[lacnog] El proceso para crear ROAs en todos los RIRs

[Carlos Martinez-Cagnazzo]

Thanks Job,

I believe there is a sweet spot somewhere. If you run a really large 
org, I believe operationally it make sense to run your own CA. You may 
run into things like the need to run transfers, move space from one 
service to the other and you will feel more at home running something 
you can deeply integrate with your automation platforms.

If you run a small org, you are definitely better off on hosted.

/Carlos

On 23/9/25 12:24 PM, Job Snijders wrote:
> Hello,
>
> I personally believe it is better for everyone when the hosted model 
> is used. In practise, the hosted model seems more reliable, and far 
> less expensive to operate.
>
> The one delegated client that LACNIC has, unfortunately does not run a 
> 100% optimal repository service and this is inefficiency experienced 
> by all validator instances globally. The more delegated repositories 
> exist… the more potential for inefficiencies.
>
> Obviously, for 5-10 organisations (the RIRs and NIRs) to develop deep 
> and thorough understanding of the inner workings of RPKI and how 
> efficient publication is done, is more feasible than hundreds of 
> organisations having to develop this knowledge in-house.
>
> If you operate everything yourself you also need to build monitoring 
> for everything, and do continuous compatibility testing with a wide 
> range of validators before and after upgrades, etc etc… it’s cheaper 
> and better to just outsource ROA creation to LACNIC
>
> Kind regards,
>
> Job
>
> _______________________________________________
> LACNOG mailing list
> LACNOG en lacnic.net
> https://mail.lacnic.net/mailman/listinfo/lacnog
> Cancelar suscripcion: https://mail.lacnic.net/mailman/options/lacnog