[Community-Discuss] The Looting of AFRINIC

Sunday Folayan sfolayan at gmail.com
Fri Dec 6 09:16:03 UTC 2019

Dear Mr Guilmette,

Regrettably, I do not monitor the press, but selected channels such as
this list. It seems I got your attention, or you got my attention, or we
both got each other's attention. Let us therefore maximize the possession.

Important and interesting questions, that you have raised in this email.
Let us put some punch in it. Kindly change the TO: field to
ceo at afrinic.net, and cc the Community just to make sure it is not
ignored, then resend it. I am sure the CEO will answer all the questions
you here posed to me. Pity he has to start his tenure with these hard
nuts and curveballs, but he is capable. He speaks for the Company, not me.

I am equally sure that the Community appreciates the great work done,
and no one supports the exposed fraud. You are a stakeholder, and not
some casual bystander so please note this. What you conveniently
ignored, is that the #1 accused company insider is the eye of the
company on the policy lists, where you raised the issues.

I am sure you want to see the issues addressed, and not that we should
conduct a requiem mass for AFRINIC right away. The former is much more
honourable and deserves the support of every right-thinking stakeholder.
It is the later that I seek to ensure is not your intention.

My use of the term "Whistleblowers" is appropriate, as I looked at one
of your reference links, and indeed, someone confirmed to you privately
that your hunch is right. If you do not claim the honour, they should,
because you rightly built on their work!

Great job you are doing.

Have a great day.


On 05/12/2019 23:44, Ronald F. Guilmette wrote:

> In message <4d42abea-9bf3-5862-52c9-64db51a594e5 at gmail.com>,

> Sunday Folayan <sfolayan at gmail.com> wrote:


>> The community has been informed that there is already some internal

>> investigations ongoing. We should give AFRINIC the time to get things

>> done.

> Mr. Folayan,


> These matters were first brought to light in the press on September 1,

> 2019, a full three months ago. Since that time there has not been a

> single meaningful utterance out of either the board or the acting CEO,

> or the new CEO regarding these matters, others than a few vague assurances

> that these matters are being looked into.


> Going back further, I would wish you to note that I raised concerns

> about these matters, in multiple forums, in November of 2016, a full

> three years ago.


> https://mailman.nanog.org/pipermail/nanog/2016-November/089164.html

> https://mailman.nanog.org/pipermail/nanog/2016-November/089232.html

> https://lists.afrinic.net/pipermail/rpd/2016/006129.html


> I would respectfully request you to also note also that I again

> repeatedly raised concerns regarding these matters in August of 2017,

> albeit in a forum where I had hoped to get at least some attention

> paid to these matters, having previously failed utterly to elicit any

> concern at all about any of this from the AFRINIC community itself.


> https://mailman.nanog.org/pipermail/nanog/2017-August/091821.html

> https://mailman.nanog.org/pipermail/nanog/2017-August/091954.html

> https://mailman.nanog.org/pipermail/nanog/2017-August/092092.html


> At the present moment, the AFRINIC community would still be utterly

> in the dark with regards to all of these abundant and pervasive

> issues... issues which, on the surface, quite certainly appear to

> entail large-scale and years-long insider embezzlement... if it

> were not for my diligent pursuit of the facts of this case, and the

> courageous reporting of MyBroadband.co.za. Neither the board nor

> the interim CEO nor the recently appointed new CEO have given any

> clear indication of when this purported internal investigation will

> either bear fruit or conclude, let alone when the various stakeholders

> and members of the AFRINIC community might be privileged to receive

> any of the findings that it may reach. And yet despite having had

> either three full months or three full years to look into these

> matters, depending on where one elects to start counting from, and

> despite that fact that absolutely no results have been forthcoming

> from this purported internal investigation, today you counsel patience.


> This begs the question -- At what point will it be reasonable for the

> community's patience to come to an end? Does the community have any

> assurance, from either the board or the CEO, that waiting another

> three months, or even another three years, is at all likely to yield

> anything other than a continuation of what would appear to be the

> current attempts to quietly sweep the embezzlement of tens of millions

> of dollars of valuable IPv4 assets under the carpet?


> On what date certain will any official statement on these matters at long

> last be forthcoming?


>> I equally expect that if criminal actions and intentions are

>> established, the law should take its course and people should stand

>> accountable for their deeds.

> This assertion on your part begs four further questions:


> 1) Above and beyond the abundant facts that have already been presented

> in the MyBroadband.co.za article, the majority of which were drawn from

> publicly available sources including open government records, what more

> will it take for you to be persuaded that "criminal actions and intentions

> are established"? What parts of the abundant documentary evidence already

> presented in this case do you find less than persuasive?


> 2) If, as asserted in the MyBroadband.co.za article, it can be persuasively

> demonstrated that large chunks of valuable IPv4 address space were in fact

> purloined from the AFRINIC free pool, then would you agree that AFRINIC

> itself is one of the aggrieved parties? And if so, would you hope and

> expect that AFRINIC would file formal criminal complaints with any and

> all relevant national law enforcement bodies on that basis?


> 3) Given the well-documented corruption that is both pervasive and endemic

> within the judicial systems of various relevant African countries, do you

> have any basis for believing that, at the end of the day, it is at all

> likely that justice will ever actually be served in this case?


> 4) What should be AFRINIC's own unilateral response be in those well-

> documented cases involving the illicit theft of IPv4 address blocks from

> AFRINIC's own free pool? Should these blocks be immediately reclaimed by

> AFRINIC? Or would your preference be to permit the thieves, whoever they

> may be, to retain and to continue to profit from their ill-gotten booty

> on a day-by-day and month-by-month basis, as is currently the case?


>> I query the suitability of a system, where existing or moribund

>> organizations' IP resources are stolen/hijacked/leased for upwards of 7

>> years, and it took this level of cross-border investigations to discover

>> the manipulations.

> On this point, you and I are in complete agreement. "The system", such

> as it is, is quite self-evidently broken. But this raises the further

> question of who was, or who should have been minding the store, at AFRINIC,

> while all of this was going on. Is it even plausible that a single bad

> actor could have quitely made off with more than fifty million dollars

> worth of IPv4 space, both legacy and non-legacy, over the course of a

> several year period, and yet not a single other member of the AFRINIC

> staff even noticed any of this?


>> For those whose resources were stolen or hijacked, I expect their legal

>> department will be pursuing the hijackers/traders/users with gusto by now.

> See above. Your expectations appear to be quite clearly misplaced with

> respect to the #1 aggrieved party, which is AFRINIC itself. No other

> single party or entity has been ripped off for anywhere near as much

> valuable IPv4 space as AFRINIC itself. And yet we have, as yet, no

> clear indication from any board member, from any CEO, or from any staff

> member that AFRINIC even agrees that it has been victimized, let alone

> that any legal action of any kind is even remotely being contemplated

> by the legal department of this number one victim, AFRINIC.


> If this is what "gusto" looks like, then I need to get a new dictionary.


>> While appreciating the whistle blower(s) for a job well done on behalf

>> of the entire community, Instead of running a mob-justice system here,

>> with the assurance that justice will be served, the community should

>> rather apply its mind on how to make sure that IP resources are

>> available for developing the continent. That will be a better use of our

>> time and intellect.

> See above. With all due respect I am forced to inquire as to where we

> may find this postulated "assurance that justice will be served"? I have

> so far not seen it, nor even anything vaguely approximating it, in any

> document or in any formal pronouncement of any board or staff member of

> AFRINIC. In fact, quite the opposite. I see that a purported three

> month internal investigation has produced nothing of note worth publicly

> reporting on so far. I see an attempt to shift the blame for this colossal

> and years-long internal screw-up onto inattentive legacy block holders

> while minimizing the self-evident responsibility *and victimhood* of

> AFRINIC itself. I see vague assurances that appropriate legal action

> will ensue and that justice will somehow prevail, all set against a

> backdrop of a continent notorious for judicial corruption and a general

> disrespect for the rule of law, in particular within the two specific

> national jurisdictions which are most obviously relevant to this case.


> For all of the above reasons I find your soothing assurances misplaced,

> Mr. Folayan, and I would argue that this is no time for complacency.

> The number one task of any Regional Internet Registry is to assign and

> to properly keep track of the number resources allocated to it or or placed

> under its purview, and in a way that is both transparent and fair to all.

> AFRINIC has failed to fulfull this one simple and overriding responsibility.


> I continue to hope that the new leadership with quickly and effectively

> remedy these past corrupt practices and their current and still ongoing

> after-effects. I hope and believe that ignoring or minimizing the now

> evident problems, or continuing to try to just sweep them under the carpet

> will no longer be considered a vialble option.



> Regards,

> rfg



> P.S. I must strenuously object to your use of the word "whistleblower" in

> this context Mr. Folayan. That term is usually used in reference to some

> insider who has some inside information by virtue of having witnessed

> first-hand some malfeasance. Neither I nor Jan Vermeulen fit this

> description. Rather, we have labored as outsiders only. We have not

> been privy to any "inside" information. Quite the opposite in fact. We

> have been repeatedly tharted and stonewalled in our reasonable requests

> for information by AFRINIC staff.


> Most exemplary of this stonewalling was the staff response to our reasonable

> requests for an unredacted copy of the current full WHOIS data base. Exactly

> such unredacted data base dumps *are* provided by all of the four other

> Regional Internet Registries to qualified researchers and journalists upon

> request. When we submitted repeated requests for exactly such unredacted

> WHOIS data base dumps to AFRINIC staff however, our requests were rejected

> out of hand and neither any clear reason nor any community-approved policy

> was cited as the basis for the denial.


> At the time of this writing, I continue to await an adequate explanation for

> this denial of reasonable researcher access and/or for the access to be

> granted at long last. Certain portions of my research cannot be completed

> without this access, and I am not aware of any community-approved basis for

> the rejection of such requests.



> P.P.S. As noted above, AFRINIC itself is the number one victim of the

> numerous IPv4 block thefts that have apparently taken place. I feel

> compelled to add that it appears that AFRINIC may have effectively been

> double-victimized in at least two specific instances.


> First and most obviously, AFRINIC appears to have had several large IPv4

> blocks "liberated" from its free pool. Secondarily and even more insultingly

> however, in at least two instances the thieves appear to have also arranged

> to avoid paying the nominal annual fees that would normally be associated

> with non-legacy block assignments, i.e. the annual fees that all other

> legitimate AFRINIC members must pay for their legitimately-acquired IPv4

> allocations.


> I call your attention specifically to the non-legacy block,

> registered to the ORG-AISL1-AFRINIC organization, and also to the non-legacy

> block, registered to the ORG-IA41-AFRINIC organization. These

> blocks together have a combined free market value in excess of six million

> U.S. dollars.


> As it was explained to me some time ago by a helpful fellow on the RPD

> mailing list, organizations whose WHOIS records are marked as MEMBER-ONLY,

> as both of these organization records are, are not expected to hold any

> actual number resources, and thus, on that basis, pay no annual fees to



> I can't be sure that I have properly understood what I was told in this

> regard, or that it is even applicable in these specific cases, but it does

> appear to me that the responsible thieves in these two cases have -both-

> stolen the relevant valuable IPv4 assignments -and- also have for years

> on end cheated AFRINIC out of the annual fees that would otherwise be due

> on these IPv4 assignments.


> Perhaps the AFRINIC accounting department can provide further clarification

> with repect to the question of whether or not any annual fees have been

> collected for each of the two specific IPv4 blocks I have mentioned, for

> any year since their allocation to and association with the organizations

> noted.



> _______________________________________________

> Community-Discuss mailing list

> Community-Discuss at afrinic.net

> https://lists.afrinic.net/mailman/listinfo/community-discuss

Sunday Adekunle Folayan
Managing Director
General data Engineering Services (SKANNET)
16 Oshin Road, Kongi Bodija, Ibadan - Nigeria
Phone: +234 802 291 2202, +234 816 866 7523
Email: sfolayan at skannet.com.ng, sfolayan at gmail.com

More information about the Community-Discuss mailing list