Search RPD Archives
Limit search to: Subject & Body Subject Author
Sort by:

[rpd] AfriNIC audit data

Jaco Kroon jaco at uls.co.za
Sat Oct 25 06:34:16 UTC 2025 

Hi,

On 2025/10/24 17:34, Owen DeLong via RPD wrote:
> On Oct 24, 2025, at 08:06, Fernando Frediani <fhfrediani at gmail.com> wrote:
>
>> 
>> On 10/24/2025 11:02 AM, Andrew Alston wrote:
>>> You also have to remember, that space allocated prior to 
>>> soft-landing has no geographic restrictions on where it can be used 
>>> - geographic restrictions only applied to space allocated under soft 
>>> landing.
>>
>> Don't remember of this being like that. Resources registered in 
>> AfriNic region, regardless of when they were assigned are to be used 
>> majority within the region for Africa Internet development and 
>> AfriNic staff already made that clear in the past. There would be no 
>> sense to get resources from AfriNic and be able to freely use outside 
>> the region.
>>
> If they said that, they were mistaken. Reread the policy documents and 
> the bylaws. No such requirement exists in the actual written rules.
>
> It may cause you moral outrage or feel wrong to you, but it is not 
> against the actual written rules. Multiple attempts to change that 
> have failed to gain consensus over the years. The record is pretty clear.

That's debatable, but I do believe Fernando isn't wrong, from our own 
RSA pre-dating a LOT of the current outrage and unhappiness and debate 
and court proceedings etc etc .... so this may throw further fuel, but 
let's state for the record what's in the contracts around the points of 
contention I can think of right now.  Please keep in mind I'm not a 
lawyer, so the usual caveats and disclaimers apply here.  This is my own 
layman's reading of the relevant sections.

*Leasing of IP space*:

"4. Conditions of service
(c) Applicant's use of the services
The Applicant hereby irrevocably:
(i) Commits itself to using the services solely for the purpose for 
which it was requested."

Since leasing of IP space was never a legitimate purpose for requesting 
resources, the above in my humble opinion irrevocably precludes leasing 
of resources as a legitimate use, and anyone leasing IP space should 
technically return that space to AFRINIC for re-distribution, sell it, 
or simply not use it, but that goes against other points of both the RSA 
and the CPM which I *recall* but don't intend to dig up right now which 
from memory boils down to any resources that you're not actively using, 
or can't reasonably use within a 12-month (if I recall correctly) period 
must be returned to AFRINIC.  This also implies that if you BUY 
resources from another afrinic member you should be in a position to 
reasonably use that within 12 months or you're just going to be the one 
having to return it.  Regardless 6(d)(iv) transfer of the number 
resources is strictly prohibited ... but this has changed with more 
recent policies.

*Enforcing of new rules retrospectively*:

1 Preamble
(b) AFRINIC, in the light of the foregoing, reserves itself the right to 
amend this agreement partially or otherwise where it is so mandated by 
its Board after giving notice to its members.

Such amendment(s) where effected, will take effect after the lapse of 30 
days following its/their posting on its website and to the members 
mailing list.

As such, things *can* be fixed retroactively.  But it also permits abuse 
of power, so it's a powerful clause that could potentially be abused by 
those in the Board specifically (Afrinic does NOT have the power to 
unilaterally change the agreement unless mandated by the board - is my 
reading of the above).

*In region vs out-of-region use*:

"1 Preamble
(a) AFRINIC, the African Network Information Center is the regional 
Internet registry for Africa and the Indian Ocean region and is:
(i) the entity accredited by ICANN under the ICP-2 policy 2 (Resolution 
05.25 of May 2005) to assign Internet number resources *within* the region;"

This is a bit more sticky ... the intent seems to be to state that 
resources are for use in the region, but it is unclear if the entity 
merely needs to be head quartered in the region, or has to use the 
resources in the region.  Lawyers will likely have a field day (decade) 
based on this one.

Combining this with sections from the CPM (emphasis added):

"4.0 Internet Number Resources are distributed in a hierarchical 
structure in which IANA (The Internet Assigned Numbers Authority) 
allocates blocks of number resources *to AFRINIC*, to be redistributed 
*throughout the African region*. AFRINIC redistributes to its members 
and also delegates to them the authority to make assignments and 
*sub-allocations to customers* where appropriate and *in accordance with 
the policies and procedures described in this document*."

So the resources has to be distributed throughout the *African* region, 
not the world or other regions, and the customers (members) of AFRINIC 
then does the same, bound by the same policies (ie, also throughout the 
African region).

So I do agree that there is reason for debate as to historice in-region 
vs out-of-region use, but to me it's clear that the intent was at least 
for "primarily used in the african region". Will have to let the lawyers 
have at this one ... there is definitely ambiguity so let's hope that 
the plain and obvious *intent* wins out.

On the other hand ... I think it's time to let IPv4 burn and those not 
ready for v6 will eventually get disconnected from the rest of us who 
are ready.

Kind regards,
Jaco


>
> Owen
>
>>
>>>
>>>
>>>
>>> On Fri, Oct 24, 2025 at 4:39 PM Fernando Frediani 
>>> <fhfrediani at gmail.com> wrote:
>>>
>>>
>>>     On Fri, 24 Oct 2025, 10:18 Andrew Alston,
>>>     <aa at alstonnetworks.net> wrote:
>>>
>>>
>>>         With regards to space being used out of region - that's
>>>         extremely difficult to actually know - because the BGP table
>>>         has no knowledge of geography :)
>>>
>>>
>>>     I wouldn't say it is trivial but with geolocation data plus some
>>>     traveroutes and latency check it is not extremelly dificult to
>>>     find out.
>>>
>>>     With some intended work that can be found out and further
>>>     investigate to give AfriNic all necessary information.
>>>
>>>     Fernanso
>>>
>>>
>>>         On Fri, Oct 24, 2025 at 4:11 PM Fernando Frediani
>>>         <fhfrediani at gmail.com> wrote:
>>>
>>>             Yes there are legitimate cases, but when this happens it
>>>             may be a signal
>>>             of alert. The point is to find two things: 1) If the ASN
>>>             announcing it
>>>             doesn't have any relation to the resource holder and 2)
>>>             If resources are
>>>             being used out of the region (the worst).
>>>             For the case of parent/sub-company ideally resources
>>>             should be
>>>             transferred among companies using them in reality then.
>>>
>>>             Fernando
>>>
>>>             On 10/24/2025 7:45 AM, Andrew Alston wrote:
>>>             > Hi All,
>>>             >
>>>             > While I haven't got around to publishing the code
>>>             behind this - mainly
>>>             > because it by necessity exposes certain data and
>>>             requires a BGP dump
>>>             > from a juniper router which is hundreds of megs big,
>>>             I've attached the
>>>             > output of the code I wrote.
>>>             >
>>>             > One caveat with this data - There is nothing
>>>             inherently wrong with
>>>             > space allocated to an organisation being announced by
>>>             a non-AfriNIC
>>>             > ASN, there are many legitimate cases and reasons
>>>             behind this.  The
>>>             > same thing happens when space is allocated to one
>>>             organisation but
>>>             > announced by another, and this can happen when a
>>>             sub-company of a
>>>             > parent company is announcing space from their own ASN
>>>             when the space
>>>             > was originally allocated to the parent. As such, when
>>>             reading this
>>>             > data, it's important to understand that the
>>>             abnormalities detected do
>>>             > not necessarily indicate anything nefarious - and this
>>>             data should not
>>>             > be seen as accusations of malfeasance against anyone.
>>>             >
>>>             > Let's see if the lists let this post through!
>>>             >
>>>             > Thanks
>>>             >
>>>             > Andrew
>>>             >
>>>             >
>>>             > _______________________________________________
>>>             > RPD mailing list
>>>             > RPD at afrinic.net
>>>             > https://lists.afrinic.net/mailman/listinfo/rpd
>>>
>>>             _______________________________________________
>>>             RPD mailing list
>>>             RPD at afrinic.net
>>>             https://lists.afrinic.net/mailman/listinfo/rpd
>>>
>> _______________________________________________
>> RPD mailing list
>> RPD at afrinic.net
>> https://lists.afrinic.net/mailman/listinfo/rpd
>
> _______________________________________________
> RPD mailing list
> RPD at afrinic.net
> https://lists.afrinic.net/mailman/listinfo/rpd
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.afrinic.net/pipermail/rpd/attachments/20251025/5c89b3fa/attachment-0001.html>

More information about the RPD mailing list