RPKI Adoption in the ARIN Region
The routing system is one of the Internet’s key building blocks that remains unprotected and vulnerable to attacks. Whether by accident or design, routing incidents prevent Internet users from accessing information online and erode trust in networks. When perpetrated with malicious intent, the routing system can be hijacked to block websites, redirect traffic to bogus destinations or monitor traffic through snooping.
Standards development bodies have long explored ways to render the routing system more secure. Resource Public Key Infrastructure (RPKI) –as set forth in RFC 6810–has emerged as the preferred strategy for securing BGP routing.
ARIN and its sister Regional Internet Registries (RIRs) play a key role in the deployment of the technology, acting as certifying authorities in their respective regions. Upon request, RIRs issue digital certificates known as “Route Origination Authorizations” (ROAs) for IP address holders. ROAs certify that a specific organisation or autonomous system is authorised to advertise that they are a legitimate source of traffic for specific sets of IP addresses on the Internet. Network operators that want to ensure they route Internet traffic to its correct destination rely on RPKI validators to identify invalid routes they should discard.
The present report seeks to document the current state of RPKI adoption in the ARIN region and enable individualised queries by ASN and prefix number for members of the ARIN community. Our data is live and updated at 5:15AM UTC every day, which means you can return to this site to view up to date information. To contextualise the analysis, the report considers global RPKI results.
Results are also available for all countries or geographic areas across North America and the Caribbean served by ARIN. As described in the methodology, this project is the first to do a comprehensive survey of RPKI adoption in a RIR region on a country-by-country basis. In working on the report, the team was especially interested in differentiation uptake that was affected by factors such as the number of ISPs in the country, economic indicators or population size.
There are two key indicators to assess RPKI uptake in the ARIN region. These include RPKI adoption/coverage and RPKI Validation results.
Project Team and ARIN Funding
The present project is the result of collaborative efforts by Mark McFadden, Carolina Caeiro, Mark Robertshaw and Peter Spain. The project has been supported by DNSRF team members Emily Taylor, Lucien Taylor, Nathan Alan, and Igor Weilemann.
This project was possible thanks to the generous support of ARIN’s Community Grant Program.