ARIN Public Incident Report – 4.10 Misissuance Error

Public Incident Report - 4.10 Issuance Error Posted: Friday, 12 December 2025 ARIN Executive Summary On 2 December 2025, an IPv4 block 23.150.164.0/24, correctly allocated to the Original Customer, was inadvertently removed and reissued to the Requesting Customer during a 4.10 allocation process. This error stemmed from the current manual and partially offline 4.10 inventory process. The incorrect state persisted until 9 December 2025, when the Original Customer reported the issue. ARIN restored the 23.150.164.0/24 to the Original Customer, issued a replacement /24 to the Requesting Customer, coordinated withdrawal of the incorrect route announcement, and notified the affected parties. This incident highlights known weaknesses in ARIN’s current Internet Number Resources (INR) Inventory handling for 4.10 transition space and underscores the need to complete the transition to a fully automated, integrated online inventory architecture. Incident Description Following the current allocation process for 4.10 space, an RSD analyst: Relied on legacy/manual 4.10 inventory artifacts, including a flat file and sparse allocation spreadsheet Did not recognize indicators in ARIN Online showing that 23.150.164.0/24 was already allocated to the Original Customer Removed 23.150.164.0/24 from the Original Customer Reissued that same /24 to the Requesting Customer As a result, the registration record and associated ROAs for the Original Customer were deleted in error, and the /24 appeared as allocated to the Requesting Customer in ARIN’s systems. Customer Impact and Risk The /24 was removed from the Original Customer account and assigned to another organization. The ROA associated with the block was removed and had to be recreated after restoration. The block was announced by a third-party provider under the incorrect registration, introducing risk of routing conflict and confusion. The incorrect state persisted for approximately seven days before detection. The Original Customer reported the issue via Ask ARIN and a Help Desk call on 9 December 2025. The customer has not provided a technical impact statement. Timeline of Events (All event times are ET - Eastern Time) 25-26 November 2025 25 November, 11:59 AM - 4.10 space request received from the Requesting Customer. 26 November, 6:25 AM - Ticket assigned to an RSD Analyst for processing. 2 December 2025 - Incident Occurs 12:10 PM - Ticket approved for issuance of 4.10 space by designated RSD Analyst. ~12:10-12:30 PM - In the process of fulfilling the 4.10 request, the designated Analyst: Opened the e-black-book (an offline Excel-based inventory file, separate from the primary online inventory system), reviewed the existing 4.10 allocations, and selected 23.150.164.0 as the next available sparse entry. Returned to the ARIN Online management application and queried for 23.150.164.0 based on the entry identified in the e-black-book. At this time the analyst did not recognize that the /24 was already allocated to the Original Customer. Performed a block split and deleted 23.150.164.0/24 - not recognizing that it was allocated to the Original Customer - which removed associated registry services (ROAs, reverse DNS, etc.). Issued 23.150.164.0/24 to the Requesting Customer. 2-9 December 2025 - Incorrect State Persists The /24 remained misregistered. The Requesting Customer upstream provider...

Preview: ~500 words