Routing Security Eligibility FAQs

Skip to main text Jump to related content

Why am I unable to create ROAs or IRR objects for directly issued Internet number resources?

In order to use ARIN’s routing security services for Resource Public Key Infrastructure (RPKI) and Internet Routing Registry (IRR), Internet number resources (IPs or ASNs) must be covered by a Registration Services Agreement (RSA or LRSA). A more detailed explanation of available services can be found at Services Available to Organizations Holding Legacy Resources.

Where can I get a full list of my resources that are ineligible for use with ARIN’s routing security services for RPKI and IRR?

If applicable, an alert will be on your ARIN Online dashboard directing you to a search result restricted to your ineligible networks. Additionally, these results can be downloaded as a CSV file via the ‘Download CSV’ button on the lower right corner.

How do I bring directly issued resources that are not covered by an RSA under agreement?

You can follow the steps at Legacy Application Process.

Please note the Legacy Fee Cap will expire 1 January 2024. If you are interested in utilizing ARIN’s routing security services, we strongly encourage you to sign up for an LRSA before 1 January 2024 in order to secure the most favorable fees for your organization.

Why am I unable to create ROAs or IRR objects for resources assigned to me by my upstream provider?

ARIN’s RPKI services only support directly issued resources. Internet number resources reassigned to you by your upstream provider without a signed ARIN RSA or LRSA on file are ineligible to use RPKI provided to members by ARIN. ARIN’s IRR services are available to users with resources, as long as the upstream provider at the top allocation has a signed RSA or LSRA on file for those resources.

What are my options if resources reassigned to me by my upstream provider are not covered by an RSA or LRSA?

If your resources are not under agreement, you need to contact your upstream provider for resolution.

How can I determine who my upstream is?

This info is available in the RDAP, Whois, and on Net View.

Resource Management Services