Two sessions of the November 12th MANRS Community Meeting featured presentations on barriers to RPKI adoption, BGPWatch, ASINT Tool, the MANRS+ testbed, discussions on the initiative’s growth and achievements to date, and its plans for 2026 and beyond as we continue to work as a community to improve routing security across the Internet.
Here we recap both sessions, East and West. View the agendas, slide decks, and video recordings here to learn more.
2025 Highlights
This year has been another busy one for routing security. We’ve held two Community Meetings, two webinars, and five Steering Committee meetings (with one more coming this year), held two voting processes, and visited 20 countries (some virtually) across all RIR regions.
In the last two years, MANRS has had:
- +19.6% – growth in MANRS participants, reaching 1,293 as of today
- +10% – average growth each year
- -53% – reduction in routing security incidents
- +22% – increase in valid RPKIs
- +15% – growth in social media followers
This year, we formalized the MANRS Development Process (MDP) to ensure that changes to the MANRS initiative are guided by a structured, transparent, and inclusive approach. This process was designed to provide clarity on how MANRS evolves, ensuring that all stakeholders have a voice in shaping the initiative. It also establishes a document series, providing stable references to MANRS specifications – from normative requirements, such as MANRS Actions, to informational documents, such as Implementation Guides.
After open discussion, refinement, and last call, the MANRS Development Process was formally ratified by the MANRS Steering Committee on April 4, 2025.
We also updated the MANRS Charter to reflect today’s community. Updates include better defining the governance structure, establishing roles and responsibilities in community activities, the MDP, and updating auditing and participation guidelines.
Plans for 2026
Looking ahead, MANRS will focus on:
- Standardization and transparency: We will apply the MANRS Development Process to all MANRS documents across all programs to provide consistent labeling and allow for stable references to specifications.
- Geographical representation: We will introduce a new version of the ‘MANRS Champions’ program that brings together routing security experts across the globe to promote MANRS to new audiences. Additionally, GCA will continue its outreach and advocacy efforts with local and regional operator groups.
- Supply chain protection: As the MANRS+ Working Group continues its work to enhance the business case for MANRS and increase customer demand for routing security, we are considering the idea of creating a new MANRS for Enterprises program focused on enterprise-specific requirements that ensure the integrity of their connectivity supply chain.
- Financial sustainability: While MANRS participation is free, running the community is not. We have introduced MANRS Sponsorships to ensure the financial sustainability of the initiative, with tiers that range from $1,500 to $250,000 annually.
Technical Presentations
BGPWatch Project
Changqing An, from China Education and Research Network (CERNET), demonstrated BGPWatch, a new tool for monitoring routing paths and prefix anomalies, showing how operators can track prefix changes, analyze routing paths, and monitor advertising behavior across their networks. The tool provides detailed information about prefix distribution, routing paths, and anomaly detection, with features for exporting data and configuring custom monitoring settings. BGPWatch uses multiple data sources, including RPKI and machine learning, to detect prefix leaks. This work has been jointly developed by researchers and engineers from 19 economies and funded by the APNIC Foundation and the Chinese government.
Barriers to RPKI Adoption
RPKI Updates
Sofía Silva Berenguer, from the Number Resource Organization (NRO), discussed the RPKI program’s new resources, including a formal specification for Trust Anchor constraints and a roadmap for core RPKI services and features across RIRs. She also presented a new page on the NRO website that simplifies the process of creating ROAs through different RIR portals.
Challenges in RPKI Adoption
Cecilia Testart, from the Georgia Institute of Technology (Georgia Tech), presented findings from her research on RPKI adoption, combining qualitative interviews with network operators and quantitative measurements.
She highlighted that RIRs play a crucial role in each of these areas and discussed the challenges organizations face in implementing and maintaining RPKI, including record keeping issues and the need for cross-domain expertise.
Research found that 27.2% of IPv4 prefixes are not covered by RPKI due to barriers including legacy space, organizational decisions, and lack of awareness. Cecilia introduced a framework for issuing ROAs and shared a publicly available dashboard called RU-RPKI-Ready, which provides data to inform ROA planning. The research concluded that increasing RPKI adoption requires more awareness and training, improved software tools, and community knowledge sharing to overcome the complexities of implementation.
ROA Planning and Management Insights
Steve Wallace, from Internet2, presented ROA Planner, developed by Internet2 and CAIDA, to assist organizations in planning their ROAs. He highlighted its ability to analyze routing history and IRR route objects to determine necessary ROAs. The tool is experimental and aims to help organizations, particularly those with complex needs, create appropriate ROAs.
Security Compliance Testing in MANRS+
Lisa Bruder & Moritz Müller, from SIDN Labs, presented their feasibility study for measuring security compliance tests in the MANRS+ testbed. They discussed four key controls: route origin validation, prefix filtering, customer filtering, and bogon filtering, which they tested in a local prototype using ContainerLab and Bird software routers. The team demonstrated how they could automate tests to measure these controls, highlighting the necessary components for Internet testing, including two MANRS+ ASes and measurement infrastructure software.
Moritz presented on SIDN’s testbed work for RPKI and IRR information propagation, noting that while immediate updates are possible in a test environment, real-world propagation can take hours. They discussed the need to test multiple connectivity service providers (CSPs) in the future and emphasized the importance of observing announcements before path selection.
The team recommended withdrawing test prefixes promptly and using BGP Communities to control propagation. They also suggested documenting test resources to inform the broader community. The next steps involve running tests with public prefixes and ASes, considering the limitations of their current testbed. Moritz invited feedback on potential deployment challenges and expressed interest in the tool’s potential use for other scenarios, such as education.
ASINT Tool
Tijay Chung, from Virginia Tech, presented the ASINT Tool, which relies on using LLM-powered metadata analysis mechanisms for precise AS-to-organization mapping, highlighting its applications in RPKI misconfiguration detection and BGP hijacking. The presenter discussed the limitations of current methods and introduced a new pipeline using LLM for more accurate organization relationships. Participants were encouraged to provide feedback and test the tool for improvements.
Community Forum Discussion
The community discussions at the end of each meeting touched on many interesting topics that are difficult to summarize, including (1) the functionality and limitations of the Routing Information Service (RIS), (2) filtering outdated route objects, and (3) the challenges of using ROAs when scrubbing service providers are used for DDoS attack mitigation.
We encourage you to watch the videos of each session and continue the conversation via the MANRS-community mailing list.
Moving Into 2026
The momentum across the MANRS community is unmistakable, and 2026 promises to be even better. With new standardization, expanded global engagement, strengthened supply-chain efforts, and a growing commitment to sustainability, the coming year will build on everything this community has worked so hard to achieve.
Routing security improves fastest when more people join the effort. As you reflect on the progress we’ve made together, we invite you to bring your peers, customers, partners, and friends into the MANRS community. Their participation, like yours, helps create a safer, more resilient Internet for everyone. Point them here to join us!
The post Recap: 2nd MANRS Community Meeting 2025 appeared first on MANRS.