In one example, a method includes receiving, by a first network device via a routing protocol peering session with a peer router in a first autonomous system, a plurality of routing protocol routes to destination addresses, each routing protocol route specifying a network address prefix and an identifier of the autonomous system that originated the routing protocol route; receiving network address prefix ownership information from a distributed ledger storing a plurality of associations between respective network address prefixes and respective autonomous system identifiers of autonomous systems confirmed to own the respective network address prefixes; determining, based at least on the prefix ownership information, whether any of the plurality of routing protocol routes specifies an autonomous system identifier different than specified by the associations; and in response to determining that one of the routes specifies an autonomous system identifier different than specified by the plurality of associations, performing an action.