{"id":31149,"date":"2025-09-26T14:29:20","date_gmt":"2025-09-26T14:29:20","guid":{"rendered":"https:\/\/blog.lacnic.net\/?p=31149"},"modified":"2025-09-26T14:29:21","modified_gmt":"2025-09-26T14:29:21","slug":"rpki-best-practices","status":"publish","type":"post","link":"https:\/\/blog.lacnic.net\/en\/rpki-best-practices\/","title":{"rendered":"RPKI best practices and lessons learned"},"content":{"rendered":"\n<p>By <a href=\"https:\/\/blog.lacnic.net\/en\/author\/sofia-silva-berenguer\/\">Sofia Silva Berenguer<\/a><\/p>\n\n\n\n<p>This document describes Resource Public Key Infrastructure (RPKI) related best practices and lessons learned. It provides general recommendations aimed at supporting the implementation and operation of RPKI in diverse environments.<\/p>\n\n\n\n<p>These insights are drawn from practical experience and collaborative discussions but are not intended to be prescriptive. Operators and stakeholders should adapt the guidance according to their specific technical, organizational, and policy contexts.<\/p>\n\n\n\n<p>The recommendations presented here should be viewed as a starting point for informed decision making rather than a definitive or one-size-fits-all approach.<\/p>\n\n\n<section class=\"acf-view acf-view--id--21788 acf-view--object-id--31149\"><div class=\"acf-view__texto_fijo acf-view__row\"><div class=\"acf-view__texto_fijo-field acf-view__field\"><div class=\"acf-view__texto_fijo-choice acf-view__choice\">Additional reading:<\/div><\/div><\/div><div class=\"acf-view__link acf-view__row\"><div class=\"acf-view__link-field acf-view__field\"><a target=\"_self\" class=\"acf-view__link-link acf-view__link\" href=\"https:\/\/blog.lacnic.net\/en\/rpki-program\/\">Advancing RPKI: NRO RPKI Program in 2025 for trust, transparency, and user experience<\/a><\/div><\/div><\/section>\n\n\n<h2 class=\"wp-block-heading\"><strong>Best practices for ROA creation<\/strong><\/h2>\n\n\n\n<p><strong>Just about to enable RPKI for your organization and wondering whether you should select hosted mode or delegated mode?<\/strong><\/p>\n\n\n\n<p>If you\u2019re just getting started with RPKI,&nbsp;<a href=\"https:\/\/www.arin.net\/resources\/manage\/rpki\/faq\/#which-rpki-model-is-right-for-me\" target=\"_blank\" rel=\"noreferrer noopener\">use hosted RPKI<\/a>.<\/p>\n\n\n\n<p><strong>Using delegated mode?<\/strong><\/p>\n\n\n\n<p>If you are using the delegated mode (sometimes called self-hosted), it is highly recommended to use an RPKI publication server&nbsp;<a href=\"https:\/\/www.arin.net\/resources\/manage\/rpki\/delegated\/#what-is-delegated-rpki\" target=\"_blank\" rel=\"noreferrer noopener\">provided by your parent Certification Authority (CA)<\/a>, if available, to simplify operations.<\/p>\n\n\n\n<p>Note: Publication as a service is available to Members of ARIN, APNIC and the RIPE NCC.<\/p>\n\n\n\n<p><strong>What prefixes should I create Route Origin Authorizations (ROAs) for?<\/strong><\/p>\n\n\n\n<p>Ideally, you should create ROAs that exactly match what you are announcing in the Border Gateway Protocol (BGP) and nothing more (see the&nbsp;<a href=\"https:\/\/www.arin.net\/resources\/manage\/rpki\/faq\/#what-best-practices-does-arin-suggest-for-rpki-management\" target=\"_blank\" rel=\"noreferrer noopener\">ARIN RPKI FAQ<\/a>,&nbsp;<a href=\"https:\/\/www.ripe.net\/publications\/docs\/ripe-706\/\" target=\"_blank\" rel=\"noreferrer noopener\">RIPE MANRS Implementation Guide<\/a>, and&nbsp;<a href=\"https:\/\/academy.apnic.net\/en\/webinar-courses\/rpki-deployment\" target=\"_blank\" rel=\"noreferrer noopener\">APNIC Academy RPKI Deployment training<\/a>).<\/p>\n\n\n\n<p>However, there may be circumstances in which it is necessary to create ROAs for space that is not currently visible on the BGP. For instance, black-holing services for mitigation of Distributed Denial of Service (DDoS) attacks may require the creation of specific ROAs that may not match what you are announcing in the BGP.<\/p>\n\n\n\n<p><strong>What value should I enter in the maxLength field?<\/strong><\/p>\n\n\n\n<p>maxLength is an optional field in a ROA that represents the maximum length of the IP prefix that the origin Autonomous System (AS) is authorized to advertise.<\/p>\n\n\n\n<p>Ideally, you should use a maxLength value that will make the ROA being created cover the prefixes announced in the BGP and nothing more. The use of maxLength is considered harmful if you don\u2019t also announce&nbsp;<a href=\"https:\/\/www.ripe.net\/manage-ips-and-asns\/resource-management\/rpki\/resource-certification-roa-management\/#bgp-announcements-and-route-origin-authorizations-roas\" target=\"_blank\" rel=\"noreferrer noopener\">each most specific prefix thus allowed<\/a>. Liberal use of maxLength in ROAs exposes you to&nbsp;<a href=\"https:\/\/www.arin.net\/resources\/manage\/rpki\/faq\/\" target=\"_blank\" rel=\"noreferrer noopener\">a forged-origin sub-prefix hijack<\/a>.<\/p>\n\n\n\n<p>See&nbsp;<a href=\"https:\/\/datatracker.ietf.org\/doc\/rfc9319\/\" target=\"_blank\" rel=\"noreferrer noopener\">RFC 9319<\/a>&nbsp;for more information on the use of maxLength.<\/p>\n\n\n\n<p><strong>How should I create ROAs for overlapping prefixes?<\/strong><\/p>\n\n\n\n<p>If you are announcing overlapping prefixes in the BGP, you should create ROAs for the most specific prefixes first, and&nbsp;<a href=\"https:\/\/www.arin.net\/resources\/manage\/rpki\/faq\/#what-best-practices-does-arin-suggest-for-rpki-management\" target=\"_blank\" rel=\"noreferrer noopener\">work back to your aggregates<\/a>.<\/p>\n\n\n\n<p><strong>My organization does not have a public AS Number (ASN). Our prefixes are originated by our upstream provider<\/strong>.<\/p>\n\n\n\n<p>If your prefixes are originated by your upstream provider, you can use hosted RPKI services and create ROAs&nbsp;<a href=\"https:\/\/www.arin.net\/resources\/manage\/rpki\/faq\/#what-if-our-organization-doesn-t-have-a-public-asn-assigned\" target=\"_blank\" rel=\"noreferrer noopener\">using your upstream provider\u2019s ASN<\/a>&nbsp;as the Origin AS.<\/p>\n\n\n\n<p><strong>How do I verify the impact of the ROA I just created?<\/strong><\/p>\n\n\n\n<p>After creating a ROA, it is recommended to verify that your prefixes have been properly signed and that no BGP routes have been invalidated. To do this, use a validator, NTT monitor, BGPmon,&nbsp;<a href=\"https:\/\/milacnic.lacnic.net\/lacnic\/rpki\/state\" target=\"_blank\" rel=\"noreferrer noopener\">LACNIC\u2019s origin validation tool<\/a>, or equivalent tool (see&nbsp;<a href=\"https:\/\/academy.apnic.net\/en\/webinar-courses\/rpki-deployment\" target=\"_blank\" rel=\"noreferrer noopener\">APNIC Academy RPKI Deployment training<\/a>&nbsp;and the&nbsp;<a href=\"https:\/\/www.lacnic.net\/1151\/2\/lacnic\/resource-public-key-infrastructure-rpki-faq\" target=\"_blank\" rel=\"noreferrer noopener\">LACNIC RPKI FAQ<\/a>).<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Best practices for deploying ROV<\/strong><\/h2>\n\n\n\n<p><strong>How should I approach the deployment of Route Origin Validation<\/strong>&nbsp;(<strong>ROV) in my network?<\/strong><\/p>\n\n\n\n<p>If you are just getting started with ROV, you can begin cautiously by monitoring route validity statuses. Validate the BGP announcements from your customers&nbsp;<a href=\"https:\/\/www.ripe.net\/publications\/docs\/ripe-706\/\" target=\"_blank\" rel=\"noreferrer noopener\">against RPKI ROAs<\/a>.<\/p>\n\n\n\n<p>You can then start tagging BGP announcements, optionally modifying preference values, and start communicating to your customers that you will soon begin dropping invalid BGP announcements. Once you are confident enough about your set-up, you&nbsp;<a href=\"https:\/\/academy.apnic.net\/en\/webinar-courses\/rpki-deployment\" target=\"_blank\" rel=\"noreferrer noopener\">can start dropping invalids<\/a>.<\/p>\n\n\n\n<p><strong>It\u2019s recommended to use multiple RPKI validators<\/strong>.<\/p>\n\n\n\n<p>All routers that support ROV allow you to specify multiple RPKI validators for redundancy. It is recommended that you run multiple instances, preferably from independent publishers and on separate subnets. This way you rely on multiple caches (see&nbsp;<a href=\"https:\/\/academy.apnic.net\/en\/webinar-courses\/rpki-deployment\" target=\"_blank\" rel=\"noreferrer noopener\">APNIC Academy RPKI Deployment training<\/a>, and the&nbsp;<a href=\"https:\/\/rpki.readthedocs.io\/en\/latest\/about\/faq.html#what-if-the-validator-i-use-crashes-and-my-router-stops-getting-a-feed-what-will-happen-to-the-prefixes-i-learn-over-bgp\" target=\"_blank\" rel=\"noreferrer noopener\">RPKI FAQ on ReadTheDocs<\/a>).<\/p>\n\n\n\n<p><strong>AS0 ROAs for unallocated space<\/strong>.<\/p>\n\n\n\n<p>Some Regional Internet Registers (RIRs) have AS0 Trust Anchors (TAs) for unallocated space (APNIC and LACNIC as of July 2025). It is strongly recommended that these TAs are used for advisory and\/or alerting purposes only, and not for automatic filtering,&nbsp;<a href=\"https:\/\/www.apnic.net\/community\/security\/resource-certification\/apnic-limitations-of-liability-for-rpki-2\/\" target=\"_blank\" rel=\"noreferrer noopener\">due to potential risks<\/a>.<\/p>\n\n\n\n<p>See&nbsp;<a href=\"https:\/\/datatracker.ietf.org\/doc\/html\/rfc7115\" target=\"_blank\" rel=\"noreferrer noopener\">RFC 7115<\/a>&nbsp;for more information about how to deploy and operate ROV.<\/p>\n\n\n\n<p><strong>Share your feedback<\/strong><\/p>\n\n\n\n<p>The RPKI best practices and lessons learned described in this document have been consolidated from different sources. We welcome input from the technical community to help improve the relevance and clarity of this document. If you have any comments, questions, or suggestions, please don\u2019t hesitate to get in touch. You can share your feedback by emailing us at&nbsp;<a href=\"mailto:rpki_program@nro.net\">rpki_program [at] nro.net<\/a><\/p>\n\n\n\n<p>Your contributions are valuable and will help ensure that future updates reflect a broad range of operational perspectives and evolving best practices.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>By Sofia Silva Berenguer This document describes Resource Public Key Infrastructure (RPKI) related best practices and lessons learned. It provides general recommendations aimed at supporting the implementation and operation of RPKI in diverse environments. These insights are drawn from practical experience and collaborative discussions but are not intended to be prescriptive. Operators and stakeholders should [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":31145,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"enabled":false},"version":2}},"categories":[919],"tags":[1280],"archivo":[],"taxonomy-authors":[1470],"tipo_autor":[],"class_list":["post-31149","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-routing","tag-routing","taxonomy-authors-sofia-silva-berenguer-en"],"acf":{"author":"","related_notes":[30698]},"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>LACNIC Blog | RPKI best practices and lessons learned<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/blog.lacnic.net\/en\/rpki-best-practices\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"LACNIC Blog | RPKI best practices and lessons learned\" \/>\n<meta property=\"og:description\" content=\"By Sofia Silva Berenguer This document describes Resource Public Key Infrastructure (RPKI) related best practices and lessons learned. It provides general recommendations aimed at supporting the implementation and operation of RPKI in diverse environments. These insights are drawn from practical experience and collaborative discussions but are not intended to be prescriptive. Operators and stakeholders should [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/blog.lacnic.net\/en\/rpki-best-practices\/\" \/>\n<meta property=\"og:site_name\" content=\"LACNIC Blog\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/facebook.com\/lacnic\" \/>\n<meta property=\"article:published_time\" content=\"2025-09-26T14:29:20+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-09-26T14:29:21+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/blog.lacnic.net\/wp-content\/uploads\/2025\/09\/rpki2692025-1024x576.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1024\" \/>\n\t<meta property=\"og:image:height\" content=\"576\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Mart\u00edn\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@lacnic\" \/>\n<meta name=\"twitter:site\" content=\"@lacnic\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/blog.lacnic.net\/en\/rpki-best-practices\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/blog.lacnic.net\/en\/rpki-best-practices\/\"},\"author\":{\"name\":\"Mart\u00edn\",\"@id\":\"https:\/\/blog.lacnic.net\/#\/schema\/person\/3f3117e292d71f4166f765368b0760dc\"},\"headline\":\"RPKI best practices and lessons learned\",\"datePublished\":\"2025-09-26T14:29:20+00:00\",\"dateModified\":\"2025-09-26T14:29:21+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/blog.lacnic.net\/en\/rpki-best-practices\/\"},\"wordCount\":848,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/blog.lacnic.net\/#organization\"},\"image\":{\"@id\":\"https:\/\/blog.lacnic.net\/en\/rpki-best-practices\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/blog.lacnic.net\/wp-content\/uploads\/2025\/09\/rpki2692025.jpg\",\"keywords\":[\"Routing\"],\"articleSection\":[\"Routing\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/blog.lacnic.net\/en\/rpki-best-practices\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/blog.lacnic.net\/en\/rpki-best-practices\/\",\"url\":\"https:\/\/blog.lacnic.net\/en\/rpki-best-practices\/\",\"name\":\"LACNIC Blog | RPKI best practices and lessons learned\",\"isPartOf\":{\"@id\":\"https:\/\/blog.lacnic.net\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/blog.lacnic.net\/en\/rpki-best-practices\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/blog.lacnic.net\/en\/rpki-best-practices\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/blog.lacnic.net\/wp-content\/uploads\/2025\/09\/rpki2692025.jpg\",\"datePublished\":\"2025-09-26T14:29:20+00:00\",\"dateModified\":\"2025-09-26T14:29:21+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/blog.lacnic.net\/en\/rpki-best-practices\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/blog.lacnic.net\/en\/rpki-best-practices\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/blog.lacnic.net\/en\/rpki-best-practices\/#primaryimage\",\"url\":\"https:\/\/blog.lacnic.net\/wp-content\/uploads\/2025\/09\/rpki2692025.jpg\",\"contentUrl\":\"https:\/\/blog.lacnic.net\/wp-content\/uploads\/2025\/09\/rpki2692025.jpg\",\"width\":1920,\"height\":1080},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/blog.lacnic.net\/en\/rpki-best-practices\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Portada\",\"item\":\"https:\/\/blog.lacnic.net\/en\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"RPKI best practices and lessons learned\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/blog.lacnic.net\/#website\",\"url\":\"https:\/\/blog.lacnic.net\/\",\"name\":\"LACNIC Blog\",\"description\":\"En el Blog de LACNIC encontrar\u00e1s art\u00edculos t\u00e9cnicos vinculados al desarrollo de Internet en la regi\u00f3n de Am\u00e9rica Latina y el Caribe.\",\"publisher\":{\"@id\":\"https:\/\/blog.lacnic.net\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/blog.lacnic.net\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/blog.lacnic.net\/#organization\",\"name\":\"LACNIC Blog\",\"url\":\"https:\/\/blog.lacnic.net\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/blog.lacnic.net\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/blog.lacnic.net\/wp-content\/uploads\/2023\/03\/lacnic-blog.svg\",\"contentUrl\":\"https:\/\/blog.lacnic.net\/wp-content\/uploads\/2023\/03\/lacnic-blog.svg\",\"caption\":\"LACNIC Blog\"},\"image\":{\"@id\":\"https:\/\/blog.lacnic.net\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/facebook.com\/lacnic\",\"https:\/\/x.com\/lacnic\",\"https:\/\/www.instagram.com\/lacnic\/?hl=es-la\",\"https:\/\/uy.linkedin.com\/company\/lacnic\",\"https:\/\/www.youtube.com\/user\/lacnicstaff\",\"https:\/\/www.lacnic.net\/podcast\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/blog.lacnic.net\/#\/schema\/person\/3f3117e292d71f4166f765368b0760dc\",\"name\":\"Mart\u00edn\",\"description\":\"Especialista en imagen institucional\",\"url\":\"https:\/\/blog.lacnic.net\/en\/author\/sysmartin\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"LACNIC Blog | RPKI best practices and lessons learned","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/blog.lacnic.net\/en\/rpki-best-practices\/","og_locale":"en_US","og_type":"article","og_title":"LACNIC Blog | RPKI best practices and lessons learned","og_description":"By Sofia Silva Berenguer This document describes Resource Public Key Infrastructure (RPKI) related best practices and lessons learned. It provides general recommendations aimed at supporting the implementation and operation of RPKI in diverse environments. These insights are drawn from practical experience and collaborative discussions but are not intended to be prescriptive. Operators and stakeholders should [&hellip;]","og_url":"https:\/\/blog.lacnic.net\/en\/rpki-best-practices\/","og_site_name":"LACNIC Blog","article_publisher":"https:\/\/facebook.com\/lacnic","article_published_time":"2025-09-26T14:29:20+00:00","article_modified_time":"2025-09-26T14:29:21+00:00","og_image":[{"width":1024,"height":576,"url":"https:\/\/blog.lacnic.net\/wp-content\/uploads\/2025\/09\/rpki2692025-1024x576.jpg","type":"image\/jpeg"}],"author":"Mart\u00edn","twitter_card":"summary_large_image","twitter_creator":"@lacnic","twitter_site":"@lacnic","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/blog.lacnic.net\/en\/rpki-best-practices\/#article","isPartOf":{"@id":"https:\/\/blog.lacnic.net\/en\/rpki-best-practices\/"},"author":{"name":"Mart\u00edn","@id":"https:\/\/blog.lacnic.net\/#\/schema\/person\/3f3117e292d71f4166f765368b0760dc"},"headline":"RPKI best practices and lessons learned","datePublished":"2025-09-26T14:29:20+00:00","dateModified":"2025-09-26T14:29:21+00:00","mainEntityOfPage":{"@id":"https:\/\/blog.lacnic.net\/en\/rpki-best-practices\/"},"wordCount":848,"commentCount":0,"publisher":{"@id":"https:\/\/blog.lacnic.net\/#organization"},"image":{"@id":"https:\/\/blog.lacnic.net\/en\/rpki-best-practices\/#primaryimage"},"thumbnailUrl":"https:\/\/blog.lacnic.net\/wp-content\/uploads\/2025\/09\/rpki2692025.jpg","keywords":["Routing"],"articleSection":["Routing"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/blog.lacnic.net\/en\/rpki-best-practices\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/blog.lacnic.net\/en\/rpki-best-practices\/","url":"https:\/\/blog.lacnic.net\/en\/rpki-best-practices\/","name":"LACNIC Blog | RPKI best practices and lessons learned","isPartOf":{"@id":"https:\/\/blog.lacnic.net\/#website"},"primaryImageOfPage":{"@id":"https:\/\/blog.lacnic.net\/en\/rpki-best-practices\/#primaryimage"},"image":{"@id":"https:\/\/blog.lacnic.net\/en\/rpki-best-practices\/#primaryimage"},"thumbnailUrl":"https:\/\/blog.lacnic.net\/wp-content\/uploads\/2025\/09\/rpki2692025.jpg","datePublished":"2025-09-26T14:29:20+00:00","dateModified":"2025-09-26T14:29:21+00:00","breadcrumb":{"@id":"https:\/\/blog.lacnic.net\/en\/rpki-best-practices\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/blog.lacnic.net\/en\/rpki-best-practices\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/blog.lacnic.net\/en\/rpki-best-practices\/#primaryimage","url":"https:\/\/blog.lacnic.net\/wp-content\/uploads\/2025\/09\/rpki2692025.jpg","contentUrl":"https:\/\/blog.lacnic.net\/wp-content\/uploads\/2025\/09\/rpki2692025.jpg","width":1920,"height":1080},{"@type":"BreadcrumbList","@id":"https:\/\/blog.lacnic.net\/en\/rpki-best-practices\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Portada","item":"https:\/\/blog.lacnic.net\/en\/"},{"@type":"ListItem","position":2,"name":"RPKI best practices and lessons learned"}]},{"@type":"WebSite","@id":"https:\/\/blog.lacnic.net\/#website","url":"https:\/\/blog.lacnic.net\/","name":"LACNIC Blog","description":"En el Blog de LACNIC encontrar\u00e1s art\u00edculos t\u00e9cnicos vinculados al desarrollo de Internet en la regi\u00f3n de Am\u00e9rica Latina y el Caribe.","publisher":{"@id":"https:\/\/blog.lacnic.net\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/blog.lacnic.net\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/blog.lacnic.net\/#organization","name":"LACNIC Blog","url":"https:\/\/blog.lacnic.net\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/blog.lacnic.net\/#\/schema\/logo\/image\/","url":"https:\/\/blog.lacnic.net\/wp-content\/uploads\/2023\/03\/lacnic-blog.svg","contentUrl":"https:\/\/blog.lacnic.net\/wp-content\/uploads\/2023\/03\/lacnic-blog.svg","caption":"LACNIC Blog"},"image":{"@id":"https:\/\/blog.lacnic.net\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/facebook.com\/lacnic","https:\/\/x.com\/lacnic","https:\/\/www.instagram.com\/lacnic\/?hl=es-la","https:\/\/uy.linkedin.com\/company\/lacnic","https:\/\/www.youtube.com\/user\/lacnicstaff","https:\/\/www.lacnic.net\/podcast"]},{"@type":"Person","@id":"https:\/\/blog.lacnic.net\/#\/schema\/person\/3f3117e292d71f4166f765368b0760dc","name":"Mart\u00edn","description":"Especialista en imagen institucional","url":"https:\/\/blog.lacnic.net\/en\/author\/sysmartin\/"}]}},"jetpack_publicize_connections":[],"jetpack_featured_media_url":"https:\/\/blog.lacnic.net\/wp-content\/uploads\/2025\/09\/rpki2692025.jpg","jetpack_sharing_enabled":true,"wpml_current_locale":"en_US","wpml_translations":[{"locale":"es_ES","id":31143,"post_title":"Mejores pr\u00e1cticas de RPKI y lecciones aprendidas","slug":"rpki-mejores-practicas","href":"https:\/\/blog.lacnic.net\/rpki-mejores-practicas\/"},{"locale":"pt_BR","id":31151,"post_title":"Melhores pr\u00e1ticas de RPKI e li\u00e7\u00f5es aprendidas","slug":"rpki-melhores-praticas","href":"https:\/\/blog.lacnic.net\/pt-br\/rpki-melhores-praticas\/"}],"_links":{"self":[{"href":"https:\/\/blog.lacnic.net\/en\/wp-json\/wp\/v2\/posts\/31149","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.lacnic.net\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.lacnic.net\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.lacnic.net\/en\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.lacnic.net\/en\/wp-json\/wp\/v2\/comments?post=31149"}],"version-history":[{"count":1,"href":"https:\/\/blog.lacnic.net\/en\/wp-json\/wp\/v2\/posts\/31149\/revisions"}],"predecessor-version":[{"id":31150,"href":"https:\/\/blog.lacnic.net\/en\/wp-json\/wp\/v2\/posts\/31149\/revisions\/31150"}],"acf:post":[{"embeddable":true,"href":"https:\/\/blog.lacnic.net\/en\/wp-json\/wp\/v2\/posts\/30698"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blog.lacnic.net\/en\/wp-json\/wp\/v2\/media\/31145"}],"wp:attachment":[{"href":"https:\/\/blog.lacnic.net\/en\/wp-json\/wp\/v2\/media?parent=31149"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.lacnic.net\/en\/wp-json\/wp\/v2\/categories?post=31149"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.lacnic.net\/en\/wp-json\/wp\/v2\/tags?post=31149"},{"taxonomy":"archivo","embeddable":true,"href":"https:\/\/blog.lacnic.net\/en\/wp-json\/wp\/v2\/archivo?post=31149"},{"taxonomy":"taxonomy-authors","embeddable":true,"href":"https:\/\/blog.lacnic.net\/en\/wp-json\/wp\/v2\/taxonomy-authors?post=31149"},{"taxonomy":"tipo_autor","embeddable":true,"href":"https:\/\/blog.lacnic.net\/en\/wp-json\/wp\/v2\/tipo_autor?post=31149"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}