[rcaught]

Somewhat related. I've been looking at RPKI lately, and there are two things I'm not overly impressed with:

1. LACNIC and RIPE have 100 year validity on their trust anchors.

2. All RIR trust anchors are valid for all IPs (past their allocations), due to, I assume, inter-RIR transfers.

[__MatrixMan__]

I'll have to learn more about the protocol but I immediately distrust anything with things called "trust anchors". Sounds like the kind of high-value-target that attracts corruption.