What might look like a routine procedural dispute over votes is, in fact, a glaring reminder that Regional Internet Registries (RIRs) are now geopolitical pressure points—and that ICANN’s oversight of RIR governance must evolve to meet these risks.

On 23 June 2025, AFRINIC, the RIR that serves Africa, attempted to hold long-delayed elections to restore stability after years of legal battles and board paralysis. Yet instead of restoring trust, the process imploded almost immediately. Allegations emerged that some voters misused Powers of Attorney (POAs) to swing the vote, raising serious concerns about manipulation and undue influence. Complaints were filed. The police launched an investigation. In the end, the court-appointed Receiver had to annul the entire election and request an extension of his mandate from the Supreme Court of Mauritius to run new elections before 30 September.

For anyone who has followed AFRINIC’s recent history, this pattern is sadly familiar. Years of courtroom fights, intimidation, astroturfing, and infiltration by actors seeking to strip-mine Africa’s limited IPv4 resources for profit have already shown how vulnerable a regional registry can be when strong safeguards fail. This is not just a local scandal; it is a cautionary tale for every other RIR—ARIN, RIPE NCC, APNIC, LACNIC—and for ICANN itself. If these registries cannot protect their processes from capture or corruption, the entire multistakeholder model of Internet governance is at risk.

AFRINIC’s new measures—banning POAs and proxies for voting, setting up a regionally balanced independent Nomination Committee, and shifting entirely to online voting—are important steps. But they only came after court intervention and a near-collapse of the institution’s credibility. Why were such basic election integrity safeguards not already in place? Why does the system only react after a crisis, rather than anticipating how governance can be hijacked by well-organized commercial or geopolitical interests?

This is not just an African story. Whoever controls the allocation of IP addresses and Autonomous System Numbers controls a critical piece of the Internet’s backbone. These unique resources shape which networks can grow, who has reliable access, and how regions develop their digital economies. In the early days of the Internet, when collaboration and technical trust guided most decisions, this system worked well enough. But today’s environment is radically different. IP address governance has become inseparable from digital sovereignty, national security, economic competition, and even interstate conflict.

Globally, large disparities remain. Developed countries secured vast blocks of IPv4 addresses early on, while emerging regions like Africa must stretch their limited allocations or buy expensive blocks on secondary markets. Some commercial actors see this as an opportunity—hoarding and flipping IP address space for profit, often without reinvesting in local networks. Others push for radical decentralization, arguing that centralized RIRs are too prone to capture and should be replaced by blockchain-based systems where users directly own their addresses. But decentralization alone is not a silver bullet. Without proper governance, it could accelerate the same market speculation that threatens equitable access in the first place.

On top of this, many communities today still operate under historical RIR assignments made decades ago, often without their direct input. While practical at the time, these arrangements can feel misaligned with current political, cultural, or economic realities, and risk excluding affected regions from meaningful participation in how their IP resources are governed.

Meanwhile, geopolitics is putting additional stress on RIRs. In Crimea, Kosovo, Western Sahara, and other contested territories, registries must make allocations that can appear to take sides in disputes over sovereignty. These decisions—though presented as technical—carry real political weight. RIRs are forced to walk a tightrope between neutrality and compliance with sanctions, local laws, and international norms. Any perceived bias can be weaponized by states or non-state actors to delegitimize the institution, or worse, to justify a push for centralized control under intergovernmental bodies like the UN or the ITU.

Some governments have long sought to replace the multistakeholder model with state-controlled frameworks. If RIRs repeatedly fail, this argument grows stronger: why trust a decentralized system when it can be hijacked by bad actors? The reality is that destabilizing an RIR through election manipulation, financial sabotage, or legal attacks can provide the perfect excuse for authoritarian regimes to call for more centralized, top-down control.

This is why ICANN’s ongoing review of its RIR governance framework, including the long-overdue update to Internet Coordination Policy (ICP)-2, must rise to the moment. It cannot simply address generic corporate governance or operational failures. ICANN should push for a robust set of minimum standards that every RIR must uphold. That means clear and enforceable rules on election integrity—including independent oversight, strict conflict-of-interest provisions, transparent membership lists, and strong restrictions on proxies and bulk voting. It means regular audits that go beyond financial statements to include governance procedures and community participation. It means having clear contingency plans for crisis scenarios: if an RIR’s board or leadership is incapacitated, how does the community ensure continuity of critical services?

This work must also ensure that historical boundaries and geopolitical realities are openly reviewed, with clear processes for communities to raise concerns and seek fair adjustments. It must also confront the real-world threats that the AFRINIC case lays bare: the weaponization of voting rights, the abuse of legal systems to paralyze operations, the capture of policy processes by special interests, and the erosion of trust when members feel excluded or manipulated. Finally, it must tackle the growing calls for radical alternatives. If decentralization is to play a role, it must be thoughtfully integrated with safeguards for fairness, access, and the public interest—not left to free-market speculation alone. As it stands, the lack of trust in traditional RIRs is giving these proposals more traction than ever.

AFRINIC’s decision to rerun its elections under stricter rules and with a new NomCom is a sign that course correction is possible. But it should not take police investigations, court orders, or institutional breakdowns for the system to do the right thing. The Internet community must demand proactive governance structures that can resist capture—commercial or political—before crises unfold.

None of this is abstract. In an age when every region’s digital future depends on fair and stable access to IP resources, the consequences of failure will be felt by millions. When governance falters, the entire Internet’s neutrality and openness are at stake. The dream of a single, interoperable, global network can unravel quickly—replaced by fractured, overlapping spheres of influence where powerful actors dictate who connects and on what terms.

A resilient system will not come from wishful thinking. It will come from hard rules, community vigilance, transparent accountability, and real enforcement. The stakes are as high as they have ever been. AFRINIC’s experience shows that if we fail to protect these institutions from manipulation and capture, the vision of an open, secure, and equal Internet may not survive.

RIRs don’t just allocate numbers. They shape the balance of digital power for generations to come. It’s time ICANN and the global Internet community treat them that way.