ACSP Suggestion 2020.1: RFC8181-Compliant Publication Service for Delegated RPKI

Suggestion

Author: Alex Band   
Submitted On: 08 January 2020

Description: Offer an RFC8181 compliant RPKI Publication Service for members running Delegated RPKI.

Value to Community:

Running Delegated RPKI offers considerable benefits to ARIN members who want to be operationally independent from the Hosted RPKI system that ARIN offers, for example because members require more automation than the hosted web interface and ARIN RPKI API offer, or because they need to manage ROAs for address space that is spread across multiple RIR regions.

Delegated RPKI lets organisations create and manage their own Certificate Authority and ROAs, but publication of the cryptographic material can be outsourced to a third party, as specified in RFC 8181.

ARIN already has extensive experience with hosting RPKI data and has all the required infrastructure. Because there is an existing contractual relationship between ARIN and members who use RPKI services, it makes ARIN an ideal candidate for offering RPKI publication as a service.

Timeframe: Not specified

Status: Open   Updated: 18 February 2020

Tracking Information

ARIN Comment

18 February 2020

Thank you for your suggestion, numbered 2020.1 on confirmed receipt, asking that we offer an RFC 8181 compliant RPKI Publication Service for members running Delegated RPKI.

We agree that offering RPKI publication as a service to customers would provide benefit to those who wish to run delegated RPKI. We are closely following emerging initiatives and will be looking to leverage existing relevant work where possible. This suggestion will remain open for prioritization and inclusion on our future work plan.