On 17 June, the MANRS community came together for its first community meeting of the year, run twice across time zones so participants everywhere could join at a reasonable hour. Nick Hilliard (INEX) chaired the East Session and Douglas Fischer (NZM / Binário) the West Session, both opening with thanks to the Secretariat run by the Global Cyber Alliance, whose quiet, steady work keeps the initiative moving. The first half of each session — Updates from the Secretariat — was identical; the second half — Insights into Routing Security — differed by region. Here is what was covered.
A foundation for change: the MANRS Development Process
Andrei Robachevsky (Global Cyber Alliance) opened by walking through a piece of work that he cheerfully admitted sounds dry, but that matters enormously. Over the past year the community adopted the MANRS Development Process (MDP), a formal, documented process describing how MANRS specifications are created and updated. With it, every specification has been renamed and restructured into a single, versioned library. The benefits are transparency (anyone can trace how a document evolved), stability (durable references that survive updates), and consistency (everything now looks like a proper specification rather than a scattered set of web pages). Crucially, it gives MANRS a clean baseline from which to review its programs.
Scoping a review of the Network Operators Program
With that foundation in place, the Secretariat asked the community where the review effort should go. A high-level survey — deliberately a scoping exercise, not a review of the Actions themselves — drew responses from mostly experienced MANRS participants. The survey found that the MANRS Actions are broadly fit for purpose, with no appetite for a major overhaul of scope. Half of respondents ranked the Network Operators Program as the top priority, followed by the IXP Program, and asked for greater precision and clarity and stronger auditing rather than a higher bar. Andrei reminded everyone that MANRS is intentionally a minimum baseline, not a best-current-practice club for a handful of leaders.
The point is breadth of adoption: if most networks implemented this baseline, routing security incidents would fall significantly. The review is now underway under the MDP, with a working group of more than 20 experts co-chaired by Andrew Gallo (Community) and Andrei Robachevsky (Secretariat), a tightly scoped charter, and a draft targeted for community review by the end of Q3.
Opening a new front: MANRS for Enterprises
Andrei then introduced what could become a fifth MANRS program. Building on the earlier MANRS+ control matrix — which sets out what enterprises should require from connectivity, cloud, and CDN providers — the new effort turns to the demand side. Enterprises outside telecom rarely see routing as their concern; it is seldom covered in risk assessments, SLAs, or vendor frameworks. Yet research on top Fortune 500 companies in finance, health, and automotive showed RPKI ROA coverage largely lagging.
Routing security is supply-chain security, a dependency that must be governed, audited, and enforced like any other. As Nick noted in the East session, regulations such as DORA, NIS2, and the Critical Entities Directive increasingly pull suppliers into scope, so if the industry does not define good standards, someone else will. The Secretariat is now inviting senior security, network, and risk practitioners — especially outside telecom — to help shape practical, auditable enterprise requirements. To get involved, write to [email protected].
MANRS by the numbers
Alejandro Fernández-Cernuda (Global Cyber Alliance) ran through the engagement picture. MANRS has grown from 13 network operators in 2014 to more than 1,300 participants today — a hundredfold increase — and almost 24% since GCA took over the Secretariat in 2024. Growth is genuinely global, led by Brazil and the United States with strong European uptake, and every RIR region has been covered each year, with MANRS presented in 36 countries since 2024.
Monthly growth has flattened, however, prompting a shift from organic to planned growth: a smoother new Observatory, deeper community participation through the MDP and elections, new audiences via MANRS Enterprise, closer ties to GCA’s wider Internet Integrity work, a revived Ambassadors Program piloting in Mexico, and a sponsorship campaign to keep MANRS free and sustainable.
The new MANRS Observatory
The headline was the rebuilt MANRS Observatory, presented by Scott Enock in the East Session and Robert Thomas in the West, both representing GCA’s engineering team. Initially launched in 2019 by then-secretariat Internet Society, the MANRS Observatory has been rebuilt from the ground up — faster, cheaper to run, and far easier to extend. Familiar pages remain, now with crisper global readiness breakdowns, comparison views across economies, and per-ASN drill-downs.
The participant application and ticketing process has been folded directly into the platform with automated checks, already clearing backlog tickets in days rather than weeks. A new v2 API (with v1 still supported for now), expanded documentation, an FAQ, and forthcoming Go and Python SDKs round out the release. The team’s priority now is acting on participant feedback. Contact us if you have any questions, concerns, or bugs we can address.
Insights into Routing Security
In the East Session, Yolandi Cloete (DE-CIX) introduced the Interconnection Academy, a free, fully online, on-demand learning platform founded in 2021 with Pompeu Fabra University (UPF) in Barcelona. It aims to make the interconnection ecosystem understandable for non-technical newcomers too, offering microlearning, deep-dive modules, and forthcoming career paths. With around 629 users across 47 countries, it collaborates with partners including the Internet Society, RIPE NCC, and Global Cyber Alliance, whose MANRS module helps learners begin their routing-security journey.
In the West Session, three talks went deep on measurement and tooling.
- Tijay Chung (Virginia Tech) shared new techniques for measuring ROV deployment and ASPA validation, finding that adoption is real but skewed toward large providers.
- Nicolás Fiumarelli (ISOC / IGF) argued that routing security is now mandatory, not optional, and surveyed the road to post-quantum RPKI and ASPA.
- Steve Wallace (Internet2) demonstrated the rootbeer.internet2.edu family of planners for ROAs, AS-SETs, and ASPA.
Our thanks to every speaker and participant. We look forward to seeing you at the next meeting later this year.
Watch the video recordings and join MANRS
If you missed the meeting—or want to revisit any of the discussions—we encourage you to watch the session recordings below and explore the presentations.
MANRS is built on the expertise and commitment of network operators, researchers, policymakers, and Internet stakeholders working together to strengthen the resilience and security of the global routing system. If you’re already part of the community, help us grow the movement by sharing MANRS with your colleagues and peers. And if your organization has not yet joined, now is the time to get involved and contribute to a safer, more resilient Internet for everyone.
Follow us on LinkedIn, Facebook, Bluesky, or X to keep up with the latest.
MANRS East
MANRS West
The post Highlights from the First MANRS Community Meeting of 2026 appeared first on MANRS.
