Get ready to ROA!

By on 16 Jan 2015

Category: Tech matters

Tags: , , ,

2 Comments

Blog home

Many of you have heard about Resource Certification or Resource Public Key Infrastructure (RPKI). We have delivered many talks and conducted tutorials on this topic. Indeed, we have APNIC staff who are also authors of the relevant IETF standards on RPKI.

However, it is one of those things in network security  where the ultimate benefit will only be obtained when everyone else is doing it, just like BCP38 (aka SAVE). Unfortunately, adoption has been quite slow, particularly in the Asia Pacific region.

This year, we want to get more APNIC Members  to be part of the RPKI story so we are rolling out a Route Origin Authorization (ROA) creation campaign. We want to encourage  APNIC Members to create their ROA objects via the MyAPNIC portal.

APNIC has a lot of content describing RPKI and, importantly, how it works. With a ROA, the resource holder is attesting that the origin AS number is authorized to announce the prefix(es). The attestation can be verified cryptographically using RPKI.

To get this campaign moving, we are planning to have ROA sessions at the various NOG events and Members events.  Free t-shirts (limited edition!) and stickers are thrown into the mix too. Our first session is on 17 January at SANOG 25.

We are also  looking for ambassadors or local champions to help us promote the cause. If you  are interested to, don’t hesitate to ping us.

Furthermore, we’ve have developed a page for the Ready to ROA campaign, so keep an eye on it for the latest news and updates.

If you are Member of APNIC and a resource holder, have you created your ROA? If not, then what are you waiting for? Feel free to contact us if you need any assistance!

Rate this article

The views expressed by the authors of this blog are their own and do not necessarily reflect the views of APNIC. Please note a Code of Conduct applies to this blog.

2 Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

Please answer the math question * Time limit is exhausted. Please click the refresh button next to the equation below to reload the CAPTCHA (Note: your comment will not be deleted).

Top