Cancel
Home / Knowledge Hub / What is guides / What is RPKI?

What is RPKI?

Routing security Contact our experts

RPKI is a security framework by which network owners can validate and secure the critical route updates or Border Gateway Protocol (BGP) announcements between public Internet networks. BGP is essentially the central nervous system of the Internet and one of its fundamental building blocks. The main function of BGP is to facilitate efficient routing between Autonomous Systems (AS), by building and maintaining the Internet routing table. The Internet routing table is effectively the navigation system of the Internet and without it, traffic would be unable to flow between its constituent networks. Unfortunately, routing equipment alone cannot distinguish between legitimate and malicious routing announcements, but network operators who implement RPKI validation and filtering can choose to reject announcements from networks not authorised to advertise those resources. In other words, RPKI is essentially a secure identification system for the BGP route information between autonomous systems.

Service
Routing security

How does RPKI work?

RPKI proves the association between specific IP address blocks or ASNs and the holders of those Internet number resources. In practical terms, validators are used within in an AS to ensure the validity of BGP route updates. RPKI uses a certificate structure that verifies a resource holder's right of use of their resources and can be validated cryptographically. These certificates are known as Route Origin Authorization (ROA). ROAs contain a number of critical routing parameters, including Origin ASN, Prefix and Max Length.

With RPKI, the certificate structure mirrors the way in which Internet number resources are distributed. That is, resources are initially distributed by IANA to the Regional Internet Registries (RIRs), who in turn distribute them to the Local Internet Registries (LIRs), and ultimately, to their customers – the autonomous system owners.

What is RPKI infographic

Why is RPKI important?

RPKI reduces the risk of accidental route leaks and helps mitigate the blast radius of any incidents caused either by human error or BGP optimization software. It also helps prevent malicious IP resource hijacks, which can result in critical outages or fraudulent traffic manipulation.

  • For content providers and resource owners, the registration of ROAs will help protect web assets from being deliberately hijacked and re-directed to other destinations (malicious site spoofing)
  • For service providers or Tier 1 networks with a duty to ensure the security of the Internet routing table, RPKI is a key component of MANRS compliance 
  • For the Internet user, choosing an ISP who has RPKI validation reduces the risk of personal data breaches and redirection to malicious sites

Related products

Service
IP Transit

BGP Transit to Internet content and billions of end-users, with the world’s best-connected backbone, AS1299. 
Service
Dedicated Internet Access (DIA) - IP Connect

High-speed Internet access without the need for an AS number or BGP Routing.

BGP and Routing

Border Gateway Protocol (BGP) routing is the central nervous system of the Internet. Stable and efficient IP routing between different Autonomous Systems (AS) is essential for the security of the entire Internet ecosystem. Our BGP communities and the added security of RPKI enable manageable and reliable traffic flows.
Read more

Looking Glass

Whether you're just curious or need some tools to check your connectivity, our looking glass puts you at the heart of our network.
Try it now

IP Network Performance

World-class connectivity starts with a competitive network SLA. Here you can find monthly IP network performance metrics for our global Internet backbone, AS1299.
Read more about IP network performance

Public internet connectivity for enterprise networks

This white paper digs into the foundations of the Internet and explains why Internet performance can vary greatly between different service provider networks.

Get your free copy

The network of networks

Serving customers in 125 countries, our 70,000 km fiber backbone spans North America, Europe and Asia. Our PoPs give you a direct route to the world’s best content and billions of end-users. Fiber-up control of our network with cutting-edge optical and IP technology deliver the scalability you need, whenever you need it.

Discover our network Our newest PoPs and network stretches

Find more information in the Arelion Knowledge hub

Whitepaper
Read our Whitepapers & Reports

Expert knowledge and invaluable insights to help you navigate your digital journey.
Webinar
Join a Webinar session

Check out our expert hosted webinars diving deep into the latest topics within connectivity. 
Podcast
Listen to the Connectivity Podcast

The world of networking has never been more exciting. Today, the Internet and network services play a critical role in our lives - individuals and businesses alike. 
Blogpost
Read a network blogpost

Our thoughts and deeds. From industry trends to geeky networks stuff. 
Event
Discover upcoming events

Discover our upcoming events – around the world or in the comfort of your own home office.
LOADING...
    LOADING...

    Award-winning Customer Experience

    At Arelion, our award-winning customer experience lies at the heart of everything we do. We work hard to deliver the best customer care in the business. We’re committed to making your experience so good, you don’t even know we’re here.

    Contact Us Chat with Us

    Note: Firefox browser might block this chat due to security settings, ensure to disable the Enhanced Tracking Protection in browser setting or try another browser.