Name: Ricardo Patara
Email: patara@registro.br
Organization: NIC.br

Name: Aftab Sidiqui
Email: aftab.siddiqui@gmail.com
Organization: PERSONAL

Name: Ricardo Patara
Email: patara@registro.br
Organization: NIC.br

Name: Aftab Sidiqui
Email: aftab.siddiqui@gmail.com
Organization: PERSONAL

When using RPKI an organization can issue a Routing Origin Authorization, ROA, that indicate a set of address block that can be announced with origin an a specific ASN also indicated in it.
Other organizations also using RPKI can use that information to make decisions about withe route announcements are legit and with are not.

It is also possible to issue a ROA with ASN 0 (zero) in its ASid field to sign that address blocks in it should not be accepted.

This policy proposal recommend LACNIC to issue ASN 0 ROAs, with unallocated and unassigned addresses block in it, as a method to indicate that route announcements with those addresses should be not accepted by networks using RPKI Routing Origin Validation (ROV),

When using RPKI an organization can issue a Routing Origin Authorization, ROA, that indicate a set of address block that can be announced with origin an a specific ASN also indicated in it.
Other organizations also using RPKI can use that information to make decisions about withe route announcements are legit and with are not.

It is also possible to issue a ROA with ASN 0 (zero) in its ASid field to sign that address blocks in it should not be accepted.

This policy proposal recommend LACNIC to issue ASN 0 ROAs, with unallocated and unassigned addresses block in it, as a method to indicate that route announcements with those addresses should be not accepted by networks using RPKI Routing Origin Validation (ROV),

RIRs have under its responsibility a set of Internet Resource Numbers that are not yet allocated neither assigned. Associated with the custodianship is the responsibility to distribute them to organizations with justified need and accordingly with policies in place. That set of unallocated or unassigned Internet Resources should not be used until allocated or assigned to the organization with the justification to use them.

Several recommendations and good practices states about how to filter those unallocated or unassigned resources, as they are normally associated with some kind of abuse or attack.

Considering the good adoption of RPKI and Routing Origin Validation (ROV) it will be of great contribution the publication of ROAs with ASN 0 to indicate the set of addresses that should not be used.

It will also alleviate the network operators from the burn to update the set of filters based on the list of unallocated or unassigned Internet Resources.

RIRs have under its responsibility a set of Internet Resource Numbers that are not yet allocated neither assigned. Associated with the custodianship is the responsibility to distribute them to organizations with justified need and accordingly with policies in place. That set of unallocated or unassigned Internet Resources should not be used until allocated or assigned to the organization with the justification to use them.

Several recommendations and good practices states about how to filter those unallocated or unassigned resources, as they are normally associated with some kind of abuse or attack.

Considering the good adoption of RPKI and Routing Origin Validation (ROV) it will be of great contribution the publication of ROAs with ASN 0 to indicate the set of addresses that should not be used.

These ROAs would be seen by RPKI relaying parties as an instruction to invalidate routes to network prefixes listed in them.

It will also alleviate the network operators from the burn to update the set of filters based on the list of unallocated or unassigned Internet Resources.

---

---

This would apply to section 1 of LACNIC policy manual.

LACNIC could create specific Routing Origin Authorization (ROAs) in the RPKI infrastructure with ASN 0 in the Origin ASN field and the list of unallocated or unassigned Internet Number Resources exclusively under LACNIC administration in the Prefixes list of this ROA.

This ROA would be seen by RPKI relaying parties as an instruction to invalidate routes to network prefixes listed in it.

Only LACNIC would have authority to create RPKI ROAs for Internet Number Resources not yet allocated or assigned or either recovered or returned, to which LACNIC is the rightful custodian.

In the case an specific Internet Number Resource, present in a ASN0 ROA, is to be allocated or assigned, that ROA must be invalidated and new one would be issued without the soon to be allocated Internet Number Resource.

This would apply to section 1 of LACNIC policy manual.

New text:
LACNIC couwilld create specific Routing Origin Authorizations (ROAs) in the RPKI infrastructure with ASN 0 in the Origin ASN field and the list of unallocated or unassigned Internet Number Resources exclusively under LACNIC administration in the Prefixes list of thisuch ROAs.

Thise ROAnumber wouldf bthe sbeforen by RPKI rmelaying partioned ROAs asnd any insotheruction to iechnvicalid paramete routes tof neit workill prbefix undesr LACNIC ldistcred tion it.

Only LACNIC would have authority to create RPKI ROAs for Internet Number Resources not yet allocated or assigned or either recovered or returned, to which LACNIC is the rightful custodian.

IOn the case an specific Internet Number Resource, present in a ASN0 ROA, is to be allocated or assigned, that ROLA mustCNIC bewill invalidated ROAs thandt conew otaine wosuldch bre issources and witholl issute thnew ROAsoon to be allochate do Inoter include them, Numbas ner Rcesousarcey.

Similar proposal was approved in APNIC

Similar proposal was approved in APNIC

-

-