On Wed, Sep 18, 2024 at 6:21 AM Steven Wallace <ssw@internet2.edu> wrote:

Greeting,

Internet2 uses Cloudflare’s https://rpki.cloudflare.com/rpki.json as an alternate source for RPKI-ROA information. We recently discovered that this file omits IPv4 ROAs longer than /24. It would be helpful if it included all ROAs.

Interestingly, Cloudflare’s web-based validator does include longer ROAs:
https://rpki.cloudflare.com/?view=validator&validateRoute=1351_209.198.99.64%2F27

Cloudflare, any chance you could include all ROAs in this file?

Cloudflare rpki data is flawed in a few ways.

They say 2001:4870:140::/44

is on the internet, but it is not.

I reached out to many folks at Cloudflare many times for months, but they have a bad data issue and choose not to fix it.

Long story short, cloudflare rpki data is not for production use.

thanks,

steve

Steven Wallace
Director - Routing Integrity
Internet2
ssw@internet2.edu