RPKI/ROA is a way to cryptographically prove what someone needs to prepend if they want to hijack your addresses.
Owen > On Oct 28, 2022, at 08:00, Samuel Jackson <bobin.pub...@gmail.com> wrote: > > Hello, > I am new to RPKI/ROA and still learning about RPKI. From all my reading on > ARIN's documents I am not able to answer some of my questions. > We have a public ARIN block and advertise smaller subnets from that to our > ISP's. We do not have any RPKI configs. > We need to setup ROA's to take another subnet from the ARIN block to AWS. > Reading ARIN's docs, it seems I need to get setup on their Hosted RPKI > service after which I can configure ROA's for the networks I am taking to AWS. > > My question is, will this impact my existing advertisements to my ISP's. The > current advertisements do not have ROA's. > Will having RPKI for my ARIN network, without ROA's for the existing > advertisements impact me? > > Thanks for your help. > > Ref: > https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-byoip.html > https://www.arin.net/resources/manage/rpki/roa_request/ > https://www.arin.net/resources/manage/rpki/hosted/
