhong, Following up on this thread, I'd like to clarify three specific points based on routing data and operational reality. ## 1. MoeDove's reply: Unprofessional tone, but technically accurate While the MoeDove engineer's opening ("To idiot haoziwan.xyz") was undeniably unprofessional, their technical and legal substance was entirely correct. They raised a fundamental question: How can a prefix with zero public visibility hijack traffic? We now have RIPE RIS data confirming that AS202734 originated exactly zero hijacked Chinese carrier prefixes during the alleged window. If these routes were only visible to the HE BGP Toolkit collector via a local feed and leaked nowhere else, there was zero impact on global traffic. The reporter has yet to counter this with any actual routing data. On the policy side, MoeDove's citation of Section 6.3 of the RIPE End User Assignment Agreement is spot-on. The sponsoring LIR is not the BGP operator for the end-user's ASN; liability for resource usage rests squarely with the end-user. ## 2. Sunoaki Network saw nothing — and RIPE RIS confirms it Sunoaki Network (AS47778) peers directly with AS202734 over IPv6, and we received zero hijacked prefixes from this session. The only IPv6 prefixes we observed were their four legitimate allocations and 2a0f:1cc5:ffff::/48 (a well-known multi-origin research prefix). A query of RIPE RIS across the claimed hijack window yields the same clean slate: * May 16 — Originated v4: 0 | Originated v6: 6 (all legitimate) * May 17 — Originated v4: 0 | Originated v6: 6 (all legitimate) * May 22 — Originated v4: 0 | Originated v6: 5 (one research prefix withdrawn) The single prefix removed between May 17 and May 22 was 2a0f:1cc5:ffff::/48. This is an experimental multi-origin prefix announced across 20+ ASNs globally, marked as "Global Multi-origin Experimental Network" in WHOIS, and geolocated in Antarctica (AQ). It has absolutely nothing to do with Chinese carrier space. If 3,948 hijacked IPv4 prefixes were supposedly announced but never hit RIPE RIS collectors, they simply did not exist on the global routing table. Internal collector data from a single provider does not equal the real-world internet. If anyone has RouteViews/RIS snapshots or traceroutes proving global propagation, please share them. Otherwise, this claim holds no water. ## 3. The sponsorship is fully compliant (The "Virtual Org" myth) The ongoing claim that JIANYUELAB LTD is a "virtual organization" incapable of holding EU network infrastructure is demonstrably false. AS215172 (JIANYUELAB LTD) operates a legitimate carrier-type network with: * Direct fabric connections at LOCIX Frankfurt. * Active transit upstreams including Cogent (AS174), HE (AS6939), and xTom (AS3204). This is a real network with a physical footprint in the EU. The insinuation that a UK-registered entity cannot have European network elements ignores both geography and RIPE's service region guidelines. The RIPE NCC analyst already confirmed that the sponsor provided valid evidence of a network element within the service area. That should have settled the matter. ## Summary The narrative of a "premeditated hijack of Chinese carriers" completely falls apart under scrutiny: * Zero hijacked Chinese carrier prefixes in RIPE RIS. * Zero hijacked routes in public BIRD configurations. * Zero hijacked prefixes received by direct peers (like Sunoaki). * A fully compliant, verified sponsorship arrangement. Instead of chasing ghosts, the community's time would be much better spent on: 1. Providing actual, inline traceroute data to back up claims. 2. Accelerating ROV (Route Origin Validation) deployment, which would make arguments like this entirely irrelevant. Regards, Bo Xu Network Engineer Sunoaki Network LLC