mfld-pub
commented
4 years ago Nevermind, it seems to be an issue with ARIN. I just discovered this announcement:
Posted: Wednesday, 12 August 2020 Service Update
ARIN is currently investigating a report of a potential bug related to our RPKI services. We are queuing new ROA creation requests for processing until after the investigation and any necessary remediation work is completed.
We appreciate your patience and understanding.
massimocandela
Describe the bug Since ~24 hours ago, BGP Alerter sends me rpki missing alerts for ARIN prefixes that are clearly covered. I checked in ARIN and RPKI Validator that the ROA are still in place and not expired.
Provide an example
The route 2605:dd40:8004::/48 announced by AS398549 is not covered by a ROAExpected behavior False positive should not occur here because ROA is in place and valid: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/208edf3a-73a5-4614-9c76-5702d5c88977/635f5dfb-5bfc-3d24-af5b-3a30eaca820e.roa
Are you using the binary or the source code? Binary 1.26.2 on CentOS 8.
Your information Michael, today for AS398549
We also have some RIPE assets in the mix and no rpki alerts came for their ROA. Situation began ~ Wed, 12 Aug 2020 16:15:31 +0000 and is on-going now.