What is RPKI?
RPKI (Resource Public Key Infrastructure) is a security framework that proves that network operators or IP resource owners have the right to use IP blocks.
How does RPKI work?
Trusted Certification Authorities (CA) issue certificates to IP owners. These certificates are stored in the IRR database, and ISPs check them.
If a specific subnet doesn't have an RPKI certificate issued, or if it is announced from a different ASN, ISPs can drop announcements and all traffic from these subnets. This is done to prevent potential IP hijacking.
Why do you need RPKI?
Some ISPs drop announcements and traffic from sources that don't have RPKI. This might limit access from part of the Internet.