The RPKI is crucial for securing the routing system of the Internet. With the RPKI, owners of Internet resources can make cryptographically backed claims, for example about the legitimate origin of their IP space. Thousands of networks use this information to detect malicious or accidental route hijacks. The RPKI consists out of 100 distributed repositories. However, public reports claim that some of these repositories are unreliable. A current Internet-Draft suggests best practices on how to operate these repositories, with the goal to improve deployment quality. Inspired by this draft, we take a first look at the operational practices of repositories of the RPKI. We mainly focus on the distribution of RPKI information. We find that there is a wide variety in deployment practices, of which some might risk the availability of parts of the information in the RPKI. This study creates a baseline for measuring the maturity of RPKI repositories in the future.

翻译：RPKI（资源公钥基础设施）对于保障互联网路由系统的安全至关重要。通过RPKI，互联网资源所有者能够提出加密支持的声明，例如关于其IP地址空间合法起源的声明。数千个网络利用该信息检测恶意或意外的路由劫持。RPKI由100个分布式存储库组成，但公开报告指出部分存储库存在不可靠问题。当前一份互联网草案提出了运营这些存储库的最佳实践方案，旨在提升部署质量。受该草案启发，我们首次对RPKI存储库的运营实践进行考察，重点关注RPKI信息的分发机制。研究发现部署实践存在显著差异，其中某些做法可能危及RPKI部分信息的可用性。本研究为未来衡量RPKI存储库成熟度建立了基准。