Existing ASN-to-organization mapping approaches rely solely on single authoritative databases (e.g., WHOIS, PeeringDB), limiting their ability to resolve cross-regional aliases, parent-subsidiary relationships, and other complex organizational structures, while failing to unify organization identifiers across disparate Regional Internet Registries (RIRs). To address this, we propose the “Organization Family” abstraction—a unified representation integrating structured RIR registration data with unstructured web metadata. We design a retrieval-augmented generation (RAG)-driven large language model framework that performs multi-stage reasoning for ASN clustering, organization attribution, and dynamic relationship discovery. This is the first systematic integration of heterogeneous network evidence, enabling fine-grained organizational structure modeling and periodic updates. Evaluated on 111,000 ASNs mapped to 81,000 Organization Families, our method significantly improves cross-regional association detection; in security applications, it increases RPKI misconfiguration detection by 27.5%, and reduces BGP hijacking false positives and IP leasing misclassifications by 9.4% and 5.9%, respectively.

Accurately mapping Autonomous Systems (ASNs) to their owning or operating organizations underpins Internet measurement research and security applications. Yet existing approaches commonly rely solely on WHOIS or PeeringDB, missing important relationships (e.g., cross-regional aliases, parent-child ownership) and failing to unify organizations scattered across different RIR identifiers. We introduce ASINT, an end-to-end pipeline that fuses bulk registry data with unstructured Web sources, then employs retrieval-augmented generation (RAG) to guide large language model (LLM) inference. Through a multi-stage procedure, ASINT merges ASNs into "organization families," capturing nuanced ties beyond the scope of simpler heuristics. ASINT maps 111,470 ASNs to 81,233 organization families; compared to both AS2ORG+ and AS-Sibling, ASINT identifies more cross-regional groupings (e.g., operator aliases, rebrands) that other datasets overlook. Moreover, our refined mappings enhance multiple security and measurement tasks: ASINT exposes 27.5% more intra-organizational RPKI misconfigurations, cuts false-positive hijack alarms by 9.4%, and lowers erroneous IP leasing inferences by 5.9%. Finally, ASINT supports periodic updates and cost-sensitive LLM selection, demonstrating that broader Web evidence can provide a more accurate, evolving view of the Internet's organizational structure.