ARIN's Internet Routing Registry (IRR) Object Templates

Introduction

Template Formatting

  • The template must be formatted as plain text.
  • You may only use the printed ASCII character set.
  • Each attribute-value pair (i.e. as-name: EXAMPLE-AS) must start on a separate line, with no blank lines within an object.
  • Attribute names have a precisely defined syntax and only use alphanumeric characters and hyphens.
  • The attribute name must start at column 0 and must immediately be followed by a colon. For example: mntner: MNT-EXAMPLE
  • Attributes are mandatory, optional, or automatically generated, and may either be a single-value or multiple-value.
  • Make sure to include values for all mandatory fields.
  • You may choose to include values for any or none of the optional fields, but please delete any optional fields that you do not fill out.

Security Note

ARIN strongly recommends against using MAIL-FROM for authentication of your templates, as it is the weakest form of authentication.

If using MD5-PW authentication, place the password: attribute below the first line in an object template (do not do this for the mntner template). For additional information, visit Authorization and Authentication.

If you have questions about using authentication, please open an Ask ARIN ticket in ARIN Online.

Object Definitions

Object definition starts with the class attribute and ends with the first blank line. You cannot use a blank line in the object, as the software will read this as being the end of the object. We apply a heuristic method to each paragraph of text in the input to determine if it is an object. Any part of the message that is not recognized as an object is ignored. These parts are grouped together at the end of the acknowledgement message.

Attributes

Attributes can be mandatory, optional or generated. You must define mandatory attributes in all instances of an object type. If you do not, then the update will fail. You can skip optional attributes. However, if you do decide to define optional attributes, then both the attribute and its value must be syntactically correct. If they are not, then your update will fail. When you skip an optional attribute, remove it completely from the object template. You cannot include the attribute name and leave the value blank.

The database software creates any generated attributes. You can skip generated attributes. Where a user-supplied value is not correct, the software will replace it with a generated value. If the software changes a user-supplied value, it will explain the change in a warning message returned to the user. When you skip a generated attribute, remove it completely from the object. You cannot include the attribute name and leave the value blank.

Attributes can have single or multiple values. You can only include a single value attribute once in an object. That one instance can only have a single value. You can include a multiple value attribute many times within an object.

Attribute Definitions

Field Description
[mandatory] You must include at least one instance of this attribute in an object of the class.
[optional] This attribute is optional and you can leave it out completely.
[generated] The server automatically generates this attribute and you can leave it out completely. If you provide the value, it may be replaced.
[single] Objects must contain only one instance of this attribute - value pair.
[multiple] Objects may include many multiple value attributes, with one or many comma-separated values. The only exception to this is a free text value, in which case there may only be one value, as a comma may be a part of the free text.
[look-up key] This attribute is indexed.
[inverse key] This attribute is in the “reverse” index.
[primary key] This attribute is (part of) the class primary key.
[primary/lookup key] This attribute is indexed and is also (part of) the class primary key.

In an object template, the first column represents an attribute, the second and third columns specify the type of the attribute, and the fourth column tells whether the attribute is (part of) a database key for the object.

Object Types

This section describes the object types (classes) that the ARIN IRR supports.

as-set

An as-set object defines a set of aut-num objects.

Note: Hierarchical authorization is currently not supported.

Example of an as-set object template:

as-set: [mandatory] [single] [primary/lookup key]
descr: [mandatory] [multiple] []
members: [optional] [multiple] []
mbrs-by-ref: [optional] [multiple] [inverse key]
remarks: [optional] [multiple] []
tech-c: [mandatory] [multiple] [inverse key]
admin-c: [mandatory] [multiple] [inverse key]
notify: [optional] [multiple] [inverse key]
mnt-by: [mandatory] [multiple] [inverse key]
mnt-lower: [optional] [multiple] [inverse key]
changed: [mandatory] [multiple] []
source: [mandatory] [single] []
Attribute Name <attribute_value(type)> Description
as-set: <object name> A name you give to a group of Autonomous System Numbers (ASNs). It is a Routing Policy Specificaton Language (RPSL) name that starts with as-.
descr <freeform> A short description of the organization and location where this object is used. The description can have multiple lines. It should contain the full postal address as listed in the ARIN registration.
members list of <as-number> or <as-set-name> Lists the members of the set. It can be either a list of ASNs or other as-set names.
mbrs-by-ref list of <mntner-name> | ANY A list of mntner objects. Any aut-num objects associated with these mntner objects that indicate they’re a member-of this set will be included in the set. If the value of a mbrs-by-ref: attribute is ANY, any aut-num referring to the set is a member of the set. If the mbrs-by-ref: attribute is missing, the set is defined explicitly by the members: attribute.
remarks <freeform> Free-form text explaining or clarifying the object.
tech-c <ARIN POC Handle> An ARIN POC handle for a technical contact. This is someone to be contacted for technical problems such as misconfiguration. Example: tech-c: SJ4-ARIN
admin-c <ARIN POC Handle> An ARIN POC handle for an administrative contact. Example: admin-c: JS1001-ARIN
notify <email> An email address to which the ARIN IRR will send an email when this object is changed.
mnt-by list of <mntner-name> The mntner ID of the organization responsible for maintaining this object (typically your own mntner ID).
mnt-lower list of <mntner-name> Specifies the identifier of a registered mntner object used for hierarchical authorization. The authentication method of this mntner object will then be used to authorize the creation of any other as-set objects one level more specific in a hierarchy.
changed <email><date> Specifies who submitted the update, and when the object was updated. The format of the date is YYYYMMDD. Dates in the future are not allowed. If the date is not specified, the database software will add the date when the update was actually processed. There must be at least one changed: attribute; if there are more, they must be in ascending date order. This attribute is for the user’s own reference. Nothing can be reliably determined by anyone other than the user about the object or its change history by looking at the changed: attributes. Example: changed: user@example.com 20080130
source <registry-name> The routing registry name. ARIN is the value to use here for the ARIN IRR.

Visit RFC 2622 for a full description of the as-set class and its use.

A sample completed as-set template follows (please do not use this information to fill out your template; this data is included for reference only):

as-set:  AS-CUSTOMERS
descr:   Example, Inc.
descr:   114 Pine Circle
descr:   Oakton, NY 11333
descr:   US
members: AS65533, AS65532
tech-c:  EXAMPLE123-ARIN
admin-c: EXAMPLE456-ARIN
mnt-by:  MNT-YOURORGID
changed: user@example.com 20080130
source:  ARIN

aut-num

The aut-num object specifies an Autonomous System (AS) and its routing policies. It refers to a group of IP networks that have a single and clearly-defined external routing policy, operated by one or more network operators.

An aut-num object template example follows:

aut-num: [mandatory] [single] [primary/lookup key]
as-name: [mandatory] [single] []
descr: [mandatory] [multiple] []
member-of: [optional] [multiple]
import: [optional] [multiple] []
mp-import: [optional] [multiple] []
export: [optional] [multiple] []
mp-export: [optional] [multiple] []
default: [optional] [multiple] []
mp-default: [optional] [multiple] []
remarks: [optional] [multiple] []
admin-c: [mandatory] [multiple] [inverse key]
tech-c: [mandatory] [multiple] [inverse key]
notify: [optional] [multiple] [inverse key]
mnt-lower: [optional] [multiple] [inverse key]
mnt-by: [mandatory] [multiple] [inverse key]
changed: [mandatory] [multiple] []
source: [mandatory] [single] []
Fields <attribute_value(type)> Defined As
aut-num <as-number> Your ASN in the format AS<number>. Leading zeroes (for example, AS0352) are not allowed and will be removed by the database software (for example, AS352).
as-name <object-name> A descriptive name associated with the AS.
descr <freeform> A short description of the organization and location where this object is used. The description can have multiple lines. It should contain the full postal address as listed in the ARIN registration.
member-of list of <set-name> Identifies a list of as-set objects that this ASN wants to be a member of. This claim, however, should be acknowledged by a respective mbrs-by-ref: attribute in the as-set object.
import [protocol <protocol-1>]
[into <protocol-2>]
from <peering-1>
[action <action-1>]

from <peering-N>
[action <action-N>]
[accept <filter>]
Indicates the ASNs of the peers from which your AS will receive routing information and describes the routing information you’ll accept. Consult RFC2622 for detailed information.
mp-import [protocol <protocol-1>]
[into <protocol-1>]
afi <afi-list>]from
<peering-1>
[action <action-1>]

from <peering-N>
[action <action-N>]
accept (<filter>|<filter>
except
<importexpression> |
<filter> refine
<importexpression>)
Used to specify IPv6 and multicast routing policies.
export to <peering-1>
[action <action-1>]

to <peering-N>
[action <action-N>]
announce <filter>
Indicates the ASNs of the peers to which your AS will provide routing information and describes the routing information you’ll provide. Consult RFC2622 for detailed information.
mp-export [protocol <protocol-1>]
[into <protocol-1>]
afi <afi-list> to <peering-1>
[action <action-1>]

to <peering-N>
[action <action-N>]
announce <filter>
Used to specify IPv6 and multicast routing policies.
default to <peering>
[action <action>]
[networks <filter>]
Specifies your AS’s default routing policy. Consult RFC2622 for detailed information.
mp-default to <peering>
[action <action>]
[networks <filter>]
Used to specify IPv6 and multicast routing policies.
remarks <freeform> Free-form text explaining or clarifying the object.
admin-c <ARIN POC Handle> An ARIN POC handle for an administrative contact. Example: admin-c: JS1001-ARIN
tech-c <ARIN POC Handle> An ARIN POC handle for a technical contact. This is someone to be contacted for technical problems such as misconfiguration. Example: tech-c: SJ4-ARIN
notify <email> An email address to which the ARIN IRR will send an email when this object is changed.
mnt-lower list of <mntner-name> Specifies the identifier of a registered mntner object used for hierarchical authorization. The authentication method of this mntner object will then be used to authorize the creation of any route and route6 objects one level more specific to this autnum object.
mnt-by list of <mntner-name> The mntner ID of the organization responsible for maintaining this object (typically your own mntner ID).
changed <email>
<date>
Specifies who submitted the update, and when the object was updated. The format of the date is YYYYMMDD. Dates in the future are not allowed. If the date is not specified, the database software will add the date when the update was actually processed. There must be at least one changed: attribute; if there are more, they must be in ascending date order. This attribute is for the user’s own reference. Nothing can be reliably determined by anyone other than the user about the object or its change history by looking at the changed: attributes. Example: changed: user@example.com 20080130
source <registry-name> The routing registry name. ARIN is the value to use here for the ARIN IRR.

Visit RFC 2622 for a full description of the aut-num class and its use.

A sample completed aut-num template follows (please do not use this information to fill out your template; this data is included for reference only):

aut-num: AS65534
as-name: EXAMPLE-AS
descr:   Example, Inc.
descr:   114 Pine Circle
descr:   Oakton, NY 11333
descr:   US
import:  from AS65535 accept ANY
import:  from AS65533 accept AS65534
export:  to AS65533 announce ANY
export:  to AS65535 announce AS2 AS65533
admin-c: EXAMPLE456-ARIN
tech-c:  EXAMPLE123-ARIN
mnt-by:  MNT-YOURORGID
changed: user@example.com 20080130
source:  ARIN

inet6num

An inet6num object contains information on allocations and assignments of IPv6 address space.

Example of an inet6num object template:

inet6num: [mandatory] [single] [primary/lookup key]
netname: [mandatory] [single] [lookup key]
descr: [mandatory] [multiple] []
country: [mandatory] [multiple] []
admin-c: [mandatory] [multiple] [inverse key]
tech-c: [mandatory] [multiple] [inverse key]
remarks: [optional] [multiple] []
notify: [optional] [multiple] [inverse key]
mnt-by: [mandatory] [multiple] [inverse key]
mnt-lower: [optional] [multiple] [inverse key]
changed: [mandatory] [multiple] []
source: [mandatory] [single] []
Fields <attribute_value(type)> Defined As
inet6num <ipv6-address>/
<prefix-length>
Specifies a range of IPv6 addresses in prefix notation. The <prefix length> is an integer in the range from 0 to 128. The range may be a single address. The prefix notation expresses addresses in hexadecimal groups of two bytes separated by colons and with the possible use of shorthand notation for strings of consecutive zeros. Leading zeros from any two-byte group will be removed by the software. In this case, a warning message will be returned to the user.
netname <netname> The ARIN-registered netname for this IP network.
descr <freeform> A short description of the organization and location where this object is used. The description can have multiple lines. It should contain the full postal address as listed in the ARIN registration.
country <country-code> The two-letter ISO 3166-1 Country Code.
admin-c <ARIN POC Handle> An ARIN POC handle for an administrative contact. Example: admin-c: JS1001-ARIN
tech-c <ARIN POC Handle> An ARIN POC handle for a technical contact. This is someone to be contacted for technical problems such as misconfiguration. Example: tech-c: SJ4-ARIN
remarks <freeform> Free-form text explaining or clarifying the object.
notify <email> An email address to which the ARIN IRR will send an email when this object is changed.
mnt-by list of <mntner-name> The mntner ID of the organization responsible for maintaining this object (typically your own mntner ID).
mnt-lower list of <mntner-name> Specifies the identifier of a registered mntner object used for hierarchical authorization. The authentication method of this mntner object will then be used to authorize the creation of any inet6num and route6 objects one level more specific to this inet6num object.
changed <email><date> Specifies who submitted the update, and when the object was updated. The format of the date is YYYYMMDD. Dates in the future are not allowed. If the date is not specified, the database software will add the date when the update was actually processed. There must be at least one changed: attribute; if there are more, they must be in ascending date order. This attribute is for the user’s own reference. Nothing can be reliably determined by anyone other than the user about the object or its change history by looking at the changed: attributes. Example: changed: user@example.com 20080130
source <registry-name> The routing registry name. ARIN is the value to use here for the ARIN IRR.

A sample completed inet6num template follows (please do not use this information to fill out your template; this data is included for reference only):

inet6num: 2001:DB8::/32
netname: EXAMPLE-NET
descr:   Example, Inc.
descr:   115 Oak Circle
descr:   Pineville, NY 11134
country: US
admin-c: EXAMPLE123-ARIN
tech-c:  EXAMPLE456-ARIN
notify:  user@example.com
mnt-by:  MNT-YOURORGID
changed: user@example.com 20080129
source:  ARIN

inetnum

An inetnum object contains information on allocations and assignments of IPv4 address space.

Example of an inetnum object template:

inetnum: [mandatory] [single] [primary/lookup key]
netname: [mandatory] [single] [lookup key]
descr: [mandatory] [multiple] []
country: [mandatory] [multiple] []
admin-c: [mandatory] [multiple] [inverse key]
tech-c: [mandatory] [multiple] [inverse key]
remarks: [optional] [multiple] []
notify: [optional] [multiple] [inverse key]
mnt-by: [mandatory] [multiple] [inverse key]
mnt-lower: [optional] [multiple] [inverse key]
changed: [mandatory] [multiple] []
source: [mandatory] [single] []
Fields <attribute_value(type)> Defined As
inetnum <ipv4-address> - <ipv4-address> Specifies a range of IPv4 addresses. The spaces between the beginning address, the dash (-) and the end address of this range must be present. The range may be a single address. If the range represents multiple addresses, the ending address should be greater than the starting one. Addresses must be in range notation, which expresses addresses as 32 bit whole numbers in dotted quad notation. Leading zeros from any quad will be removed by the software and a warning message will be returned to the user.
netname <netname> The ARIN-registered netname for this IP network.
descr <freeform> A short description of the organization and location where this object is used. The description can have multiple lines. It should contain the full postal address as listed in the ARIN registration.
country <country-code> The two-letter ISO 3166-1 Country Code.
admin-c <ARIN POC Handle> An ARIN POC handle for an administrative contact. Example: admin-c: JS1001-ARIN
tech-c <ARIN POC Handle> An ARIN POC handle for a technical contact. This is someone to be contacted for technical problems such as misconfiguration. Example: tech-c: SJ4-ARIN
remarks <freeform> Free-form text explaining or clarifying the object.
notify <email> An email address to which the ARIN IRR will send an email when this object is changed.
mnt-by list of <mntner-name> The mntner ID of the organization responsible for maintaining this object (typically your own mntner ID).
mnt-lower list of <mntner-name> Specifies the identifier of a registered mntner object used for hierarchical authorization. The authentication method of this mntner object will then be used to authorize the creation of any inetnum and route objects one level more specific to this inetnum object.
changed <email><date> Specifies who submitted the update, and when the object was updated. The format of the date is YYYYMMDD. Dates in the future are not allowed. If the date is not specified, the database software will add the date when the update was actually processed. There must be at least one changed: attribute; if there are more, they must be in ascending date order. This attribute is for the user’s own reference. Nothing can be reliably determined by anyone other than the user about the object or its change history by looking at the changed: attributes. Example: changed: user@example.com 20080130
source <registry-name> The routing registry name. ARIN is the value to use here for the ARIN IRR.

A sample completed inetnum template follows (please do not use this information to fill out your template; this data is included for reference only):

inetnum: 192.0.2.0 – 192.0.2.255
netname: EXAMPLE-NET
descr:   Example, Inc.
descr:   115 Oak Circle
descr:   Pineville, NY 11134
country: US
admin-c: EXAMPLE123-ARIN
tech-c:  EXAMPLE456-ARIN
notify:  user@example.com
mnt-by:  MNT-YOURORGID
changed: user@example.com 20080129
source:  ARIN

inet-rtr

The inet-rtr object specifies routers.

Example of an inet-rtr object template:

inet-rtr: [mandatory] [single] [primary/lookup key]
descr: [mandatory] [multiple] []
alias: [optional] [multiple] []
local-as: [mandatory] [single] [inverse key]
ifaddr: [mandatory] [multiple] [lookup key]
interface: [optional] [multiple] [lookup key]
peer: [optional] [multiple] []
mp-peer: [optional] [multiple] []
remarks: [optional] [multiple] []
admin-c: [mandatory] [multiple] [inverse key]
tech-c: [mandatory] [multiple] [inverse key]
notify: [optional] [multiple] [inverse key]
mnt-by: [mandatory] [multiple] [inverse key]
changed: [mandatory] [multiple] []
source: [mandatory] [single] []
Fields <attribute_value(type)> Defined As
inet-rtr <domain-name> The hostname of the router without a trailing dot.
descr <freeform> A short description of the organization and location where this object is used. The description can have multiple lines. It should contain the full postal address as listed in the ARIN registration.
alias <domain-name> An alternate hostname of the router.
local-as <as-number> Specifies the ASN of the AS that owns or operates this router.
ifaddr <ipv4-address> masklen
<integer> [action <action>]
The IP address and subnet mask of an interface on the router.
interface <ipv4-address> or <ipv6-address> masklen <masklen> <integer> [action <action>]
[tunnel <remote-endpoint-address>,<encapsulation>]
Extends the ifaddr: attribute to allow IPv6 addresses; specifies a multi-protocol interface address within an Internet router, optional action, and tunnel definition.
peer <protocol><ipv4-address><options>
<protocol><inet-rtr-name><options>
<protocol><rtr-set-name><options>
<protocol><peering-set-name><options>
Specifies the details of any interior or exterior router peerings.
mp-peer <protocol> afi <afi>
<ipv4- or ipv6- address> <options>
| <protocol> <inet-rtr-name> <options>
| <protocol> <rtr-set-name> <options>
| <protocol> <peering-set-name> <options>
Extends the peer: attribute for IPv6 addresses; specifies the details of any interior or exterior router peerings.
remarks <freeform> Free-form text explaining or clarifying the object.
admin-c <ARIN POC Handle> An ARIN POC handle for an administrative contact. Example: admin-c: JS1001-ARIN
tech-c <ARIN POC Handle> An ARIN POC handle for a technical contact. This is someone to be contacted for technical problems such as misconfiguration. Example: tech-c: SJ4-ARIN
notify <email> An email address to which the ARIN IRR will send an email when this object is changed.
mnt-by List of <mntner-name> The mntner ID of the organization responsible for maintaining this object (typically your own mntner ID).
changed <email><date> Specifies who submitted the update, and when the object was updated. The format of the date is YYYYMMDD. Dates in the future are not allowed. If the date is not specified, the database software will add the date when the update was actually processed. There must be at least one changed: attribute; if there are more, they must be in ascending date order. This attribute is for the user’s own reference. Nothing can be reliably determined by anyone other than the user about the object or its change history by looking at the changed: attributes. Example: changed: user@example.com 20080130
source <registry-name> The routing registry name. ARIN is the value to use here for the ARIN IRR.

Visit RFC 2622 for a full description of the inet-rtr class and its use.

A sample completed inet-rtr template follows (please do not use this information to fill out your template; this data is included for reference only):

inet-rtr: CRASH.EXAMPLE.NET descr: Example, Inc.
descr: 115 Oak Circle
descr: Pineville, NY 11134
alias: crasher.example.net
alias: test1.example.net
local-as: AS65535
ifaddr: 176.16.1.1 masklen 16
ifaddr: 176.16.10.1 masklen 16
ifaddr: 193.0.0.222 masklen 28
ifaddr: 193.0.0.158 masklen 28
peer: BGP4 176.16.1.3 asno(as5), flap_damp()
admin-c: EXAMPLE123-ARIN
tech-c: EXAMPLE456-ARIN
mnt-by: MNT-YOURORGID
changed: user@example.net 20080129
source: ARIN

key-cert

A key-cert object is a public key certificate that is stored on the server. It is used with a mntner object for authentication when performing updates. ARIN’s IRR supports PGP keys.

Example of a key-cert object template:

key-cert: [mandatory] [single] [primary/lookup key]
method: [generated] [single] []
owner: [generated] [multiple] []
fingerpr: [generated] [single] [inverse key]
certif: [mandatory] [multiple] []
remarks: [optional] [multiple] []
notify: [optional] [multiple] [inverse key]
admin-c: [optional] [multiple] [inverse key]
tech-c: [optional] [multiple] [inverse key]
mnt-by: [mandatory] [multiple] [inverse key]
changed: [mandatory] [multiple] []
source: [mandatory] [single] []
Fields <attribute_value(type)> Defined As
key-cert PGPKEY-<id> Defines the public key stored in the database. <id> is the ID of the PGP public key in 8-digit hexadecimal format without the 0x prefix.
method <generated> This attribute is generated by the software and defines the type of the public key. It is not necessary to include it when you create or modify this object. If it is supplied, the software will check the value. If necessary, the software will replace the supplied value with generated value. In this case, a warning is returned to the user.
owner <generated> This attribute is generated by the software and specifies the owner of the public key. It is not necessary to include it when you create or modify this object. If it is supplied, the software will check the value. If necessary, the software will replace the supplied value with generated value. In this case, a warning is returned to the user.
fingerpr <generated> This attribute is generated by the software and is a fingerprint of a key certificate. It is not necessary to include it when you create or modify this object. If it is supplied, the software will check the value. If necessary, the software will replace the supplied value with generated value. In this case, a warning is returned to the user.
certif <public-key> Contains the public key for a PGP key. The value of the public key should be supplied either using multiple certif: attributes, or in one certif: attribute. In the first case, this is easily done by exporting the key from your local key ring in ASCII armored format or the certificate from your browser and prepending each line of the key with the string certif:. In the second case, line continuation should be used to represent the key. All the lines of the exported key must be included. For PGP, this includes the begin and end markers and the empty line which separates the header from the key body.
remarks <freeform> Free-form text explaining or clarifying the object.
notify <email> An email address to which the ARIN IRR will send an email when this object is changed.
admin-c <ARIN POC Handle> An ARIN POC handle for an administrative contact. Example: admin-c: JS1001-ARIN
tech-c <ARIN POC Handle> An ARIN POC handle for a technical contact. This is someone to be contacted for technical problems such as misconfiguration. Example: tech-c: SJ4-ARIN
mnt-by List of <mntner-name> The mntner ID of the organization responsible for maintaining this object (typically your own mntner ID).
changed <email><date> Specifies who submitted the update, and when the object was updated. The format of the date is YYYYMMDD. Dates in the future are not allowed. If the date is not specified, the database software will add the date when the update was actually processed. There must be at least one changed: attribute; if there are more, they must be in ascending date order. This attribute is for the user’s own reference. Nothing can be reliably determined by anyone other than the user about the object or its change history by looking at the changed: attributes. Example: changed: user@example.com 20080130
source <registry-name> The routing registry name. ARIN is the value to use here for the ARIN IRR.

A sample completed key-cert template follows (please do not use this information to fill out your template; this data is included for reference only):

key-cert: PGPKEY-D8CAF4A5
certif: -----BEGIN PGP PUBLIC KEY BLOCK-----
certif: Version: GnuPG v1.4.5 (GNU/Linux) certif: 
certif: mQGiBE4KD00RBAC7okob0esjwWdLOecUbfeD/UtNWzVQZh9eI2Yl5yifazKGj0Ux
certif: jTzrIfu1jG4pz7h9B8U1kJnoNDamj3lzTI/6tWo/PyH0+vKxsRN04JOIv9n0T+cJ
certif: 9myDjSzZusvo9rOTnB9SOB4FHDN9WnMOHJ98zVmZYTf0lzKxqnAC1P9QowCgyYlF
certif: ge1N2FoDZ9afK9J0uHIcFy0EAJVDfPkpiVN5gxCBcRIfzLtUdfRyvsxLUUHPGVfs
certif: 6c1yetqL+TwKRWZ/lrj41aOyj1Yac516PxhZKp5nWF/f8/fcgxLb4snDfVWFE5ON
certif: TWvzRBc8majEBWkWJpA/xhzbCAF5ObzQ3zAqshTLac2X8E98o6leHRP6uCkAiIwf
certif: p7QHBACaWZythkSPWnyajozv4T/fcU+zDB9gJke+iRxUxVlHNb9pjtF2P66Kt2Kd
certif: lD9siyHdrRAfdDWK5tUaGuNEWm8F2KG3OM1eSA9ls2VM1ItJQyz6hQX5WBAFPDwj
certif: DCPATO1z7i8h3YSxtUqN19gO0OZSLYsFN3A0oun7MHS/O/lXH7QnQnJ5YW4gV2Vi
certif: ZXIgKGlycndhbGwpIDxid2ViZXJAYXJpbi5uZXQ+iGYEExECACYFAk4KD00CGwMF
certif: CRLMAwAGCwkIBwMCBBUCCAMEFgIDAQIeAQIXgAAKCRAj3oku2Mr0perkAJ0RrGxe
certif: cJlOBLugDmHbbGSbd89dewCgvmouiu0mwJa8kxSez44EtgGH8uW5Ag0ETgoPTxAI
certif: AK3aVuvx5/8clkC7Hpqsa4XxlusLpI8xB9mBU0XS21BAlFSasg1bBS7F1++QBD3c
certif: +UG8DT4BcoXc0DH35Sf6LreXuF2qpAw5Y/sxMOmVCPpEGMxDGV0wSf33Q7kvBzcf
certif: XRM8OeJbK/Nt/pmk0LSDs/0zhw3tU2DL/fbbU0L3sGs7c1a8+Flz0iEnsuXotZpa
certif: qSSPQdvbtttLxdhAo4DT9D1aYISJ/r93Kob1fxkdjFRe8yIgPgbKSUuOdO1Q2Hgg
certif: 8zsxKaX5mYoHiYcef4xLSAeC9vXBZ6SxhydHjM7/ii5IYIK0qYhPON4Bvm02nOnK
certif: T7PiLhwIDXGpn0t4JG21RoMAAwUH/3V2phn19fN3/nJtFiyc2WCfAPnvRu3GKVti
certif: Z5DtPcuKfhCOGFLQSM9vQH6zyOZgLMKWXbn7Prc465S/oifBAnnlsouh32yhVYu7
certif: Z8T/X2rMFVfIqeVMVV293hVRoeboY10pKhmnylUXrqJqE6LiSUNHqTIRbCsluXuY
certif: 1m7LOWZckbOl1CaYr/dZ0jVCpIe5TFx+RnEKWfvo3oWTxkrrf23++hkQbJGFj7F4
certif: wgR8nsSpMbUB5nGRZP8ock8osp7/P5+gBVxTk+Mvxa2wO4kTYmByRPZC/P4/Uakg
certif: 8E/C2DRFwEd0n/ZsKGXvYMPPNMGu+b6+xPY1gXyvYw0pxePpoziITwQYEQIADwUC
certif: TgoPTwIbDAUJEswDAAAKCRAj3oku2Mr0pZseAJ9RQ83M4NHWNQWjVvVG/Ga+Wvr3
certif: eQCdGZOBPvesgHoRN+ScmqOpk/Wc/eY=
certif: =iQ02
certif: -----END PGP PUBLIC KEY BLOCK-----
notify: user@example.com
admin-c: EXAMPLE123-ARIN
tech-c: EXAMPLE456-ARIN
mnt-by: MNT-YOURORGID
changed: user@example.com 20080129
source: ARIN

mntner

Objects in ARIN’s IRR are protected by using mntner objects. A mntner object contains the information needed to authorize creation, deletion, or modification of any objects that it protects. The mntner object contains one or more auth: attributes. Each begins with a keyword identifying the authentication method, followed by the authentication information or token needed to enforce that method.

Updating a mntner

To update an existing mnter, please contact ARIN Registration Services by creating an Ask ARIN ticket in ARIN Online, using “WHOIS/Routing Registry” as your Ask ARIN topic, “Mntner Update” as your subject line, and the handle of your current mntner in the body of your message. ARIN will then provide you with your full mntner for you to submit to rr@arin.net.

Note: Simply querying ARIN’s IRR will not provide you with the complete mntner information necessary to make an update.

Example of a mntner object template:

mntner: [mandatory] [single] [primary/lookup key]
descr: [mandatory] [multiple] []
admin-c: [mandatory] [multiple] [inverse key]
tech-c: [optional] [multiple] [inverse key]
upd-to: [mandatory] [multiple] [inverse key]
mnt-nfy: [optional] [multiple] [inverse key]
auth: [mandatory] [multiple] [inverse key]
remarks: [optional] [multiple] []
notify: [optional] [multiple] [inverse key]
abuse-mailbox: [optional] [multiple] [inverse key]
mnt-by: [mandatory] [multiple] [inverse key]
referral-by: [mandatory] [single] [inverse key]
changed: [mandatory] [multiple] []
source: [mandatory] [single] []
Fields <attribute_value(type)> Defined As
mntner <object-name> Your choice of a unique string identifying your maintainer in the ARIN IRR database. ARIN currently uses the naming convention MNT-[OrgID], where OrgID is your organization ID in ARIN’s Registration database. As an example, if your OrgID is ARIN, your mntner object would be MNT-ARIN.
descr <freeform> Your organization name.
admin-c <ARIN POC Handle> An ARIN POC handle for an administrative contact. Example: admin-c: JS1001-ARIN
tech-c <ARIN POC Handle> An ARIN POC handle for a technical contact. This is someone to be contacted for technical problems such as misconfiguration. Example: tech-c: SJ4-ARIN
upd-to <email> Specifies the email address to be notified when an attempt to update an object protected by this mntner is unsuccessful.
mnt-nfy <e-mail> Specifies the email address to be notified when an object protected by this mntner is successfully updated.
auth <auth-scheme> <scheme-info> The method of authorization for your IRR records. ARIN’s IRR currently accepts: MD5-PW, PGPKEY, and MAIL-FROM (not recommended)

Please note that you cannot specify PGPKEY as the authentication method when you are initially creating a mntner object. You must first create the mntner with MD5 or MAIL-FROM (not recommended). Use that authentication method to then create your key-cert object. Then you will need to modify the mntner object, changing the authentication to PGPKEY.
remarks <freeform> Free-form text explaining or clarifying the object.
notify <email> An email address to which the ARIN IRR will send an email when this object is changed.
abuse-mailbox <email> Specifies the email address to which abuse complaints should be sent. When this attribute is specified, no other email address should be used for abuse complaints.
mnt-by List of <mntner-name> The mntner ID (the value of the mntner: in this object) of the organization responsible for requesting this object. This field should always match the value entered in the mntner: field.
referral-by <mntner-name> Use the same value entered in the mntner: field. It is mandatory to include this attribute, however, the database software does not currently use it.
changed <email><date> Specifies who submitted the update, and when the object was updated. The format of the date is YYYYMMDD. Dates in the future are not allowed. If the date is not specified, the database software will add the date when the update was actually processed. There must be at least one changed: attribute; if there are more, they must be in ascending date order. This attribute is for the user’s own reference. Nothing can be reliably determined by anyone other than the user about the object or its change history by looking at the changed: attributes. Example: changed: user@example.com 20080130
source <registry-name> The routing registry name. ARIN is the value to use here for the ARIN IRR.

Visit RFC 2622 for the full definition of the mntner class.

A sample completed mntner template follows (please do not use this information to fill out your template; this data is included for reference only):

mntner: MNT-YOURORGID
descr: Example, Inc.
admin-c: EXAMPLE123-ARIN
tech-c: EXAMPLE456-ARIN
upd-to: hostmaster@example.net
mnt-nfy: hostmaster@example.net
auth: MD5-PW $1$ucVwrzQH$zyamFnmJ3XsWEnrKn2eQS/
mnt-by: MNT-YOURORGID
referral-by: MNT-YOURORGID
changed: hostmaster@example.net 20080129
source: ARIN

route

Each interAS route (also known as an interdomain route) originated by an AS can be specified by using a route object for IPv4 addresses.

Example of a route object template:

route: [mandatory] [single] [primary/lookup key]
descr: [mandatory] [multiple] []
origin: [mandatory] [single] [primary/inverse key]
holes: [optional] [multiple] []
member-of: [optional] [multiple] []
inject: [optional] [multiple] []
aggr-mtd: [optional] [single] []
aggr-bndry: [optional] [single] []
export-comps: [optional] [single] []
components: [optional] [single] []
remarks: [optional] [multiple] []
notify: [optional] [multiple] [inverse key]
mnt-lower: [optional] [multiple] [inverse key]
mnt-by: [mandatory] [multiple] [inverse key]
changed: [mandatory] [multiple] []
source: [mandatory] [single] []
Fields <attribute_value(type)> Defined As
route <address-prefix> The CIDR prefix of the route to be originated. Together with the origin: attribute, constitutes a primary key of the route object.
descr <freeform> A short description of the organization and location where this object is used. The description can have multiple lines. It should contain the full postal address as listed in the ARIN registration.
origin <as-number> The ASN from which the route will originate.
holes list of <address-prefix> Lists the CIDR prefixes of any subnets which are not reachable through the aggregate route.
member-of list of <set-name> Lists the route-set objects of which this route is a member. This claim, however, should be acknowledged by a respective mbrs-by-ref: attribute in the route-set object.
inject [at <router-expression>]
[action <action>]
[upon <condition>]
Specifies which routers perform the aggregation and when they perform it. In route objects, the router expression can contain only IPv4 expressions.
aggr-mtd inbound | outbound [<as-expression>] Specifies how the aggregate is generated.
aggr-bndry <as-expression> Defines a set of ASes, which form the aggregation boundary.
export-comps <filter> An RPSL filter matching more specific prefixes that should be exported outside the aggregation boundary.
components [ATOMIC] [[<filter>]
[protocol <protocol> <filter> …]]
Defines the component routes and protocols used to form the aggregate. <Protocol> is a routing protocol name such as BGP4, OSPF or RIP, and <filter> is a policy expression.
remarks <freeform> Free-form text explaining or clarifying the object.
notify <email> An email address to which the ARIN IRR will send an email when this object is changed.
mnt-lower list of <mntner-name> Specifies the identifier of a registered mntner object used for hierarchical authorization. The authentication method of this mntner object will then be used to authorize the creation of any route objects one level more specific to this route object.
mnt-by List of <mntner-name> The mntner ID of the organization responsible for maintaining this object (typically your own mntner ID).
changed <email><date> Specifies who submitted the update, and when the object was updated. The format of the date is YYYYMMDD. Dates in the future are not allowed. If the date is not specified, the database software will add the date when the update was actually processed. There must be at least one changed: attribute; if there are more, they must be in ascending date order. This attribute is for the user’s own reference. Nothing can be reliably determined by anyone other than the user about the object or its change history by looking at the changed: attributes. Example: changed: user@example.com 20080130
source <registry-name> The routing registry name. ARIN is the value to use here for the ARIN IRR.

Visit RFC 2622 for a full description of the route class and its use.

A sample completed route template follows (please do not use this information to fill out your template; this data is included for reference only):

route: 192.0.2.0/24
descr: Example, Inc.
descr: 112 Oak Street
descr: Melvindale, California 99999
descr: US 
origin: AS65535
mnt-by: MNT-YOURORGID
changed: hostmaster@example.net 20080130
source: ARIN

route6

Each interAS route (also known as an interdomain route) originated by an AS can be specified by using a route6 object for IPv6 addresses.

Example of a route6 object template:

route6: [mandatory] [single] [primary/look-up key]
descr: [mandatory] [multiple] []
origin: [mandatory] [single] [primary/inverse key]
holes: [optional] [multiple] []
member-of: [optional] [multiple] []
inject: [optional] [multiple] []
aggr-mtd: [optional] [single] []
aggr-bndry: [optional] [single] []
export-comps: [optional] [single] []
components: [optional] [single] []
remarks: [optional] [multiple] []
notify: [optional] [multiple] [inverse key]
mnt-lower: [optional] [multiple] [inverse key]
mnt-by: [mandatory] [multiple] [inverse key]
changed: [mandatory] [multiple] []
source: [mandatory] [single] []
Fields: <attribute_value(type)> Defined As…
route6 <ipv6-address>/<prefix-length> The CIDR prefix form of the IPv6 route to be originated. The <prefix length> is an integer in the range from 0 to 128. Together with the origin: attribute, constitutes a primary key of the route6 object.
descr <freeform> A short description of the organization and location where this object is used. The description can have multiple lines. It should contain the full postal address as listed in the ARIN registration.
origin <as-number> The ASN from which the route will originate.
holes list of <ipv6-address-prefix> Lists the CIDR prefixes of any subnets which are not reachable through the aggregate route.
member-of list of <set-name> Lists the route-set objects of which this route is a member. This claim, however, should be acknowledged by a respective mbrs-by-ref: attribute in the route-set object.
inject [at <router-expression>]
[action <action>]
[upon <condition>]
Specifies which routers perform the aggregation and when they perform it. In route6 objects, the router expression can contain only IPv6 expressions.
aggr-mtd inbound | outbound [<as-expression>] Specifies how the aggregate is generated.
aggr-bndry <as-expression> Defines a set of ASes, which form the aggregation boundary.
export-comps <ipv6-filter> An RPSL filter matching more specific prefixes that should be exported outside the aggregation boundary.
components [ATOMIC] [[<filter>]
[protocol <protocol> <filter> …]]
Defines the component routes and protocols used to form the aggregate. <Protocol> is a routing protocol name such as BGP4, OSPF or RIP, and <filter> is a policy expression.
remarks <freeform> Free-form text explaining or clarifying the object.
notify <email> An email address to which the ARIN IRR will send an email when this object is changed.
mnt-lower list of <mntner-name> Specifies the identifier of a registered mntner object used for hierarchical authorization. The authentication method of this mntner object will then be used to authorize the creation of any route6 objects one level more specific to this route6 object.
mnt-by List of <mntner-name> The mntner ID of the organization responsible for maintaining this object (typically your own mntner ID).
changed <email><date> Specifies who submitted the update, and when the object was updated. The format of the date is YYYYMMDD. Dates in the future are not allowed. If the date is not specified, the database software will add the date when the update was actually processed. There must be at least one changed: attribute; if there are more, they must be in ascending date order. This attribute is for the user’s own reference. Nothing can be reliably determined by anyone other than the user about the object or its change history by looking at the changed: attributes. Example: changed: user@example.com 20080130
source <registry-name> The routing registry name. ARIN is the value to use here for the ARIN IRR.

Visit RFC 2622 for a full description of the route6 class and its use.

A sample completed route6 template follows (please do not use this information to fill out your template; this data is included for reference only):

route6: 2001:DB8::/32
descr: Example, Inc.
descr: 112 Oak Street
descr: Melvindale, California 99999
descr: US 
origin: AS65535
mnt-by: MNT-YOURORGID
changed: hostmaster@example.net 20080130
source: ARIN

route-set

A route-set object is a set of route prefixes and not a set of database route objects. It defines a set of routes that can be represented by route objects or by address prefixes.

An example of a route-set object template:

route-set: [mandatory] [single] [primary/lookup key]
descr: [mandatory] [multiple] []
members: [optional] [multiple] []
mp-members: [optional] [multiple] []
mbrs-by-ref: [optional] [multiple] [inverse key]
remarks: [optional] [multiple] []
tech-c: [mandatory] [multiple] [inverse key]
admin-c: [mandatory] [multiple] [inverse key]
notify: [optional] [multiple] [inverse key]
mnt-by: [mandatory] [multiple] [inverse key]
mnt-lower: [optional] [multiple] [inverse key]
changed: [mandatory] [multiple] []
source: [mandatory] [single] []
Fields <attribute_value(type)> Defined As
route-set <object-name> Defines the name of the set. It is an RPSL name that starts with rs-.
descr <freeform> A short description of the organization and location where this object is used. The description can have multiple lines. It should contain the full postal address as listed in the ARIN registration.
members list of <address-prefix-range>or <route-set-name>
<range-operator>
A list of IPv4 address prefixes or other route-set names. The syntax of <route-set-name> is the same as the syntax of <object-name>.
mp-members list of <address-prefix-range> or <route-set-name> or <route-set-name><range-operator> List of IPv6 address prefixes or other route-set names. The syntax of <route-set-name> is the same as the syntax of <object-name>.
mbrs-by-ref list of <mntner-name> | ANY List of mntner objects. Any route or route6 objects associated with these mntner objects that indicate they’re a member-of this set will be included in the set. If the value of a mbrs-by-ref: attribute is ANY, any route/route6 referring to the set is a member of the set. If the mbrs-by-ref: attribute is missing, the set is defined explicitly by the members: attribute.
remarks <freeform> Free-form text explaining or clarifying the object.
tech-c <ARIN POC Handle> An ARIN POC handle for a technical contact. This is someone to be contacted for technical problems such as misconfiguration. Example: tech-c: SJ4-ARIN
admin-c <ARIN POC Handle> An ARIN POC handle for an administrative contact. Example: admin-c: JS1001-ARIN
notify <email> An email address to which the ARIN IRR will send an email when this object is changed.
mnt-by List of <mntner-name> The mntner ID of the organization responsible for maintaining this object (typically your own mntner ID).
changed <email><date> Specifies who submitted the update, and when the object was updated. The format of the date is YYYYMMDD. Dates in the future are not allowed. If the date is not specified, the database software will add the date when the update was actually processed. There must be at least one changed: attribute; if there are more, they must be in ascending date order. This attribute is for the user’s own reference. Nothing can be reliably determined by anyone other than the user about the object or its change history by looking at the changed: attributes. Example: changed: user@example.com 20080130
source <registry-name> The routing registry name. ARIN is the value to use here for the ARIN IRR.

Visit RFC 2622 for a full description of the route-set class and its use.

Sample completed route-set templates follow (please do not use this information to fill out your template; this data is included for reference only):

route-set: rs-foo
descr: Foo networks and customer routes
mbrs-by-ref: MNT-ME, MNT-YOU
tech-c: EXAMPLE123-ARIN
admin-c: EXAMPLE456-ARIN
mnt-by: MNT-YOURORGID
changed: hostmaster@example.net 20080129
source: ARIN

route-set: rs-bar
descr: Bar networks and customer routes
members: 176.16.0.0/16
mbrs-by-ref: MNT-YOU
tech-c: EXAMPLE123-ARIN
admin-c: EXAMPLE456-ARIN
mnt-by: MNT-YOURORGID
changed: hostmaster@example.net 20080129
source: ARIN

route: 192.0.2.0/24
descr: Example, Inc.
descr: 112 Oak Street
descr: Melvindale, California 99999
descr: US 
origin: AS65535
member-of: rs-foo
mnt-by: MNT-YOURORGID
changed: hostmaster@example.net 20080129
source: ARIN

route: 192.0.3.0/24
descr: Example, Inc. backbone
descr: 247 Piedmont Street
descr: Sun Valley, TX 80000
descr: US 
origin: AS65534
member-of: rs-foo, rs-bar
mnt-by: MNT-YOURORGID
changed: hostmaster@example.net 20080129
source: ARIN

Registration Services Help Desk
7:00 AM to 7:00 PM ET
Phone: +1.703.227.0660
Fax: +1.703.997.8844

Tips for Calling the Help Desk