Skip to main content

BGP RPKI-Based Origin Validation on Export

Document Type Replaced Internet-Draft (individual)
Expired & archived
Authors Randy Bush , Rüdiger Volk , Jakob Heitz
Last updated 2019-12-01 (Latest revision 2019-05-30)
Replaced by RFC 8893
RFC stream (None)
Intended RFC status (None)
Stream Stream state (No stream defined)
Consensus boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Replaced by draft-ietf-sidrops-ov-egress
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:


A BGP speaker may perform RPKI origin validation not only on routes received from BGP neighbors and routes that are redistributed from other routing protocols, but also on routes it sends to BGP neighbors. For egress policy, it is important that the classification uses the effective origin AS of the processed route, which may specifically be altered by the commonly available knobs such as removing private ASs, confederation handling, and other modifications of the origin AS.


Randy Bush
Rüdiger Volk
Jakob Heitz

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)