Improving the resiliency of RPKI Relying Party software

For the last months I have been working on RPKI Relying Party security. The question I asked myself was: is it possible to disrupt RPKI Relying Party software by introducing a malicious CA/repository into the tree? The short answer is: yes. For a more indepth look into what I did, I wrote the following blog post at RIPE Labs: