> In case you feel a BGP announcement should not be "RPKI Invalid" but > something else, you do what's described on slide 15-17: > > https://ripe64.ripe.net/presentations/77-RIPE64-Plenery-RPKI.pdf
The same currently happens with DNSSEC, doing what Comcast calls "negative trust anchors": http://tools.ietf.org/html/draft-livingood-negative-trust-anchors-01 Rubens
