Issuing ROA‘s in LACNIC's LIR portal is easy:  

  • Login with your account at

  • On the right menu expand the first menu option (it should be named with your LACNIC organizational identifier. Something like CL-ABCD-LACNIC) and then click Services > „RPKI“; 

  • If this is the first time you are creating ROAs, LACNIC will ask you yo create certificates. Simply click on „Create Certificates“ and then click „Confirm“ 

  • You will see your ROA Dashboard. Click on „Create ROAs“ tab;


  • Fill in all the fields: 

Name – give your ROA a meaningful name, so you can recognize it later;
ASN – type the AS number you want to authorize to announce your IPs. Heficed‘s AS number is 61317;
Valid from and Valid until – mark the time period, for which you want your ROA to be valid. Note that if you set both of these fields with today‘s date,
Mark the check box, if you want your ROAs validation period to be automatically extended;
In the field below you will see an example syntax on how to describe your prefixes you want to authorize to be announced. Note that all of the lines start with a hash mark (#). All lines that begin with the hash mark are considered as comments and take no effect in the ROA.  
Type in the address prefix you authorize to announce.
If you want to allow more specific prefixes to be announced, type the dash ( - ) and then type the more specific prefix.  
Note that Heficed requires you to use "24" as the most specific prefix.


Let‘s say, that LACNIC allocated for you the address space You want to allow Heficed to announce this prefix and it‘s more specific prefixes. You want your ROA to be valid for 2 years and you want it to be automatically extended. Then your ROA creation screen should look like this:

  • Click „Save“;

  • Congrats! You have created a ROA.

Did this answer your question?