So just an update on this.

We've since completed the roll-out of dropping Invalids on eBGP sessions with customers as well.

It also included some Cisco ME3600X routers that will ultimately be replaced this year by Cisco ASR920 routers.

All in all, no major drama. 2 main issues I'd like to highlight:

We came across a number of customers whose routes were marked as Invalid due to inconsistent route origination, i.e., they had their routes originated by them and one or more other ASN's who had not created corresponding ROA's for the same.

In IOS XE, all iBGP routes are marked as Valid by default. This is not a big problem in practice, however, because all eBGP points are checked for RPKI state, and anything marked as Invalid is dropped. So whatever will appear in the iBGP would have already been scraped. Of course, IOS XE doing this is not ideal at all, and they are breaking the RFC mandate, but it doesn't cause any real harm.

Mark.