ARIN and the RPKI (was Re: AltDB?)

Christopher Morrow morrowc.lists at
Thu Jan 6 15:06:39 CST 2011

On Thu, Jan 6, 2011 at 2:03 PM, Kevin Oberman <oberman at> wrote:
>> Date: Thu, 06 Jan 2011 14:24:01 +0900
>> From: Randy Bush <randy at>
>> > I think ACLs here means prefix-lists ... or I hope that's what Randy
>> > meant?
>> sorry.  yes, irr based prefix lists.  and, sad to say, data which have
>> sucked for 15+ years.  i was the poster child for the irr, and it just
>> never took off.
>> [ irr data are pretty bad except for some islands where there is culture
>>   of maintining them.  and, as it is a global internet, islands don't
>>   help much.  europe and japan are two islands with better than the
>>   average irr data quality.  and they have rpki rolling to varied
>>   degrees. ]
> The day of reasonable accuracy of the IRR ended when UUnet bought
> ANI. Since ANI actually used the IRR to generate there router configs


> and ANI was pretty big, people were really forced to register. Curtis


> had a lot of excellent software that did all sorts of impressive stuff
> with the IRR, but I guess that all went into the bit bucket when UUnet
> took over.

we did require you to email [email protected] :) that didn't help?

All sed jokes aside, would having attestations that the route you see
is part of a block assigned by IANA to ARIN and from ARIN to UUNET and
from UUNET to JoesCrabShuckers make sense to you? (and to your router
policy provided the router policy engine and code worked)

The efficacy of the IRR isn't at question, the ability to assure with
some level of reasonableness that the thing you see (and eventually
it's path to get to you) is "valid" is what the RPKI system is
building toward.


> Very, very sad!

(tears were shed)

> --
> R. Kevin Oberman, Network Engineer
> Energy Sciences Network (ESnet)
> Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab)
> E-mail: oberman at                  Phone: +1 510 486-8634
> Key fingerprint:059B 2DDF 031C 9BA3 14A4  EADA 927D EBB3 987B 3751

More information about the NANOG mailing list