On 2023-09-13, Lyndon Nerenberg (VE7TFX/VE6BBM) <lyn...@orthanc.ca> wrote:
> After some head bashing wondering why rpki-client wasn't
> finding our ROAs I discovered the system doesn't ship with
> ARINs tal file. So great swaths of RPKI data aren't getting
> downloaded.
>
> Why are those things?
See the FILES section of the rpki-client(8) manual and the ARIN relying
party agreement. They weakened it a bit from the even more restrictive
version about a year ago but it still says
"Notwithstanding the foregoing, You are specifically allowed to
publicly distribute the ARIN TAL, including by embedding the ARIN TAL in
relying party software; and You may make available to any third party
the information made available through the ORCP Services so long as
such use and disclosure is solely for informational purposes, namely
reporting, educational, research, summary or statistical purposes. You
are specifically prohibited from disclosure or redistribution of the
information made available through the ORCP Services for network routing
purposes, or for any purpose that is reliant on, or has an expectation
of, ongoing or uninterrupted availability of the ORCP Services."
which to my eye is still not really compatible with rpki-client/bgpd
use. Other RIRs seem to manage to make their TALs available without
such terms which is why they're included, but for ARIN you'll need
to download it yourself.
