[RPKI] APNIC CA certificate failed to validate

Chris Caputo ccaputo at alt.net
Tue Dec 1 02:21:09 UTC 2020


I installed 0.8.1 today and had a few good hourly runs.

Then after 2020-12-01 UTC started getting:

rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZwTFeTEC0uxi4JpTfGQbsyoqqhM.cer: CA certificate failed to validate.
CA for rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ rejected, resources marked as unsafe:
[...]

rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/0I2GgcK-TUfCopBV9m5olVhGF_c.cer: CA certificate failed to validate.
CA for rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ rejected, resources marked as unsafe:
[...]

Anyone else seeing that?

https://rpki-validator.ripe.net/trust-anchors/monitor/2 seems to concur 
there is an issue.

  - Not valid after time is in the past: 2020-12-01T00:00:00.000Z
  - Not all manifest objects are valid, all entries are rejected	
  - Certificate is revoked	
  - etc.

Thanks,
Chris


More information about the RPKI mailing list