Internet2’s Steven Wallace Shares Tools to Simplify RPKI Adoption During ARIN 57 Keynote

Estimated reading time: 3 minutes

Demystifying Routing Security for the Research and Education Community

Routing security helps defend networks against evolving threats, but adopting critical protections can be complex and operationally intensive. What if there were tools designed to demystify Resource Public Key Infrastructure (RPKI) and make implementation more approachable?

Steven Wallace, director of routing integrity at Internet2, recently delivered a keynote address at ARIN 57 on Demystifying RPKI: Exploring Tools to Simplify ROA Planning and Visualize Validation. In the session, he shared the latest developments from the Routing Operations Observational Technology: Building to Enable Education and Research (ROOTBEER) project, an NSF-funded collaboration between UC San Diego’s Center for Applied Internet Data Analysis (CAIDA) and Internet2.

Steven Wallace presenting at Arin 57. — *Photo Credit: ARIN*

“Internet2 and CAIDA have joined together to work on a project to improve routing security, principally for the global research and education ecosystem,” Wallace said. “We’re building a whole set of tools that we’ll roll out over the next two years.”

New Tools to Streamline RPKI Adoption

Wallace introduced two tools, currently in beta and developed through the ROOTBEER project, that are designed to reduce the friction that often slows the research and education (R&E) community’s adoption of RPKI Route Origin Authorization (ROA):

RPKI-ROA Planner— Simplifies planning and reduces misconfiguration risks by generating candidate ROAs based on Internet2 Route Registry (IRR) data, currently observed routes, and historical routing data. Operators can then select applicable routes, with guidance on what ROAs to create and the safest order to create them.

RPKI-ROA Visualizer— Provides a visual guide for understanding how RPKI Route Origin Validation (ROV) functions within BGP, including route and subnet coverage, and how validation outcomes are determined.

Together, these tools aim to make routing security more approachable and actionable, especially for R&E institutions that may only configure ROAs on occasion.

Built for U.S. R&E, Aligned with National Priorities and Global Impact

The ROOTBEER project is grounded in real-world engagement with the U.S. R&E community, ensuring the tools reflect operational needs and constraints. At the same time, the use cases and value could extend to the global R&E community and beyond, helping create a safer internet for all. This ongoing priority of the Internet2 Routing Integrity Initiative also supports U.S. national cybersecurity priorities, including those outlined in the White House Office of the National Cyber Director’s Roadmap to Enhancing Internet Routing Security.

“Internet2 and CAIDA have joined together to work on a project to improve routingsecurity, principally for the global research and education ecosystem,” Wallace added. “But some of the tools that we’ve developed can be useful beyond that, essentially to any network operator that wants to make RPKI objects.”

Watch the Keynote Recording

Hear Attendee Reactions and Questions

ROOTBEER is supported by the NSF (award no. OAC-2530871). The project runs from October 1, 2025, through September 30, 2028.

ICYMI

From Measurement to Mitigation: CAIDA and Internet2 Collaborate to Strengthen R&E Routing Security

< Back to Internet2 News

View All Internet2 Services

Featured Services

View All Featured Services

NET+ Cloud Services

View All NET+ Cloud Services

Network Services

View All Network Services

InCommon Services