Upcoming Changes to ARIN’s Resource Public Key Infrastructure (RPKI)
Posted: Thursday, 13 April 2023
The upcoming May software release will include multiple improvements to ARIN’s Resource Public Key Infrastructure (RPKI) services that will impact customers who utilize Hosted RPKI. These improvements will comprise a new, streamlined process for Route Origin Authorization (ROA) creation and maintenance, the introduction of auto-renewal for ROAs, and automation of previously ticketed processes for a more efficient RPKI experience.
Customers will no longer need a ROA request signing key to register for Hosted RPKI services. Because customers will no longer need to create a private key, the ARIN Online user interface will feature streamlined and simplified ROA creation forms.
For customers who utilize ARIN’s API, there will be a new RESTful endpoint to create ROAs that will provide parity with the user interface improvements. For the foreseeable future, ARIN will continue supporting the existing (now referred to as legacy) RESTful provisioning endpoint for organizations with their own internal signing requirements.
After the May software release, any ROA created via ARIN Online or the new RESTful provisioning endpoint will be automatically renewed, meaning all newly created ROAs will persist indefinitely until they are manually deleted. ARIN will also apply the auto-renew feature to any existing ROAs when we deploy this new functionality.
Please note: Any new ROAs created with the legacy RESTful endpoint will not be auto-renewed. If you would like your ROAs to be auto-renewed, you will need to use ARIN Online or the new RESTful provisioning endpoint. ARIN will be contacting customers who have created ROAs in both ARIN Online and REST to determine how they prefer to manage their existing ROAs.
More Efficient Processes
ARIN will automate resource certificate requests for users who hold Internet number resources under a Registration Services Agreement or Legacy Registration Services Agreement with ARIN. We are also improving the user interface for ROA generation. After successfully creating a ROA, you will see a confirmation notice before returning to your list of ROAs, which puts you one click away from creating your next ROA if necessary.
We hope these changes will make signing up for RPKI services much easier for our customers.
ARIN will inform the community when the software deployments are completed in May. In the meantime, visit the ARIN Blog in the coming weeks for additional details on these improvements.
Senior Product Owner, ARIN Routing Security
American Registry for Internet Numbers (ARIN)
- Memorial Day Closing Information
- The 2023 Nomination Committee
- ARIN Community Grant Applications Now Open
- 2022 Annual Report Now Available
- New Features Added to ARIN Online
- Register Today for Our “Get to Know the ARIN Policy Development Process” Webinar
- Announcing the 2023 ARIN Grant Selection Committee
- Last Chance to Complete the ARIN Customer Satisfaction Survey
- ARIN Online Maintenance Scheduled for 13 May
- ARIN 51 Meeting Report Now Available
- » View Archive