These prefixes will be originated, or owned, by an autonomous system (AS), and the routing tables between ASes are maintained using the Border Gateway Protocol (BGP).
The Resource Public Key Infrastructure (RPKI) is designed to authenticate route origins via cryptographic certificate chains demonstrating address block range ownership but is not widely deployed yet.
In other words, an announcement from one Autonomous System (AS) regarding a learned BGP route to another AS contravenes the intended policies of the recipient, the sender, and/or one of the ASes along the preceding AS path."
In practice, this problem rarely occurs with large Internet Service Providers (ISPs) as they typically impose restrictions on what an end customer can advertise.
However, any ISP that does not filter customer advertisements may inadvertently allow incorrect information to be propagated into the global routing table, potentially affecting even the large Tier-1 providers.
This action can be carried out to overwhelm the infiltrated ISP or to execute a Denial of Service (DoS) or impersonation attack on the entity whose prefix is being advertised.
In an incident from early 2008, at least eight US universities experienced their traffic being rerouted to Indonesia for approximately 90 minutes one morning in an attack that was largely kept under wraps by those involved.
[citation needed] Also, in February 2008, a large portion of YouTube's address space was redirected to Pakistan when the PTA decided to block access[7] to the site from inside the country, but accidentally black-holed the route in the global BGP table.
The difference in this situation is that each point advertising a prefix actually has access to the real data (DNS in this case) and responds correctly to end user requests.