Re: ARIN RPKI Trust Anchor Issue

[Simon Leinen via NANOG <nanog () nanog org>]

Dear Job,

> I analysed the alert, here is my assessment.

Thanks a lot for the analysis.  I had also received the alert (Randy
Bush and others as well, see "Subject: TA Malfunction??" thread :-) and
was wondering... your analysis makes sense as far as I can judge (which
is not very far).

[...]
> It is interesting that the 'trigger event' happened two days ago, but it
> is only just now that it became quite tangible! It seems this anomaly
> could've been alerted for earlier on.

Can you elaborate how? (Looking for overly-large or otherwise suspicious
manifests signed by CAs?)

> I noted in my "RPKI's 2024 Year In Review" report:

Thanks for that one as well.  It has interesting information and
reflections that should be discussed in the operator/sidrops community,
preferably by people more knowledgeable than me...

Cheers,
-- 
Simon.