Operators -
Some important information regarding forthcoming RPKI management changes at ARIN.
FYI ,
/John
John Curran
President and CEO
American Registry for Internet Numbers
1 Like
ROA Auto-renewal
After the May software release, any ROA created via ARIN Online or the new RESTful provisioning endpoint will be automatically renewed, meaning all newly created ROAs will persist indefinitely until they are manually deleted. ARIN will also apply the auto-renew feature to any existing ROAs when we deploy this new functionality.
Please note: Any new ROAs created with the legacy RESTful endpoint will not be auto-renewed. If you would like your ROAs to be auto-renewed, you will need to use ARIN Online or the new RESTful provisioning endpoint. ARIN will be contacting customers who have created ROAs in both ARIN Online and REST to determine how they prefer to manage their existing ROAs
Thanks John and ARIN team, this auto-renew is a big deal and helps take a lot of stress off our plates
CB
oh! there's a bunch of pretty good improvements here, thanks! (john
and cameron for raising this mail up in the my stack)
-chris
Chris -
Indeed - these are some frequently sought changes that also bring our RPKI interface closer to practices in other regions.
I will note that we do lose something in the process - currently ARIN’s RPKI system has clear non-repudiation attributes (i.e., the issuance of an ROA is assuredly done by the controlling operator [as opposed to a function of ARIN’s automation or staff]) since ARIN never possesses the necessary private key. Changing to allow easy issuance and rollover appears to be the community’s preference, so we have undertaken the necessary development and process changes.
Thanks!
/John
John Curran
President and CEO
American Registry for Internet Numbers