RPKI RRDP Service Degradation
Posted: Thursday, 11 August 2022
Incident window : 11:20 AM - 12:50 PM ET on 11 August 2022
This morning, ARIN renewed SSL certificates within our infrastructure that caused suboptimal performance of the RPKI RRDP services run by ARIN.
- At 11:20 AM ET, a configuration management change installed a new certificate and keys on nodes that serve the RPKI RRDP repository. A subset of these nodes received a mismatched CA certificate and key. This triggered the degraded performance of the RPKI RRDP services.
- At 11:45 AM, repository generation was paused during the process of diagnosing the issue.
- At 12:05 PM, the misconfigured nodes were identified and removed from DNS rotation.
- At 12:40 PM, new CA certificates and keys had been pushed to the impacted systems and they were returned to DNS rotation.
- At 12:50 PM, after confirmation that the systems were running normally, the repository generation was restarted and full functionality of the RPKI RRDP services was restored
RPKI rsync services were fully functional throughout the incident.
The publication of 6 ROAs were delayed during the incident.
Please note that ARIN has a Services Status page which can be found at https://arin.statuspage.io/ or via the link in the footer of ARIN’s website. This link is also visible when logged in to your ARIN Online account. We encourage our customers to subscribe to the Services Status page to receive notifications on service-impacting issues.
Senior Product Owner, Routing Security
American Registry for Internet Numbers
- Volunteer to Serve on the 2024 ARIN Fellowship Selection Committee
- Time is Running Out! The Annual Fee Cap for New LRSA Entrants Expires on 31 December 2023
- ARIN Completes SOC 2 Type 2 Audit and PCI DSS Certification
- ARIN 52 Meeting Report Now Available
- Consultation on Retiring Email Templates
- 2023 ARIN Election Results
- ARIN Board Appoints Kevin Blumberg to NRO NC
- Voting Now Open for the 2023 ARIN Elections
- ARIN 52 Begins Today
- 2023 Customer Satisfaction Survey Results
- » View Archive