Your IP address could not be determined at this time.

ARIN's Internet Routing Registry (IRR) Object Templates

Introduction

Template Formatting

  • The template must be formatted as plain text.
  • You may only use the printed ASCII character set.
  • Each attribute-value pair (i.e. "as-name: EXAMPLE-AS") must start on a separate line, with no blank lines within an object.
  • Attribute names have a precisely defined syntax and only use alphanumeric characters and hyphens.
  • The attribute name must start at column 0 and must immediately be followed by a colon.
    • For example: mntner: MNT-EXAMPLE
  • Attributes are mandatory, optional, or automatically generated, and may either be a single-value or multiple-valued.
  • Make sure to include values for all mandatory fields.
  • You may choose to include values for any or none of the optional fields, but please delete any optional fields that you do not fill out.

Security Note

ARIN strongly recommends against using MAIL-FROM for authentication of your templates, as it is the weakest form of authentication. If using MD5-PW authentication, place the "password:" attribute BELOW the first line in an object template (i.e. for all templates other than the mntner template). For additional information, please see the Authorization and Authentication section of the main IRR page.

If you have questions about using a mechanism other than MAIL-FROM, please contact hostmaster@arin.net.

Object Definitions

Object definition starts with the class attribute and ends with the first blank line. You cannot use a blank line in the object, as the software will read this as being the end of the object. We apply a heuristic method to each paragraph of text in the input to determine if it is an object. Any part of the message that is not recognized as an object is ignored. These parts are grouped together at the end of the acknowledgement message.

Attributes

Attributes can be mandatory, optional or generated. You MUST define 'mandatory attributes' in all instances of an object type. If you do not, then the update will fail. You can skip 'optional attributes'. However, if you do decide to define them, then both the attribute and its value must be syntactically correct. If they are not, then your update will fail. When you skip an optional attribute, remove it completely from the object. You cannot include the attribute name and leave the value blank.

The database software creates any 'generated attributes'. You can skip generated attributes. Where a user-supplied value is not correct, the software will replace it with a generated value. If the software changes a user-supplied value, it will explain the change in a warning message returned to the user. When you skip a generated attribute, remove it completely from the object. You cannot include the attribute name and leave the value blank.

Attributes can have single or multiple values. You can only include a 'single valued attribute' once in an object. That one instance can only have a single value. You can include a 'multiple valued attribute' many times within an object.

Attribute Definitions

Field

Description

[mandatory] You must include at least one instance of this attribute in an object of the class.
[optional] This attribute is optional and you can leave it out completely.
[generated] The server automatically generates this attribute and you can leave it out completely. If you provide the value, it may be replaced.
[single] Objects must contain only one instance of this attribute - value pair.
[multiple] Objects may include many 'multiple valued" attributes, with one or many comma-separated values. The only exception to this is a free text value, in quich case there may only be one value, as a comma may be a part of the free text.
[look-up key] This attribute is indexed.
[inverse key] This attribute is in the "reverse" index.
[primary key] This attribute is (part of) the class primary key.
[primary/lookup key] This attribute is indexed and is also (part of) the class primary key.

In an object template, the first column represents an attribute, the second and third columns specify the type of the attribute and the fourth column tells whether the attribute is (part of) a database key for the object.

Object Types

This section describes the object types (classes) that the ARIN Routing Registry supports.

as-set

An as-set object defines a set of aut-num objects.

Here is an as-set object template:


as-set: [mandatory] [single] [primary/lookup key]
descr: [mandatory] [multiple] [ ] 
members: [optional] [multiple] [ ] 
mbrs-by-ref: [optional] [multiple] [inverse key] 
remarks: [optional] [multiple] [ ] 
tech-c: [mandatory] [multiple] [inverse key] 
admin-c: [mandatory] [multiple] [inverse key] 
notify: [optional] [multiple] [inverse key] 
mnt-by: [mandatory] [multiple] [inverse key] 
mnt-lower: [optional] [multiple] [inverse key] 
changed: [mandatory] [multiple] [ ] 
source: [mandatory] [single] [ ]

Attribute Name

<attribute_value(type)>

Description

as-set: <object name> A name you give to a group of ASNs. It is an RPSL name that starts with "as-".
descr <freeform> A short description of the organization and location where this object is used. The description can have multiple lines. It should contain the full postal address as in the ARIN registration.
members list of <as-number> or <as-set-name> Lists the members of the set. It can be either a list of AS Numbers or other as-set names.
mbrs-by-ref list of <mntner-name> | ANY is a list of mntner objects. Any aut-num objects associated with these mntner objects that indicate they're a “member-of” this set will be included in the set. If the value of a "mbrs-by-ref:" attribute is ANY, any aut-num referring to the set is a member of the set. If the "mbrs-by-ref:" attribute is missing, the set is defined explicitly by the "members:" attribute.
remarks <freeform> is free-form text explaining or clarifying the object.
tech-c <ARIN POC Handle> is an ARIN POC handle for a technical contact. This is someone to be contacted for technical problems such as misconfiguration.
Example:
tech-c: SJ4-ARIN
admin-c <ARIN POC Handle> is an ARIN POC handle for an administrative contact.
Example:
admin-c: JS1001-ARIN
notify <email> is an email address to which the ARIN Routing Registry will send an email when this object is changed.
mnt-by list of <mntner-name> is the maintainer ID of the organization responsible for maintaining this object (typically your own mntner ID).
mnt-lower list of <mntner-name> Specifies the identifier of a registered mntner object used for hierarchical authorization. The authentication method of this mntner object will then be used to authorize the creation of any other as-set objects one level more specific in a hierarchy.
changed <email><date> Specifies who submitted the update, and when the object was updated. The format of the date is YYYYMMDD. Dates in the future are not allowed. If the date is not specified, the database software will add the date when the update was actually processed. There must be at least one "changed:" attribute; If there are more, they must be in ascending date order. This attribute is for the user's own reference. Nothing can be reliably determined by anyone other than the user about the object or its change history by looking at the "changed:" attributes.
Example:
changed: user@example.com 20080130
source <registry-name> is the routing registry name. "ARIN" is the value to use here for the ARIN Routing Registry.

Please see RFC 2622 for a full description of the as-set class and its use.

A sample completed as-set template is below (please do not use this information to fill out your template; this data is included for reference only):


as-set:   AS65534:AS-CUSTOMERS
descr:   Example, Inc.
descr:   114 Pine Circle
descr:   Oakton, NY 11333
descr:   US
members: AS65533, AS65532
tech-c:  EXAMPLE123-ARIN
admin-c: EXAMPLE456-ARIN
mnt-by:  MNT-YOURORGID
changed: user@example.com 20080130
source:  ARIN

aut-num

The aut-num object specifies an Autonomous System (AS) and its routing policies. It refers to a group of IP networks that have a single and clearly defined external routing policy, operated by one or more network operators.

Here is an aut-num object template:


aut-num: [mandatory] [single] [primary/lookup key] 
as-name: [mandatory] [single] [ ] 
descr: [mandatory] [multiple] [ ] 
member-of: [optional] [multiple] 
import: [optional] [multiple] [ ] 
mp-import: [optional] [multiple] [ ] 
export: [optional] [multiple] [ ] 
mp-export: [optional] [multiple] [ ] 
default: [optional] [multiple] [ ] 
mp-default: [optional] [multiple] [ ] 
remarks: [optional] [multiple] [ ] 
admin-c: [mandatory] [multiple] [inverse key] 
tech-c: [mandatory] [multiple] [inverse key] 
notify: [optional] [multiple] [inverse key] 
mnt-lower: [optional] [multiple] [inverse key] 
mnt-by: [mandatory] [multiple] [inverse key] 
changed: [mandatory] [multiple] [ ] 
source: [mandatory] [single] [ ]

Fields:

<attribute_value(type)>

Defined As...

aut-num <as-number> is your AS number in the format AS<number>. Leading zeroes (AS0352) are not allowed and will be removed (AS352) by the database software.
as-name <object-name> A descriptive name associated with the AS.
descr <freeform> A short description of the organization and location where this object is used. The description can have multiple lines. It should contain the full postal address as in the ARIN registration.
member-of list of <set-name> identifies a list of as-set objects that this AS number wants to be a member of. This claim, however, should be acknowledged by a respective "mbrs-by-ref:" attribute in the as-set object.
import [protocol <protocol-1>]
[into <protocol-2>]
from <peering-1>
[action <action-1>]
. . .
from <peering-N>
[action <action-N>]
accept <filter>
indicates the AS numbers of the peers from which your AS will receive routing information and describes the routing information you'll accept. Consult RFC2622 for detailed information.
mp-import [protocol <protocol-1>]
[into <protocol-1>]
afi <afi-list> from <peering-1>
[action <action-1>]

from <peering-N>
[action <action-N>]
accept (<filter>|<filter> except <importexpression>| <filter> refine <importexpression>)
Used to specify IPv6 and multicast routing policies.
export to <peering-1>
[action <action-1>]
. . .
to <peering-N>
[action <action-N>]
announce <filter>
indicates the AS numbers of the peers to which your AS will provide routing information and describes the routing information you'll provide. Consult RFC2622 for detailed information.
mp-export [protocol <protocol-1>]
[into <protocol-1>]
afi <afi-list> to <peering-1>
[action <action-1>]
. . .
to <peering-N>
[action <action-N>]
announce
<filter>
Used to specify IPv6 and multicast routing policies.
default to <peering>
[action <action>]
[networks <filter>]
specifies your AS's default routing policy. Consult RFC2622 for detailed information.
mp-default to <peering> [
action <action>]
[networks <filter>]
Used to specify IPv6 and multicast routing policies.
remarks <freeform> is free-form text explaining or clarifying the object.
admin-c <ARIN POC Handle> is an ARIN POC handle for an administrative contact.
Example:
admin-c: JS1001-ARIN
tech-c <ARIN POC Handle> is an ARIN POC handle for a technical contact. This is someone to be contacted for technical problems such as misconfiguration.
Example:
tech-c: SJ4-ARIN
notify <email> is an email address to which the ARIN Routing Registry will send an email when this object is changed.
mnt-lower list of <mntner-name> Specifies the identifier of a registered mntner object used for hierarchical authorization. The authentication method of this mntner object will then be used to authorize the creation of any route and route6 objects one level more specific to this autnum object.
mnt-by list of <mntner-name> is the maintainer ID of the organization responsible for maintaining this object (typically your own mntner ID).
changed <email>
<date>
Specifies who submitted the update, and when the object was updated. The format of the date is YYYYMMDD. Dates in the future are not allowed. If the date is not specified, the database software will add the date when the update was actually processed. There must be at least one "changed:" attribute; If there are more, they must be in ascending date order. This attribute is for the user's own reference. Nothing can be reliably determined by anyone other than the user about the object or its change history by looking at the "changed:" attributes.
Example:
changed: user@example.com 20080130
source <registry-name> is the routing registry name. "ARIN" is the value to use here for the ARIN Routing Registry.

Please see RFC 2622 for a full description of the aut-num class and its use.

A sample completed aut-num template is below (please do not use this information to fill out your template; this data is included for reference only):


aut-num: AS65534
as-name: EXAMPLE-AS 
descr:   Example, Inc. 
descr:   114 Pine Circle 
descr:   Oakton, NY 11333 
descr:   US 
import:  from AS65535  accept ANY 
import:  from AS65533  accept AS65534 
export:  to AS65533  announce ANY 
export:  to AS65535  announce AS2 AS65533 
admin-c: EXAMPLE456-ARIN 
tech-c:  EXAMPLE123-ARIN 
mnt-by:  MNT-YOURORGID 
changed: user@example.com 20080130 
source:  ARIN
inet6num

An inet6num object contains information on allocations and assignments of IPv6 address space.

Here is an inet6num object template:


inet6num: [mandatory] [single] [primary/lookup key] 
netname: [mandatory] [single] [lookup key] 
descr: [mandatory] [multiple] [ ] 
country: [mandatory] [multiple] [ ] 
admin-c: [mandatory] [multiple] [inverse key] 
tech-c: [mandatory] [multiple] [inverse key] 
remarks: [optional] [multiple] [ ] 
notify: [optional] [multiple] [inverse key] 
mnt-by: [mandatory] [multiple] [inverse key] 
mnt-lower: [optional] [multiple] [inverse key] 
changed: [mandatory] [multiple] [ ] 
source: [mandatory] [single] [ ]

Fields:

<attribute_value(type)>

Defined As...

inet6num <ipv6-address>/<prefix-length> Specifies a range of IPv6 addresses in prefix notation. The <prefix length> is an integer in the range from 0 to 128.
The range may be a single address. The prefix notation expresses addresses in hexadecimal groups of two bytes separated by colons and with the possible use of shorthand notation for strings of consecutive zeros. Leading zeros from any two-byte group will be removed by the software. In this case a warning message will be returned to the user.
netname <netname> the ARIN-registered netname for this IP network
descr <freeform> A short description of the organization and location where this object is used. The description can have multiple lines. It should contain the full postal address as in the ARIN registration.
country <country-code> gives the two-letter ISO 3166-1 Country Code.
admin-c <ARIN POC Handle> is an ARIN POC handle for an administrative contact.
Example:
admin-c: JS1001-ARIN
tech-c <ARIN POC Handle> is an ARIN POC handle for a technical contact. This is someone to be contacted for technical problems such as misconfiguration.
Example:
tech-c: SJ4-ARIN
remarks <freeform> is free-form text explaining or clarifying the object.
notify <email> is an email address to which the ARIN Routing Registry will send an email when this object is changed.
mnt-by list of <mntner-name> is the mntner ID of the organization responsible for maintaining this object (typically your own mntner ID).
mnt-lower list of <mntner-name> Specifies the identifier of a registered mntner object used for hierarchical authorization. The authentication method of this mntner object will then be used to authorize the creation of any inet6num and route6 objects one level more specific to this inet6num object.
changed <email><date> Specifies who submitted the update, and when the object was updated. The format of the date is YYYYMMDD. Dates in the future are not allowed. If the date is not specified, the database software will add the date when the update was actually processed. There must be at least one "changed:" attribute; If there are more, they must be in ascending date order. This attribute is for the user's own reference. Nothing can be reliably determined by anyone other than the user about the object or its change history by looking at the "changed:" attributes.
Example:
changed: user@example.com 20080130
source <registry-name> is the routing registry name. "ARIN" is the value to use here for the ARIN Routing Registry.

A sample completed inet6num template is below (please do not use this information to fill out your template; this data is included for reference only):


inet6num: 2001:DB8::/32
netname: EXAMPLE-NET 
descr:   Example, Inc. 
descr:   115 Oak Circle 
descr:   Pineville, NY  11134 
country: US 
admin-c: EXAMPLE123-ARIN 
tech-c:  EXAMPLE456-ARIN 
notify:  user@example.com
mnt-by:  MNT-YOURORGID 
changed: user@example.com 20080129 
source:  ARIN
inetnum

An inetnum object contains information on allocations and assignments of IPv4 address space.

Here is an inetnum object template:


inetnum: [mandatory] [single] [primary/lookup key] 
netname: [mandatory] [single] [lookup key] 
descr: [mandatory] [multiple] [ ] 
country: [mandatory] [multiple] [ ] 
admin-c: [mandatory] [multiple] [inverse key] 
tech-c: [mandatory] [multiple] [inverse key] 
remarks: [optional] [multiple] [ ] 
notify: [optional] [multiple] [inverse key] 
mnt-by: [mandatory] [multiple] [inverse key] 
mnt-lower: [optional] [multiple] [inverse key] 
changed: [mandatory] [multiple] [ ] 
source: [mandatory] [single] [ ]

Fields:

<attribute_value(type)>

Defined As...

inetnum

<ipv4-address> - <ipv4-address>

Specifies a range of IPv4 addresses. The spaces between the beginning address, the dash ("-") and the end address of this range must be present. The range may be a single address. If the range represents multiple addresses, the ending address should be greater than the starting one. Addresses must be in range notation, which expresses addresses as 32 bit whole numbers in dotted quad notation. Leading zeros from any quad will be removed by the software and a warning message will be returned to the user.

netname

<netname>

the ARIN-registered netname for this IP network.

descr

<freeform>

A short description of the organization and location where this object is used. The description can have multiple lines. It should contain the full postal address as in the ARIN registration.

country

<country-code>

gives the two-letter ISO 3166-1 Country Code

admin-c

<ARIN POC Handle>

is an ARIN POC handle for an administrative contact.

Example:

admin-c: JS1001-ARIN

tech-c

<ARIN POC Handle>

is an ARIN POC handle for a technical contact. This is someone to be contacted for technical problems such as misconfiguration.

Example:

tech-c: SJ4-ARIN

remarks

<freeform>

is free-form text explaining or clarifying the object.

notify

<email>

is an email address to which the ARIN Routing Registry will send an email when this object is changed.

mnt-by

list of <mntner-name>

is the mntner ID of the organization responsible for maintaining this object (typically your own mntner ID).

mnt-lower

list of <mntner-name>

Specifies the identifier of a registered mntner object used for hierarchical authorization. The authentication method of this mntner object will then be used to authorize the creation of any inetnum and route objects one level more specific to this inetnum object.

changed

<email><date>

Specifies who submitted the update, and when the object was updated. The format of the date is YYYYMMDD. Dates in the future are not allowed. If the date is not specified, the database software will add the date when the update was actually processed. There must be at least one "changed:" attribute; If there are more, they must be in ascending date order. This attribute is for the user's own reference. Nothing can be reliably determined by anyone other than the user about the object or its change history by looking at the "changed:" attributes.
Example:
changed: user@example.com 20080130

source

<registry-name>

is the routing registry name. "ARIN" is the value to use here for the ARIN Routing Registry.

A sample completed inetnum template is below (please do not use this information to fill out your template; this data is included for reference only):


inetnum: 192.0.2.0 – 192.0.2.255 
netname: EXAMPLE-NET 
descr:   Example, Inc. 
descr:   115 Oak Circle 
descr:   Pineville, NY  11134 
country: US 
admin-c: EXAMPLE123-ARIN 
tech-c:  EXAMPLE456-ARIN
notify:  user@example.com
mnt-by:  MNT-YOURORGID 
changed: user@example.com 20080129 
source:  ARIN
inet-rtr

The inet-rtr object specifies routers.

Here is an inet-rtr object template:


inet-rtr: [mandatory] [single] [primary/lookup key] 
descr: [mandatory] [multiple] [ ] 
alias: [optional] [multiple] [ ] 
local-as: [mandatory] [single] [inverse key] 
ifaddr: [mandatory] [multiple] [lookup key] 
interface: [optional] [multiple] [lookup key] 
peer: [optional] [multiple] [ ] 
mp-peer: [optional] [multiple] [ ] 
remarks: [optional] [multiple] [ ] 
admin-c: [mandatory] [multiple] [inverse key] 
tech-c: [mandatory] [multiple] [inverse key] 
notify: [optional] [multiple] [inverse key] 
mnt-by: [mandatory] [multiple] [inverse key] 
changed: [mandatory] [multiple] [ ] 
source: [mandatory] [single] [ ]

Fields:

<attribute_value(type)>

Defined As...

inet-rtr

<domain-name>

is the hostname of the router without a trailing dot.

descr

<freeform>

A short description of the organization and location where this object is used. The description can have multiple lines. It should contain the full postal address as in the ARIN registration.

alias

<domain-name>

is an alternate hostname of the router.

local-as

<as-number>

specifies the AS Number of the AS that owns or operates this router.

ifaddr

<ipv4-address> masklen <integer> [action <action>]

is the IP address and subnet mask of an interface on the router.

interface

<ipv4-address> or <ipv6-address> masklen <masklen> <integer> [action <action>]

[tunnel <remote-endpoint-address>,<encapsulation>]

extends the “ifaddr:” attribute to allow IPv6 addresses; specifies a multi-protocol interface address within an Internet router, optional action and tunnel definition.

peer

<protocol><ipv4-address><options>

<protocol><inet-rtr-name><options>

<protocol><rtr-set-name><options>

<protocol><peering-set-name><options>

specifies the details of any interior or exterior router peerings.

mp-peer

<protocol> afi <afi> <ipv4- or ipv6- address> <options>

| <protocol> <inet-rtr-name> <options>

| <protocol> <rtr-set-name> <options>

| <protocol> <peering-set-name> <options>

extends the "peer:" attribute for IPv6 addresses; specifies the details of any interior or exterior router peerings.

remarks

<freeform>

is free-form text explaining or clarifying the object.

admin-c

<ARIN POC Handle>

is an ARIN POC handle for an administrative contact.

Example:

admin-c: JS1001-ARIN

tech-c

<ARIN POC Handle>

is an ARIN POC handle for a technical contact. This is someone to be contacted for technical problems such as misconfiguration.

Example:

tech-c: SJ4-ARIN

notify

<email>

is an email address to which the ARIN Routing Registry will send an email when this object is changed.

mnt-by

List of <mntner-name>

is the maintainer ID of the organization responsible for maintaining this object (typically your own mntner ID).

changed

<email><date>

Specifies who submitted the update, and when the object was updated. The format of the date is YYYYMMDD. Dates in the future are not allowed. If the date is not specified, the database software will add the date when the update was actually processed. There must be at least one "changed:" attribute; If there are more, they must be in ascending date order. This attribute is for the user's own reference. Nothing can be reliably determined by anyone other than the user about the object or its change history by looking at the "changed:" attributes.
Example:
changed: user@example.com 20080130

source

<registry-name>

is the routing registry name. "ARIN" is the value to use here for the ARIN Routing Registry.

Please see RFC 2622 for a full description of the inet-rtr class and its use.

A sample completed inet-rtr template is below (please do not use this information to fill out your template; this data is included for reference only):


inet-rtr: CRASH.EXAMPLE.NET descr: Example, Inc. 
descr: 115 Oak Circle 
descr: Pineville, NY 11134 
alias: crasher.example.net 
alias: test1.example.net 
local-as: AS65535 
ifaddr: 176.16.1.1 masklen 16 
ifaddr: 176.16.10.1 masklen 16 
ifaddr: 193.0.0.222 masklen 28 
ifaddr: 193.0.0.158 masklen 28 
peer: BGP4 176.16.1.3 asno(as5), flap_damp() 
admin-c: EXAMPLE123-ARIN 
tech-c: EXAMPLE456-ARIN 
mnt-by: MNT-YOURORGID 
changed: user@example.net 20080129 
source: ARIN
key-cert

A key-cert object is a public key certificate that is stored on the server. It is used with a mntner object for authentication when performing updates. ARIN’s Routing Registry supports PGP keys.

Here is a key-cert object template:


key-cert: [mandatory] [single] [primary/lookup key] 
method: [generated] [single] [ ] 
owner: [generated] [multiple] [ ] 
fingerpr: [generated] [single] [inverse key] 
certif: [mandatory] [multiple] [ ] 
remarks: [optional] [multiple] [ ] 
notify: [optional] [multiple] [inverse key] 
admin-c: [optional] [multiple] [inverse key] 
tech-c: [optional] [multiple] [inverse key] 
mnt-by: [mandatory] [multiple] [inverse key] 
changed: [mandatory] [multiple] [ ] 
source: [mandatory] [single] [ ]

Fields:

<attribute_value(type)>

Defined As...

key-cert

PGPKEY-<id>

defines the public key stored in the database. <Id> is the ID of the PGP public key in 8-digit hexadecimal format without "0x" prefix.

method

<generated>

This attribute is generated by the software and defines the type of the public key. It is not necessary to include it when you create or modify this object. If it is supplied, the software will check the value. If necessary the software will replace the supplied value with generated value. In this case a warning is returned to the user.

owner

<generated>

This attribute is generated by the software and specifies the owner of the public key. It is not necessary to include it when you create or modify this object. If it is supplied, the software will check the value. If necessary the software will replace the supplied value with generated value. In this case a warning is returned to the user.

fingerpr

<generated>

This attribute is generated by the software and is a fingerprint of a key certificate. It is not necessary to include it when you create or modify this object. If it is supplied, the software will check the value. If necessary the software will replace the supplied value with generated value. In this case a warning is returned to the user.

certif

<public-key>

Contains the public key for a PGP key. The value of the public key should be supplied either using multiple "certif:" attributes, or in one "certif:" attribute. In the first case, this is easily done by exporting the key from your local key ring in ASCII armored format or the certificate from your browser and prepending each line of the key with the string "certif:". In the second case, line continuation should be used to represent the key. All the lines of the exported key must be included. For PGP, this includes the begin and end markers and the empty line which separates the header from the key body.

remarks

<freeform>

is free-form text explaining or clarifying the object.

notify

<email>

is an email address to which the ARIN Routing Registry will send an email when this object is changed.

admin-c

<ARIN POC Handle>

is an ARIN POC handle for an administrative contact.

Example:

admin-c: JS1001-ARIN

tech-c

<ARIN POC Handle>

is an ARIN POC handle for a technical contact. This is someone to be contacted for technical problems such as misconfiguration.

Example:

tech-c: SJ4-ARIN

mnt-by

List of <mntner-name>

is the maintainer ID of the organization responsible for maintaining this object (typically your own mntner ID).

changed

<email><date>

Specifies who submitted the update, and when the object was updated. The format of the date is YYYYMMDD. Dates in the future are not allowed. If the date is not specified, the database software will add the date when the update was actually processed. There must be at least one "changed:" attribute; If there are more, they must be in ascending date order. This attribute is for the user's own reference. Nothing can be reliably determined by anyone other than the user about the object or its change history by looking at the "changed:" attributes.
Example:
changed: user@example.com 20080130

source

<registry-name>

is the routing registry name. "ARIN" is the value to use here for the ARIN Routing Registry.

A sample completed key-cert template is below (please do not use this information to fill out your template; this data is included for reference only):


key-cert: PGPKEY-D8CAF4A5
certif: -----BEGIN PGP PUBLIC KEY BLOCK----- 
certif: Version: GnuPG v1.4.5 (GNU/Linux) certif: 
certif: mQGiBE4KD00RBAC7okob0esjwWdLOecUbfeD/UtNWzVQZh9eI2Yl5yifazKGj0Ux 
certif: jTzrIfu1jG4pz7h9B8U1kJnoNDamj3lzTI/6tWo/PyH0+vKxsRN04JOIv9n0T+cJ 
certif: 9myDjSzZusvo9rOTnB9SOB4FHDN9WnMOHJ98zVmZYTf0lzKxqnAC1P9QowCgyYlF 
certif: ge1N2FoDZ9afK9J0uHIcFy0EAJVDfPkpiVN5gxCBcRIfzLtUdfRyvsxLUUHPGVfs 
certif: 6c1yetqL+TwKRWZ/lrj41aOyj1Yac516PxhZKp5nWF/f8/fcgxLb4snDfVWFE5ON 
certif: TWvzRBc8majEBWkWJpA/xhzbCAF5ObzQ3zAqshTLac2X8E98o6leHRP6uCkAiIwf 
certif: p7QHBACaWZythkSPWnyajozv4T/fcU+zDB9gJke+iRxUxVlHNb9pjtF2P66Kt2Kd 
certif: lD9siyHdrRAfdDWK5tUaGuNEWm8F2KG3OM1eSA9ls2VM1ItJQyz6hQX5WBAFPDwj 
certif: DCPATO1z7i8h3YSxtUqN19gO0OZSLYsFN3A0oun7MHS/O/lXH7QnQnJ5YW4gV2Vi 
certif: ZXIgKGlycndhbGwpIDxid2ViZXJAYXJpbi5uZXQ+iGYEExECACYFAk4KD00CGwMF 
certif: CRLMAwAGCwkIBwMCBBUCCAMEFgIDAQIeAQIXgAAKCRAj3oku2Mr0perkAJ0RrGxe 
certif: cJlOBLugDmHbbGSbd89dewCgvmouiu0mwJa8kxSez44EtgGH8uW5Ag0ETgoPTxAI 
certif: AK3aVuvx5/8clkC7Hpqsa4XxlusLpI8xB9mBU0XS21BAlFSasg1bBS7F1++QBD3c 
certif: +UG8DT4BcoXc0DH35Sf6LreXuF2qpAw5Y/sxMOmVCPpEGMxDGV0wSf33Q7kvBzcf 
certif: XRM8OeJbK/Nt/pmk0LSDs/0zhw3tU2DL/fbbU0L3sGs7c1a8+Flz0iEnsuXotZpa 
certif: qSSPQdvbtttLxdhAo4DT9D1aYISJ/r93Kob1fxkdjFRe8yIgPgbKSUuOdO1Q2Hgg 
certif: 8zsxKaX5mYoHiYcef4xLSAeC9vXBZ6SxhydHjM7/ii5IYIK0qYhPON4Bvm02nOnK 
certif: T7PiLhwIDXGpn0t4JG21RoMAAwUH/3V2phn19fN3/nJtFiyc2WCfAPnvRu3GKVti 
certif: Z5DtPcuKfhCOGFLQSM9vQH6zyOZgLMKWXbn7Prc465S/oifBAnnlsouh32yhVYu7 
certif: Z8T/X2rMFVfIqeVMVV293hVRoeboY10pKhmnylUXrqJqE6LiSUNHqTIRbCsluXuY 
certif: 1m7LOWZckbOl1CaYr/dZ0jVCpIe5TFx+RnEKWfvo3oWTxkrrf23++hkQbJGFj7F4 
certif: wgR8nsSpMbUB5nGRZP8ock8osp7/P5+gBVxTk+Mvxa2wO4kTYmByRPZC/P4/Uakg 
certif: 8E/C2DRFwEd0n/ZsKGXvYMPPNMGu+b6+xPY1gXyvYw0pxePpoziITwQYEQIADwUC 
certif: TgoPTwIbDAUJEswDAAAKCRAj3oku2Mr0pZseAJ9RQ83M4NHWNQWjVvVG/Ga+Wvr3 
certif: eQCdGZOBPvesgHoRN+ScmqOpk/Wc/eY= 
certif: =iQ02 
certif: -----END PGP PUBLIC KEY BLOCK-----
notify: user@example.com
admin-c: EXAMPLE123-ARIN 
tech-c: EXAMPLE456-ARIN
mnt-by: MNT-YOURORGID 
changed: user@example.com 20080129 
source: ARIN
mntner

Objects in ARIN's Routing Registry are protected by using mntner objects. A mntner object contains the information needed to authorize creation, deletion or modification of any objects that it protects. The mntner object contains one or more "auth:" attributes. Each begins with a keyword identifying the authentication method followed by the authentication information or token needed to enforce that method.

Updating a Mntner

To update an existing mnter, please contact ARIN Registration Services via ASK ARIN within ARIN Online, or via email at hostmaster@arin.net, using "WHOIS/Routing Registry" as your Ask ARIN topic, "Mntner Update" as your subject line, and the handle of your current mntner in the body of your message. ARIN will then provide you with your full mntner for you to submit to rr@arin.net.

Note: Simply querying ARIN's IRR will not provide you with the complete mntner information necessary to make an update.

Here is a mntner object template:


mntner: [mandatory] [single] [primary/lookup key] 
descr: [mandatory] [multiple] [ ] 
admin-c: [mandatory] [multiple] [inverse key] 
tech-c: [optional] [multiple] [inverse key] 
upd-to: [mandatory] [multiple] [inverse key] 
mnt-nfy: [optional] [multiple] [inverse key] 
auth: [mandatory] [multiple] [inverse key] 
remarks: [optional] [multiple] [ ] 
notify: [optional] [multiple] [inverse key] 
abuse-mailbox: [optional] [multiple] [inverse key] 
mnt-by: [mandatory] [multiple] [inverse key] 
referral-by: [mandatory] [single] [inverse key] 
changed: [mandatory] [multiple] [ ] 
source: [mandatory] [single] [ ]

Fields:

<attribute_value(type)>

Defined As...

mntner

<object-name>

is your choice of a unique string identifying your maintainer in the ARIN Routing Registry database. ARIN currently uses the naming convention MNT-[OrgID], where OrgID is your organization ID in ARIN’s Registration database. As an example, if your OrgID is ARIN, your mntner object would be MNT-ARIN.

descr

<freeform>

is your organization name.

admin-c

<ARIN POC Handle>

is an ARIN POC handle for an administrative contact.

Example:

admin-c: JS1001-ARIN

tech-c

<ARIN POC Handle>

is an ARIN POC handle for a technical contact. This is someone to be contacted for technical problems such as misconfiguration.

Example:

tech-c: SJ4-ARIN

upd-to

<email>

specifies the email address to be notified when an attempt to update an object protected by this mntner is unsuccessful.

mnt-nfy

<e-mail>

specifies the email address to be notified when an object protected by this mntner is successfully updated.

auth

<auth-scheme> <scheme-info>

is the method of authorization for your Routing Registry records. ARIN’s Routing Registry currently accepts:

<auth-scheme>

Description

MD5-PW

This scheme is based on the MD5 hash algorithm and provides stronger authentication than CRYP-PW. The authentication information stored in the database is a pass phrase encrypted using md5-crypt algorithm, which is a concatenation of the "$1$" string, the salt, and the 128-bit hash output. Because it uses 8-character salt and an almost unlimited pass phrase, this scheme is more stable against dictionary attacks. However, since the encrypted form is exposed it cannot be considered as a strong form of authentication.

PGPKEY-<id>

Strong scheme of authentication. <id> is the PGP key ID to be used for authentication. This string is the same one that is used in the corresponding key-cert object's "key-cert:" attribute.

MAIL-FROM

This is the weakest form of authentication. Only users with any of the email addresses specified are authorized to work with objects secured by the maintainer. ARIN does not support the use of regular expressions in email addresses
(e.g. ‘.*@example.com’). It must be an exact match to what your email client will put in the From field.  An example is: "J Example" <jexample@example.net>

Because mail clients and servers can re-write the address, it is frequently not sufficient to simply put jexample@example.net in the auth field. ARIN recommends using MD5-PW or PGP for authentication. See section 2.5.2 ‘Transitioning an Existing mntner Object with Mail-From Auth to MD5-PW’ for more information.

Please note that you cannot specify PGPKEY as the authentication method when you are creating a mntner object. You must first create the mntner with MD5 or MAIL-FROM. Use that authentication method to then create your key-cert object. Then you will need to modify the mntner object, changing the authentication to PGPKEY.

remarks

<freeform>

is free-form text explaining or clarifying the object.

notify

<email>

is an email address to which the ARIN Routing Registry will send an email when this object is changed.

abuse-mailbox

<email>

specifies the email address to which abuse complaints should be sent. When this attribute is specified no other email address should be used for abuse complaints.

mnt-by

List of <mntner-name>

is the maintainer ID (the value of the "mntner:" in this object) of the organization responsible for requesting this object. This field should always match the value entered in the mntner: field.

referral-by

<mntner-name>

Use the same value entered in the "mntner:" field. It is mandatory to include this attribute, however, the database software does not currently use it.

changed

<email><date>

Specifies who submitted the update, and when the object was updated. The format of the date is YYYYMMDD. Dates in the future are not allowed. If the date is not specified, the database software will add the date when the update was actually processed. There must be at least one "changed:" attribute; If there are more, they must be in ascending date order. This attribute is for the user's own reference. Nothing can be reliably determined by anyone other than the user about the object or its change history by looking at the "changed:" attributes.
Example:
changed: user@example.com 20080130

source

<registry-name>

is the routing registry name. "ARIN" is the value to use here for the ARIN Routing Registry.

Please see RFC 2622 for the full definition of the mntner class.

A sample completed mntner template is below (please do not use this information to fill out your template; this data is included for reference only):


mntner: MNT-YOURORGID 
descr: Example, Inc. 
admin-c: EXAMPLE123-ARIN 
tech-c: EXAMPLE456-ARIN 
upd-to: hostmaster@example.net
mnt-nfy: hostmaster@example.net
auth: MD5-PW $1$ucVwrzQH$zyamFnmJ3XsWEnrKn2eQS/
mnt-by: MNT-YOURORGID 
referral-by: MNT-YOURORGID
changed: hostmaster@example.net 20080129 
source: ARIN
route

Each interAS route (also known as an interdomain route) originated by an Autonomous System can be specified by using a route object for IPv4 addresses.

Here is a route object template:


route: [mandatory] [single] [primary/lookup key] 
descr: [mandatory] [multiple] [ ] 
origin: [mandatory] [single] [primary/inverse key] 
holes: [optional] [multiple] [ ] 
member-of: [optional] [multiple] [ ] 
inject: [optional] [multiple] [ ] 
aggr-mtd: [optional] [single] [ ] 
aggr-bndry: [optional] [single] [ ] 
export-comps: [optional] [single] [ ] 
components: [optional] [single] [ ] 
remarks: [optional] [multiple] [ ] 
notify: [optional] [multiple] [inverse key] 
mnt-lower: [optional] [multiple] [inverse key] 
mnt-by: [mandatory] [multiple] [inverse key] 
changed: [mandatory] [multiple] [ ] 
source: [mandatory] [single] [ ]

Fields:

<attribute_value(type)>

Defined As...

route

<address-prefix>

is the CIDR prefix of the route to be originated. Together with the "origin:" attribute, constitutes a primary key of the route object.

descr

<freeform>

A short description of the organization and location where this object is used. The description can have multiple lines. It should contain the full postal address as in the ARIN registration.

origin

<as-number>

is the AS number from which the route will originate.

holes

list of <address-prefix>

lists the CIDR prefixes of any subnets which are not reachable through the aggregate route.

member-of

list of <set-name>

lists the route-set objects of which this route is a member. This claim, however, should be acknowledged by a respective "mbrs-by-ref:" attribute in the route-set object.

inject

[at <router-expression>]
[action <action>]
[upon <condition>]

specifies which routers perform the aggregation and when they perform it. In route objects, the router expression can contain only IPv4 expressions.

aggr-mtd

inbound | outbound [<as-expression>]

specifies how the aggregate is generated.

aggr-bndry

<as-expression>

defines a set of Autonomous Systems, which form the aggregation boundary.

export-comps

<filter>

is an RPSL filter matching more specifics prefixes that should be exported outside the aggregation boundary.

components

[ATOMIC] [[<filter>] [protocol <protocol> <filter> ...]]

defines the component routes and protocols used to form the aggregate. <Protocol> is a routing protocol name such as BGP4, OSPF or RIP, and <filter> is a policy expression.

remarks

<freeform>

is free-form text explaining or clarifying the object.

notify

<email>

is an email address to which the ARIN Routing Registry will send an email when this object is changed.

mnt-lower

list of <mntner-name>

Specifies the identifier of a registered mntner object used for hierarchical authorization. The authentication method of this mntner object will then be used to authorize the creation of any route objects one level more specific to this route object.

mnt-by

List of <mntner-name>

is the maintainer ID of the organization responsible for maintaining this object (typically your own mntner ID).

changed

<email><date>

Specifies who submitted the update, and when the object was updated. The format of the date is YYYYMMDD. Dates in the future are not allowed. If the date is not specified, the database software will add the date when the update was actually processed. There must be at least one "changed:" attribute; If there are more, they must be in ascending date order. This attribute is for the user's own reference. Nothing can be reliably determined by anyone other than the user about the object or its change history by looking at the "changed:" attributes.
Example:
changed: user@example.com 20080130

source

<registry-name>

is the routing registry name. "ARIN" is the value to use here for the ARIN Routing Registry.

Please see RFC 2622 for a full description of the route class and its use.

A sample completed route template is below (please do not use this information to fill out your template; this data is included for reference only):


route: 192.0.2.0/24 
descr: Example, Inc. 
descr: 112 Oak Street 
descr: Melvindale, California 99999 
descr: US 
origin: AS65535 
mnt-by: MNT-YOURORGID 
changed: hostmaster@example.net 20080130 
source: ARIN
route6

Each interAS route (also known as an interdomain route) originated by an Autonomous System can be specified by using a route6 object for IPv6 addresses.

Here is a route6 object template:


route6: [mandatory] [single] [primary/look-up key] 
descr: [mandatory] [multiple] [ ] 
origin: [mandatory] [single] [primary/inverse key] 
holes: [optional] [multiple] [ ] 
member-of: [optional] [multiple] [ ] 
inject: [optional] [multiple] [ ] 
aggr-mtd: [optional] [single] [ ] 
aggr-bndry: [optional] [single] [ ] 
export-comps: [optional] [single] [ ] 
components: [optional] [single] [ ] 
remarks: [optional] [multiple] [ ] 
notify: [optional] [multiple] [inverse key] 
mnt-lower: [optional] [multiple] [inverse key] 
mnt-by: [mandatory] [multiple] [inverse key] 
changed: [mandatory] [multiple] [ ] 
source: [mandatory] [single] [ ]
Fields: <attribute_value(type)> Defined As...

route6

<ipv6-address>/<prefix-length>

is the CIDR prefix form of the IPv6 route to be originated. The <prefix length> is an integer in the range from 0 to 128. Together with the "origin:" attribute, constitutes a primary key of the route6 object.

descr

<freeform>

A short description of the organization and location where this object is used. The description can have multiple lines. It should contain the full postal address as in the ARIN registration.

origin

<as-number>

is the AS number from which the route will originate.

holes

list of <ipv6-address-prefix>

lists the CIDR prefixes of any subnets which are not reachable through the aggregate route.

member-of

list of <set-name>

lists the route-set objects of which this route is a member. This claim, however, should be acknowledged by a respective "mbrs-by-ref:" attribute in the route-set object.

inject

[at <router-expression>]
[action <action>]
[upon <condition>]

specifies which routers perform the aggregation and when they perform it. In route6 objects, the router expression can contain only IPv6 expressions.

aggr-mtd

inbound | outbound [<as-expression>]

specifies how the aggregate is generated.

aggr-bndry

<as-expression>

defines a set of Autonomous Systems, which form the aggregation boundary.

export-comps

<ipv6-filter>

is an RPSL filter matching more specifics prefixes that should be exported outside the aggregation boundary.

components

[ATOMIC] [[<filter>] [protocol <protocol> <filter> ...]]

defines the component routes and protocols used to form the aggregate. <Protocol> is a routing protocol name such as BGP4, OSPF or RIP, and <filter> is a policy expression.

remarks

<freeform>

is free-form text explaining or clarifying the object.

notify

<email>

is an email address to which the ARIN Routing Registry will send an email when this object is changed.

mnt-lower

list of <mntner-name>

Specifies the identifier of a registered mntner object used for hierarchical authorization. The authentication method of this mntner object will then be used to authorize the creation of any route6 objects one level more specific to this route6 object.

mnt-by

List of <mntner-name>

is the maintainer ID of the organization responsible for maintaining this object (typically your own mntner ID).

changed

<email><date>

Specifies who submitted the update, and when the object was updated. The format of the date is YYYYMMDD. Dates in the future are not allowed. If the date is not specified, the database software will add the date when the update was actually processed. There must be at least one "changed:" attribute; If there are more, they must be in ascending date order. This attribute is for the user's own reference. Nothing can be reliably determined by anyone other than the user about the object or its change history by looking at the "changed:" attributes.
Example:
changed: user@example.com 20080130

source

<registry-name>

is the routing registry name. "ARIN" is the value to use here for the ARIN Routing Registry.

Please see RFC 2622 for a full description of the route6 class and its use.

A sample completed route6 template is below (please do not use this information to fill out your template; this data is included for reference only):


route6: 2001:DB8::/32 
descr: Example, Inc. 
descr: 112 Oak Street 
descr: Melvindale, California 99999 
descr: US 
origin: AS65535 
mnt-by: MNT-YOURORGID 
changed: hostmaster@example.net 20080130 
source: ARIN
route-set

A route-set object is a set of route prefixes and not a set of database route objects.  It defines a set of routes that can be represented by route objects or by address prefixes.

Here is a route-set object template:


route-set: [mandatory] [single] [primary/lookup key] 
descr: [mandatory] [multiple] [ ] 
members: [optional] [multiple] [ ] 
mp-members: [optional] [multiple] [ ] 
mbrs-by-ref: [optional] [multiple] [inverse key] 
remarks: [optional] [multiple] [ ] 
tech-c: [mandatory] [multiple] [inverse key] 
admin-c: [mandatory] [multiple] [inverse key] 
notify: [optional] [multiple] [inverse key] 
mnt-by: [mandatory] [multiple] [inverse key] 
mnt-lower: [optional] [multiple] [inverse key] 
changed: [mandatory] [multiple] [ ] 
source: [mandatory] [single] [ ]

Fields:

<attribute_value(type)>

Defined As...

route-set

<object-name>

defines the name of the set. It is an RPSL name that starts with "rs-".

descr

<freeform>

A short description of the organization and location where this object is used. The description can have multiple lines. It should contain the full postal address as in the ARIN registration.

members

list of <address-prefix-range>or
<route-set-name><range-operator>

This is a list of IPv4 address prefixes or other route-set names. The syntax of <route-set-name> is the same as the syntax of <object-name>.

mp-members

list of <address-prefix-range> or

<route-set-name> or

<route-set-name><range-operator>

This is a list of IPv6 address prefixes or other route-set names. The syntax of <route-set-name> is the same as the syntax of <object-name>.

mbrs-by-ref

list of <mntner-name> | ANY

is a list of mntner objects. Any route or route6 objects associated with these mntner objects that indicate they're a “member-of” this set will be included in the set. If the value of a "mbrs-by-ref:" attribute is ANY, any route/route6 referring to the set is a member of the set. If the "mbrs-by-ref:" attribute is missing, the set is defined explicitly by the "members:" attribute.

remarks

<freeform>

is free-form text explaining or clarifying the object.

tech-c

<ARIN POC Handle>

is an ARIN POC handle for a technical contact. This is someone to be contacted for technical problems such as misconfiguration.

Example:

tech-c: SJ4-ARIN

admin-c

<ARIN POC Handle>

is an ARIN POC handle for an administrative contact.

Example:

admin-c: JS1001-ARIN

notify

<email>

is an email address to which the ARIN Routing Registry will send an email when this object is changed.

mnt-by

List of <mntner-name>

is the maintainer ID of the organization responsible for maintaining this object (typically your own mntner ID).

changed

<email><date>

Specifies who submitted the update, and when the object was updated. The format of the date is YYYYMMDD. Dates in the future are not allowed. If the date is not specified, the database software will add the date when the update was actually processed. There must be at least one "changed:" attribute; If there are more, they must be in ascending date order. This attribute is for the user's own reference. Nothing can be reliably determined by anyone other than the user about the object or its change history by looking at the "changed:" attributes.
Example:
changed: user@example.com 20080130

source

<registry-name>

is the routing registry name. "ARIN" is the value to use here for the ARIN Routing Registry.

Please see RFC 2622 for a full description of the route-set class and its use.

Sample completed route-set templates are below (please do not use this information to fill out your template; this data is included for reference only):


route-set: rs-foo 
descr: Foo networks and customer routes 
mbrs-by-ref: MNT-ME, MNT-YOU 
tech-c: EXAMPLE123-ARIN 
admin-c: EXAMPLE456-ARIN 
mnt-by: MNT-YOURORGID 
changed: hostmaster@example.net 20080129 
source: ARIN

route-set: rs-bar 
descr: Bar networks and customer routes 
members: 176.16.0.0/16 
mbrs-by-ref: MNT-YOU 
tech-c: EXAMPLE123-ARIN 
admin-c: EXAMPLE456-ARIN 
mnt-by: MNT-YOURORGID 
changed: hostmaster@example.net 20080129 
source: ARIN

route: 192.0.2.0/24 
descr: Example, Inc. 
descr: 112 Oak Street 
descr: Melvindale, California 99999 
descr: US 
origin: AS65535 
member-of: rs-foo 
mnt-by: MNT-YOURORGID 
changed: hostmaster@example.net 20080129 
source: ARIN

route: 192.0.3.0/24 
descr: Example, Inc. backbone 
descr: 247 Piedmont Street 
descr: Sun Valley, TX 80000 
descr: US 
origin: AS65534 
member-of: rs-foo, rs-bar 
mnt-by: MNT-YOURORGID 
changed: hostmaster@example.net 20080129 
source: ARIN

Advanced Search

Internet Routing Registry

Registration Services Help Desk

Monday through Friday
7:00 AM to 7:00 PM ET
Phone: +1.703.227.0660
Fax: +1.703.227.0676
Email: hostmaster@arin.net
Tips for Calling the Help Desk