An internet number registry is valuable because parties that distrust one another can still rely on the same record. Rival states, hostile litigants, telecom operators, banks, cloud platforms and courts need not agree about politics if they can treat the address ledger as common infrastructure. AFRINIC's crisis matters because it shows how that bargain can decay before routes break. Fragmentation begins institutionally: in courts, elections, payment rails, platform policies, regional blocs, procurement files, security narratives and competing trust zones around one record.
The common ledger is the geopolitical asset
The easiest mistake in number-resource governance is to think the asset is the address itself. An IPv4 address is a number. An autonomous system number is a number. A WHOIS or RDAP entry is a record. A route object, a reverse-DNS delegation and an RPKI certificate are technical artefacts. None has much value in isolation. Their value comes from shared recognition. An address is economically useful because others treat it as uniquely associated with a holder: networks route it, customers allowlist it, banks diligence it, cloud platforms automate around it, abuse desks contact somebody, courts preserve a record, and counterparties transact without renegotiating the ontology of the internet.
That recognition is a geopolitical achievement disguised as administration. A regional internet registry does not only maintain a database for friendly engineers. It creates a reference point that unfriendly parties can use without first resolving their rivalry. A court in Mauritius, a telecom ministry in West Africa, a South African ISP, a Chinese cloud customer, a European bank, an American platform and a Gulf investor may have different laws, alliances and threat models. If each still accepts the same AFRINIC record as the starting point for resource status, the registry has lowered the cost of distrust. It has made one layer of infrastructure legible despite political difference.
That is why the institutional status of AFRINIC is more important than its size. AFRINIC serves Africa and parts of the Indian Ocean from a Mauritius legal shell. Public descriptions of its function are familiar: it distributes and registers IPv4, IPv6 and ASNs; supports WHOIS, RDAP, reverse DNS, IRR and RPKI; and runs policy and membership processes around those services. None of that sounds geopolitical until the record becomes contested. Then every ordinary registry function turns into a question of recognition. Which board speaks? Which court order controls? Which election is trusted? Which member register is authoritative? Which block is transferable? Which use is legitimate? Which emergency body may intervene? Which bank or platform should treat the holder as safe?
The public internet can survive many kinds of political conflict because most disputes do not require everyone to agree about everything. A packet does not ask whether two governments like each other. A BGP announcement can cross borders whose governments are hostile. But the numbering layer is more socially delicate than routing folklore suggests. Routing may continue for a time even when governance is disputed; the market around the route does not remain untouched. Financing, leasing, procurement, law-enforcement requests, insurance, geolocation correction, abuse handling and public-sector dependency all need a record that looks boring enough to rely on.
The phrase "common infrastructure" should therefore be taken literally. The registry record is not merely an internal file of a private association. It is a coordination device among actors who often have no other shared institution. If it becomes the instrument of one faction, one host-state legal process, one regional bloc, one sanctions interpretation, one court strategy, one cloud ecosystem or one transition architecture, other actors will hedge. They will not necessarily announce a new internet. They will quietly build alternative assurance files, alternative due-diligence routines, alternative routing policies, alternative commercial representations and alternative political channels. That is how fragmentation begins in institutions before it appears in protocols.
AFRINIC is a useful case because its recent history has placed these pressures in public view. A registry that once looked like a specialised administrative body has had to absorb corruption allegations, large address-value disputes, injunctions, receivership, election failure, election repair, ICANN intervention, NRO attention, regional political involvement and continuing litigation. Each episode can be described separately as governance, law, fraud prevention, member rights or recovery. The geopolitical reading asks whether the same record can still be trusted by parties that want different political outcomes from the registry.
That is the economic core of fragmentation risk. A shared ledger economises on politics. It lets actors transact, route, lend, procure and audit without first creating a single political order. If the ledger itself becomes a political prize, the saving disappears.
Neutral registration lowers the cost of distrust
Neutrality in a registry is not a moral mood. It is a transaction-cost device. It tells each actor that the record can be relied on without first asking whether the registry likes the holder, approves the business model, favours the state, shares the security narrative, or endorses a regional industrial strategy. The registry may still apply contracts, law, policy and court orders. Neutrality does not mean inaction. It means the registry's actions are narrow enough that outsiders can predict them and do not need to price ideological discretion into every resource decision.
For operators, this predictability is capital. A telecom carrier that builds customer services on a block of addresses cares about routing, but it also cares about continuity of recognition. A bank financing a data-centre build wants to know that addresses used by the borrower are not hostage to a political quarrel. A public buyer procuring e-government services wants assurance that address status will not change because a registry election is challenged. A cloud platform supporting bring-your-own-IP needs a record stable enough to automate. An abuse team wants an accountable contact that remains meaningful even if the member is politically unpopular. The registry reduces the number of bilateral investigations each of these parties must perform.
In institutional economics, this is close to the function of a settlement utility. It does not own the economy it helps settle. It does not need to be glamorous. Its virtue is that everyone can treat its record as a low-drama fact. If that changes, each transaction carries more verification, more warranties, more legal opinions, more political judgement and more fallback planning. The cost may look small at first: a slower transfer, an extra certificate, a bank query, a procurement exception, a cloud ticket. Accumulated across thousands of networks, the cost becomes a tax on growth.
The geopolitical dimension is that distrust is not evenly distributed. Large states can pressure institutions. Small states often absorb consequences. Big cloud firms can build elaborate compliance and routing systems. Small ISPs may depend on a few upstreams, one bank and one registry account. Regional organisations can speak in the language of continental coordination while individual resource holders experience the same language as loss of exit. Courts, sanctions authorities, banks and platforms may each manage their own exposure, but the system effect is that registry neutrality becomes harder to observe.
That is why the most important registry discipline is not simply transparency. Transparency can show that a decision happened. It does not by itself show that the decision was narrow. A registry can publish many communiques and still leave outsiders unsure whether recognition follows law, policy, politics, survival instinct, pressure from stronger institutions or fear of bad press. The higher standard is constrained neutrality: a clear boundary between recording and judging, between preserving last verified status and punishing, between legal compliance and informal risk avoidance, between resource uniqueness and regional economic policy.
AFRINIC's public crisis illustrates the cost of blurred boundaries. The Internet Governance Project's 2021 account framed the Cloud Innovation dispute around IPv4 scarcity, regional-use claims and the economic gap between registry fees and market value. KrebsOnSecurity and MyBroadband reporting on the earlier address heist showed how valuable addresses and weak controls could invite abuse. The NRO's 2023 statement on receivership focused on maintaining status quo, electing a board and keeping services available. The Register's later reporting tracked election turmoil, alleged proxy irregularities, a September 2025 board election, recovery claims in 2026 and further court interventions. These are different evidentiary strands. Together they show a registry whose ledger function must be trusted while its governance environment is contested.
The issue is not that every dispute is illegitimate. Scarce resources generate lawsuits; elections generate factions; courts must hear claims; fraud prevention is necessary; ICANN, other RIRs and regional bodies all have real continuity interests. The issue is whether AFRINIC can keep those interests from hardening into separate trust zones: one political, one contractual, one ICANN-centred, one court-preserved, one decentralised. A technically online registry can still cease to be equally legible to all.
Neutral registration is valuable precisely because it delays that outcome. It permits political disagreement around the registry without turning every address into a referendum on political alignment. The narrower the function, the lower the need for political trust. The thicker the function becomes, the more every actor asks whose politics are hidden inside the record.
AFRINIC became a stress test for a regional trust zone
AFRINIC's institutional map is unusually revealing. It is incorporated in Mauritius, serves a wide region, interacts with global coordination bodies, and sits over resources used by private networks, public agencies, data centres, universities, cloud customers, security firms and carriers. Its region is not a state. It contains many states with different laws, alignments, languages, economic structures and security relationships. That diversity is not a problem for a narrow registry. It becomes a problem for a registry that is asked to embody the region politically.
The local legal vessel matters because it is where real orders are made. Mauritian courts have dealt with bank restraints, receivership, election-related applications, member-register questions and winding-up efforts. That is not an insult to Mauritius. Host-state courts are part of the rule-of-law environment in which a private corporation exists. The problem is structural: a court charged with resolving company-law and insolvency questions can become, in effect, a court of continental internet continuity. The parties before it may be local legal persons; the consequences are read by operators across a much wider geography.
The 2023 receivership order, as summarised by the NRO, was intended to maintain status quo, preserve business value, oversee elections and restore functional governance. In one sense it worked as a stabiliser: it treated AFRINIC not as an ordinary firm to be left to drift, but as a body whose services should continue while governance was repaired. In another sense it exposed dependency. If the continuity of a multi-state registry region requires a receiver under one domestic legal system, every non-host state and every operator outside Mauritius learns that their recognition layer has a host-state choke point.
The 2025 election cycle sharpened the point. Public reporting described a receiver-led attempt to restart elections, concerns about potential interference, ICANN objections over nomination arrangements, a court ruling allowing the vote to proceed, allegations around powers of attorney, annulment of the June process, and then a later election in September that produced a board. The September board was reported to have enjoyed significant support from Smart Africa-endorsed candidates, while critics worried about bylaws, litigation and regional influence. None of this requires a theory of hidden control. It requires only ordinary institutional incentives. A weakened registry is attractive to organised actors because its board, bylaws and policy processes determine who can influence a scarce recognition layer.
That is what a trust zone is. It is not necessarily a formal breakaway ledger. It is a cluster of actors who believe the record is trustworthy only when their preferred authority channel controls it: the receiver, ICANN, a regional development bloc, member-led rights, or a future distributed architecture. AFRINIC's challenge is not to make these camps agree on ideology. It is to keep the ledger valuable enough that none of them must replace it.
The distinction between registry and region is central. AFRINIC is not Africa, but it is embedded in African internet infrastructure. It cannot legitimately speak as a continental government, yet if it fails, the costs are not confined to its office.
If AFRINIC is seen only as a company, a court may treat its assets and membership questions like ordinary corporate matters. If it is seen only as a public internet function, courts and members may be told to defer to global coordination imperatives. If it is seen only as a regional political instrument, individual resource holders and non-aligned operators may fear expropriatory politics. If it is seen only as a failed incumbent, outside reformers may understate the transition cost of replacing it. A stable common ledger requires a more precise category: private legal shell, public coordination consequence, narrow technical mandate, high continuity obligation and limited political authority.
AFRINIC's recent history is therefore not merely a governance saga. It is a stress test for whether one multi-state registry record can remain common when the institution around it becomes politically salient.
IPv4 scarcity turns recognition into strategic leverage
Geopolitical fragmentation risk becomes sharper when the resource is scarce. IPv6 may be abundant in address mathematics, but the operating world still depends heavily on IPv4. Legacy systems, customer networks, enterprise allowlists, cloud migration patterns, carrier-grade NAT costs, content delivery, fraud controls and procurement requirements keep IPv4 economically relevant. AFRINIC's own exhaustion materials record the soft-landing sequence: Phase 1 began in 2017 and Phase 2 was reached in January 2020. Public reporting in February 2026 quoted an AFRINIC executive saying the unallocated pool was down to 773,376 IPv4 addresses. Whatever the exact daily figure, the direction is clear. The free pool is no longer a casual administrative stock.
Scarcity changes the politics of recognition. When a resource was abundant and cheap, the registry's mistakes were annoying but less strategic. When addresses are scarce, transferable, leaseable, financeable and operationally embedded, the record becomes a claim on economic continuity. A disputed block may support customers, cloud instances, security rules, payment APIs, public services or wholesale leasing. The registry does not create all that value. Operators, customers and markets create it. But the registry record can influence whether others treat that value as clean.
That is why address recognition can become a geopolitical lever even without a packet being dropped. A state may not need to seize a data centre if it can influence whether address holdings are treated as region-locked, non-transferable, suspect or subject to special review. A regional bloc may not need to legislate a new internet if it can shape the board and policy language of the recognised registry. A court may not intend to conduct industrial policy, but an order that affects control of a registry entity can change bargaining power among actors outside the courtroom. A sanctions authority may target a person or entity, but banks may generalise the signal across registry payments or address-related transactions. A cloud platform may simply require clean documentation before accepting an address range, yet its documentation rules can convert registry uncertainty into commercial exclusion.
The Cloud Innovation dispute made this visible because it linked regional-use arguments, contract interpretation, large IPv4 holdings and existential business risk. IGP's 2021 analysis argued that AFRINIC's attempt to act against Cloud Innovation arose in part from scarcity, past abuse and a regional-border theory of address use. Cloud Innovation's legal response and AFRINIC's institutional exposure then created a crisis whose collateral effects reached the registry itself. Readers need not accept every claim made by either side to see the structural lesson. Scarce recognition plus concentrated discretion plus weak exit produces high-stakes conflict.
The 2019 address-heist reporting adds a second lesson. Where addresses have significant market value, weak records invite predation. KrebsOnSecurity reported allegations that a senior AFRINIC-linked figure had been associated with companies selling misappropriated address blocks; MyBroadband and other sources tracked related claims and AFRINIC's later remediation efforts. That history supports stricter verification. But stricter verification can itself become a control surface if not bounded. A registry that has suffered abuse may overcorrect by expanding review, narrowing use, delaying transfers or treating unusual business models as presumptively illegitimate. A registry that refuses verification invites theft. A registry that weaponises verification invites fragmentation. The economic challenge is to make the record trustworthy without turning trust into permission.
IPv4 scarcity also alters great-power incentives. Address demand is global. Hyperscale cloud, mobile networks, hosting firms, security vendors, online platforms and state-backed digital projects all need continuity. Large buyers and users may sit outside the AFRINIC region while depending on resources first registered inside it. Some may be Chinese, American, European, Gulf-based or pan-African. Some may be private. Some may have close state relationships. Once scarcity gives the record strategic value, a regional registry can be pulled into geopolitical narratives about extraction, protection, development, cyber risk and digital sovereignty.
This does not mean every IPv4 transfer is geopolitics. Most transactions are commercial. But strategic value changes the background price of institutional failure. Where millions of addresses, large customer bases or critical public systems are implicated, uncertain recognition becomes leverage. Actors then ask whether another RIR, a court order, a regional alliance, a private continuity provider, a cloud platform or a future decentralised ledger offers safer recognition.
The fragmentation pathway is therefore economic before it is technical. Scarcity increases the value of the record. Higher value invites political attention. Political attention increases the temptation to interpret the record through security, control or development narratives. Each narrative creates winners and losers. Losers search for alternative assurances. Alternative assurances can become alternative trust zones. The global routing table may still converge, but the institutional settlement around addresses becomes less common.
Governance contests invite outside patrons before they invite armies
Geopolitical fragmentation often sounds dramatic: blocs, borders, rival internets, sovereign routing, national firewalls. The early stages are usually more prosaic. A fragile institution attracts patrons who offer money, expertise, legitimacy, endorsements, legal arguments, candidate slates, emergency frameworks, policy language, diplomatic access or media amplification. Each intervention can be defended as stabilisation. In aggregate, the registry begins to look like a prize.
AFRINIC's governance contest has shown several versions of this pattern. The other RIRs and the NRO have an obvious continuity interest; they do not want one recognised registry to fail and contaminate confidence in the whole system. ICANN has an oversight and coordination interest; it wants courts and the community to understand that number resources are not ordinary corporate assets and that registry continuity matters to the global system. Smart Africa and other regional actors have a development and political interest; they want the African internet governance layer to be resilient, representative and not captured by a narrow private dispute. Resource holders and organisations associated with Lu Heng, Cloud Innovation, Larus and NRS have an interest in member rights, portability, decentralisation and limiting registry discretion. Operators and national ISP associations have an interest in election integrity, bylaws and avoiding capture by any camp.
None of these interests is surprising. The danger lies in the conversion from interest to patronage. Once a registry cannot reliably produce trusted governance from within, outside support becomes more attractive. A regional organisation can help mobilise votes. A global coordination body can write letters or seek standing in court. A litigant can ask courts for dissolution or continuity orders. Advocacy groups can organise members. Banks and service providers can decide which claims they will operationally recognise. Each step may be lawful. But each also teaches participants that registry authority can be obtained, defended or neutralised through an external channel.
This is how fragmentation pressure enters without a formal split. The registry remains the registry, but different actors begin to trust different routes into it. A board backed by a regional development bloc may be seen by supporters as legitimate continental recovery and by critics as politicisation. ICANN intervention may be seen by supporters as necessary protection of a global function and by critics as overreach by an external governance centre. Court receivership may be seen as rule-of-law preservation and by others as host-state capture of a multi-state service. NRS-style decentralisation may be seen as a safety valve by resource holders and as destabilising insurgency by registry defenders. The shared record survives only if these actors, despite their suspicions, continue to accept the same operational facts.
The political economy is made worse by membership complexity. Registry governance often relies on low-participation processes, technical mailing lists, proxy voting, meeting attendance, bylaws, nomination committees and insider knowledge. For many ordinary operators, these processes are distant from daily work. For organised actors, they are leverage points. The Register's reporting around AFRINIC's election concerns, including allegations related to powers of attorney and voter documentation, showed how control over representation can become as important as control over policy. The issue was not only who won. It was whether members believed the process represented them rather than a channel through which others could speak in their name.
Great-power rivalry does not need to appear as a flag on the wall. It can appear as suspicion that a candidate slate, funding stream, advocacy campaign, litigation strategy, cloud relationship or procurement preference aligns the registry with a larger camp. Once that suspicion exists, ordinary governance is reinterpreted: a bylaw change as capture, capacity-building as influence, a court filing as strategic lawfare, a cloud partnership as dependence on one jurisdiction's platform stack.
The way to reduce that risk is not to ban outside interest. A registry embedded in global infrastructure cannot be hermetically sealed. The answer is to reduce the value of capture. If the registry's mandate is narrow, records are escrowed, authority is auditable, dispute resolution is separated from registry operations, resource holders have credible exit or portability, and emergency continuity is rule-bound, then controlling the board is less valuable. If the board can define resource destiny, block mobility, interpret political ownership, choose winners in scarcity and operate with limited liability, then every outside actor has reason to fight for influence.
AFRINIC's geopolitical fragmentation risk is therefore a function of institutional thickness. The thicker the registry's discretion, the more patrons will try to own the discretion. The thinner and more mechanical the registry's role, the less worthwhile capture becomes.
Host-state courts can become continental infrastructure courts
The host-state problem is not that Mauritius is the wrong jurisdiction. Any incorporation jurisdiction would create a host-state problem. A registry is a private legal entity somewhere, with bank accounts, directors, contracts, staff, statutory duties and courts. Yet the function it performs is relied on elsewhere. That mismatch is manageable while the institution is boring. It becomes geopolitically salient when the host court is asked to preserve, restrain, liquidate, supervise, rectify or interpret the legal shell carrying the registry function.
AFRINIC's receivership made the mismatch explicit. The NRO welcomed the appointment of an official receiver in 2023 as a path to restored governance, continued services and board elections. The receiver's role, as summarised publicly, was to maintain status quo and preserve business value while moving toward a proper board and CEO. That is a sensible legal technique for a company in governance distress. But because the company is a regional internet registry, the receiver's work had immediate meaning for resource holders and governments far beyond Mauritius.
The later winding-up application and ICANN's reported intervention in 2026 sharpened the issue. According to The Register, ICANN sought to participate so the court would understand AFRINIC's unique role and the nature of number resources, including the point that resources allocated through AFRINIC are not assets of AFRINIC available for distribution. That argument is legally narrow but geopolitically important. It asks a domestic court to distinguish between the corporate vessel and the global coordination function inside it. If courts fail to make that distinction, a registry dispute can become an asset-distribution event. If courts make the distinction too broadly, local accountability may be weakened by claims of global function. Either error creates distrust.
Host-state courts also affect time. Internet operations run continuously. Litigation runs in filings, hearings, interim orders and appeals. A court may reasonably take months to decide a corporate-law issue. Markets may reprice address risk in days. A public buyer may pause a procurement because of a headline. A bank may ask for legal comfort before renewing a facility. A cloud platform may decline to onboard a range until documentation is settled. The court is not routing packets, but its timetable becomes part of the cost of address recognition.
This is not unique to AFRINIC. Every RIR has a home jurisdiction: APNIC in Australia, ARIN in the United States, RIPE NCC in the Netherlands, LACNIC in Uruguay, AFRINIC in Mauritius. Each legal system provides accountability. But a single-jurisdiction shell remains a poor fit for a function whose users span many states, especially once non-host actors start asking why one court has so much practical influence over resources used elsewhere.
One response is to seek immunity-like protection or special status for the registry function. That can preserve continuity, but it has a legitimacy cost if a private body retains high discretion while being shielded from ordinary law. Another response is to subject the registry fully to ordinary company law, even if that destabilises the service. Neither response is sufficient.
The better answer is functional separation before crisis. The corporate shell should not be the only container of the ledger. Critical records should be escrowed, mirrored and reproducible. Emergency operators should have predefined, narrow powers. Courts should be able to preserve the last verified registry state without deciding address policy. Dissolution of the corporate entity should not imply dissolution of recognition. Dispute claims should be resolved without allowing either the registry or a litigant to threaten unrelated service continuity. Member rights and resource-holder records should be clear enough that courts do not need to infer the architecture during emergency proceedings.
Such separation reduces fragmentation because it reassures outsiders that host-state law is a venue for accountability, not a lever for capture. Courts remain important. They enforce contracts, hear claims, appoint officers and protect rights. But they do not become improvised continental infrastructure designers. The legal vessel can be repaired or replaced without forcing every operator to ask whether the address ledger has changed political ownership.
AFRINIC's experience suggests the absence of such separation is already priced by sophisticated actors. ICANN, the NRO, national associations, litigants and regional groups have all behaved as though court outcomes matter to the wider numbering system. They are right. The task now is to make that dependence less fragile before the next crisis.
Sanctions, banks and cloud platforms create recognition chokepoints
Sanctions should not be the centre of AFRINIC's geopolitical fragmentation story; they are one pressure among many. They are useful here because they show how political decisions made outside the registry can enter the ledger through ordinary service channels. A sanctions rule may bind a bank, payment processor, cloud provider, transit provider, software vendor, insurer or registry service provider. The registry may be legally required to reject a transaction, freeze funds, avoid dealing with a designated party or supply information to lawful authorities. That is compliance, not politics by another name.
The fragmentation risk begins when compliance becomes atmospheric. A bank may decline a payment without fully explaining why. A correspondent bank may ask questions about a shareholder, jurisdiction or adverse-media item. A cloud platform may require a clean chain of authority before accepting a customer's address range for BYOIP. A procurement office may treat registry uncertainty as a supplier risk. A security vendor may classify a range based on abuse history, geolocation, sanctions exposure or ownership ambiguity. None of these actors is the registry. Yet each can influence whether a resource is commercially usable.
For AFRINIC, the problem is amplified by institutional stress. If the registry's own bank accounts have previously been frozen, if receivership has been necessary, if member status has been litigated, if board legitimacy has been contested, and if winding-up has been sought, counterparties are more likely to ask for legal and political comfort. The record may still show a holder. But the holder's customer, bank or cloud platform may ask whether the record is stable enough to rely on. That is a recognition chokepoint.
Cloud dependence deserves particular attention. Modern enterprises attach public identity to cloud edges, APIs, SASE platforms, payment systems, managed firewalls, CDNs and data-processing environments. An address range that can move cleanly between environments is more valuable than one tied to a disputed registry relationship. Hyperscale cloud platforms are not neutral in a pure geopolitical sense; they are incorporated under particular legal regimes, operate sanctions and abuse policies, and respond to national-security demands. If they become the practical validators of whether a block is acceptable for critical workloads, registry uncertainty is translated into platform dependence.
The same is true for banks. Registry fees may be small, but payment status can affect member standing, transfer timing and confidence. If payment rails are blocked or delayed because of sanctions screening, country risk or litigation concerns, the question becomes whether the member is non-paying, legally prohibited, or simply trapped in a bank's risk model. A registry that treats all three as the same event allows financial infrastructure to become a hidden controller of address recognition. A registry that separates them preserves neutrality.
Security narratives can travel through the same channels. An address block associated with spam, malware, fraud or sanctions evasion may attract legitimate scrutiny. But if scrutiny becomes a broad label attached to a holder, jurisdiction or political camp, it can affect routing filters, cloud acceptance, procurement eligibility and banking relationships beyond the specific abuse. The record then becomes less common: one set of actors treats it as a technical registration, another as a risk marker, another as a political signal.
The remedy is not to demand that registries ignore law or that platforms ignore abuse. It is to keep each decision at the right layer. A sanctions prohibition should identify the rule, the person, the transaction and the service affected. A bank delay should not automatically impair unrelated registry records. A cloud onboarding decision should not become the de facto legal verdict on resource status. An abuse report should be investigated as abuse, not converted into a doctrine of regional ownership. Public procurement should ask for evidence of continuity, not force suppliers into one politically preferred registry narrative.
This is where neutral registry architecture has real geopolitical value. If the registry maintains clean records, documents authority, preserves last verified status during disputes, separates payment from recognition where lawful, and publishes narrow service effects, banks and platforms have less room to improvise. They may still apply their own rules, but they can do so against a stable base. If the registry itself is ambiguous, every downstream institution becomes a mini-registry. That is fragmentation by outsourcing.
Cables, clouds and procurement pull the registry into industrial policy
African connectivity is shaped by geography. International bandwidth reaches many markets through coastal submarine-cable landings, cross-border terrestrial routes, internet exchange points, data centres and cloud on-ramps. Landlocked countries depend on neighbours. Small islands depend on resilient international links. Public agencies depend on a mixture of local operators, regional carriers, global platforms and foreign vendors. This physical and commercial geography does not make AFRINIC a cable operator. It does make its ledger part of the political economy of connectivity.
When connectivity is scarce, expensive or strategically exposed, governments naturally think in terms of industrial policy. They want local data centres, national cloud capacity, cheaper transit, resilient public services, cybersecurity control, local content, digital payments and domestic innovation. Those objectives are legitimate. The danger is that number-resource governance becomes a proxy for them. A government or regional bloc may look at IPv4 scarcity and conclude that addresses issued through AFRINIC should be reserved, steered or politically conditioned to support regional development. That instinct is understandable. It is also risky.
Address recognition is not infrastructure investment. Keeping a block inside a region on paper does not build a cable, train engineers, reduce transit costs, improve power reliability, create cloud competition or finance last-mile networks. It may even reduce liquidity, discourage outside investment, or teach resource holders that the registry is a political allocator rather than a neutral recordkeeper. A scarce address pool can be symbolically attractive and economically insufficient at the same time.
AFRINIC's exhaustion history makes this distinction concrete. The remaining free IPv4 pool is tiny relative to the continent's long-term connectivity demand. IGP's 2021 analysis argued that Africa's development cannot be sustained by the leftover AFRINIC IPv4 pool and would require imports from the market and/or IPv6 deployment. One can debate the policy prescription, but the arithmetic is difficult to avoid. Treating the registry's remaining IPv4 as a development treasury risks overloading a small administrative layer with ambitions it cannot satisfy.
Cloud dependence creates another industrial-policy temptation. Governments worry, often rightly, that public workloads are too dependent on foreign platforms. Operators worry that cloud providers can internalise value while local networks carry access costs. Enterprises want portable identity across clouds and providers. In that environment, IP addresses look like strategic capital: a way to reduce platform lock-in, support multi-cloud, preserve customer allowlists and keep public services from being tied to a single provider's numbering. That makes neutral recognition more important, not less. If the registry becomes a political allocator, address portability becomes harder just when cloud concentration makes it more valuable.
Submarine-cable politics adds a further layer. Cable landings are licensed, secured and sometimes viewed through national-security lenses. Traffic paths can be affected by outages, conflict, espionage concerns and geopolitical relationships among landing states and equipment vendors. A registry cannot solve these issues. But registry instability can compound them. A public buyer building a national cloud or secure government network needs confidence not only in cables and data centres, but in the identity layer used by firewalls, APIs, remote access, DNS, RPKI, abuse desks and cloud egress. If address recognition is contested, procurement teams may prefer vendors aligned with a trusted political channel, even if that reduces competition.
That is the path from registry governance to trust zones. One procurement ecosystem may trust address continuity backed by global cloud platforms. Another may trust regional political endorsement. Another may require local court comfort. Another may prefer private continuity providers. Another may demand ICANN/NRO recognition. These choices can coexist for a while. But if they harden, operators face different conditions depending on which political or commercial zone their customers inhabit.
A credible non-fragmentation strategy should therefore keep number-resource policy out of industrial-policy substitution. Governments can and should invest in cables, IXPs, local cloud, cyber capacity, public procurement standards and IPv6 readiness. They should not ask a registry ledger to perform those tasks by politicising address recognition. The registry's contribution to development is more modest and more valuable: accurate records, fair procedures, portable recognition, reliable security objects, clear contact data and continuity across political disputes. That is not glamorous. It is the infrastructure on which the glamorous projects depend.
Security narratives can turn bookkeeping into permission
Every registry needs an abuse and security posture. Stolen address space, fraudulent records, hijacked routes, spam operations, malware hosting, fake powers of attorney and false corporate documents are not abstract risks. AFRINIC's own history contains enough public evidence to make complacency impossible. The 2019 address-heist reporting showed how valuable IPv4 records can be manipulated. Election-related allegations in 2025 showed how representation documents can become governance weapons. RPKI, IRR and reverse-DNS services exist because routing and accountability need more than informal trust.
Security language becomes dangerous when it changes the category of the registry. A bookkeeper verifies records. A permissioning authority decides who deserves to operate. The first function is necessary. The second can become political. The difference is not always obvious, because both use similar evidence. A registry may ask for corporate documents to confirm a holder. It may review utilisation to apply policy. It may require abuse contacts. It may correct a stolen block. It may suspend a fraudulent request. Each action can be justified as security. But if the same vocabulary is used to decide whether a business model is morally acceptable, whether out-of-region customers are legitimate, whether a political faction is safe, or whether addresses should serve a development narrative, security has become mandate laundering.
The structural temptation is strong. A registry facing criticism over past abuse wants to show toughness. A region facing digital-development pressure wants to prevent extraction. Governments facing cybercrime want stronger controls. Banks and cloud platforms want clean counterparties. Public commentators want villains. In that atmosphere, a broad security claim can win support faster than a narrow evidentiary analysis. It is easier to say that a holder threatens the community than to prove exactly which record is false, which policy applies, which service should be paused and which continuity obligation remains.
Fragmentation follows because security claims are not trusted equally across geopolitical lines. One state may see a cybersecurity designation as legitimate protection. Another may see it as economic warfare. One operator may see anti-abuse enforcement as overdue. Another may see it as selective pressure against a disliked business model. One cloud platform may treat a registry warning as sufficient to de-risk. Another may demand a court order. One regional body may see address export as strategic leakage. Another market participant may see liquidity and portability. If the registry does not anchor security action in narrow evidence, each actor imports its own political priors.
The answer is not to weaken security. It is to make security more exact. Stolen resources should be restored through documented evidence. False authority documents should be investigated and preserved for courts where appropriate. RPKI and IRR data should be auditable. Abuse contacts should be accurate. Resource reviews should have clear triggers, defined scope, deadlines, appeal paths and proportional remedies. Public notices should distinguish allegation, finding, court order, policy interpretation and operational continuity. A security action should say what it protects and what it does not decide.
This discipline is particularly important for national-security claims. Communications infrastructure is strategic. But strategic importance does not automatically mean centralised permission is the right tool. The internet's resilience has historically come from distributed operation, voluntary interconnection and narrow shared invariants. A registry that tries to secure the region by asserting broad control may reduce exactly the trust that security requires. Operators will route around perceived political discretion where they can. Investors will discount resources subject to discretionary review. Governments outside the preferred camp will demand alternative assurances.
Lu Heng has argued publicly, including through the language of the bookkeeper role and decentralisation, that coordination systems fail when recordkeeping mutates into concentrated control. A reader need not accept every proposed remedy to see the analytic force. Security should protect the ledger's accuracy and continuity. It should not transform the ledger into a licence for political approval.
The strongest security posture for AFRINIC is therefore narrow, boring and hard to capture. Verify identity. Preserve records. Separate allegations from findings. Maintain last known good states. Escalate serious fraud to courts and law enforcement. Keep routing-security tools available where lawful. Avoid rhetorical inflation. The more security remains evidentiary, the less it becomes another line of geopolitical fragmentation.
Transition plans now compete with one another
AFRINIC's crisis has already generated transition architectures. The incumbent model seeks recovery through board restoration, budgets, bylaws, policy processes, staff rebuilding and renewed participation in global forums. The NRO and ICANN track asks how the RIR system should handle failure, assistance, lifecycle obligations and possible derecognition under revised ICP-2 or related governance documents. Regional actors seek an African institutional response that prevents disruption and reflects continental development priorities. NRS and Lu Heng's public arguments press for decentralisation, portability, exit rights, distributed records or radical reconstruction of the registry layer. Courts supply another transition path by preserving, restraining, appointing or potentially dissolving legal structures.
These architectures overlap but are not the same. They answer different questions. The recovery path asks how AFRINIC can become functional again. The ICANN/NRO path asks how the global numbering system can protect itself if a recognised RIR becomes dysfunctional. The regional path asks who speaks for African digital interests when the registry is weak. The decentralisation path asks whether any single registry should retain so much discretion over scarce economic resources. The court path asks what domestic law requires of the company and the parties before it.
Fragmentation risk increases when these transition paths are not ordered. AFRINIC recovery does not automatically settle portability. ICP-2 derecognition procedures do not by themselves resolve regional objections. A court-preserved company does not settle resource-holder rights. A board helped by a regional bloc does not automatically legitimise transfer policy. A distributed-ledger or portability model still has to interoperate with existing RIR records. ICANN intervention still has to avoid becoming the central authority critics fear.
Each architecture has a failure mode. Incumbent recovery can become restoration without accountability. Global emergency oversight can become centralisation. Regional political repair can become bloc capture. Decentralisation can become an incompatible parallel ledger if it lacks transition discipline. Court preservation can become host-state overreach if it treats the corporate shell as the function. The policy problem is not choosing the most emotionally satisfying architecture. It is preventing the coexistence of architectures from turning into rival sources of recognition.
The revised ICP-2 discussion is a useful example. Public reporting in 2025 and 2026 described efforts to define the lifecycle of an RIR, assistance during crises and derecognition if a registry fails. That is a rational response to AFRINIC's distress. But any derecognition mechanism is geopolitically sensitive. Who initiates it? A single RIR? A percentage of the target registry's membership? ICANN? The NRO? What counts as failure? How are members heard? What happens to records, contracts, court orders, unallocated pools, RPKI, reverse DNS and disputes? If these questions are answered by the incumbent RIR club alone, critics will see cartel self-preservation. If answered by governments, others will see politicisation. If left unanswered, markets will hedge.
Decentralisation proposals face the opposite challenge. They are attractive because they lower single-point discretion and make records locally verifiable. Lu Heng's "Minimum Initial Specification" note argues for deterministic common rules, local future decisions and voluntary adoption. That design intuition addresses a real weakness in institution-heavy governance. But a transition cannot simply announce a new ledger and expect banks, courts, platforms, RIRs and operators to recognise it. A decentralised model that creates incompatible recognition sets before it creates interoperability may accelerate the fragmentation it seeks to avoid.
The mature path is staged. First reduce discretion inside the existing registry. Then create reliable data escrow and reproducible records. Separate technical registry operations from dispute resolution and economic-rights questions. Define portability and emergency continuity in ways that do not depend on punishment. Allow alternative verification systems to describe and mirror reality before claiming authority over it. Make adoption visible through running systems, not slogans.
AFRINIC is likely to remain the recognised registry for its region in the near term. That does not mean the old model is safe. It means transition architecture must protect the common ledger while reducing the reasons actors might abandon it. Reform that saves the institution but not trust will fail. Reform that attacks the institution without preserving recognition will also fail.
Parallel ledgers would be expensive because everyone would have to choose
A duplicate ledger sounds, at first, like a technical matter. One database says one thing; another says another. Engineers compare records, choose a source of truth and update tooling. In reality, a parallel number-resource ledger would impose choice on every institution that currently benefits from not choosing. Networks would choose which record to route by. Cloud platforms would choose which record to accept for onboarding. Banks would choose which record supports collateral or account diligence. Courts would choose which record to preserve. Insurers would choose which record defines risk. Procurement offices would choose which record satisfies continuity. Security vendors would choose which record informs abuse, sanctions and geolocation. Each choice would be political even if expressed in technical terms.
The cost would not be evenly distributed. Large cloud platforms and global carriers can maintain reconciliation teams, legal opinions and internal exception processes. Small African ISPs, public agencies and regional data-centre operators cannot. They would face higher due-diligence demands, more documentation, slower transactions and greater dependence on intermediaries. The very actors most often invoked in regional-development rhetoric could end up bearing the highest cost of fragmentation.
The operational surfaces are numerous. WHOIS and RDAP records identify holders and contacts. IRR objects support route filtering. RPKI ties prefixes to authorised origins. Reverse DNS affects reputation, mail, logging and operational troubleshooting. Geolocation databases influence content, fraud controls and regulatory availability. Abuse desks rely on contact accuracy. Transfer markets rely on standing and clean title-like representations. Public-sector networks rely on stable procurement files. A second ledger would have to explain how each surface is reconciled. If it cannot, counterparties will apply discounts and exclusions.
RPKI illustrates the problem. It is designed to improve route-origin validation by linking cryptographic attestations to number-resource authority. If authority is contested between ledgers, validation becomes a trust-zone question. Which trust anchor is accepted? Which ROA is treated as valid? Which emergency operator can issue or preserve certificates? How are conflicts handled? A routing-security tool meant to reduce ambiguity could become a boundary marker between recognition communities if governance is not common.
Legal recognition is even harder. A court can order a company to maintain or correct its records. It cannot easily order the whole world to believe a parallel ledger, especially if other jurisdictions or platforms disagree. A bank can rely on one record for diligence, but another bank may require a different record. A cloud provider may accept a range under its own policy while a government procurement office rejects the same evidence. The address may still route. Its commercial usability fragments.
This is why the cost of duplicate ledgers is not merely confusion. It is the loss of a shared default. The current RIR system is flawed, but it gives the world a starting point. A buyer, court or platform may ask many follow-up questions, yet it begins with the recognised registry record. In a fragmented environment, the first question becomes: recognised by whom? Once that question is normal, transaction costs rise sharply.
A credible alternative architecture must therefore be designed to converge recognition, not merely to protest existing authority. Data mirrors can improve resilience if they are faithful, auditable and subordinate to clear conflict rules. Escrow can protect continuity if it preserves last verified state. Portability can discipline registries if it moves records through accepted procedures. Distributed verification can reduce discretion if it defines deterministic uniqueness and adoption paths. But an uncoordinated rival ledger risks becoming another political instrument.
The irony is that fragmentation can emerge from both centralisers and decentralisers. A centralised emergency authority that overrides members too easily may push resource holders into alternative systems. A decentralised alternative that ignores transition costs may push banks and platforms back toward incumbent authorities. A regional political solution that treats addresses as development property may push global users to seek non-regional assurance. A court-heavy solution may push non-host states to demand their own safeguards. Every camp can accelerate fragmentation by overclaiming.
The economic test is simple: does the architecture reduce the number of actors who must make bespoke trust decisions? If yes, it lowers fragmentation risk. If no, it merely changes who pays the cost.
A non-fragmentation architecture must constrain power, not just save the institution
AFRINIC can recover institutionally and still fail the geopolitical test. A board can be seated, a budget approved, a CEO appointed, litigation narrowed and conferences attended, while operators, banks, courts and platforms continue to price the registry as a political risk. Non-fragmentation requires more than institutional survival. It requires a structure that convinces rival actors the ledger will not be turned against them merely because one camp controls the machinery.
The first requirement is mandate narrowness. AFRINIC's core value is unique, accurate and continuous registration of number resources and related operational records. It should resist claims that convert this function into regional industrial policy, political ownership, broad security permissioning or discretionary economic planning. Public policy can be debated elsewhere. The registry's mandate should be thin enough that capturing it is unattractive.
The second requirement is record escrow and reproducibility. The ledger should not depend on the uninterrupted health of one corporate shell, one bank account, one office, one board or one court timetable. Critical records should be securely mirrored, versioned, auditable and capable of being operated in emergency mode under predefined rules. The goal is not to weaken AFRINIC. It is to protect the function from every actor, including AFRINIC itself, a litigant, a receiver, a court error or an external patron.
The third requirement is separation of functions. Technical operations, membership governance, dispute resolution, sanctions compliance, transfer-policy interpretation, economic-rights questions and emergency continuity should not collapse into one decision point. A transfer dispute should not endanger RDAP accuracy. A payment-screening review should not automatically impair RPKI. A board election dispute should not make reverse DNS unpredictable. Separation lowers the blast radius of conflict.
The fourth requirement is portability or at least credible exit. A voluntary global coordination system cannot depend solely on locked-in membership. If resource holders have no credible way to preserve recognition when a registry fails, they will seek political patrons, courts, private continuity providers or alternative ledgers. Portability need not be reckless. It can be rule-bound, evidence-based, escrow-supported and limited to severe cases. But without some safety valve, the registry becomes a trust prison. Trust prisons eventually produce jailbreaks.
The fifth requirement is bounded emergency authority. ICANN, the NRO and other RIRs may need to assist or, in extreme cases, replace a failing function. But emergency powers must be narrow, transparent, time-limited, appealable and focused on preserving the last verified state. If emergency authority becomes a way to centralise policy power, it will create a different fragmentation risk: the fear that local registry governance can be overridden by a global club.
The sixth requirement is procedural legitimacy that ordinary members can understand. Low-participation mailing lists and complex proxy rules are poor foundations for a high-value registry. Election processes must verify authority without disenfranchising real members. Bylaws must align with host-state law and resource-member expectations. Nomination and voting procedures must be understandable enough that losing factions can accept defeat without claiming that the ledger has been captured. Legitimacy is not only a legal standard. It is a market input.
The seventh requirement is disciplined language. Registries and their defenders should avoid rhetorical inflation. Phrases that imply continental ownership, unique political empowerment, or moral custody over all resources in the region raise the stakes of capture. Critics should also avoid language that treats institutional collapse as costless. The ledger is common infrastructure even if the institution is flawed. The right vocabulary is continuity, accuracy, portability, accountability and constrained power.
Finally, non-fragmentation requires humility about IPv6. IPv6 deployment is necessary, but it does not dissolve IPv4's current economic and institutional significance. Telling markets that scarcity will disappear someday does not answer today's recognition problem. A credible architecture must handle the dual-stack reality rather than using the future as a reason to ignore the present.
These requirements point to a practical settlement: protect the ledger, constrain the gatekeeper, preserve lawful accountability, make records portable, and ensure that no political camp can convert registry control into control over network destiny. That is less dramatic than many reform narratives. It is also the only path likely to keep rival actors using the same record.
AFRINIC's next test is whether outsiders can still trust the same record
The near-term question for AFRINIC is not whether every controversy ends. It will not. Litigation, bylaw disputes, ICANN/NRO failure standards, regional influence efforts, resource-holder rights claims, platform risk models, procurement policy and cybersecurity concerns may all continue. Scarcity will continue to give IPv4 records economic meaning.
The test is whether all these actors can still treat the same AFRINIC record as the baseline fact from which disputes begin. A court can hear a claim if the last verified registry state is preserved. A bank can review a payment if member recognition is not casually impaired. A cloud platform can onboard addresses if authority documentation is clean. A public buyer can procure services if registry standing is legible. A regional body can support governance participation if it does not turn the ledger into a political instrument. ICANN can protect continuity if it does not convert emergency concern into permanent central authority. Critics can press for decentralisation if they do not create incompatible recognition faster than they create interoperability.
This is a difficult bargain because AFRINIC has lost the luxury of obscurity. A registry can remain modest when few people outside the technical community notice it. AFRINIC is now noticed by courts, reporters, governments, global governance bodies, regional organisations, investors, cloud users and address-market participants. Visibility changes incentives. Every decision becomes evidence for someone's theory of the institution: recovered registry, captured registry, regional registry, failed registry, global public function, private company, chokepoint, or transition candidate.
The institution should respond by becoming less narratively ambitious and more operationally exact. It should publish clean records, explain legal effects narrowly, keep member authority files accurate, separate service surfaces and preserve continuity during disputes. It should avoid implying that number resources are political property, treating every critic as an enemy of the region, letting litigants use continuity as a hostage, or allowing banks, clouds and patrons to become hidden adjudicators of registry status. Make the record boring again.
That may sound insufficient in a period of great-power rivalry. It is the opposite. The more geopolitical pressure surrounds a registry, the more valuable boring neutrality becomes. Rival states do not need the registry to settle their rivalry. They need it not to become another battlefield. Operators do not need a theory of continental destiny when updating RPKI or transferring a block. They need predictable process. Courts do not need to write internet policy in insolvency language. They need a way to preserve rights without breaking shared recognition. Banks and platforms do not need political slogans. They need evidence.
AFRINIC's crisis is therefore a warning against both complacency and panic. Complacency says the old model survived because the internet still routes. Panic says the only answer is immediate replacement, takeover or politicised defence. The more plausible reality is that institutional fragmentation can proceed while the network appears technically intact. It shows up first in risk premiums, legal opinions, procurement exceptions, cloud onboarding rules, bank queries, member mobilisation, emergency-policy drafts and alternative continuity claims. By the time packets visibly split, the common ledger has already lost much of its economic function.
The best outcome for AFRINIC is not victory by one narrative. It is a settlement in which no narrative needs victory in order to rely on the record. Regional development advocates should be able to trust that AFRINIC will support African connectivity without treating addresses as political trophies. Resource holders should be able to trust that their lawful records will not be reinterpreted by a changing faction. ICANN and the NRO should be able to trust that continuity does not require constant intervention. Courts should be able to trust that preserving the company does not require inventing a new theory of the internet. Banks and cloud platforms should be able to trust that the registry record is evidence, not a battlefield communique.
That is the economics of geopolitical fragmentation risk. The common ledger saves everyone from building separate political trust for every technical fact. AFRINIC's task is to keep that saving alive. If it does, the registry remains common infrastructure in a divided world. If it does not, fragmentation will not arrive as a single declaration. It will arrive as a thousand private decisions to trust something else.

