When I look at the relevant CSV file on MY management, it shows the IP address as being in the US.
"534523904","534527999","iana","410227200","US","USA","United States"
That file is listed here:
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...To see what the Updatable Object says, we can leverage the fact that a Dynamic Object is created "under the hood" when used in the policy: dynamic_objects -uo_show
And it turns out that IP address is NOT listed among the ranges in CP_GEO_US (the dynamic object created for United States).
Theoretically, we should be using the same data source for both here, but clearly there is a difference.
Let me ask around internally.