Abstract:Resource public key infrastructure (RPKI) is a kind of technology which is used to protect the authenticity of Internet code number resources allocation and a kind of system of supporting inter-domain routing security which solves the problem of the lack of validation of route origination in BGP.However, it may result in the lack of authenticity and validity of ROA information due to the current data synchronism mechanism between the relying party of RPKI system and BGP routers.Meanwhile, it will bring a lot of performance load of BGP routes that query the cache lists continuingly.In this paper, we propose an improved method for route origination authentication.The sender routers real-timely apply for ROA certificates from RP and transmit them to the peer routers with the update message.Then the peer routers can apply for the public key to verify the certificates and verify the authenticity of the route originate.The verification mechanism is changed from updating the cache list periodically to real-time application for certification.It can effectively solve the problem that the ROA of the RP and the router data synchronization may be wrong, and reduce the running load of routes caused by querying the cache lists effectively.It is proved that the feasibility of the scheme using the simulation tool of Quagga and we make the detailed analysis for the applicable situation of two mechanisms.