RPKI (Resource Public Key Infrastructure) is a way to help prevent BGP hijacking. It uses cryptographic signatures to validate that an ASN is allowed to announce a particular subnet. ROAs (Route Origination Authorizations) are the key components of RPKI. ROAs only contain a few items: ASN, subnet, and max length. The ROA is then cryptographically signed and is published publicly. Any router can then use the ROA to verify that a particular announcement is authorized by the owner of the IP spac......