Update:

Since I collect RPKI status data for Asian prefixes on rpki.anuragbhatia.com, I picked data from last scan (at 12th Aug noon time) with a fresh scan just now (12th Aug 11:30pm) IST. I see 64 new prefixes have suddenly become RPKI invalids.

Here's the list:

Origin AS Prefix AS Name NA 103.207.172.0 Wi-Bro Solutions Pvt. Ltd NA 2406:9e00:1110::/48 Microscan Computers Pvt. Ltd NA 2406:9e00:1111::/48 Microscan Computers Pvt. Ltd 17762 202.149.192.0 HTIL-TTML-IN-AP Tata Teleservices Maharashtra Ltd, IN 17803 123.238.26.0 RELIANCE-AS-IN Reliance Communication Ltd, IN 17803 123.238.96.0 RELIANCE-AS-IN Reliance Communication Ltd, IN 17803 124.125.231.0 RELIANCE-AS-IN Reliance Communication Ltd, IN 18101 220.227.178.0 RELIANCE-COMMUNICATIONS-IN Reliance Communications Ltd.DAKC MUMBAI, IN 24186 103.66.76.0 RAILTEL-AS-IN RailTel Corporation of India Ltd, IN 24186 103.66.76.0 RAILTEL-AS-IN RailTel Corporation of India Ltd, IN 24186 103.66.76.0 RAILTEL-AS-IN RailTel Corporation of India Ltd, IN 24186 103.66.77.0 RAILTEL-AS-IN RailTel Corporation of India Ltd, IN 24186 103.66.78.0 RAILTEL-AS-IN RailTel Corporation of India Ltd, IN 24186 103.66.78.0 RAILTEL-AS-IN RailTel Corporation of India Ltd, IN 24186 103.66.79.0 RAILTEL-AS-IN RailTel Corporation of India Ltd, IN 55352 103.239.171.0 MCPL-IN Microscan Computers Private Limited, IN 55352 2406:9e00:1::/48 MCPL-IN Microscan Computers Private Limited, IN 55352 2406:9e00:2::/48 MCPL-IN Microscan Computers Private Limited, IN 55352 2406:9e00:3::/48 MCPL-IN Microscan Computers Private Limited, IN 55352 2406:9e00:4::/48 MCPL-IN Microscan Computers Private Limited, IN 55352 2406:9e00:6::/48 MCPL-IN Microscan Computers Private Limited, IN 55352 2406:9e00:7::/48 MCPL-IN Microscan Computers Private Limited, IN 55352 2406:9e00:8::/48 MCPL-IN Microscan Computers Private Limited, IN 55352 2406:9e00:9::/48 MCPL-IN Microscan Computers Private Limited, IN 55352 2406:9e00::/48 MCPL-IN Microscan Computers Private Limited, IN 55352 2406:9e00:a::/48 MCPL-IN Microscan Computers Private Limited, IN 55352 2406:9e00:b::/48 MCPL-IN Microscan Computers Private Limited, IN 55352 2406:9e00:c::/48 MCPL-IN Microscan Computers Private Limited, IN 55352 2406:9e00:d::/48 MCPL-IN Microscan Computers Private Limited, IN 55352 2406:9e00:e::/48 MCPL-IN Microscan Computers Private Limited, IN 55352 2406:9e00:f::/48 MCPL-IN Microscan Computers Private Limited, IN 132453 2400:80c0::/48 TRIPLE-PLAY-IN TRIPLE PLAY BROADBAND PRIVATE LIMITED, IN 132933 103.252.108.0 CTPLAND-AS CharotarTelelink Pvt Ltd, IN 132933 103.252.108.0 CTPLAND-AS CharotarTelelink Pvt Ltd, IN 132933 103.252.108.0 CTPLAND-AS CharotarTelelink Pvt Ltd, IN 132933 103.252.109.0 CTPLAND-AS CharotarTelelink Pvt Ltd, IN 132933 103.252.110.0 CTPLAND-AS CharotarTelelink Pvt Ltd, IN 132933 103.252.111.0 CTPLAND-AS CharotarTelelink Pvt Ltd, IN 132933 103.60.176.0 CTPLAND-AS CharotarTelelink Pvt Ltd, IN 132933 103.60.176.0 CTPLAND-AS CharotarTelelink Pvt Ltd, IN 132933 103.60.176.0 CTPLAND-AS CharotarTelelink Pvt Ltd, IN 132933 103.60.177.0 CTPLAND-AS CharotarTelelink Pvt Ltd, IN 132933 103.60.178.0 CTPLAND-AS CharotarTelelink Pvt Ltd, IN 132933 103.60.179.0 CTPLAND-AS CharotarTelelink Pvt Ltd, IN 132933 45.120.120.0 CTPLAND-AS CharotarTelelink Pvt Ltd, IN 132933 45.120.120.0 CTPLAND-AS CharotarTelelink Pvt Ltd, IN 132933 45.120.120.0 CTPLAND-AS CharotarTelelink Pvt Ltd, IN 132933 45.120.121.0 CTPLAND-AS CharotarTelelink Pvt Ltd, IN 132933 45.120.122.0 CTPLAND-AS CharotarTelelink Pvt Ltd, IN 132933 45.120.123.0 CTPLAND-AS CharotarTelelink Pvt Ltd, IN 134053 103.97.92.0 EXPL-AS-IN ETHERNET XPRESS PVT. LTD., IN 135730 103.68.25.0 DMIMS-AS Datta Meghe Institute Of Medical Sciences, IN 135733 103.68.16.0 SPEARHEAD-AS SPEARHEAD LIFESTYLE INDIA PRIVATE LIMITED, IN 135733 103.68.17.0 SPEARHEAD-AS SPEARHEAD LIFESTYLE INDIA PRIVATE LIMITED, IN 135733 103.68.18.0 SPEARHEAD-AS SPEARHEAD LIFESTYLE INDIA PRIVATE LIMITED, IN 135733 103.68.19.0 SPEARHEAD-AS SPEARHEAD LIFESTYLE INDIA PRIVATE LIMITED, IN 136374 103.24.109.0 MICR-AS Microtalk Communications Pvt Ltd, IN 136374 103.24.110.0 MICR-AS Microtalk Communications Pvt Ltd, IN 136374 45.120.17.0 MICR-AS Microtalk Communications Pvt Ltd, IN 137166 103.198.96.0 DSCONNPT-AS Digital Satellite Connect Pvt Ltd, IN 137166 103.198.97.0 DSCONNPT-AS Digital Satellite Connect Pvt Ltd, IN 137166 103.198.98.0 DSCONNPT-AS Digital Satellite Connect Pvt Ltd, IN 137166 103.198.99.0 DSCONNPT-AS Digital Satellite Connect Pvt Ltd, IN 138754 103.148.20.0 KVBPL-AS-IN Kerala Vision Broad Band Private Limited, IN

Suspecting some corruption from IRINN end here. Only networks with these pools should be able to verify. If you see your prefix/ASN in this list - please get the RPKI ROA fixed.

Good luck!

On Thu, Aug 12, 2021 at 11:04 PM Anurag Bhatia me@anuragbhatia.com wrote:

Hello everyone,

Heard of issues in a friend's network and found that their RPKI ROAs have been tweaked. Upon noticing I see some more similar random cases where origin AS has been changed to non-existent AS in some cases. Since these pools are with IRINN, networks cannot change these directly but have to go via IRINN way.

An example of this: AS59199 - a non-existent AS with bunch of prefixes from Railtel to Microscan:

[image: image.png]

I suspect some unauthorized alteration within RPKI ROA data. *Anyone else facing issues today? *

Note: RPKI Invalids will face partial connectivity and many global networks would just drop them resulting in many issues.

-- Anurag Bhatia anuragbhatia.com