Per mail to the mailing list, APNIC's BPKI TA (used for both provisioning and publication) will expire in mid-July of this year. While it is possible in Krill to update the TA used for the provisioning protocol, there is no option for that in the publication protocol, and since the current behaviour doesn't take account of the BPKI TA expiry date, we've advised our users that no action is required here (see https://orbit.apnic.net/hyperkitty/list/apnic-services@apnic.net/thread/CE4FTANNG46SCPXYXIKWAGJUQFLRVSKE/). This is just a note to say that if the BPKI validation behaviour changes in the future, it would be a good idea either to grandfather any existing provisioning/publication protocol links so that they continue to work as they do today, or to notify the user in some way where they are relying on an expired TA and that they should get an updated TA before updating Krill.
Per mail to the mailing list, APNIC's BPKI TA (used for both provisioning and publication) will expire in mid-July of this year. While it is possible in Krill to update the TA used for the provisioning protocol, there is no option for that in the publication protocol, and since the current behaviour doesn't take account of the BPKI TA expiry date, we've advised our users that no action is required here (see https://orbit.apnic.net/hyperkitty/list/apnic-services@apnic.net/thread/CE4FTANNG46SCPXYXIKWAGJUQFLRVSKE/). This is just a note to say that if the BPKI validation behaviour changes in the future, it would be a good idea either to grandfather any existing provisioning/publication protocol links so that they continue to work as they do today, or to notify the user in some way where they are relying on an expired TA and that they should get an updated TA before updating Krill.