APNIC Updates: RPKI, what we’ve learned and what we’ve been doing by Zen Chuan

MyNOG
MyNOGMyNOG
1 RPKI, what we’ve learned and what we’ve been doing MyNOG 9 Zen Chuan Ng Senior Internet Resource Analyst
2 2 Resource Public Key Infrastructure What is RPKI? A robust security framework for verifying the association between resource holders and their Internet number resources. 2
3 3 Route Origin Authorization What is contained in a ROA? – The AS number you have authorized – The prefix that is being originated from it – The most specific prefix (maximum length) that the AS may announce For example: “ISP 4 permits AS65551 to originate a route for the prefix 198.51.100.0/24" 3
4 4 RPKI initiatives 10 face-to-face and eLearning RPKI training courses delivered RPKI presentations to NOGs and conferences Development of the ‘Ready to ROA’ campaign – hands on sessions to help Members create ROAs New shirts, stickers, web content to promote campaign Ready to ROA launched in 2015 Initial challenge was to get APNIC Members to create ROAs
5 ROA adoption in SEA 5 Economy ROA adoption rate (%) Philippines 96.36% Myanmar 89.09% Singapore 83.50% Lao PDR 76.90% Cambodia 68.14% Thailand 66.80% Vietnam 62.15%
6 How is Malaysia doing? 6 https://lirportal.ripe.net/certification/content/static/statistics/world-roas.html
7 Can Malaysia be the first to reach 100%?
8 BUT….. more work needs to be done! Why???
9 IPv4 ROA coverage in Malaysia https://stats.labs.apnic.net/roas
10 IPv6 ROA coverage in Malaysia https://stats.labs.apnic.net/roas
11 Route Origin Validation https://isbgpsafeyet.com/
12 12 RPKI invalids
13 13 RPKI invalids • On 27 April 2021, we saw 3,526 RPKI invalid routes for IPv4 addresses delegated to APNIC Members
14 What improvements have we made?
15 15 Cleaning up RPKI invalids • Email campaign in June 2021 to reach out to Members with RPKI invalid announcements
16 16 ROA creation interface
17 17 Improved ROA creation interface
18 18 Routing status alerts in DASH https://dash.apnic.net/
19 19 Routing status alerts in DASH
20 20 Routing status alerts in DASH
21 Reducing ROA downtime during transfers • Facilitate resource transfers involving live networks • Existing ROAs published for 2 weeks after transfers • Avoid any down time
22 22 What we've learned?
23 23 Upcoming RPKI improvements • Routing status alerts notification • ROA pre-validation • Registry API – https://blog.apnic.net/2022/03/22/apnic-registry-api/ • New ROA guides and Help Centre articles
24 Questions?
1 of 24

APNIC Updates: RPKI, what we’ve learned and what we’ve been doing by Zen Chuan

Download to read offline
Internet

The aim of this presentation is to share what we have learned from RPKI, what improvements we have done, and what are the future improvements APNIC is going to make.

MyNOG
MyNOGMyNOG

Recommended

SANOG 38: RPKI Update by
SANOG 38: RPKI UpdateSANOG 38: RPKI Update
SANOG 38: RPKI UpdateAPNIC
213 views18 slides
PacNOG 30: RPKI update by
PacNOG 30: RPKI updatePacNOG 30: RPKI update
PacNOG 30: RPKI updateAPNIC
119 views18 slides
Introducing APNIC by
Introducing APNICIntroducing APNIC
Introducing APNICAPNIC
248 views19 slides
How APNIC can support law enforcement agencies in cybercrime investigtaion by
How APNIC can support law enforcement agencies in cybercrime investigtaionHow APNIC can support law enforcement agencies in cybercrime investigtaion
How APNIC can support law enforcement agencies in cybercrime investigtaionAPNIC
2.9K views30 slides
ARM 7: ROA session by
ARM 7: ROA sessionARM 7: ROA session
ARM 7: ROA sessionAPNIC
1.1K views9 slides
AIS'19/AFRINIC 30: APNIC Update by
AIS'19/AFRINIC 30: APNIC UpdateAIS'19/AFRINIC 30: APNIC Update
AIS'19/AFRINIC 30: APNIC UpdateAPNIC
281 views19 slides

More Related Content

Similar to APNIC Updates: RPKI, what we’ve learned and what we’ve been doing by Zen Chuan

ION Belfast - Opening Slides - Chris Grundemann by
ION Belfast - Opening Slides - Chris GrundemannION Belfast - Opening Slides - Chris Grundemann
ION Belfast - Opening Slides - Chris GrundemannDeploy360 Programme (Internet Society)
599 views34 slides
4th Pillar Council by
4th Pillar Council4th Pillar Council
4th Pillar Councilbwatson
538 views21 slides
APNIC Activity Report 2015 by
APNIC Activity Report 2015APNIC Activity Report 2015
APNIC Activity Report 2015APNIC
360 views44 slides
Recommendation for national internet governance forum 2016 shreedeep rayamajhi by
Recommendation for national internet governance forum 2016 shreedeep rayamajhiRecommendation for national internet governance forum 2016 shreedeep rayamajhi
Recommendation for national internet governance forum 2016 shreedeep rayamajhiShreedeep Rayamajhi
152 views5 slides
Mark Sage (AREA): All You Need to Know About Enterprise Augmented Reality Req... by
Mark Sage (AREA): All You Need to Know About Enterprise Augmented Reality Req...Mark Sage (AREA): All You Need to Know About Enterprise Augmented Reality Req...
Mark Sage (AREA): All You Need to Know About Enterprise Augmented Reality Req...AugmentedWorldExpo
200 views18 slides
AIS19 Newcomers Session (EN) by
AIS19 Newcomers Session (EN)AIS19 Newcomers Session (EN)
AIS19 Newcomers Session (EN)AFRINIC
127 views24 slides

Similar to APNIC Updates: RPKI, what we’ve learned and what we’ve been doing by Zen Chuan(20)

ION Belfast - Opening Slides - Chris Grundemann by Deploy360 Programme (Internet Society)
ION Belfast - Opening Slides - Chris GrundemannION Belfast - Opening Slides - Chris Grundemann
ION Belfast - Opening Slides - Chris Grundemann
Deploy360 Programme (Internet Society)599 views
4th Pillar Council by bwatson
4th Pillar Council4th Pillar Council
4th Pillar Council
bwatson538 views
APNIC Activity Report 2015 by APNIC
APNIC Activity Report 2015APNIC Activity Report 2015
APNIC Activity Report 2015
APNIC360 views
Recommendation for national internet governance forum 2016 shreedeep rayamajhi by Shreedeep Rayamajhi
Recommendation for national internet governance forum 2016 shreedeep rayamajhiRecommendation for national internet governance forum 2016 shreedeep rayamajhi
Recommendation for national internet governance forum 2016 shreedeep rayamajhi
Shreedeep Rayamajhi152 views
Mark Sage (AREA): All You Need to Know About Enterprise Augmented Reality Req... by AugmentedWorldExpo
Mark Sage (AREA): All You Need to Know About Enterprise Augmented Reality Req...Mark Sage (AREA): All You Need to Know About Enterprise Augmented Reality Req...
Mark Sage (AREA): All You Need to Know About Enterprise Augmented Reality Req...
AugmentedWorldExpo200 views
AIS19 Newcomers Session (EN) by AFRINIC
AIS19 Newcomers Session (EN)AIS19 Newcomers Session (EN)
AIS19 Newcomers Session (EN)
AFRINIC127 views
CReCER 2013: Global Insights from IFAC SMP Committee by International Federation of Accountants
CReCER 2013: Global Insights from IFAC SMP CommitteeCReCER 2013: Global Insights from IFAC SMP Committee
CReCER 2013: Global Insights from IFAC SMP Committee
International Federation of Accountants1.1K views
Two years of good MANRS by APNIC
Two years of good MANRSTwo years of good MANRS
Two years of good MANRS
APNIC102 views
ISOC Overview and ISOC Canada by Glenn McKnight
ISOC Overview and ISOC CanadaISOC Overview and ISOC Canada
ISOC Overview and ISOC Canada
Glenn McKnight790 views
09 (IDNOG01) Introduction about APNIC by Wita Laksono by Indonesia Network Operators Group
09 (IDNOG01) Introduction about APNIC by Wita Laksono09 (IDNOG01) Introduction about APNIC by Wita Laksono
09 (IDNOG01) Introduction about APNIC by Wita Laksono
Indonesia Network Operators Group854 views
Pablo RIR reference by AFRINIC
Pablo RIR referencePablo RIR reference
Pablo RIR reference
AFRINIC255 views
PCTA Convention 2023: APNIC Introduction by APNIC
PCTA Convention 2023: APNIC IntroductionPCTA Convention 2023: APNIC Introduction
PCTA Convention 2023: APNIC Introduction
APNIC265 views
PCTA Convention 2023: APNIC Introduction by APNIC
PCTA Convention 2023: APNIC IntroductionPCTA Convention 2023: APNIC Introduction
PCTA Convention 2023: APNIC Introduction
APNIC265 views
APNIC Secretariat Report by APNIC
APNIC Secretariat ReportAPNIC Secretariat Report
APNIC Secretariat Report
APNIC175 views
Business Intelligence Challenge, Oracle, Doug Tait, TADSummit by Alan Quayle
Business Intelligence Challenge, Oracle, Doug Tait, TADSummitBusiness Intelligence Challenge, Oracle, Doug Tait, TADSummit
Business Intelligence Challenge, Oracle, Doug Tait, TADSummit
Alan Quayle1K views
Engage with The Internet Society by APNIC
Engage with The Internet SocietyEngage with The Internet Society
Engage with The Internet Society
APNIC435 views
Simon Edwards - What next? CILIP projects in 2013 by CILIP West Midlands Member Network
Simon Edwards - What next? CILIP projects in 2013Simon Edwards - What next? CILIP projects in 2013
Simon Edwards - What next? CILIP projects in 2013
CILIP West Midlands Member Network637 views
Compliance Training Done Well Using Mobile and the xAPI by Jon Brasted
Compliance Training Done Well Using Mobile and the xAPICompliance Training Done Well Using Mobile and the xAPI
Compliance Training Done Well Using Mobile and the xAPI
Jon Brasted999 views
Cognitiveradio And Networking Research At Virginia Tech by Melissa Moore
Cognitiveradio And Networking Research At Virginia TechCognitiveradio And Networking Research At Virginia Tech
Cognitiveradio And Networking Research At Virginia Tech
Melissa Moore2 views
LACNIC Update by APNIC
LACNIC UpdateLACNIC Update
LACNIC Update
APNIC41 views

More from MyNOG

Peering Personal MyNOG-10 by
Peering Personal MyNOG-10Peering Personal MyNOG-10
Peering Personal MyNOG-10MyNOG
121 views32 slides
Embedded CDNs in 2023 by
Embedded CDNs in 2023Embedded CDNs in 2023
Embedded CDNs in 2023MyNOG
112 views22 slides
Edge virtualisation for Carrier Networks by
Edge virtualisation for Carrier NetworksEdge virtualisation for Carrier Networks
Edge virtualisation for Carrier NetworksMyNOG
98 views13 slides
Equinix: New Markets, New Frontiers by
Equinix: New Markets, New FrontiersEquinix: New Markets, New Frontiers
Equinix: New Markets, New FrontiersMyNOG
162 views26 slides
Securing the Onion: 5G Cloud Native Infrastructure by
Securing the Onion: 5G Cloud Native InfrastructureSecuring the Onion: 5G Cloud Native Infrastructure
Securing the Onion: 5G Cloud Native InfrastructureMyNOG
100 views22 slides
Hierarchical Network Controller by
Hierarchical Network ControllerHierarchical Network Controller
Hierarchical Network ControllerMyNOG
79 views25 slides

More from MyNOG(20)

Peering Personal MyNOG-10 by MyNOG
Peering Personal MyNOG-10Peering Personal MyNOG-10
Peering Personal MyNOG-10
MyNOG121 views
Embedded CDNs in 2023 by MyNOG
Embedded CDNs in 2023Embedded CDNs in 2023
Embedded CDNs in 2023
MyNOG112 views
Edge virtualisation for Carrier Networks by MyNOG
Edge virtualisation for Carrier NetworksEdge virtualisation for Carrier Networks
Edge virtualisation for Carrier Networks
MyNOG98 views
Equinix: New Markets, New Frontiers by MyNOG
Equinix: New Markets, New FrontiersEquinix: New Markets, New Frontiers
Equinix: New Markets, New Frontiers
MyNOG162 views
Securing the Onion: 5G Cloud Native Infrastructure by MyNOG
Securing the Onion: 5G Cloud Native InfrastructureSecuring the Onion: 5G Cloud Native Infrastructure
Securing the Onion: 5G Cloud Native Infrastructure
MyNOG100 views
Hierarchical Network Controller by MyNOG
Hierarchical Network ControllerHierarchical Network Controller
Hierarchical Network Controller
MyNOG79 views
Aether: The First Open Source 5G/LTE Connected Edge Cloud Platform by MyNOG
Aether: The First Open Source 5G/LTE Connected Edge Cloud PlatformAether: The First Open Source 5G/LTE Connected Edge Cloud Platform
Aether: The First Open Source 5G/LTE Connected Edge Cloud Platform
MyNOG103 views
Cleaning up your RPKI invalids by MyNOG
Cleaning up your RPKI invalidsCleaning up your RPKI invalids
Cleaning up your RPKI invalids
MyNOG30 views
Introducing Peering LAN 2.0 at DE-CIX by MyNOG
Introducing Peering LAN 2.0 at DE-CIXIntroducing Peering LAN 2.0 at DE-CIX
Introducing Peering LAN 2.0 at DE-CIX
MyNOG100 views
Load balancing and Service in Kubernetes by MyNOG
Load balancing and Service in KubernetesLoad balancing and Service in Kubernetes
Load balancing and Service in Kubernetes
MyNOG98 views
Cloud SDN: BGP Peering and RPKI by MyNOG
Cloud SDN: BGP Peering and RPKICloud SDN: BGP Peering and RPKI
Cloud SDN: BGP Peering and RPKI
MyNOG84 views
SDM – A New (Subsea) Cable Paradigm by MyNOG
SDM – A New (Subsea) Cable ParadigmSDM – A New (Subsea) Cable Paradigm
SDM – A New (Subsea) Cable Paradigm
MyNOG120 views
AI in Networking: Transforming Network Operations with Juniper Mist AIDE by MyNOG
AI in Networking: Transforming Network Operations with Juniper Mist AIDEAI in Networking: Transforming Network Operations with Juniper Mist AIDE
AI in Networking: Transforming Network Operations with Juniper Mist AIDE
MyNOG267 views
Malaysia Data Center Landscape, Where is the next hotspot to place your fiber... by MyNOG
Malaysia Data Center Landscape, Where is the next hotspot to place your fiber...Malaysia Data Center Landscape, Where is the next hotspot to place your fiber...
Malaysia Data Center Landscape, Where is the next hotspot to place your fiber...
MyNOG179 views
FUTURE-PROOFING DATA CENTRES from Connectivity Perspective by MyNOG
FUTURE-PROOFING DATA CENTRES from Connectivity PerspectiveFUTURE-PROOFING DATA CENTRES from Connectivity Perspective
FUTURE-PROOFING DATA CENTRES from Connectivity Perspective
MyNOG82 views
Keep Ukraine Connected: A project from the community – for the community by R... by MyNOG
Keep Ukraine Connected: A project from the community – for the community by R...Keep Ukraine Connected: A project from the community – for the community by R...
Keep Ukraine Connected: A project from the community – for the community by R...
MyNOG81 views
Solving Civilization’s Long Term Communication Needs by Dinesh Kummaran, Tran... by MyNOG
Solving Civilization’s Long Term Communication Needs by Dinesh Kummaran, Tran...Solving Civilization’s Long Term Communication Needs by Dinesh Kummaran, Tran...
Solving Civilization’s Long Term Communication Needs by Dinesh Kummaran, Tran...
MyNOG79 views
MyIX Updates by Raja Mohan Marappan, MyIX by MyNOG
MyIX Updates by Raja Mohan Marappan, MyIXMyIX Updates by Raja Mohan Marappan, MyIX
MyIX Updates by Raja Mohan Marappan, MyIX
MyNOG58 views
Exploring Quantum Engineering for Networking by Melchior Aelmans, Juniper Net... by MyNOG
Exploring Quantum Engineering for Networking by Melchior Aelmans, Juniper Net...Exploring Quantum Engineering for Networking by Melchior Aelmans, Juniper Net...
Exploring Quantum Engineering for Networking by Melchior Aelmans, Juniper Net...
MyNOG51 views
Quick wins in the NetOps Journey by Vincent Boon, Opengear by MyNOG
Quick wins in the NetOps Journey by Vincent Boon, OpengearQuick wins in the NetOps Journey by Vincent Boon, Opengear
Quick wins in the NetOps Journey by Vincent Boon, Opengear
MyNOG48 views

Recently uploaded

hamro digital logics.pptx by
hamro digital logics.pptxhamro digital logics.pptx
hamro digital logics.pptxtupeshghimire
10 views36 slides
Affiliate Marketing by
Affiliate MarketingAffiliate Marketing
Affiliate MarketingNavin Dhanuka
17 views30 slides
The Dark Web : Hidden Services by
The Dark Web : Hidden ServicesThe Dark Web : Hidden Services
The Dark Web : Hidden ServicesAnshu Singh
14 views24 slides
ATPMOUSE_융합2조.pptx by
ATPMOUSE_융합2조.pptxATPMOUSE_융합2조.pptx
ATPMOUSE_융합2조.pptxkts120898
35 views70 slides
How to think like a threat actor for Kubernetes.pptx by
How to think like a threat actor for Kubernetes.pptxHow to think like a threat actor for Kubernetes.pptx
How to think like a threat actor for Kubernetes.pptxLibbySchulze1
5 views33 slides
Marketing and Community Building in Web3 by
Marketing and Community Building in Web3Marketing and Community Building in Web3
Marketing and Community Building in Web3Federico Ast
14 views64 slides

Recently uploaded(6)

hamro digital logics.pptx by tupeshghimire
hamro digital logics.pptxhamro digital logics.pptx
hamro digital logics.pptx
tupeshghimire10 views
Affiliate Marketing by Navin Dhanuka
Affiliate MarketingAffiliate Marketing
Affiliate Marketing
Navin Dhanuka17 views
The Dark Web : Hidden Services by Anshu Singh
The Dark Web : Hidden ServicesThe Dark Web : Hidden Services
The Dark Web : Hidden Services
Anshu Singh14 views
ATPMOUSE_융합2조.pptx by kts120898
ATPMOUSE_융합2조.pptxATPMOUSE_융합2조.pptx
ATPMOUSE_융합2조.pptx
kts12089835 views
How to think like a threat actor for Kubernetes.pptx by LibbySchulze1
How to think like a threat actor for Kubernetes.pptxHow to think like a threat actor for Kubernetes.pptx
How to think like a threat actor for Kubernetes.pptx
LibbySchulze15 views
Marketing and Community Building in Web3 by Federico Ast
Marketing and Community Building in Web3Marketing and Community Building in Web3
Marketing and Community Building in Web3
Federico Ast14 views

APNIC Updates: RPKI, what we’ve learned and what we’ve been doing by Zen Chuan