On 28 Apr 2012, at 19:45, Nick Hilliard wrote: > On 28/04/2012 18:27, Phil Regnauld wrote: >> To me that seems like the most obvious problem, but as Alex put it, >> "Everyone has the ability to apply an override on data they do not >> trust, >> or have a specific local policy for." > > So what do you suggest to do with a roa lookup which returns "Invalid"?
In case you feel a BGP announcement should not be "RPKI Invalid" but something else, you do what's described on slide 15-17: https://ripe64.ripe.net/presentations/77-RIPE64-Plenery-RPKI.pdf -Alex
