- The RIR system has evolved from technical coordination into a quasi-sovereign structure through “mandate laundering”.
- Structural risks now demand a multi-stakeholder transition architecture rather than incremental internal reform.
From coordination to mandate laundering
The Regional Internet Registry (RIR) system was designed to coordinate IP address allocation across five geographic regions. It relied on bottom-up policy development and technical consensus. Over time, however, this mandate has stretched far beyond its original scope. What began as operational stewardship now resembles delegated authority without a clear legal basis.
The concept of “mandate laundering” captures this shift. Authority appears to flow from the community through open processes and consensus, yet it becomes institutionalised and self-reinforcing. Internet governance scholars have long noted that bodies like ICANN and the RIRs derive their authority from community participation rather than formal democratic mandates—creating ambiguity when disputes move beyond the policy room into the courtroom.
This ambiguity matters more in today’s IPv4 market. Scarcity has turned addresses into tradable assets with real economic value. RIRs now influence property-like rights through transfer restrictions, revocation powers and territorial claims—even though they were never designed as legal regulators.
Case studies expose structural limits
Recent disputes highlight the risks. The AFRINIC crisis is the most extreme example. When the registry for Africa attempted to reclaim 6.3 million IPv4 addresses from Cloud Innovation Ltd—a Hong Kong-based company that had received the allocations between 2013 and 2016—a Mauritian court intervened repeatedly. In July 2021, the court granted a freezing order attaching up to USD 50 million in AFRINIC’s bank accounts.
By September 2023, AFRINIC was placed under receivership, leaving the organisation effectively paralysed and unable to issue new IP addresses for extended periods.
The crisis exposed a core weakness: RIR authority collapses when confronted with national legal systems that do not recognise registry policy as binding law.
Similarly, the relationship between RIRs and legacy IPv4 address holders in North America has been a source of tension. Legacy resources—address blocks assigned before ARIN was formed in December 1997—were originally administered without requiring a formal agreement. ARIN later introduced the Legacy Registration Services Agreement (LRSA) in 2007 to bring these resources under a contractual framework.
Organisations that declined to sign found certain services, such as Resource Public Key Infrastructure (RPKI) and Internet Routing Registry access, withheld. The tension is not about courtroom battles but about leverage: the registry controls access to critical security infrastructure, and legacy holders who resist the contractual framework are gradually excluded from the ecosystem they helped build.
A third example lies in the secondary IPv4 market. Brokers and leasing platforms now operate at scale, facilitating transactions and rental arrangements that often fall outside direct RIR oversight. This weakens the idea that registries maintain effective control over allocation and usage—and raises the question of who ultimately governs the market.
Why a transition architecture is now necessary
These cases point to a deeper issue. The RIR system no longer fits its original role. It acts like a governance authority—making policy, enforcing rules, controlling access—but lacks sovereign legitimacy. This creates systemic risk: policy decisions can trigger legal conflict, market distortion, or fragmentation of the global address space.
Internal reform is unlikely to resolve this. The structure itself embeds the problem. Governance still depends on institutional continuity rather than external accountability. Each RIR operates as a private legal entity in its own jurisdiction, with no overarching framework for cross-regional disputes or systemic failure.
A transition architecture offers a more realistic path. This would involve governments, industry stakeholders, and technical actors working together to establish clear boundaries between coordination functions and governance authority. It would also align IP resource governance with the legal and economic realities that have emerged since the system was first designed.
The shift will not be simple. But without it, mandate laundering will continue to expand risk across the global IP ecosystem.
Also read: Top IPv4 marketplaces for ISPs to explore
