Upcoming Changes to ARIN’s Resource Public Key Infrastructure (RPKI)
Posted: Thursday, 13 April 2023
Service Update
The upcoming May software release will include multiple improvements to ARIN’s Resource Public Key Infrastructure (RPKI) services that will impact customers who utilize Hosted RPKI. These improvements will comprise a new, streamlined process for Route Origin Authorization (ROA) creation and maintenance, the introduction of auto-renewal for ROAs, and automation of previously ticketed processes for a more efficient RPKI experience.
ROA Creation
Customers will no longer need a ROA request signing key to register for Hosted RPKI services. Because customers will no longer need to create a private key, the ARIN Online user interface will feature streamlined and simplified ROA creation forms.
For customers who utilize ARIN’s API, there will be a new RESTful endpoint to create ROAs that will provide parity with the user interface improvements. For the foreseeable future, ARIN will continue supporting the existing (now referred to as legacy) RESTful provisioning endpoint for organizations with their own internal signing requirements.
ROA Auto-renewal
After the May software release, any ROA created via ARIN Online or the new RESTful provisioning endpoint will be automatically renewed, meaning all newly created ROAs will persist indefinitely until they are manually deleted. ARIN will also apply the auto-renew feature to any existing ROAs when we deploy this new functionality.
Please note: Any new ROAs created with the legacy RESTful endpoint will not be auto-renewed. If you would like your ROAs to be auto-renewed, you will need to use ARIN Online or the new RESTful provisioning endpoint. ARIN will be contacting customers who have created ROAs in both ARIN Online and REST to determine how they prefer to manage their existing ROAs.
More Efficient Processes
ARIN will automate resource certificate requests for users who hold Internet number resources under a Registration Services Agreement or Legacy Registration Services Agreement with ARIN. We are also improving the user interface for ROA generation. After successfully creating a ROA, you will see a confirmation notice before returning to your list of ROAs, which puts you one click away from creating your next ROA if necessary.
We hope these changes will make signing up for RPKI services much easier for our customers.
ARIN will inform the community when the software deployments are completed in May. In the meantime, visit the ARIN Blog in the coming weeks for additional details on these improvements.
Regards,
Brad Gorman
Senior Product Owner, ARIN Routing Security
American Registry for Internet Numbers (ARIN)
Recent Announcements
- ARIN Registration Services Plan (RSP) Fee Schedule Change - Effective 1 January 2025
- The 2024 Slate of Candidates for ARIN Elections
- Reminder of Upcoming Deadline for ARIN’s Multifactor Authentication (MFA) Enforcement for ARIN Online
- Congratulations to the 2024 ARIN Community Grant Recipients
- NOW CLOSED – Consultation on API Key Handling
- Congratulations to the ARIN 54 Selected Fellows
- Deadline Approaching — Make Sure Your Organization Is Eligible to Vote in ARIN’s Upcoming Elections!
- NRPM 2024.1 - New Policies Implemented
- ARIN on the Road is heading to Ottawa!
- ARIN 54 Registration Now Open
- » View Archive