A Routing Zone of Trust can defend members and their customers from path hijacks in the zone if members (M) mark routes from their customers as VERIFIED(v) as they enter the zone, and other zone members select VERIFIED routes over unverified routes. Above, M|$_{1}$| expects its direct customer B to announce 192.0.2.0/24, so M|$_{1}$| marks that route as VERIFIED and propagates it to other zone members. Black arrows show c2p links, lines without arrows show p2p links, and green arrows show route propagation from B. The hijacked route via Z does not propagate in the zone because Z is not a member, and the zone has an alternative VERIFIED route.