ACSP Suggestion 2020.1: RFC8181-Compliant Publication Service for Delegated RPKI
Author: Alex Band
Submitted On: 08 January 2020
Description: Offer an RFC8181 compliant RPKI Publication Service for members running Delegated RPKI.
Value to Community:
Running Delegated RPKI offers considerable benefits to ARIN members who want to be operationally independent from the Hosted RPKI system that ARIN offers, for example because members require more automation than the hosted web interface and ARIN RPKI API offer, or because they need to manage ROAs for address space that is spread across multiple RIR regions.
Delegated RPKI lets organisations create and manage their own Certificate Authority and ROAs, but publication of the cryptographic material can be outsourced to a third party, as specified in RFC 8181.
ARIN already has extensive experience with hosting RPKI data and has all the required infrastructure. Because there is an existing contractual relationship between ARIN and members who use RPKI services, it makes ARIN an ideal candidate for offering RPKI publication as a service.
Timeframe: Not specified
Status: Open Updated: 18 February 2020
- ACSP 2021.4: Offer Publication Server/Repository for Delegated RPKI
- ACSP 2021.8: Offer Publication Server/Repository for Delegated RPKI
18 February 2020
Thank you for your suggestion, numbered 2020.1 on confirmed receipt, asking that we offer an RFC 8181 compliant RPKI Publication Service for members running Delegated RPKI.
We agree that offering RPKI publication as a service to customers would provide benefit to those who wish to run delegated RPKI. We are closely following emerging initiatives and will be looking to leverage existing relevant work where possible. This suggestion will remain open for prioritization and inclusion on our future work plan.