SlideShare a Scribd company logo

ARM 7: ROA session

APNIC
APNIC

APNIC's Anna Mulingbayan outlines the process for creating a ROA in MyAPNIC and where you can join a ROA session in the region.

Internet
1 of 9
Download to read offline
Issue Date: Revision: ROA Session Anna Mulingbayan anna@apnic.net 31/12/2014 1 Internet Week Bangkok, 9 March 2015
Resource Certification, ROA, RPKI 2 •  APNIC offers Resource Certification as a tool to Members to create Route Origin Authorizations (ROAs) in MyAPNIC •  A ROA is a digitally signed, cryptographic object generated by the Resource Certification service •  The Resource Public Key Infrastructure (RPKI) is the framework that enables users of public networks to verify the authenticity of data that has been digitally signed by the rightful custodian of the IP resource.
Benefits of creating a ROA 3 •  Verify whether an AS is authorized to announce a specific IP prefix •  Minimize common routing errors •  Prevent most accidental hijacks
4 A AS1 (ISP of Victim) AS4 (Large ISP) AS2 (Legitimate owner of 1.1.1.1/16) BGP:1.1.1.1/16 B C D BGP:1.1.1.1/24 BGP:1.1.1.1/16 BGP:1.1.1.1/24 AS3 (ISP of Hijacker) Source : http://www.secureworks.com/
5 A AS1 (ISP of Victim) AS4 (Large ISP) AS3 (ISP of Hijacker) AS2 (Legitimate owner of 1.1.1.1/16) BGP:1.1.1.1/16 B C D BGP:1.1.1.1/24 BGP:1.1.1.1/16 Source : http://www.secureworks.com/
What is a ROA object ? 6 •  What’s contained in a ROA –  The AS number you have authorized –  The prefix that is being originated from it –  The most specific prefix (maximum length) that the AS may announce For example: “ISP 4 permits AS 65000 to originate a route for the prefix 192.2.200.0/24”
Creating ROA in MyAPNIC 7 •  What you need to have before creating a ROA –  Must be an APNIC Member –  Have access to MyAPNIC –  Digital Certificate installed •  Takes only 5 minutes to create, and 10 minutes to be visible to the public
RPKI Initiatives 8 10 face-to-face and elearning RPKI training courses delivered RPKI presentations to NOGs and conferences Development of the ‘Ready to ROA’ Campaign – hands on sessions to help Members create ROAs New shirts, stickers, web content to promote campaign Ready to ROA launched in 2015
Invitation to ROA session 9 •  9th March @ “Coffee Shop” hall •  Create your ROA object on the spot •  Provide your feedback; share your experiences •  Get your ROA t-shirt •  Drop in your business card

Recommended

APNIC Update - MMNOG 2017
APNIC Update - MMNOG 2017APNIC Update - MMNOG 2017
APNIC Update - MMNOG 2017
APNIC
 
Collective responsibility for security and resilience of the global routing s...
Collective responsibility for security and resilience of the global routing s...Collective responsibility for security and resilience of the global routing s...
Collective responsibility for security and resilience of the global routing s...
APNIC
 
APNIC Technical Assistance Service, IDNIC OPM 2016
APNIC Technical Assistance Service, IDNIC OPM 2016APNIC Technical Assistance Service, IDNIC OPM 2016
APNIC Technical Assistance Service, IDNIC OPM 2016
APNIC
 
IPv6 Adoption by ASEAN Government Agencies
IPv6 Adoption by ASEAN Government AgenciesIPv6 Adoption by ASEAN Government Agencies
IPv6 Adoption by ASEAN Government Agencies
APNIC
 
APNIC Update, NPNOG 0.5
APNIC Update, NPNOG 0.5APNIC Update, NPNOG 0.5
APNIC Update, NPNOG 0.5
APNIC
 
APNIC Update: ARIN 37
APNIC Update: ARIN 37APNIC Update: ARIN 37
APNIC Update: ARIN 37
Bhadrika Magan
 
APNIC Member Services
APNIC Member ServicesAPNIC Member Services
APNIC Member Services
APNIC
 
APNIC Update - PacNOG20
APNIC Update - PacNOG20APNIC Update - PacNOG20
APNIC Update - PacNOG20
APNIC
 

Recommended

APNIC Update - MMNOG 2017
APNIC Update - MMNOG 2017APNIC Update - MMNOG 2017
APNIC Update - MMNOG 2017
APNIC
 
Collective responsibility for security and resilience of the global routing s...
Collective responsibility for security and resilience of the global routing s...Collective responsibility for security and resilience of the global routing s...
Collective responsibility for security and resilience of the global routing s...
APNIC
 
APNIC Technical Assistance Service, IDNIC OPM 2016
APNIC Technical Assistance Service, IDNIC OPM 2016APNIC Technical Assistance Service, IDNIC OPM 2016
APNIC Technical Assistance Service, IDNIC OPM 2016
APNIC
 
IPv6 Adoption by ASEAN Government Agencies
IPv6 Adoption by ASEAN Government AgenciesIPv6 Adoption by ASEAN Government Agencies
IPv6 Adoption by ASEAN Government Agencies
APNIC
 
APNIC Update, NPNOG 0.5
APNIC Update, NPNOG 0.5APNIC Update, NPNOG 0.5
APNIC Update, NPNOG 0.5
APNIC
 
APNIC Update: ARIN 37
APNIC Update: ARIN 37APNIC Update: ARIN 37
APNIC Update: ARIN 37
Bhadrika Magan
 
APNIC Member Services
APNIC Member ServicesAPNIC Member Services
APNIC Member Services
APNIC
 
APNIC Update - PacNOG20
APNIC Update - PacNOG20APNIC Update - PacNOG20
APNIC Update - PacNOG20
APNIC
 
PNG IXP Inauguration: APNIC Update
PNG IXP Inauguration: APNIC UpdatePNG IXP Inauguration: APNIC Update
PNG IXP Inauguration: APNIC Update
APNIC
 
Enhancing security incident response capabilities in the AP
Enhancing security incident response capabilities in the AP Enhancing security incident response capabilities in the AP
Enhancing security incident response capabilities in the AP
APNIC
 
WHOIS Database for Incident Response & Handling
WHOIS Database for Incident Response & HandlingWHOIS Database for Incident Response & Handling
WHOIS Database for Incident Response & Handling
APNIC
 
Government Policy and IPv6 Adoption
Government Policy and IPv6 AdoptionGovernment Policy and IPv6 Adoption
Government Policy and IPv6 Adoption
APNIC
 
Resource Public Key Infrastructure presentation, Mynog5
Resource Public Key Infrastructure presentation, Mynog5Resource Public Key Infrastructure presentation, Mynog5
Resource Public Key Infrastructure presentation, Mynog5
APNIC
 
IGFA 2017: Introduction to APNIC and Regional Internet Registries
IGFA 2017: Introduction to APNIC and Regional Internet RegistriesIGFA 2017: Introduction to APNIC and Regional Internet Registries
IGFA 2017: Introduction to APNIC and Regional Internet Registries
APNIC
 
What is APNIC: Infotel 2014
What is APNIC: Infotel 2014What is APNIC: Infotel 2014
What is APNIC: Infotel 2014
APNIC
 
Internet infrastructure in South Asia
Internet infrastructure in South AsiaInternet infrastructure in South Asia
Internet infrastructure in South Asia
APNIC
 
APNIC Update, APEC TEL 54
APNIC Update, APEC TEL 54APNIC Update, APEC TEL 54
APNIC Update, APEC TEL 54
APNIC
 
Internet Measurement Networks - SANOG 24
Internet Measurement Networks - SANOG 24Internet Measurement Networks - SANOG 24
Internet Measurement Networks - SANOG 24
APNIC
 
Cybersecurity response in the Pacific
Cybersecurity response in the PacificCybersecurity response in the Pacific
Cybersecurity response in the Pacific
APNIC
 
How the Internet works...and why
How the Internet works...and whyHow the Internet works...and why
How the Internet works...and why
APNIC
 
Cybersecurity Opportunities Challenges APNIC
Cybersecurity Opportunities Challenges APNICCybersecurity Opportunities Challenges APNIC
Cybersecurity Opportunities Challenges APNIC
APNIC
 
Tracking cyber kidnappers by Andrew Clark [APRICOT 2015]
Tracking cyber kidnappers by Andrew Clark [APRICOT 2015]Tracking cyber kidnappers by Andrew Clark [APRICOT 2015]
Tracking cyber kidnappers by Andrew Clark [APRICOT 2015]
APNIC
 
IANA Stewardship Transition Consultation - APNIC 38
IANA Stewardship Transition Consultation - APNIC 38IANA Stewardship Transition Consultation - APNIC 38
IANA Stewardship Transition Consultation - APNIC 38
APNIC
 
CNNIC Update, by Jessica Shen [APNIC 38 / NIR SIG]
CNNIC Update, by Jessica Shen [APNIC 38 / NIR SIG]CNNIC Update, by Jessica Shen [APNIC 38 / NIR SIG]
CNNIC Update, by Jessica Shen [APNIC 38 / NIR SIG]
APNIC
 
PacNOG 18/APNIC Regional Meeting, Guam: APNIC Activities Update
PacNOG 18/APNIC Regional Meeting, Guam: APNIC Activities UpdatePacNOG 18/APNIC Regional Meeting, Guam: APNIC Activities Update
PacNOG 18/APNIC Regional Meeting, Guam: APNIC Activities Update
APNIC
 
ITU-APNIC collaboration on the transition from IPv4 to IPv6
ITU-APNIC collaboration on the transition from IPv4 to IPv6ITU-APNIC collaboration on the transition from IPv4 to IPv6
ITU-APNIC collaboration on the transition from IPv4 to IPv6
APNIC
 
Apnic update-btnog1-sc
Apnic update-btnog1-scApnic update-btnog1-sc
Apnic update-btnog1-sc
APNIC
 
IANA Transition Update, August 2016
IANA Transition Update, August 2016IANA Transition Update, August 2016
IANA Transition Update, August 2016
APNIC
 
SANOG 38: RPKI Update
SANOG 38: RPKI UpdateSANOG 38: RPKI Update
SANOG 38: RPKI Update
APNIC
 
PacNOG 30: RPKI update
PacNOG 30: RPKI updatePacNOG 30: RPKI update
PacNOG 30: RPKI update
APNIC
 

More Related Content

What's hot

PNG IXP Inauguration: APNIC Update
PNG IXP Inauguration: APNIC UpdatePNG IXP Inauguration: APNIC Update
PNG IXP Inauguration: APNIC Update
APNIC
 
Enhancing security incident response capabilities in the AP
Enhancing security incident response capabilities in the AP Enhancing security incident response capabilities in the AP
Enhancing security incident response capabilities in the AP
APNIC
 
WHOIS Database for Incident Response & Handling
WHOIS Database for Incident Response & HandlingWHOIS Database for Incident Response & Handling
WHOIS Database for Incident Response & Handling
APNIC
 
Government Policy and IPv6 Adoption
Government Policy and IPv6 AdoptionGovernment Policy and IPv6 Adoption
Government Policy and IPv6 Adoption
APNIC
 
Resource Public Key Infrastructure presentation, Mynog5
Resource Public Key Infrastructure presentation, Mynog5Resource Public Key Infrastructure presentation, Mynog5
Resource Public Key Infrastructure presentation, Mynog5
APNIC
 
IGFA 2017: Introduction to APNIC and Regional Internet Registries
IGFA 2017: Introduction to APNIC and Regional Internet RegistriesIGFA 2017: Introduction to APNIC and Regional Internet Registries
IGFA 2017: Introduction to APNIC and Regional Internet Registries
APNIC
 
What is APNIC: Infotel 2014
What is APNIC: Infotel 2014What is APNIC: Infotel 2014
What is APNIC: Infotel 2014
APNIC
 
Internet infrastructure in South Asia
Internet infrastructure in South AsiaInternet infrastructure in South Asia
Internet infrastructure in South Asia
APNIC
 
APNIC Update, APEC TEL 54
APNIC Update, APEC TEL 54APNIC Update, APEC TEL 54
APNIC Update, APEC TEL 54
APNIC
 
Internet Measurement Networks - SANOG 24
Internet Measurement Networks - SANOG 24Internet Measurement Networks - SANOG 24
Internet Measurement Networks - SANOG 24
APNIC
 
Cybersecurity response in the Pacific
Cybersecurity response in the PacificCybersecurity response in the Pacific
Cybersecurity response in the Pacific
APNIC
 
How the Internet works...and why
How the Internet works...and whyHow the Internet works...and why
How the Internet works...and why
APNIC
 
Cybersecurity Opportunities Challenges APNIC
Cybersecurity Opportunities Challenges APNICCybersecurity Opportunities Challenges APNIC
Cybersecurity Opportunities Challenges APNIC
APNIC
 
Tracking cyber kidnappers by Andrew Clark [APRICOT 2015]
Tracking cyber kidnappers by Andrew Clark [APRICOT 2015]Tracking cyber kidnappers by Andrew Clark [APRICOT 2015]
Tracking cyber kidnappers by Andrew Clark [APRICOT 2015]
APNIC
 
IANA Stewardship Transition Consultation - APNIC 38
IANA Stewardship Transition Consultation - APNIC 38IANA Stewardship Transition Consultation - APNIC 38
IANA Stewardship Transition Consultation - APNIC 38
APNIC
 
CNNIC Update, by Jessica Shen [APNIC 38 / NIR SIG]
CNNIC Update, by Jessica Shen [APNIC 38 / NIR SIG]CNNIC Update, by Jessica Shen [APNIC 38 / NIR SIG]
CNNIC Update, by Jessica Shen [APNIC 38 / NIR SIG]
APNIC
 
PacNOG 18/APNIC Regional Meeting, Guam: APNIC Activities Update
PacNOG 18/APNIC Regional Meeting, Guam: APNIC Activities UpdatePacNOG 18/APNIC Regional Meeting, Guam: APNIC Activities Update
PacNOG 18/APNIC Regional Meeting, Guam: APNIC Activities Update
APNIC
 
ITU-APNIC collaboration on the transition from IPv4 to IPv6
ITU-APNIC collaboration on the transition from IPv4 to IPv6ITU-APNIC collaboration on the transition from IPv4 to IPv6
ITU-APNIC collaboration on the transition from IPv4 to IPv6
APNIC
 
Apnic update-btnog1-sc
Apnic update-btnog1-scApnic update-btnog1-sc
Apnic update-btnog1-sc
APNIC
 
IANA Transition Update, August 2016
IANA Transition Update, August 2016IANA Transition Update, August 2016
IANA Transition Update, August 2016
APNIC
 

What's hot (20)

PNG IXP Inauguration: APNIC Update
PNG IXP Inauguration: APNIC UpdatePNG IXP Inauguration: APNIC Update
PNG IXP Inauguration: APNIC Update
 
Enhancing security incident response capabilities in the AP
Enhancing security incident response capabilities in the AP Enhancing security incident response capabilities in the AP
Enhancing security incident response capabilities in the AP
 
WHOIS Database for Incident Response & Handling
WHOIS Database for Incident Response & HandlingWHOIS Database for Incident Response & Handling
WHOIS Database for Incident Response & Handling
 
Government Policy and IPv6 Adoption
Government Policy and IPv6 AdoptionGovernment Policy and IPv6 Adoption
Government Policy and IPv6 Adoption
 
Resource Public Key Infrastructure presentation, Mynog5
Resource Public Key Infrastructure presentation, Mynog5Resource Public Key Infrastructure presentation, Mynog5
Resource Public Key Infrastructure presentation, Mynog5
 
IGFA 2017: Introduction to APNIC and Regional Internet Registries
IGFA 2017: Introduction to APNIC and Regional Internet RegistriesIGFA 2017: Introduction to APNIC and Regional Internet Registries
IGFA 2017: Introduction to APNIC and Regional Internet Registries
 
What is APNIC: Infotel 2014
What is APNIC: Infotel 2014What is APNIC: Infotel 2014
What is APNIC: Infotel 2014
 
Internet infrastructure in South Asia
Internet infrastructure in South AsiaInternet infrastructure in South Asia
Internet infrastructure in South Asia
 
APNIC Update, APEC TEL 54
APNIC Update, APEC TEL 54APNIC Update, APEC TEL 54
APNIC Update, APEC TEL 54
 
Internet Measurement Networks - SANOG 24
Internet Measurement Networks - SANOG 24Internet Measurement Networks - SANOG 24
Internet Measurement Networks - SANOG 24
 
Cybersecurity response in the Pacific
Cybersecurity response in the PacificCybersecurity response in the Pacific
Cybersecurity response in the Pacific
 
How the Internet works...and why
How the Internet works...and whyHow the Internet works...and why
How the Internet works...and why
 
Cybersecurity Opportunities Challenges APNIC
Cybersecurity Opportunities Challenges APNICCybersecurity Opportunities Challenges APNIC
Cybersecurity Opportunities Challenges APNIC
 
Tracking cyber kidnappers by Andrew Clark [APRICOT 2015]
Tracking cyber kidnappers by Andrew Clark [APRICOT 2015]Tracking cyber kidnappers by Andrew Clark [APRICOT 2015]
Tracking cyber kidnappers by Andrew Clark [APRICOT 2015]
 
IANA Stewardship Transition Consultation - APNIC 38
IANA Stewardship Transition Consultation - APNIC 38IANA Stewardship Transition Consultation - APNIC 38
IANA Stewardship Transition Consultation - APNIC 38
 
CNNIC Update, by Jessica Shen [APNIC 38 / NIR SIG]
CNNIC Update, by Jessica Shen [APNIC 38 / NIR SIG]CNNIC Update, by Jessica Shen [APNIC 38 / NIR SIG]
CNNIC Update, by Jessica Shen [APNIC 38 / NIR SIG]
 
PacNOG 18/APNIC Regional Meeting, Guam: APNIC Activities Update
PacNOG 18/APNIC Regional Meeting, Guam: APNIC Activities UpdatePacNOG 18/APNIC Regional Meeting, Guam: APNIC Activities Update
PacNOG 18/APNIC Regional Meeting, Guam: APNIC Activities Update
 
ITU-APNIC collaboration on the transition from IPv4 to IPv6
ITU-APNIC collaboration on the transition from IPv4 to IPv6ITU-APNIC collaboration on the transition from IPv4 to IPv6
ITU-APNIC collaboration on the transition from IPv4 to IPv6
 
Apnic update-btnog1-sc
Apnic update-btnog1-scApnic update-btnog1-sc
Apnic update-btnog1-sc
 
IANA Transition Update, August 2016
IANA Transition Update, August 2016IANA Transition Update, August 2016
IANA Transition Update, August 2016
 

Similar to ARM 7: ROA session

SANOG 38: RPKI Update
SANOG 38: RPKI UpdateSANOG 38: RPKI Update
SANOG 38: RPKI Update
APNIC
 
PacNOG 30: RPKI update
PacNOG 30: RPKI updatePacNOG 30: RPKI update
PacNOG 30: RPKI update
APNIC
 
Route Origin Authorization (ROA) using RPKI
Route Origin Authorization (ROA) using RPKIRoute Origin Authorization (ROA) using RPKI
Route Origin Authorization (ROA) using RPKI
APNIC
 
Introduction to RPKI
Introduction to RPKIIntroduction to RPKI
Introduction to RPKI
APNIC
 
IPv4 transfer presentation, SGNOG4
IPv4 transfer presentation, SGNOG4IPv4 transfer presentation, SGNOG4
IPv4 transfer presentation, SGNOG4
APNIC
 
APNIC Updates
APNIC UpdatesAPNIC Updates
APNIC Updates
MyNOG
 
HKNOG 7.0: RPKI - it's time to start deploying it
HKNOG 7.0: RPKI - it's time to start deploying itHKNOG 7.0: RPKI - it's time to start deploying it
HKNOG 7.0: RPKI - it's time to start deploying it
APNIC
 
Introduction to RPKI by Sheryl (Shane) Hermoso
Introduction to RPKI by Sheryl (Shane) HermosoIntroduction to RPKI by Sheryl (Shane) Hermoso
Introduction to RPKI by Sheryl (Shane) Hermoso
MyNOG
 
Introduction to RPKI - MyNOG
Introduction to RPKI - MyNOGIntroduction to RPKI - MyNOG
Introduction to RPKI - MyNOG
Siena Perry
 
APNIC Updates: RPKI, what we’ve learned and what we’ve been doing by Zen Chuan
APNIC Updates: RPKI, what we’ve learned and what we’ve been doing by Zen ChuanAPNIC Updates: RPKI, what we’ve learned and what we’ve been doing by Zen Chuan
APNIC Updates: RPKI, what we’ve learned and what we’ve been doing by Zen Chuan
MyNOG
 
MyNOG 9: RPKI, lessons learned
MyNOG 9: RPKI, lessons learnedMyNOG 9: RPKI, lessons learned
MyNOG 9: RPKI, lessons learned
APNIC
 
Whois - Addressing the Asia Pacifc
Whois - Addressing the Asia PacifcWhois - Addressing the Asia Pacifc
Whois - Addressing the Asia Pacifc
APNIC
 
IPv6 Deployment: Why and Why not?
IPv6 Deployment: Why and Why not?IPv6 Deployment: Why and Why not?
IPv6 Deployment: Why and Why not?
apnic_slides
 
Resource Public Key Infrastructure (RPKI)
Resource Public Key Infrastructure (RPKI) Resource Public Key Infrastructure (RPKI)
Resource Public Key Infrastructure (RPKI)
Bangladesh Network Operators Group
 
PCTA Convention 2023: APNIC Introduction
PCTA Convention 2023: APNIC IntroductionPCTA Convention 2023: APNIC Introduction
PCTA Convention 2023: APNIC Introduction
APNIC
 
PCTA Convention 2023: APNIC Introduction
PCTA Convention 2023: APNIC IntroductionPCTA Convention 2023: APNIC Introduction
PCTA Convention 2023: APNIC Introduction
APNIC
 
How APNIC can support law enforcement agencies in cybercrime investigtaion
How APNIC can support law enforcement agencies in cybercrime investigtaionHow APNIC can support law enforcement agencies in cybercrime investigtaion
How APNIC can support law enforcement agencies in cybercrime investigtaion
APNIC
 
PCTA 2019: How to obtain Internet resources to join the IXP
PCTA 2019: How to obtain Internet resources to join the IXPPCTA 2019: How to obtain Internet resources to join the IXP
PCTA 2019: How to obtain Internet resources to join the IXP
APNIC
 
Should I run my own RPKI Certificate Authority?
Should I run my own RPKI Certificate Authority?Should I run my own RPKI Certificate Authority?
Should I run my own RPKI Certificate Authority?
APNIC
 
APAN 50: RPKI industry trends and initiatives
APAN 50: RPKI industry trends and initiatives APAN 50: RPKI industry trends and initiatives
APAN 50: RPKI industry trends and initiatives
APNIC
 

Similar to ARM 7: ROA session (20)

SANOG 38: RPKI Update
SANOG 38: RPKI UpdateSANOG 38: RPKI Update
SANOG 38: RPKI Update
 
PacNOG 30: RPKI update
PacNOG 30: RPKI updatePacNOG 30: RPKI update
PacNOG 30: RPKI update
 
Route Origin Authorization (ROA) using RPKI
Route Origin Authorization (ROA) using RPKIRoute Origin Authorization (ROA) using RPKI
Route Origin Authorization (ROA) using RPKI
 
Introduction to RPKI
Introduction to RPKIIntroduction to RPKI
Introduction to RPKI
 
IPv4 transfer presentation, SGNOG4
IPv4 transfer presentation, SGNOG4IPv4 transfer presentation, SGNOG4
IPv4 transfer presentation, SGNOG4
 
APNIC Updates
APNIC UpdatesAPNIC Updates
APNIC Updates
 
HKNOG 7.0: RPKI - it's time to start deploying it
HKNOG 7.0: RPKI - it's time to start deploying itHKNOG 7.0: RPKI - it's time to start deploying it
HKNOG 7.0: RPKI - it's time to start deploying it
 
Introduction to RPKI by Sheryl (Shane) Hermoso
Introduction to RPKI by Sheryl (Shane) HermosoIntroduction to RPKI by Sheryl (Shane) Hermoso
Introduction to RPKI by Sheryl (Shane) Hermoso
 
Introduction to RPKI - MyNOG
Introduction to RPKI - MyNOGIntroduction to RPKI - MyNOG
Introduction to RPKI - MyNOG
 
APNIC Updates: RPKI, what we’ve learned and what we’ve been doing by Zen Chuan
APNIC Updates: RPKI, what we’ve learned and what we’ve been doing by Zen ChuanAPNIC Updates: RPKI, what we’ve learned and what we’ve been doing by Zen Chuan
APNIC Updates: RPKI, what we’ve learned and what we’ve been doing by Zen Chuan
 
MyNOG 9: RPKI, lessons learned
MyNOG 9: RPKI, lessons learnedMyNOG 9: RPKI, lessons learned
MyNOG 9: RPKI, lessons learned
 
Whois - Addressing the Asia Pacifc
Whois - Addressing the Asia PacifcWhois - Addressing the Asia Pacifc
Whois - Addressing the Asia Pacifc
 
IPv6 Deployment: Why and Why not?
IPv6 Deployment: Why and Why not?IPv6 Deployment: Why and Why not?
IPv6 Deployment: Why and Why not?
 
Resource Public Key Infrastructure (RPKI)
Resource Public Key Infrastructure (RPKI) Resource Public Key Infrastructure (RPKI)
Resource Public Key Infrastructure (RPKI)
 
PCTA Convention 2023: APNIC Introduction
PCTA Convention 2023: APNIC IntroductionPCTA Convention 2023: APNIC Introduction
PCTA Convention 2023: APNIC Introduction
 
PCTA Convention 2023: APNIC Introduction
PCTA Convention 2023: APNIC IntroductionPCTA Convention 2023: APNIC Introduction
PCTA Convention 2023: APNIC Introduction
 
How APNIC can support law enforcement agencies in cybercrime investigtaion
How APNIC can support law enforcement agencies in cybercrime investigtaionHow APNIC can support law enforcement agencies in cybercrime investigtaion
How APNIC can support law enforcement agencies in cybercrime investigtaion
 
PCTA 2019: How to obtain Internet resources to join the IXP
PCTA 2019: How to obtain Internet resources to join the IXPPCTA 2019: How to obtain Internet resources to join the IXP
PCTA 2019: How to obtain Internet resources to join the IXP
 
Should I run my own RPKI Certificate Authority?
Should I run my own RPKI Certificate Authority?Should I run my own RPKI Certificate Authority?
Should I run my own RPKI Certificate Authority?
 
APAN 50: RPKI industry trends and initiatives
APAN 50: RPKI industry trends and initiatives APAN 50: RPKI industry trends and initiatives
APAN 50: RPKI industry trends and initiatives
 

More from APNIC

IPv6: Unlocking the Potential, presented by Paul Wilson at CommunicAsia 2024
IPv6: Unlocking the Potential, presented by Paul Wilson at CommunicAsia 2024IPv6: Unlocking the Potential, presented by Paul Wilson at CommunicAsia 2024
IPv6: Unlocking the Potential, presented by Paul Wilson at CommunicAsia 2024
APNIC
 
Honeypots Unveiled: Proactive Defense Tactics for Cyber Security, Phoenix Sum...
Honeypots Unveiled: Proactive Defense Tactics for Cyber Security, Phoenix Sum...Honeypots Unveiled: Proactive Defense Tactics for Cyber Security, Phoenix Sum...
Honeypots Unveiled: Proactive Defense Tactics for Cyber Security, Phoenix Sum...
APNIC
 
Securing BGP: Operational Strategies and Best Practices for Network Defenders...
Securing BGP: Operational Strategies and Best Practices for Network Defenders...Securing BGP: Operational Strategies and Best Practices for Network Defenders...
Securing BGP: Operational Strategies and Best Practices for Network Defenders...
APNIC
 
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
APNIC
 
Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...
Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...
Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...
APNIC
 
APNIC Updates presented by Paul Wilson at CaribNOG 27
APNIC Updates presented by Paul Wilson at CaribNOG 27APNIC Updates presented by Paul Wilson at CaribNOG 27
APNIC Updates presented by Paul Wilson at CaribNOG 27
APNIC
 
APNIC Policy Roundup presented by Sunny Chendi at TWNOG 5.0
APNIC Policy Roundup presented by Sunny Chendi at TWNOG 5.0APNIC Policy Roundup presented by Sunny Chendi at TWNOG 5.0
APNIC Policy Roundup presented by Sunny Chendi at TWNOG 5.0
APNIC
 
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC
 
APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53
APNIC
 
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
APNIC
 
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
APNIC
 
On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024
APNIC
 
Networking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGNetworking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOG
APNIC
 
IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119
APNIC
 
draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119
APNIC
 
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
APNIC
 
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
APNIC
 
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
APNIC
 
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
APNIC
 
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC
 

More from APNIC (20)

IPv6: Unlocking the Potential, presented by Paul Wilson at CommunicAsia 2024
IPv6: Unlocking the Potential, presented by Paul Wilson at CommunicAsia 2024IPv6: Unlocking the Potential, presented by Paul Wilson at CommunicAsia 2024
IPv6: Unlocking the Potential, presented by Paul Wilson at CommunicAsia 2024
 
Honeypots Unveiled: Proactive Defense Tactics for Cyber Security, Phoenix Sum...
Honeypots Unveiled: Proactive Defense Tactics for Cyber Security, Phoenix Sum...Honeypots Unveiled: Proactive Defense Tactics for Cyber Security, Phoenix Sum...
Honeypots Unveiled: Proactive Defense Tactics for Cyber Security, Phoenix Sum...
 
Securing BGP: Operational Strategies and Best Practices for Network Defenders...
Securing BGP: Operational Strategies and Best Practices for Network Defenders...Securing BGP: Operational Strategies and Best Practices for Network Defenders...
Securing BGP: Operational Strategies and Best Practices for Network Defenders...
 
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024
 
Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...
Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...
Registry Data Accuracy Improvements, presented by Chimi Dorji at SANOG 41 / I...
 
APNIC Updates presented by Paul Wilson at CaribNOG 27
APNIC Updates presented by Paul Wilson at CaribNOG 27APNIC Updates presented by Paul Wilson at CaribNOG 27
APNIC Updates presented by Paul Wilson at CaribNOG 27
 
APNIC Policy Roundup presented by Sunny Chendi at TWNOG 5.0
APNIC Policy Roundup presented by Sunny Chendi at TWNOG 5.0APNIC Policy Roundup presented by Sunny Chendi at TWNOG 5.0
APNIC Policy Roundup presented by Sunny Chendi at TWNOG 5.0
 
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
 
APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53
 
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
 
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
 
On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024
 
Networking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGNetworking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOG
 
IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119
 
draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119
 
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
 
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
 
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
 
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
 
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
 

Recently uploaded

怎么办理(umiami毕业证书)美国迈阿密大学毕业证文凭证书实拍图原版一模一样
怎么办理(umiami毕业证书)美国迈阿密大学毕业证文凭证书实拍图原版一模一样怎么办理(umiami毕业证书)美国迈阿密大学毕业证文凭证书实拍图原版一模一样
怎么办理(umiami毕业证书)美国迈阿密大学毕业证文凭证书实拍图原版一模一样
rtunex8r
 
Integrating Physical and Cybersecurity to Lower Risks in Healthcare!
Integrating Physical and Cybersecurity to Lower Risks in Healthcare!Integrating Physical and Cybersecurity to Lower Risks in Healthcare!
Integrating Physical and Cybersecurity to Lower Risks in Healthcare!
Alec Kassir cozmozone
 
Bengaluru Dreamin' 24 - Personal Branding
Bengaluru Dreamin' 24 - Personal BrandingBengaluru Dreamin' 24 - Personal Branding
Bengaluru Dreamin' 24 - Personal Branding
Tarandeep Singh
 
一比一原版新西兰林肯大学毕业证(Lincoln毕业证书)学历如何办理
一比一原版新西兰林肯大学毕业证(Lincoln毕业证书)学历如何办理一比一原版新西兰林肯大学毕业证(Lincoln毕业证书)学历如何办理
一比一原版新西兰林肯大学毕业证(Lincoln毕业证书)学历如何办理
thezot
 
Discover the benefits of outsourcing SEO to India
Discover the benefits of outsourcing SEO to IndiaDiscover the benefits of outsourcing SEO to India
Discover the benefits of outsourcing SEO to India
davidjhones387
 
办理新西兰奥克兰大学毕业证学位证书范本原版一模一样
办理新西兰奥克兰大学毕业证学位证书范本原版一模一样办理新西兰奥克兰大学毕业证学位证书范本原版一模一样
办理新西兰奥克兰大学毕业证学位证书范本原版一模一样
xjq03c34
 
Should Repositories Participate in the Fediverse?
Should Repositories Participate in the Fediverse?Should Repositories Participate in the Fediverse?
Should Repositories Participate in the Fediverse?
Paul Walk
 
快速办理(Vic毕业证书)惠灵顿维多利亚大学毕业证完成信一模一样
快速办理(Vic毕业证书)惠灵顿维多利亚大学毕业证完成信一模一样快速办理(Vic毕业证书)惠灵顿维多利亚大学毕业证完成信一模一样
快速办理(Vic毕业证书)惠灵顿维多利亚大学毕业证完成信一模一样
3a0sd7z3
 
HijackLoader Evolution: Interactive Process Hollowing
HijackLoader Evolution: Interactive Process HollowingHijackLoader Evolution: Interactive Process Hollowing
HijackLoader Evolution: Interactive Process Hollowing
Donato Onofri
 
快速办理(新加坡SMU毕业证书)新加坡管理大学毕业证文凭证书一模一样
快速办理(新加坡SMU毕业证书)新加坡管理大学毕业证文凭证书一模一样快速办理(新加坡SMU毕业证书)新加坡管理大学毕业证文凭证书一模一样
快速办理(新加坡SMU毕业证书)新加坡管理大学毕业证文凭证书一模一样
3a0sd7z3
 
How to make a complaint to the police for Social Media Fraud.pdf
How to make a complaint to the police for Social Media Fraud.pdfHow to make a complaint to the police for Social Media Fraud.pdf
How to make a complaint to the police for Social Media Fraud.pdf
Infosec train
 
一比一原版(USYD毕业证)悉尼大学毕业证如何办理
一比一原版(USYD毕业证)悉尼大学毕业证如何办理一比一原版(USYD毕业证)悉尼大学毕业证如何办理
一比一原版(USYD毕业证)悉尼大学毕业证如何办理
k4ncd0z
 

Recently uploaded (12)

怎么办理(umiami毕业证书)美国迈阿密大学毕业证文凭证书实拍图原版一模一样
怎么办理(umiami毕业证书)美国迈阿密大学毕业证文凭证书实拍图原版一模一样怎么办理(umiami毕业证书)美国迈阿密大学毕业证文凭证书实拍图原版一模一样
怎么办理(umiami毕业证书)美国迈阿密大学毕业证文凭证书实拍图原版一模一样
 
Integrating Physical and Cybersecurity to Lower Risks in Healthcare!
Integrating Physical and Cybersecurity to Lower Risks in Healthcare!Integrating Physical and Cybersecurity to Lower Risks in Healthcare!
Integrating Physical and Cybersecurity to Lower Risks in Healthcare!
 
Bengaluru Dreamin' 24 - Personal Branding
Bengaluru Dreamin' 24 - Personal BrandingBengaluru Dreamin' 24 - Personal Branding
Bengaluru Dreamin' 24 - Personal Branding
 
一比一原版新西兰林肯大学毕业证(Lincoln毕业证书)学历如何办理
一比一原版新西兰林肯大学毕业证(Lincoln毕业证书)学历如何办理一比一原版新西兰林肯大学毕业证(Lincoln毕业证书)学历如何办理
一比一原版新西兰林肯大学毕业证(Lincoln毕业证书)学历如何办理
 
Discover the benefits of outsourcing SEO to India
Discover the benefits of outsourcing SEO to IndiaDiscover the benefits of outsourcing SEO to India
Discover the benefits of outsourcing SEO to India
 
办理新西兰奥克兰大学毕业证学位证书范本原版一模一样
办理新西兰奥克兰大学毕业证学位证书范本原版一模一样办理新西兰奥克兰大学毕业证学位证书范本原版一模一样
办理新西兰奥克兰大学毕业证学位证书范本原版一模一样
 
Should Repositories Participate in the Fediverse?
Should Repositories Participate in the Fediverse?Should Repositories Participate in the Fediverse?
Should Repositories Participate in the Fediverse?
 
快速办理(Vic毕业证书)惠灵顿维多利亚大学毕业证完成信一模一样
快速办理(Vic毕业证书)惠灵顿维多利亚大学毕业证完成信一模一样快速办理(Vic毕业证书)惠灵顿维多利亚大学毕业证完成信一模一样
快速办理(Vic毕业证书)惠灵顿维多利亚大学毕业证完成信一模一样
 
HijackLoader Evolution: Interactive Process Hollowing
HijackLoader Evolution: Interactive Process HollowingHijackLoader Evolution: Interactive Process Hollowing
HijackLoader Evolution: Interactive Process Hollowing
 
快速办理(新加坡SMU毕业证书)新加坡管理大学毕业证文凭证书一模一样
快速办理(新加坡SMU毕业证书)新加坡管理大学毕业证文凭证书一模一样快速办理(新加坡SMU毕业证书)新加坡管理大学毕业证文凭证书一模一样
快速办理(新加坡SMU毕业证书)新加坡管理大学毕业证文凭证书一模一样
 
How to make a complaint to the police for Social Media Fraud.pdf
How to make a complaint to the police for Social Media Fraud.pdfHow to make a complaint to the police for Social Media Fraud.pdf
How to make a complaint to the police for Social Media Fraud.pdf
 
一比一原版(USYD毕业证)悉尼大学毕业证如何办理
一比一原版(USYD毕业证)悉尼大学毕业证如何办理一比一原版(USYD毕业证)悉尼大学毕业证如何办理
一比一原版(USYD毕业证)悉尼大学毕业证如何办理
 

ARM 7: ROA session

  • 1. Issue Date: Revision: ROA Session Anna Mulingbayan anna@apnic.net 31/12/2014 1 Internet Week Bangkok, 9 March 2015
  • 2. Resource Certification, ROA, RPKI 2 •  APNIC offers Resource Certification as a tool to Members to create Route Origin Authorizations (ROAs) in MyAPNIC •  A ROA is a digitally signed, cryptographic object generated by the Resource Certification service •  The Resource Public Key Infrastructure (RPKI) is the framework that enables users of public networks to verify the authenticity of data that has been digitally signed by the rightful custodian of the IP resource.
  • 3. Benefits of creating a ROA 3 •  Verify whether an AS is authorized to announce a specific IP prefix •  Minimize common routing errors •  Prevent most accidental hijacks
  • 4. 4 A AS1 (ISP of Victim) AS4 (Large ISP) AS2 (Legitimate owner of 1.1.1.1/16) BGP:1.1.1.1/16 B C D BGP:1.1.1.1/24 BGP:1.1.1.1/16 BGP:1.1.1.1/24 AS3 (ISP of Hijacker) Source : http://www.secureworks.com/
  • 5. 5 A AS1 (ISP of Victim) AS4 (Large ISP) AS3 (ISP of Hijacker) AS2 (Legitimate owner of 1.1.1.1/16) BGP:1.1.1.1/16 B C D BGP:1.1.1.1/24 BGP:1.1.1.1/16 Source : http://www.secureworks.com/
  • 6. What is a ROA object ? 6 •  What’s contained in a ROA –  The AS number you have authorized –  The prefix that is being originated from it –  The most specific prefix (maximum length) that the AS may announce For example: “ISP 4 permits AS 65000 to originate a route for the prefix 192.2.200.0/24”
  • 7. Creating ROA in MyAPNIC 7 •  What you need to have before creating a ROA –  Must be an APNIC Member –  Have access to MyAPNIC –  Digital Certificate installed •  Takes only 5 minutes to create, and 10 minutes to be visible to the public
  • 8. RPKI Initiatives 8 10 face-to-face and elearning RPKI training courses delivered RPKI presentations to NOGs and conferences Development of the ‘Ready to ROA’ Campaign – hands on sessions to help Members create ROAs New shirts, stickers, web content to promote campaign Ready to ROA launched in 2015
  • 9. Invitation to ROA session 9 •  9th March @ “Coffee Shop” hall •  Create your ROA object on the spot •  Provide your feedback; share your experiences •  Get your ROA t-shirt •  Drop in your business card