Hi Andrew That was a good question – one that merited a bit of research on our part. Here’s what we have.
Yes, ROAs can not be created with dates past the expiration of the hosted certificate. As for what to do when the time approaches where the hosted cert needs to be renewed, we are wondering what you (and others) would prefer as a way going forward? Thanks, Mark On 10/23/17, 9:48 AM, "arin-tech-discuss on behalf of Andrew Gallo" <[email protected] on behalf of [email protected]> wrote: Greetings: A question came up at an Internet2 meeting concerning hosted RPKI. Specifically- what happens at the expiration of the Hosted Certificate? I see that the hosted certificate has a 10-year validity period, and ROAs can not be created with dates past the expiration of the Hosted Certificate. When the expiration of this certificate is approaching, what is the procedure? Do we need to re-request Hosted Access? Regenerate ROAs? Will there be an overlap period where both the expiring and new certificates & ROAs will both be valid (to avoid any gaps in coverage)? Thank you. _______________________________________________ arin-tech-discuss mailing list [email protected] http://lists.arin.net/mailman/listinfo/arin-tech-discuss _______________________________________________ arin-tech-discuss mailing list [email protected] http://lists.arin.net/mailman/listinfo/arin-tech-discuss
