Bring new RPKI intro and updated IRR from dedicated branch

Author: RebeccaTamachiro

src/content/docs/byoip/concepts/irr-entries/best-practices.mdx

@@ -1,19 +1,13 @@
 ---
-title: Best practices
+title: Manage IRR entries
 pcx_content_type: reference
 sidebar:
   order: 7
-head:
-  - tag: title
-    content: IRR entry updates best practices
-
 ---
 
-import { GlossaryTooltip } from "~/components"
-
-An Internet Routing Registry (IRR) record is what notifies internet service providers (ISPs) of how you are allowing your resources to be used. This helps ensure ISPs will recognize your routes as legitimate and enables them to ignore unauthorized routes published by someone else.
+import { GlossaryTooltip } from "~/components";
 
-You must keep your IRR entries up to date so that it is public information that Cloudflare has permission to advertise your prefix or prefixes and to ensure that your traffic can be properly routed on the internet.
+You must keep your <GlossaryTooltip term="Internet Routing Registry (IRR)" link="/byoip/concepts/irr-entries/">Internet Routing Registry (IRR)</GlossaryTooltip> entries up to date so that it is public information that Cloudflare has permission to advertise your prefix or prefixes and to ensure that your traffic can be properly routed on the internet.
 
 ## Configure an IRR entry
 

src/content/docs/byoip/concepts/irr-entries/index.mdx

@@ -1,17 +1,22 @@
 ---
-title: Internet Routing Registry
+title: Internet Routing Registry (IRR)
 pcx_content_type: concept
 sidebar:
   order: 2
-
+  label: Overview
+  group:
+    label: Internet Routing Registry
+head:
+  - tag: title
+    content: IRR Overview
 ---
 
-The [Internet Routing Registry (IRR)](http://www.irr.net/index.html) is a globally distributed database of routing information. The IRR contains announced routes and routing policies in a common format, and network operators use this information to configure their backbone routers.
+import { GlossaryDefinition } from "~/components";
+
+<GlossaryDefinition term="Internet Routing Registry (IRR)" prepend="The [Internet Routing Registry (IRR)](http://www.irr.net/index.html) is " />
 
 The IRR consists of many individual [routing registries](http://www.irr.net/docs/list.html), and some are managed by regional entities, such as APNIC, ARIN, and RIPE. Each routing registry contains IRR entries that provide information about IP prefixes and the [autonomous systems](https://www.cloudflare.com/learning/network-layer/what-is-an-autonomous-system/) authorized to announce them.
 
 To announce your subnet prefixes, Cloudflare requires accurate IRR entries for your prefixes and autonomous system numbers (ASNs).
 
-When you configure network infrastructure for services such as [Magic Transit](/magic-transit/about/), [verify your IRR entries](/byoip/concepts/irr-entries/best-practices/#verify-an-irr-entry).
-
-For help with adding missing IRR entries or updating inaccurate entries, refer to the [best practices for IRR entries](/byoip/concepts/irr-entries/best-practices/).
+When you configure network infrastructure for services such as [Magic Transit](/magic-transit/about/), or before onboarding your IP to Cloudflare, [verify your IRR entries](/byoip/concepts/irr-entries/best-practices/#verify-an-irr-entry).

src/content/docs/byoip/concepts/route-filtering-rpki.mdx

@@ -0,0 +1,16 @@
+---
+title: Route filtering and RPKI
+pcx_content_type: concept
+sidebar:
+  order: 2
+---
+
+import { GlossaryTooltip } from "~/components";
+
+As referred in the [IRR concept page](/byoip/concepts/irr-entries/), network operators use IRR records to configure backbone routers. In summary, it is the IRR records that provide information about IP prefixes and the <GlossaryTooltip term="autonomous system numbers (ASNs)">autonomous systems</GlossaryTooltip> authorized to announce them. Then, network operators will apply filtering policies to avoid invalid announcements.
+
+Considering this important role of IRR records, validation via Resource Public Key Infrastructure (RPKI) was introduced. With RPKI, the IP/ASN association is cryptographically validated before being passed on to the routers.
+
+When registering your prefix under one of the five Regional Internet Registries (RIRs)[^1], you can generate a cryptographically-signed object called Route Origin Authorization (ROA). ROAs are public and you can use [Cloudflare's RPKI Portal](https://rpki.cloudflare.com/?view=validator) or other sources, such as [Routinator](https://rpki-validator.ripe.net/ui/), to check your prefixes.
+
+[^1]: AFRINIC, APNIC, ARIN, LACNIC, and RIPE.

src/content/docs/byoip/get-started.mdx

@@ -30,7 +30,7 @@ Once your account configurations are in place, consider the sections below to le
     The process described on this page only supports using Cloudflare's ASN (AS13335). If you must announce the prefixes under your own ASN, contact your account team.
     :::
 
-- You must use Resource Public Key Infrastructure (RPKI) validation and make sure your ROAs are accurate. You can use [Cloudflare's RPKI Portal](https://rpki.cloudflare.com/?view=validator) and a second source such as [Routinator](https://rpki-validator.ripe.net/ui/) to double-check your prefixes.
+- You must use [Resource Public Key Infrastructure (RPKI) validation](/byoip/concepts/route-filtering-rpki/) and make sure your ROAs are accurate. You can use [Cloudflare's RPKI Portal](https://rpki.cloudflare.com/?view=validator) and a second source such as [Routinator](https://rpki-validator.ripe.net/ui/) to double-check your prefixes.
 
 - If you are not familiar with how Cloudflare API works, refer to [Fundamentals](/fundamentals/api/). Make sure you have the necessary permissions and that you have your account ID.
 

src/content/glossary/byoip.yaml

@@ -17,7 +17,7 @@ entries:
 
   - term: Internet Routing Registry (IRR)
     general_definition: |-
-      a globally distributed database of routing information which contains announced routes and routing policies in a common format. Network operators use this information to configure backbone routers.
+      a globally distributed database of routing information which contains announced routes and routing policies in a common format. Network operators use this information, as well as [RPKI](/byoip/concepts/route-filtering-rpki/), to configure backbone routers.
 
   - term: Resource Public Key Infrastructure (RPKI)
     general_definition: |-