On Wed, Sep 18, 2024 at 6:21 AM Steven Wallace <ssw@internet2.edu> wrote:
Greeting,
Internet2 uses Cloudflare’s https://rpki.cloudflare.com/rpki.json as an alternate source for RPKI-ROA information. We recently discovered that this file omits IPv4 ROAs longer than /24. It would be helpful if it included all ROAs.
Interestingly, Cloudflare’s web-based validator does include longer ROAs:
https://rpki.cloudflare.com/?view=validator&validateRoute=1351_209.198.99.64%2F27
Cloudflare, any chance you could include all ROAs in this file?
Cloudflare rpki data is flawed in a few ways. They say 2001:4870:140::/44 is on the internet, but it is not. I reached out to many folks at Cloudflare many times for months, but they have a bad data issue and choose not to fix it. Long story short, cloudflare rpki data is not for production use.
thanks,
steve
Steven Wallace Director - Routing Integrity Internet2 ssw@internet2.edu