The Resource Public Key Infrastructure (RPKI) is a system to add security to the Internet
routing. In recent years, the publication of Route Origin Authorization (ROA) objects, which …

Relying party validator is a critical component of RPKI: it fetches and validates signed
authorizations mapping prefixes to their owners. Routers use this information to block bogus …

We demonstrate the first downgrade attacks against RPKI. The key design property in RPKI
that allows our attacks is the tradeoff between connectivity and security: when networks …

Best practices for making RPKI resilient to failures and attacks recommend using multiple
URLs and certificates for publication points as well as multiple relying parties. We find that …

Mutually Agreed Norms on Routing Security (MANRS) is an industry-led initiative to improve
Internet routing security by encouraging participating networks to implement a series of …

BGP is a gaping hole in Internet security, as evidenced by numerous hijacks and outages.
The significance of BGP for stability and security of the Internet has made it a top priority on …

BGP is a gaping security hole in today's Internet, as evidenced by numerous Internet
outages and blackouts, repeated traffic hijacking, and surveillance incidents. Yet, despite …

Securing inter-domain routing systems of the Internet from illegitimate prefix annoucements
has been a great concern for the researchers and network operators. After the failure of …

In this paper, we introduce a framework to observe RPKI relying parties (ie, those that fetch
RPKI data from the distributed repository) and present insights into this ecosystem for the …

Pinpointing autonomous systems which deploy specific inter-domain techniques such as
Route Flap Damping (RFD) or Route Origin Validation (ROV) remains a challenge today …