The argument over old IPv4 space is usually told through louder institutions: telecom operators, cloud platforms, address brokers, litigation funds and regional registries. That is only the surface market. A quieter and more revealing version sits inside universities and research institutions, where public IPv4 blocks were accumulated under the moral economy of the early academic Internet and now sit inside the budget, legal and operational pressures of scarcity.
Consider the network office of a large public university on the morning before a senate finance committee meeting. The registry record is old, the subnetting plan is older, and the institution that relies on both has changed almost beyond recognition. What began as a research network now supports student housing, medical research, high-performance computing, grant-funded instruments, distance learning, identity systems, cloud gateways, visiting scholars, spin-out companies, national research and education network connections, and a hospital or laboratory complex with its own security rules. The vice-chancellor wants cost control. The finance office has learned that IPv4 addresses have a market price. Researchers want experimental freedom. Information security wants cleaner segmentation. Legal counsel asks whether the university can prove the chain of authority for every block. Public affairs worries that a sale or lease will be described as hoarding. The network team wants the external record left stable enough for work to continue.
That room is a better lens than the usual market story. A university legacy block is neither a dormant corporate option nor an ordinary government service dependency. It is a historical remainder of a period when research networks were treated as the Internet's natural institutional home. Scarcity has turned that remainder into a quasi-endowment. It can be retained, reorganised, shared through a national research and education network, used to preserve laboratory autonomy, leased in part, sold in part, or defended against administrators who were not present when the addresses were received. Every choice has a constituency. Every choice also depends on confidence that the registry record will remain a stable record of control rather than a permission instrument.
AFRINIC matters here not because African universities are uniquely exposed, but because it has become the clearest regional test of what happens when registry-layer confidence becomes uncertain. Public reporting in 2019 on alleged address theft showed that inactive or weakly defended records could be altered and monetised. The Cloud Innovation litigation showed how a dispute over resource use, geography and contractual interpretation can threaten a large holding and consume the registry institution around it. Receivership, interrupted elections, annulled votes and later recovery attempts showed that packets may keep moving while the confidence premium attached to a registry record changes. For academic holders, whose public mandate is research and teaching rather than address trading, that premium is practical. It shapes whether historical academic allocations are treated as infrastructure for future work or as tempting objects of reclamation politics.
The campus budget meeting as an address-policy problem
The first mistake is to imagine that a university approaches IPv4 as a single rational owner. In practice it behaves like a federation. The central IT director sees address space as continuity: public routability, reverse DNS, firewall policy, VPN access, laboratory services and institutional reputation all depend on it. The chief financial officer sees a scarce asset whose opportunity cost is no longer zero. The research office sees grant compliance, because funded instruments and data platforms may require externally reachable services or secure collaboration with foreign partners. Student services sees residential networks and learning platforms. The health-science campus sees clinical research, medical-device segmentation and regulatory caution. Legal counsel sees old letters, institutional name changes, delegated authority and the question of who is allowed to sign for a resource holder.
Those positions are not mere bureaucratic noise. They are different claims on the same historical asset. Routing continuity has value because renumbering is costly and brittle systems are common. Option value matters because a campus can defer future choices on research clouds, dormitory networks and laboratory redesign if it controls enough public space. Sale proceeds matter because universities face deferred maintenance, cybersecurity spending, research-computing demand and staff shortages. Reputation matters because a public university does not want to appear to profit casually from a resource it once received as part of a collaborative research order. Autonomy matters because a campus with its own routable space can publish services, run experiments and interconnect without asking a commercial provider to approve every change.
This makes academic IPv4 governance unusually difficult. A company can ask whether a block supports the business or should be liquidated. A ministry can ask whether public services depend on a stable address record. A university must ask whether the block is infrastructure, endowment, laboratory commons, student utility, regional public good or financial reserve. The answer may be all of these at once. If the external record is stable, the institution can negotiate internally. If it is vulnerable to retrospective tests, use-it-or-lose-it pressure or discretionary reclamation, the internal debate changes. The campus is no longer allocating a secure inherited resource. It is defending a claim before an outside authority.
Universities are especially sensitive to this kind of uncertainty because they are procedural institutions. They run on committees, delegated authority and documentary memory. A network architect may know why a /16 was routed in a particular way, but the senate committee reviewing capital assets may not. A grant auditor may ask whether a resource is still used for the project described in an old application, even though the modern campus network has evolved through dozens of unrelated projects. A charity regulator, public accounts committee, education ministry or registrar of companies may have a different view of institutional control from the view held by the network team. The larger the block, the more likely the matter becomes institutional rather than purely technical.
Why universities became early address holders
Universities did not acquire legacy address space because they were unusually clever asset managers. They acquired it because the early Internet was an academic and research network before it became a mass commercial utility. The institutions that needed addresses were laboratories, computer-science departments, national research networks, engineering schools, supercomputing centres, observatories, defence-linked research projects and technical universities. Addressing practice followed the assumptions of that period: uniqueness mattered more than financial discipline, administrative cost should be low, growth would come from research collaboration, and the people requesting resources were presumed to belong to the same technical community that would maintain them responsibly.
That history created a distribution that now looks strange. Some universities hold more public IPv4 space than much larger commercial networks. Some departments retain old suballocations that no longer match the current organisational chart. Some national research and education networks aggregate space for multiple institutions, while others route university-held blocks that remain registered to a particular campus. Medical schools, agricultural research institutes and science agencies may sit between academic and government categories. Some holdings were obtained directly; others passed through mergers, renamings, government reorganisations or research partnerships. The record may be accurate in the practical sense that the institution still controls and routes the space, yet messy in the documentary sense that the original purpose, present use and authority chain cannot be compressed into a modern web form.
That messiness is not evidence of bad faith. It is what happens when public-good infrastructure persists across several institutional eras. A campus that received addresses for a research network in the 1990s may now use them for authentication gateways, course platforms, data-transfer nodes, laboratory controllers, sensor networks, student services and public scientific repositories. The machines have changed. The mission has not disappeared. If an external audit treats every changed use as suspicious departure from an original justification, it misunderstands universities. Research infrastructure is supposed to evolve. A university still using an address block only for the machines listed decades ago would be a failed institution, not a model of compliance.
The African setting adds another layer. AFRINIC was created later than the other regional Internet registries and became operational in the mid-2000s, after many Internet institutions elsewhere had already accumulated substantial resources. AFRINIC describes its role as serving Africa and the Indian Ocean region with IP address space, autonomous system numbers, training, WHOIS and RDAP, reverse DNS, routing registry functions and RPKI services. The historical asymmetry matters. African universities and research networks were building connectivity in a world where global scarcity was already visible, but where local development still required routable IPv4. They needed the same certainty as older northern universities, with less historical surplus and weaker institutional buffers.
This is why the academic legacy question is more than nostalgia. It asks how address governance should treat institutions that entered the Internet under one logic and now operate under another. The early logic valued research openness, technical trust and low-friction coordination. The scarcity logic values title confidence, liquidity, utilisation and market price. Universities sit across the divide. They need enough of the old logic to preserve experimental autonomy and public collaboration, and enough of the new logic to manage valuable resources responsibly. A registry that cannot distinguish those logics will either romanticise academic holdings as untouchable or attack them as inefficient hoards. Neither answer is good enough.
From research commons to quasi-endowment
Endowment is an imperfect but useful analogy. A university endowment is not merely cash. It is an intergenerational resource, usually accumulated through gifts, historical advantage and institutional stewardship, whose value supports future autonomy. Legacy IPv4 space has some of the same features. It arrived when the resource was not priced like a modern asset. It sits on the institution's balance of practical power even when accounting treatment is ambiguous. It supports operations directly. It can be lent internally, shared with partner institutions, leased, sold or preserved. It can also provoke conflict because its value is real and its mission is not purely financial.
The analogy must be handled carefully. IP addresses are not identical to land, securities or donated funds. Regional registry policies often avoid ordinary property language; courts and contracts differ; and official registry material tends to describe number resources as public resources administered for uniqueness rather than owned like ordinary property. Yet markets buy, sell and lease rights of use. Banks, operators and advisers price uncertainty. Institutions make decisions as if scarcity value exists, because it does. AFRINIC's fee schedule recognises academic and research institutions as a special category, applying a discount where organisations provide evidence of recognised academic or research status and show that resources will be used for not-for-profit academic or research activities. That administrative detail points to a larger truth: academic address use has a recognised public-good character even inside a fee economy.
Once scarcity has a price, that public-good character collides with opportunity cost. A /16 contains 65,536 addresses. Even conservative market valuations can turn such a block into a multimillion-dollar question. The exact price changes with reputation, route history, region, transferability, registry process and counterparty risk, but the order of magnitude is enough to matter to a finance committee. A campus facing old buildings, weak security tooling, expensive research computing and strained student services will not ignore a resource that could fund several urgent projects. Nor should it. Stewardship includes the obligation to notice value.
But stewardship also includes the obligation not to liquidate autonomy cheaply. A university that sells too much address space may save a budget year and weaken its network for a decade. A public block can support services that commercial providers cannot easily replicate without new contracts, address translation, vendor dependency or loss of experimental freedom. It gives researchers a sandbox for measurement, distributed systems, cybersecurity work and instrument control. It lets a campus publish services without negotiating every endpoint through a carrier. It can support student residence networks without collapsing everything behind layers of translation. It can make the difference between a research network that engineers can reconfigure and one trapped inside provider architecture.
The endowment analogy therefore cuts both ways. It makes sale morally possible, because endowments are managed for institutional purpose rather than preserved as relics. It also makes reckless sale suspect, because intergenerational assets should not be consumed to fill ordinary operating deficits unless the institution understands the long-term cost. A university legacy block should not be protected by myth. It should be governed as a scarce mission asset. The registry's role should be to maintain the record on which that governance depends, not to substitute its own view of whether the university has used the asset virtuously.
A campus is not one network
The phrase "university network" suggests a clean administrative object. In reality it is an accumulation of networks. There is the teaching network, the administrative network, the residential network, the guest network, the library network, the research-computing fabric, the hospital or medical-school environment, the laboratory network, the facilities-management network, the security-camera network, the alumni and public-web estate, and the cloud-interconnect layer. Many have different governance, risk and funding. Some are centrally managed. Others are tolerated local empires. A few are old enough that nobody wants to touch them during the academic year.
That complexity is why simple utilisation metrics can mislead. A spreadsheet may show that only part of a block is announced, or that some subnets have sparse host counts. The network team may know that the quiet space is reserved for a research-cloud migration, a student-residence redesign, a hospital segmentation project, a new campus, a high-performance computing facility or a network-isolation plan after a security incident. Some subnets remain deliberately quiet because instruments or safety systems are not continuously online. Some addresses are reserved for experiments where stable public numbering is part of the method. Some are held because renumbering equipment would cost more than the saving from aggressive packing.
Commercial networks also reserve capacity, but campus reservations are harder to justify in market language. The institution values option space, academic freedom and resilience. Those values do not always appear as traffic. A physics lab preparing a collaboration with an overseas facility may need routable addresses months before the first data run. A bioinformatics cluster may require controlled external access only during grant cycles. A cybersecurity lab may need clean address separation from production systems because its work intentionally touches hostile traffic or malware samples. A museum archive, astronomical instrument or agricultural sensor network may have intermittent traffic patterns that look inefficient to a central auditor but make sense to the project.
This does not exempt universities from scrutiny. Some old academic blocks are poorly inventoried. Some are routed through outdated security assumptions. Some carry reputation damage from compromised hosts, abandoned servers or shadow IT. Some institutions have more public space than they can plausibly use. Some blocks could be transferred or leased without harming research. But the remedy for poor internal governance is better institutional stewardship, not a doctrine that treats sparse use as a standing invitation to reclaim. A campus should have to know what it holds and why. It should not have to freeze its network in the form imagined by an allocation-era document.
AFRINIC's exhaustion environment illustrates the tension. Its soft-landing materials describe justified need, additional-request checks and efficient-use criteria for members requesting more IPv4 after free-pool depletion. Such criteria are sensible when distributing the final pool of unallocated addresses. They become dangerous if they migrate into a retrospective theory that every historical holder must continuously prove each address is packed to an administrative norm. Academic networks were not designed like hotel rooms. They are closer to laboratories, corridors, reserves and safety margins. A university can be wasteful, but it can also be prudently under-filled.
Student housing and the long IPv4 tail
The most prosaic reason universities still care about IPv4 is that students and researchers use ordinary devices and ordinary services. IPv6 deployment has improved, but the global Internet is not a pure IPv6 environment. Dual-stack remains common. Some applications, vendors, remote collaborators and old instruments still assume IPv4 reachability. Campus networks cannot declare victory on IPv6 because the protocol exists. They must connect the devices and people present on campus.
Student housing is a revealing case. Residential networks combine the scale of a small access provider with the politics of a public institution. Thousands of students bring phones, laptops, consoles, televisions, development boards, lab devices and whatever else a modern student regards as necessary. Some expect public reachability for coursework, gaming, remote access or experiments. Others create abuse problems. NAT conserves addresses, but it also creates logging burdens, support calls, port conflicts and harder attribution. Carrier-grade NAT is not free. It shifts cost from address acquisition to engineering, help desks and compliance. A campus that owns enough public IPv4 can make different design choices from a campus forced to live behind layers of translation.
The residential example also changes the moral tone of the debate. Student connectivity is not a luxury service bolted onto research. It is part of the educational environment. The dormitory network carries remote labs, library access, course management systems, collaboration platforms, accessibility tools, security updates and the ordinary life of students who may not have other reliable connectivity. A block assigned decades ago for research may now support mass education. That is not mission drift in the pejorative sense. It is the expansion of the university's public role.
IPv4 scarcity does not require universities to give every student device a public address. Sensible campuses use private addressing, segmentation, firewalls and IPv6 where appropriate. The point is more limited: public IPv4 under university control gives engineers room to choose. It lets them place gateways, support exceptional cases, isolate noisy uses, expose student projects when necessary and avoid turning every design decision into a procurement exercise. When public addresses are scarce and registry confidence is weak, that room narrows. The result is not only technical inconvenience. It is a reduction in the university's capacity to adapt.
Labs, instruments and academic medicine
Research laboratories make the case more sharply than dormitories. A laboratory network is often a museum of vendor assumptions, grant cycles and scientific improvisation. Instruments may be certified with particular network arrangements, managed by external service teams, or integrated into data workflows that cross institutions and borders. A telescope, sequencer, microscope, field sensor, high-energy physics node or environmental monitoring platform may not generate constant traffic, but it may require stable reachability at moments that matter. The address plan becomes part of the instrument's operating envelope.
Academic medicine adds regulation and reputational risk. Hospitals, research clinics and medical schools often share a campus identity while operating under stricter security, privacy and availability demands. A clinical research platform may connect instruments, data repositories, remote collaborators and regulated environments. Some systems must be isolated, others must be reachable, and many cannot be casually renumbered because vendor support, validation documentation or safety procedures assume stable configurations. Public IPv4 is not merely a column in an inventory. It is part of the institutional memory of systems that may touch patient data, grant obligations and international research.
High-performance computing and science gateways add another layer. Modern research computing is hybrid. It uses campus clusters, national facilities, data-transfer nodes, cloud bursts, identity services, repository mirrors and collaboration portals. Public addressing is not needed for every compute node, but it is often useful for gateways, data movers, management planes and externally reachable services. Researchers care less about address ideology than about whether the network lets them move data, expose tools and collaborate without waiting months for an exception. When public IPv4 becomes scarce, the cost of those exceptions rises. When registry confidence weakens, administrators become cautious precisely where research needs flexibility.
This is why "used" versus "unused" is an inadequate language for academic legacy space. A residence gateway is not the same as a research-instrument address. A hospital service is not the same as an abandoned departmental server. A science DMZ is not the same as a vanity public subnet. Proper stewardship distinguishes among them. It may move routine services behind private addressing, preserve public space for collaboration points, lease or sell genuine surplus, return abandoned fragments, or coordinate through an NREN. But that work requires stable external recognition. A university cannot rationally optimise its address estate if it fears that admitting surplus, change or experimentation will invite confiscation.
NRENs and the collectivised edge of autonomy
National research and education networks occupy the ambiguous middle ground between campus autonomy and collective infrastructure. An NREN can aggregate demand, provide backbone connectivity, coordinate routing, improve security, support identity federation and represent academic networks in regional forums. In countries where individual universities lack scale or staff, the NREN may be the only practical way to obtain resilient research connectivity. It may also be the institution through which address space is held, routed or justified.
The economic role of an NREN is not merely technical. It can socialise scarcity. A well-run NREN can pool address resources, shift capacity among institutions, support smaller universities and negotiate with registries more effectively than any single campus. It can reduce waste by making unused space visible inside a trusted academic community rather than forcing every institution into a commercial market. It can preserve public mission by keeping addresses in research and education use even when prices tempt individual universities to sell.
Collectivisation has costs. A campus with its own public block may resist surrendering control to a national body, especially if research autonomy, medical systems or security obligations depend on rapid local decisions. A university may worry that the NREN will ration public addresses according to political influence, ministry priorities or central technical taste. Smaller institutions may fear that older elite campuses will keep historical abundance while asking newcomers to accept NAT and scarcity discipline. The fairness rhetoric of the registry world can reappear inside academic systems: who deserves scarce public space, the old research university that helped build the network, the new regional campus expanding access, the medical school, the supercomputing centre or the student network serving the most users?
AFRINIC's academic discount policy hints at this problem without solving it. It recognises academic and research status and requires not-for-profit academic or research use for discounted treatment, while asking academic organisations requesting local Internet registry status to provide more documentation about network infrastructure and the need to assign to others. The distinction is administratively sensible: a university using resources for itself is different from an academic network distributing resources to other institutions. It also shows how quickly academic stewardship becomes a question of delegated authority. The moment a campus or NREN assigns to others, the registry may ask who uses the addresses, for what, and under whose continuing control.
A registry that acts as a reliable record-keeper can support this academic federalism. It can record the holder, maintain contacts, publish routing and reverse-DNS information, support transfers where permitted and preserve evidence of delegated use. A registry that acts as a discretionary permission office can destabilise it. If it can retroactively second-guess academic suballocation, customer geography, changed research purpose or internal sharing, the NREN becomes a compliance funnel rather than a coordination body. Universities then learn to hide complexity, avoid internal pooling, or keep inefficient reserves because transparency increases external risk.
AFRINIC's record layer and the cost of uncertainty
The AFRINIC record layer is not a single database field. It includes WHOIS and RDAP publication, reverse DNS delegation, routing registry data, RPKI services, member contacts, transfer records and the institutional processes that make updates credible. The Number Resource Organization's 2023 statement on receivership framed the official receiver's role as preserving the value of the organisation and moving it toward functional governance, while emphasising continued registry services for members. For holders, the technical point is simple: they do not only need a historical claim. They need the services that make the claim operational.
For a university, each service maps onto a real dependency. WHOIS and RDAP help counterparties, security teams and collaborators identify the institution. Reverse DNS affects mail reputation, research services, logging, abuse handling and operational hygiene. RPKI affects route-origin validation and the university's participation in a more security-conscious routing environment. Routing registry data shapes filtering by upstreams and peers. Contact records determine whether abuse complaints or routing emergencies reach the right team. If a registry crisis slows, freezes or politicises those services, the university pays in labour, reputation and risk.
Generic market analysis can miss this cost. A broker may price a block by size, cleanliness and transferability. A campus network office prices it by whether teaching, research and operations can continue without surprises. The two prices interact. If AFRINIC-region resources are perceived as legally or operationally uncertain, market value may be discounted. For a university, the larger cost may be defensive behaviour: delayed projects, over-retention of addresses, reluctance to disclose internal plans, additional legal review for ordinary network changes, and a preference for commercial provider addresses where campus-owned space would have been better. Scarcity already makes public IPv4 expensive. Registry uncertainty makes using it expensive.
That is why official assurances, though useful, are not enough. Academic holders need architecture: escrowed records, tested service continuity, transparent update rules, independent review, bounded adverse powers, clear transfer procedures and non-destructive dispute handling. They need confidence that a board dispute, court case or election controversy will not impair their ability to maintain contacts, reverse DNS, RPKI or transfer evidence. Institutional trust is built by systems that work when leadership is contested. Universities are accustomed to continuity across rectors, vice-chancellors and ministers; they need the same from the registry layer on which their network identity depends.
Address theft and dormant academic records
The 2019 reporting on AFRINIC address theft is the darkest exhibit for academic holders. KrebsOnSecurity and MyBroadband described alleged misappropriation of millions of IPv4 addresses through altered registration records and grey-market sale or use. Reported figures included roughly 4.1 million addresses and estimates of value starting around tens of millions of dollars. Many of the affected resources were associated with inactive, defunct or weakly defended organisations. The details were specific to the case, but the general vulnerability is familiar: dormant records become targets when scarcity turns them into capital.
Universities have both advantages and weaknesses in this environment. They rarely disappear like small companies. They have public identity, legal continuity and reputational weight. But they are organisationally fragmented. A department may close, a campus may merge, a research institute may be renamed, a national university may be reorganised by statute, or a technical contact may retire without updating records. Public institutions can be slow to respond to unfamiliar registry notices. Old address records may point to people who left decades ago. Historical allocations may be known to network engineers but invisible to central legal or finance teams. That is precisely the kind of documentary gap that a scarcity market exploits.
The theft lesson is not that registries should become aggressive reclaimers. It is that they must protect the integrity of the record without converting protection into policy control. Correcting forged records, detecting duplicate claims, preserving audit trails and restoring rightful holders are core registry functions. They are different from punishing a recognised holder because an administrator dislikes its current utilisation pattern or commercial choices. The first protects academic institutions. The second threatens them.
A university that cannot fully document a block should face a process aimed at establishing the truth: old correspondence, routing history, institutional name changes, NREN records, upstream contracts, domain and reverse-DNS evidence, procurement records, board or ministry documents, and present operational use. If fraud is found, the record should be corrected. If the institution has evolved, the record should be updated. If part of the block is genuinely abandoned, the university can decide whether to return, transfer, lease or repurpose it under clear rules. What should not happen is a leap from imperfect documentation to discretionary confiscation.
Address theft also changes campus politics. Before scarcity, an old block might have been an engineering relic. After theft becomes visible, it becomes an asset that must be inventoried and defended. Finance may ask why the university is not monetising it. Network engineers may request budget to clean records and route filters. Legal counsel may ask whether the chain of authority is complete. The research office may ask whether future experiments are protected. A stable registry makes that work constructive. An unstable one makes it defensive, because every cleanup may expose a vulnerability.
Cloud Innovation as a registry-layer warning
The Cloud Innovation litigation dominates recent AFRINIC history, but it should not dominate the university question. Cloud Innovation was a large holder with a leasing-oriented business and a direct dispute with AFRINIC. Universities are usually mission institutions, often public or non-profit, and their use of IPv4 is embedded in teaching, research and campus operations. Treating the two as morally equivalent would obscure the distinctive public-interest problem of academic legacy space.
Yet the dispute remains relevant as registry-layer evidence. AFRINIC questioned use, regionality and contractual compliance. Cloud Innovation contested the interpretation and responded through litigation. Courts became central. Bank accounts were frozen. Injunctions, winding-up arguments, membership disputes and claims about the status of number resources entered the picture. Different observers assign blame differently. The narrow lesson for academic holders is colder than the politics: when a registry has broad adverse power and weakly bounded discretion, a dispute over resource use can escalate from contract interpretation to institutional crisis.
Universities are not built to fight such battles. A research institution may have lawyers, but it does not want to spend years defending a routable address block against a theory that its use has drifted from the original justification. It may not have a commercial revenue stream that makes litigation rational. It may have public accountability duties that make conflict with a registry reputationally unattractive. It may depend on ministries or donors who prefer quiet compliance. That makes universities vulnerable to pressure even when their operational case is strong. The credible threat of registry action can be enough to change behaviour.
The case also reveals the danger of mandate laundering. A registry can describe an intervention as community protection, regional fairness, anti-speculation, anti-abuse or development policy. Some of those goals may be legitimate. But when the remedy is impairment of an established operational record, the real effect is transfer of power from the holder to the registry. Academic institutions are especially exposed to moralised language. They are expected to serve the public good. They can be accused of hoarding more easily than a commercial operator can be accused of monetising. A policy designed to fight one form of commercial behaviour can damage research infrastructure if it treats all large historical holdings as suspect inventory.
The better dispute architecture would offer intermediate procedures: disclosure of evidence, cure periods, independent review, preservation of the last verified operational state, conflict notation and remedies proportionate to the problem. A campus should not lose reverse DNS, RPKI continuity or public registration because a new interpretation of old need is being tested. Fraudulent alterations should not stand because a university is old or prestigious. The problem is not enforcement itself. It is enforcement that lacks scale, neutrality and operational restraint.
Receivership, elections and the confidence premium
AFRINIC's receivership and election history matters because confidence in a registry is cumulative. In 2023, the appointment of an official receiver was presented by the Number Resource Organization as a path to maintaining the status quo, preserving business value, overseeing elections and restoring governance. In 2025, election attempts were surrounded by concerns about nomination processes, voting rights, powers of attorney and membership status. The June 2025 election was suspended and then annulled after allegations about voter documentation and proxy irregularities. A later election in September 2025 produced a board, while reporting still described legal challenges, investigations and unfinished recovery. In early 2026, AFRINIC staff publicly described improved morale, interim management appointments, a budget and action plan, and a strategy process. In May 2026, ICANN again intervened in court proceedings around a winding-up application and argued for separation between numbering resources and the corporate estate.
This sequence can be read in more than one way. Optimists see resilience: courts, receivers, staff, members, ICANN and the wider RIR system prevented total collapse and moved AFRINIC toward normal governance. Critics see fragility: a registry for a whole region spent years without ordinary board capacity, became entangled in litigation, had elections annulled and required external intervention. For a university holder, both readings matter. Services may continue, but the confidence premium changes.
Confidence is not the same as uptime. Packets can route while institutional trust declines. WHOIS can answer while legal uncertainty grows. RPKI repositories can publish while boards fight. A campus may experience no immediate outage and still delay an address reorganisation because the registry environment feels unstable. Finance may discount the value of a potential transfer. Legal may require more documentation before approving a lease or sale. Researchers may be told to use provider-controlled addresses rather than campus space because public legacy space has become politically sensitive. These are real costs, even if no interface goes down.
The confidence premium also affects collaboration. An African university participating in international research needs partners to trust its network identity. A medical research gateway needs stable routing, reverse DNS and security assertions. An NREN needs predictable registry services to support member institutions. If AFRINIC is perceived as recovering but still vulnerable, these actors build extra caution into their plans. That caution may be prudent, but it diverts energy from teaching and research into institutional risk management.
The lesson is not that AFRINIC should be bypassed or condemned in every case. It is that a registry serving academic infrastructure must be designed for continuity beyond corporate turbulence. The record should survive board disputes. Essential services should have failover. Disputes should be isolated. Elections should not determine whether holders trust the database. Staff professionalism is valuable, but it should not be the only safety mechanism.
Fairness without confiscation
Academic legacy space attracts a particular fairness critique. Why should an old university keep a large block while new entrants receive small allocations under exhaustion policy? Why should a campus that obtained addresses cheaply sit on scarcity value while smaller institutions struggle? Why should research mission justify what looks like underutilisation? Why should public money support an institution that could sell or lease addresses and fund itself?
Those questions are legitimate. They are also incomplete. The early distribution of Internet resources was historically unequal, and universities benefited from being early technical actors. But ex post fairness cannot be achieved simply by destabilising old records. Reclamation may satisfy a moral intuition while producing little development benefit, especially when the wider IPv4 market is already priced and opaque. It may also punish institutions that trained engineers, hosted early networks, ran research infrastructure and supported national connectivity. Academic holders were not merely rent-seekers. Many were builders of the system whose scarcity now makes their holdings valuable.
The correct fairness question is not whether old universities deserve everything forever. It is how to convert historical advantage into present public value without destroying reliance. A university might share space with smaller institutions through an NREN, lease surplus under transparent mission rules, sell a portion to fund research infrastructure, reserve space for laboratories and student networks, or return fragments that are truly unneeded. It might publish an internal stewardship policy explaining why it retains major blocks. These are governance choices. They are not the same as registry confiscation.
Use-it-or-lose-it pressure is seductive because it appears objective. If a block is not visibly full, reclaim it. But fullness is a poor proxy for public value. A campus may need slack for security segmentation, research cycles, disaster recovery or grant-funded expansion. A university forced to pack addresses to prove use may become less secure and less innovative. Conversely, a university allowed to keep unused space forever without scrutiny may behave irresponsibly. The balance must be institutional and evidence-based, not rhetorical.
Fairness also requires recognising that new academic institutions need address autonomy too. Scarcity should not freeze the hierarchy of universities as it existed when the Internet was young. If older campuses hoard without mission use, they harm younger institutions. If registries attack old holdings without due process, they harm trust for everyone. The better bargain is transparent academic stewardship: inventory, published principles, coordination through NRENs where appropriate, preserved research autonomy, and market use where it clearly advances institutional mission. The registry should support that bargain with accurate records and clear transfer paths, not by acting as moral arbiter.
An academic bargain for the scarcity era
A better bargain for university legacy space would begin by acknowledging three truths that are often kept separate. Historical academic holdings have real public-good value and should not be casually liquidated or confiscated. IPv4 scarcity has made those holdings economically valuable, and pretending otherwise invites poor governance. Registry certainty is the infrastructure that lets universities manage the first two truths responsibly.
Universities should accept a duty of internal stewardship. They should inventory holdings, update contacts, preserve chain-of-custody evidence, maintain clean routing and reverse-DNS practice, address abuse, classify mission use and review surplus periodically. Larger holders should explain why they retain major blocks and how those blocks support teaching, research, student life, medical work, NREN collaboration or future infrastructure. They should not hide behind academic prestige to avoid governance.
The policy should classify uses rather than worship a single utilisation percentage. Some public IPv4 is core infrastructure: identity, DNS, mail, gateways, research portals, clinical research systems and essential public services. Some is research option space: science DMZs, experimental networks, grant-funded platforms and temporary collaborations. Some is student and community utility. Some may be surplus. Some may be contaminated and require cleanup. A single number cannot capture those categories.
Monetisation should be governed by mission locks. If a university leases or sells surplus IPv4, proceeds should not vanish into a general deficit without debate. They should support network modernisation, cybersecurity, research computing, student connectivity, NREN collaboration or other infrastructure purposes related to the resource's origin. The institution should publish enough explanation to avoid accusations that it is privatising a public-good inheritance. It should also preserve enough capacity to avoid future dependency that costs more than the revenue gained.
Registries should accept a duty of restraint. They should protect records from fraud, authenticate changes, maintain publication and security services, and process transfers under clear rules. They should not use academic moral language to expand discretionary control. They should not treat sparse utilisation as proof of abandonment without careful evidence and proportionate process. They should not impair reverse DNS, RPKI or registration recognition as leverage for disputes that can be handled by less destructive means. They should separate record integrity from policy punishment.
NRENs and ministries can help without swallowing campus autonomy. They can help universities share surplus inside the academic sector, support new institutions, fund address-management expertise and create norms for mission-locked monetisation. They can reduce the need for each campus to negotiate alone. They can also protect smaller universities from a world in which the oldest institutions keep historical abundance and the newest are told to make do with translation. But they should not become new permission offices that reproduce registry discretion at national level.
Markets will remain part of the picture. The scarcity value of IPv4 cannot be wished away, and refusing all monetisation may be irresponsible. But market use should be transparent, mission-aligned and legally clean. A university that leases space should know who uses it, how abuse is handled, how reputation is protected, how registry data is maintained and whether the arrangement conflicts with its public mission. A university that sells should preserve future autonomy and direct proceeds toward durable infrastructure. Market discipline can support stewardship if the institution controls the choice. It becomes extraction if uncertainty, budget pressure or registry fear forces the choice.
University legacy space matters because it reveals the deepest contradiction in IPv4 governance. The Internet's address system was built under a public-good research logic, scaled through commercial adoption, and matured into an asset economy without a fully coherent institutional transition. Universities are living archives of that transition. Their address blocks carry the memory of an Internet that was collaborative, experimental and underpriced. Their budgets now face an Internet where the same blocks are scarce, tradable and strategically valuable.
AFRINIC's recent history makes the contradiction visible. A registry must preserve uniqueness and accurate records, yet it can be tempted to preserve its own authority by expanding the meaning of stewardship. A holder must manage a valuable resource responsibly, yet it can be tempted to call every reserve academic mission. A market can reveal scarcity value, yet it can also exploit institutions that do not understand the market. A fairness claim can help new entrants, yet it can become a cover for confiscation or political control. There is no simple moral answer because the resource has crossed institutional categories.
The university setting is therefore a test of maturity. If the governance system can handle academic legacy space well, it can handle history without freezing it, markets without surrendering to them, and public mission without using it as rhetoric. That requires a registry layer that behaves like resilient infrastructure. It requires universities to act like stewards rather than accidental asset holders. It requires NRENs to coordinate without erasing campus autonomy. It requires policy communities to stop treating "unused" as a magic word and start asking what kind of option space a research network legitimately needs.
The alternative is a bad equilibrium. Universities keep quiet, registries suspect hoarding, market intermediaries profit from opacity, new institutions remain address-poor, and public research infrastructure becomes more dependent on commercial platforms. Scarcity then does not produce efficient reallocation. It produces fear. The old academic record becomes a target rather than a foundation.
AFRINIC has an opportunity, precisely because its recent history has been so difficult, to clarify the boundary. Protect the record. Preserve academic chain of custody. Make fraud correction strong and reclamation rare. Keep reverse DNS, RDAP, WHOIS, routing-registry and RPKI continuity independent of institutional turbulence. Give holders clear procedures for transfer, sharing, correction and dispute review. Let universities monetise genuine surplus when mission governance supports it, and let them retain space when research autonomy, student networks and public-good infrastructure justify it.
That would not resolve every argument over IPv4 scarcity. It would not make early academic allocations equal. It would not abolish market pressure. It would do something more modest and more valuable: it would make the historical academic Internet governable in the scarcity era. For universities, that is the real economics of legacy space. The question is not whether old addresses are sacred or saleable. The question is whether a public research institution can turn inherited network capacity into future autonomy without having the record beneath it turned into a weapon.

