



SIDROPS                                                      J. Snijders
Internet-Draft                                                          
Intended status: Standards Track                          T. Bruijnzeels
Expires: 29 March 2026                                          RIPE NCC
                                                             T. Harrison
                                                                   APNIC
                                                                W. Ohgai
                                                                   JPNIC
                                                       25 September 2025


 The Erik Synchronization Protocol for use with the Resource Public Key
                         Infrastructure (RPKI)
             draft-spaghetti-sidrops-rpki-erik-protocol-03

Abstract

   This document specifies the Erik Synchronization Protocol for use
   with the Resource Public Key Infrastructure (RPKI).  Erik
   Synchronization can be characterized as a data replication system
   using Merkle trees, a content-addressable naming scheme, concurrency
   control using monotonically increasing sequence numbers, and HTTP
   transport.  Relying Parties can combine information retrieved via
   Erik Synchronization with other RPKI transport protocols.  The
   protocol's design is intended to be efficient, fast, and easy to
   implement.

Status of This Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at https://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on 29 March 2026.

Copyright Notice

   Copyright (c) 2025 IETF Trust and the persons identified as the
   document authors.  All rights reserved.



Snijders, et al.          Expires 29 March 2026                 [Page 1]

Internet-Draft   Erik Synchronization Protocol for RPKI   September 2025


   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents (https://trustee.ietf.org/
   license-info) in effect on the date of publication of this document.
   Please review these documents carefully, as they describe your rights
   and restrictions with respect to this document.  Code Components
   extracted from this document must include Revised BSD License text as
   described in Section 4.e of the Trust Legal Provisions and are
   provided without warranty as described in the Revised BSD License.

Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   3
     1.1.  Requirements Language . . . . . . . . . . . . . . . . . .   3
     1.2.  Related Work  . . . . . . . . . . . . . . . . . . . . . .   4
     1.3.  Glossary  . . . . . . . . . . . . . . . . . . . . . . . .   4
   2.  Informal Overview . . . . . . . . . . . . . . . . . . . . . .   4
   3.  Erik Synchronization Data Structure Definitions . . . . . . .   5
     3.1.  ErikIndex . . . . . . . . . . . . . . . . . . . . . . . .   6
       3.1.1.  The version field . . . . . . . . . . . . . . . . . .   7
       3.1.2.  The indexScope field  . . . . . . . . . . . . . . . .   7
       3.1.3.  The indexTime field . . . . . . . . . . . . . . . . .   7
       3.1.4.  The hashAlg field . . . . . . . . . . . . . . . . . .   7
       3.1.5.  The partitionList field . . . . . . . . . . . . . . .   7
     3.2.  ErikPartition . . . . . . . . . . . . . . . . . . . . . .   8
       3.2.1.  The version field . . . . . . . . . . . . . . . . . .   8
       3.2.2.  The partitionTime field . . . . . . . . . . . . . . .   8
       3.2.3.  The hashAlg field . . . . . . . . . . . . . . . . . .   8
       3.2.4.  The manifestList field  . . . . . . . . . . . . . . .   8
   4.  Client-side Processing  . . . . . . . . . . . . . . . . . . .   9
   5.  Querying an Erik Relay  . . . . . . . . . . . . . . . . . . .   9
     5.1.  Fetching objects by hash  . . . . . . . . . . . . . . . .   9
     5.2.  Fetching ErikIndex objects  . . . . . . . . . . . . . . .  10
   6.  Transport Error Detection and Handling  . . . . . . . . . . .  10
   7.  Setting Up an Erik Relay  . . . . . . . . . . . . . . . . . .  10
   8.  Comparison with other RPKI transport protocols  . . . . . . .  10
     8.1.  Comparison with Rsync . . . . . . . . . . . . . . . . . .  11
     8.2.  Comparison with RRDP  . . . . . . . . . . . . . . . . . .  11
       8.2.1.  Garbage Collection  . . . . . . . . . . . . . . . . .  11
   9.  Open Questions  . . . . . . . . . . . . . . . . . . . . . . .  11
   10. Operational Considerations  . . . . . . . . . . . . . . . . .  12
   11. Security Considerations . . . . . . . . . . . . . . . . . . .  12
   12. IANA Considerations . . . . . . . . . . . . . . . . . . . . .  12
     12.1.  S/MIME Module Identifier . . . . . . . . . . . . . . . .  12
     12.2.  OIDs for Content Types . . . . . . . . . . . . . . . . .  13
     12.3.  Well-Known URI . . . . . . . . . . . . . . . . . . . . .  13
   13. References  . . . . . . . . . . . . . . . . . . . . . . . . .  13
     13.1.  Normative References . . . . . . . . . . . . . . . . . .  13
     13.2.  Informative References . . . . . . . . . . . . . . . . .  14



Snijders, et al.          Expires 29 March 2026                 [Page 2]

Internet-Draft   Erik Synchronization Protocol for RPKI   September 2025


   Appendix A.  Implementation status  . . . . . . . . . . . . . . .  15
   Appendix B.  Example objects  . . . . . . . . . . . . . . . . . .  16
     B.1.  Example ErikIndex . . . . . . . . . . . . . . . . . . . .  16
     B.2.  Example ErikPartition . . . . . . . . . . . . . . . . . .  21
   Acknowledgements  . . . . . . . . . . . . . . . . . . . . . . . .  25
   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .  25

1.  Introduction

   This document specifies the Erik Synchronization Protocol for use
   with the Resource Public Key Infrastructure (RPKI) [RFC6480].  Erik
   Synchronization can be characterized as a data replication system
   using Merkle Trees [M1987], a content-addressable naming scheme
   [RFC6920], concurrency control using monotonically increasing
   sequence numbers [RFC0677], and HTTP transport [RFC9110].  Relying
   Parties can combine information retrieved via Erik Synchronization
   with other RPKI transport protocols ([RFC5781] and [RFC8182]).  The
   protocol's design is intended to be efficient, fast, and easy to
   implement [RFC1925].

   The notion of cache-to-cache data replication was documented in
   Section 3 of [RFC7115].

   |  Validated caches may also be created and maintained from other
   |  validated caches.  Network operators SHOULD take maximum advantage
   |  of this feature to minimize load on the global distributed RPKI
   |  database.  Of course, the recipient relying parties should re-
   |  validate the data.
   |  
   |  -- RFC7115, section 3

   Historic records show that experiments have been performed in this
   space using, for example, peer-to-peer file sharing technology (see
   [P2P]), but no standardised and widely-deployed mechanism for cache-
   to-cache replication emerged since then.  The authors hope that the
   Erik Synchronization protocol might be suitable to fill this gap and
   help reduce load on the global RPKI.

1.1.  Requirements Language

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
   "OPTIONAL" in this document are to be interpreted as described in
   BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all
   capitals, as shown here.






Snijders, et al.          Expires 29 March 2026                 [Page 3]

Internet-Draft   Erik Synchronization Protocol for RPKI   September 2025


1.2.  Related Work

   The reader is assumed to be familiar with the terms and concepts
   described in "Maintenance of duplicate databases" [RFC0677], "An
   Infrastructure to Support Secure Internet Routing" [RFC6480], "The
   RPKI Repository Delta Protocol (RRDP)" [RFC8182], "Manifests for the
   Resource Public Key Infrastructure (RPKI)" [RFC9286], and "A Digital
   Signature Based on a Conventional Encryption Function" [M1987].

1.3.  Glossary

   This section describes the terminology and abbreviations used in this
   document.  Though the definitions might not be clear on a first read,
   later on the terms will be introduce with more detail.

   Erik relay  An intermediate between CA publication repositories and
      Relying Parties.

   FQDN  The fully qualified domain name of a RPKI repository instance
      referenced in an end-entity certificate's Subject Information
      Access (SIA) extension's id-ad-signedObject accessDescription.

   Hash  A message digest calculated for an object using the SHA-256
      algorithm.

   ErikIndex  An ordered listing of Partition identifiers and associated
      ErikPartition objects' hashes.

   ErikPartition  An ordered listing of the manifest objects' hashes,
      manifestNumber values, thisUpdate values, and their certificates'
      SIA extension values.

2.  Informal Overview

   In this synchronization protocol Merkle trees are used to determine
   whether differences exist between client and relay.  Merkle trees are
   hierarchical data structures: the hash value of each node is computed
   recursively by hashing the concatenated hash values of the node's
   children.  The hash of the ErikIndex represents the entire dataset
   related to a given FQDN.  If the ErikIndex hash is not the same
   between two replicas, the relay provides the client with hashes of
   smaller and smaller portions of the to-be-replicated dataset until
   the exact list of out-of-sync or missing objects is identified.
   Sequence numbers are then used to determine whether these differences
   are relevant enough for the client to fetch.  All data is fetched
   using addresses derived from hashes (except for ErikIndex objects).
   This approach reduces unnecessary data transfer between caches which
   contain mostly similar data.



Snijders, et al.          Expires 29 March 2026                 [Page 4]

Internet-Draft   Erik Synchronization Protocol for RPKI   September 2025


   The client starts by querying an Erik relay for the relay's current
   ErikIndex for a given FQDN.  If the ErikIndex is different compared
   to the previous run (or compared to the Index calculated from the
   locally cached objects).  With the ErikIndex in hand, the client can
   determine which ErikParitions are missing and fetch accordingly.  The
   client then can compare the _manifestNumber_ sequence number and
   _thisUpdate_ for each manifest listed in the ErikPartition, and
   proceed to fetch (purportedly) newer versions of manifests of
   interest.  Whenever a relay has manifests with a lower sequence
   number on offer, the client can ignore those.  The client now has
   sufficient information to proceed to fetch any missing Certificates,
   Signed objects, and CRLs.  With the information contained within
   manifests, clients can fetch addressed by content (by hash) and store
   by name (or some other scheme).

3.  Erik Synchronization Data Structure Definitions

   In this synchronization protocol the _signal layer_ makes use of DER-
   encoded messages [X.690].

   _Design note: DER encoding was selected for its canonical properities
   and because RPKI cache implementations already support ASN.1
   encoding._

   RpkiErikSynchronization-2025
     { iso(1) member-body(2) us(840) rsadsi(113549)
       pkcs(1) pkcs9(9) smime(16) mod(0)
       id-mod-rpkiErikSynchronization-2025(TBD) }

   DEFINITIONS EXPLICIT TAGS ::=
   BEGIN

   IMPORTS
     CONTENT-TYPE, Digest, DigestAlgorithmIdentifier
     FROM CryptographicMessageSyntax-2010 -- in [RFC6268]
     { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1)
       pkcs-9(9) smime(16) modules(0) id-mod-cms-2009(58) }

     AccessDescription, KeyIdentifier
     FROM PKIX1Implicit88 -- in [RFC5280]
     { iso(1) identified-organization(3) dod(6) internet(1) security(5)
       mechanisms(5) pkix(7) id-mod(0) id-pkix1-implicit(19) }
   ;

   ct-rpkiErikIndex CONTENT-TYPE ::=
     { TYPE ErikIndex IDENTIFIED BY id-ct-rpkiErikIndex }

   id-ct-rpkiErikIndex OBJECT IDENTIFIER ::=



Snijders, et al.          Expires 29 March 2026                 [Page 5]

Internet-Draft   Erik Synchronization Protocol for RPKI   September 2025


     { iso(1) identified-organization(3) dod(6) internet(1) private(4)
       enterprise(1) snijders(41948) erikindex(826) }

   ErikIndex ::= SEQUENCE {
     version [0]      INTEGER DEFAULT 0,
     indexScope       IA5String,
     indexTime        GeneralizedTime,
     hashAlg          DigestAlgorithmIdentifier,
     partitionList    SEQUENCE SIZE (1..ub-Partitions) OF PartitionRef }

   ub-Partitions INTEGER ::= 1024

   PartitionRef ::= SEQUENCE {
     identifier       INTEGER (1..ub-Partitions),
     hash             Digest,
     size             INTEGER (100..MAX) }

   ct-rpkiErikPartition CONTENT-TYPE ::=
     { TYPE ErikPartition IDENTIFIED BY id-ct-rpkiErikPartition }

   id-ct-rpkiErikPartition OBJECT IDENTIFIER ::=
     { iso(1) identified-organization(3) dod(6) internet(1) private(4)
       enterprise(1) snijders(41948) erikpartition(827) }

   ErikPartition ::= SEQUENCE {
     version [0]      INTEGER DEFAULT 0,
     partitionTime    GeneralizedTime,
     hashAlg          DigestAlgorithmIdentifier,
     manifestList     SEQUENCE SIZE (1..MAX) OF ManifestRef }

   ManifestRef ::= SEQUENCE {
     hash             Digest,
     size             INTEGER (1000..MAX),
     aki              KeyIdentifier,
     manifestNumber   INTEGER (0..MAX),
     thisUpdate       GeneralizedTime,
     location         SEQUENCE SIZE (1..MAX) OF AccessDescription }
   END

3.1.  ErikIndex

   An ErikIndex represents all current manifest objects available under
   a given FQDN and thus the complete state of the repository as it is
   known to the relay.







Snijders, et al.          Expires 29 March 2026                 [Page 6]

Internet-Draft   Erik Synchronization Protocol for RPKI   September 2025


3.1.1.  The version field

   The version number of the ErikIndex object MUST be 0.

3.1.2.  The indexScope field

   The indexScope field contains the fully qualified domain name of the
   Signed Object location of the manifests referenced through this
   particular ErikIndex.  The FQDN MUST be in the "preferred name
   syntax", as specified by Section 3.5 of [RFC1034] and modified by
   Section 2.1 of [RFC1123].

3.1.3.  The indexTime field

   The indexTime is the most recent partitionTime value among the
   ErikPartitions referenced from this ErikIndex.  The field's value
   roughly indicates when the ErikIndex was generated and can be used
   for troubleshooting and measurement purposes.

   For the purposes of this profile, GeneralizedTime values MUST be
   expressed UTC (Zulu) and MUST include seconds (i.e., times are
   YYYYMMDDHHMMSSZ), even where the number of seconds is zero.
   GeneralizedTime values MUST NOT include fractional seconds.  See
   Section 4.1.2.5.2 of [RFC5280].

   _Design note: using the most recent partitionTime, rather than the
   local system's notion of "now", helps reduce churn in distributed
   systems._

3.1.4.  The hashAlg field

   This field contains the OID of the hash algorithm used to hash the
   ErikPartitions.  The hash algorithm used MUST conform to the RPKI
   Algorithms and Key Size Profile specification [RFC7935].

3.1.5.  The partitionList field

   This field is a sequence of PartitionRef instances.  There is one
   PartitionRef for each current ErikPartition.  Each PartitionRef is a
   3-tuple consisting of the partition identifier, the hash of the
   partition object, and the size of the partition object.

   Information elements are unique with respect to one another and
   sorted in ascending order of the partition identifier.







Snijders, et al.          Expires 29 March 2026                 [Page 7]

Internet-Draft   Erik Synchronization Protocol for RPKI   September 2025


3.2.  ErikPartition

   An ErikPartition represents a subset of manifest objects available
   under a given FQDN.  Each ErikPartition is an ordered listing of the
   manifest objects' hashes, manifestNumber values, thisUpdate values,
   and their end-entity certificates' SIA extension values.

3.2.1.  The version field

   The version number of the ErikPartition object MUST be 0.

3.2.2.  The partitionTime field

   The partitionTime is the most recent thisUpdate value among the
   manifests contained within this ErikPartition.  The field's value
   roughly indicates when the ErikPartition was generated and can be
   used for troubleshooting and measurement purposes.

   For the purposes of this profile, GeneralizedTime values MUST be
   expressed UTC (Zulu) and MUST include seconds (i.e., times are
   YYYYMMDDHHMMSSZ), even where the number of seconds is zero.
   GeneralizedTime values MUST NOT include fractional seconds.  See
   Section 4.1.2.5.2 of [RFC5280].

   _Design note: using the most recent manifest thisUpdate value, rather
   than the local system's notion of "now", helps reduce churn in
   distributed systems._

3.2.3.  The hashAlg field

   This field contains the OID of the hash algorithm used to hash the
   manifest objects referenced in this ErikPartition.  The hash
   algorithm used MUST conform to the RPKI Algorithms and Key Size
   Profile specification [RFC7935].

3.2.4.  The manifestList field

   This field is a sequence of ManifestRef instances.  There is one
   ManifestRef for each current manifest.  A manifest is nominally
   current until the time specified in nextUpdate or until a manifest is
   issued with a greater manifestNumber, whichever comes first (see
   Section 4.2.1 of [RFC9286]).









Snijders, et al.          Expires 29 March 2026                 [Page 8]

Internet-Draft   Erik Synchronization Protocol for RPKI   September 2025


   A ManifestRef is a 4-tuple consisting of the hash of the manifest
   object, the size of the manifest object, the manifest issuer's key
   identifier, the manifestNumber, and the thisUpdate contained within
   the object, and a sequence of AccessDescription instances from the
   manifest's End-Entity certificate's Subject Information Access
   extension.

   Information elements are unique with respect to one another and
   sorted in ascending order of the hash.

4.  Client-side Processing

   A client can decide whether or not to fetch ErikIndex and
   ErikPartition objects, by comparing the hash to previous fetches.

   A client can decide whether or not to fetch a given manifest object,
   by comparing the manifestNumber and thisUpdate with what's locally
   cached and what's offered by the remote relay.

   A client can compute which products listed in the manifest's fileList
   need to be fetched from the relay.

   As there is no concept of 'sessions' (like in RRDP), clients can
   interchangably use different Erik relay.  When one Erik relay
   generates a HTTP error, the client can try fetching the requested
   object from another Erik relay.

5.  Querying an Erik Relay

5.1.  Fetching objects by hash

   This specification uses "Named Information" identifiers mapped to
   .well-known HTTP/HTTPS URLs for object retrieval, as described in
   [RFC6920].

   For example, issuance #54 of ripe-ncc-ta.mft has the following SHA256
   digest:
   c2d0427bc5a32c42eea1ab5663d592b1fc29c7d4ef16ab0b5e1d631d039dcc21.

   To fetch the aforementioned object from an relay hosted at
   relay.example.net, a client would access the following HTTP URL:
   https://relay.example.net/.well-known/ni/sha-256/
   wtBCe8WjLELuoatWY9WSsfwpx9TvFqsLXh1jHQOdzCE








Snijders, et al.          Expires 29 March 2026                 [Page 9]

Internet-Draft   Erik Synchronization Protocol for RPKI   September 2025


5.2.  Fetching ErikIndex objects

   The URIs to fetch ErikIndex objects can be constructed using the
   following Well-Known URI template with the erik keyword as suffix and
   the IndexScope as parameter: https://{relay_host}/.well-known/
   erik/{indexScope}.

   For example, the URI to fetch an ErikIndex for the rpki.ripe.net
   indexScope from a relay at relay.example.net would be:
   https://relay.example.net/.well-known/erik/rpki.ripe.net.

6.  Transport Error Detection and Handling

   The client MUST calculate the hash of fetched objects and verify it
   is the same as the expected hash (which is embedded in the name
   through which the object was retrieved).  If there is a hash
   mismatch, the client may try fetching the object from a different
   Erik relay or treat this as a _failed fetch_ (see Section 6.6 of
   [RFC9286]).

7.  Setting Up an Erik Relay

   Erik relays can be operated by third parties, without permission from
   or coordination with publication point operators or CAs.

   Relays generate ErikIndexes and ErikPartitions derived from their
   current validation state, the client then cherry-picks which objects
   (if any) it wishes to fetch.  Relays fetch fresh data from other
   relays or from CA-designated publication points.

   _Design notes: a decision must be made a deterministic "manifest-to-
   partition" assignment scheme.  Job's proof-of-concept relay (see
   Appendix A) uses the first few octets of the the Manifest's AKI as a
   stable partition assignment scheme.  Other strategies could be to
   assign manifests to ErikPartitions based on the "hour-of-day" of the
   CMS signing timestamp, or the first few octets of the SHA-256 of the
   manifest object._

8.  Comparison with other RPKI transport protocols

   Ignoring obvious "on the wire format" differences between Erik,
   Rsync, and RRDP; there are a number of key design differences between
   the protocols.  Rsync and RRDP can be described as "general purpose"
   synchronisation protocols, while the Erik protocol design is RPKI-
   specific.  In the Erik protocol, manifest objects (which RPs require
   for validation anyway) are an integral part of the signaling layer.





Snijders, et al.          Expires 29 March 2026                [Page 10]

Internet-Draft   Erik Synchronization Protocol for RPKI   September 2025


8.1.  Comparison with Rsync

   In Rsync, the server and the client construct and transfer a full
   listing of all available objects, and then transfer objects as
   necessary.  In effect, this allows clients to 'jump' to the latest
   repository state, regardless of the state of the local cache.

   A major downside of Rsync is that the list of files itself can become
   a burden to transfer.  As of June 2025, in order to merely establish
   whether a client is synchronized or not with the RIPE NCC repository
   at rpki.ripe.net, as much as 5.8 megabytes of data are exchanged
   without exchanging any RPKI data.

   When synchronizing once an hour, Rsync generally consumes less
   network traffic than RRDP.

8.2.  Comparison with RRDP

   The key concept in RRDP is that the client downloads a "journal",
   containing all add/update/delete operations and replays this journal
   to arrive at the current repository state.

   A major downside of RRDP is that (depending on the RRDP polling
   interval) clients end up downloading data which has become outdated.
   Imagine a hypothetical CA which issues and revokes a ROA every 10
   minutes and a client that synchronizes every 60 minutes; in effect
   the client must fetch 5 outdated states, wasting bandwidth.

   When synchronizing every 15 minutes, RRDP generally consumes less
   network traffic than Rsync.

8.2.1.  Garbage Collection

   In contrast to RRDP, the Erik protocol has no concept of server-
   specific "stateful" sessions that persist across polling attempts.
   This obviates the need for withdraw instructions as part of the
   protocol exchange: clients can simply delete objects that are no
   longer referenced from their current validation state and refetch
   them later on if needed.

9.  Open Questions

   This section is to be removed before publishing as an RFC.

   *  Which of the possible deterministic manifest-to-partition
      assignment strategies yield the best results?  AKI?





Snijders, et al.          Expires 29 March 2026                [Page 11]

Internet-Draft   Erik Synchronization Protocol for RPKI   September 2025


   *  Are deterministic and cheap Snapshots possible?  If so, what is
      the best archive format for Snapshots?  The ustar/gzip combo might
      not easily yield deterministic results across different
      implementations.

   *  Is the concept of Differentials/Deltas needed in Erik
      Synchronization?

   *  What will be the upperbound for the number of partitions? (ub-
      Partitions)

10.  Operational Considerations

   As of July 2025, the global Internet's RPKI churn rate appears to be
   2 new objects per second.  The ecosystem is estimated to be composed
   of ~ 5000 RPKI cache instances and ~ 50 repository servers.  Assuming
   10 minute fetching intervals and 150 metadata requests per
   synchronization run (for exchange of Merkle tree data), an Erik relay
   serving all the Internet's RPKI cache instances would probably need
   to be able to sustain serving an average of at least 11,000 HTTP
   requests per second.  This order of magnitude in terms of scaling
   requirements can easily be handled by a single commodity server.

11.  Security Considerations

   This document makes no changes to RPKI certificate validation
   procedures.

   See Section 5 of [RFC8182] for applicable security considerations.

12.  IANA Considerations

12.1.  S/MIME Module Identifier

   The IANA is requested to add an item to the "SMI Security for S/MIME
   Module Identifier" registry as follows:

   Decimal  Description                           References
   --------------------------------------------------------------
       TDB  id-mod-rpkiErikSynchronization-2025   [this-draft]











Snijders, et al.          Expires 29 March 2026                [Page 12]

Internet-Draft   Erik Synchronization Protocol for RPKI   September 2025


12.2.  OIDs for Content Types

   For the current proof-of-concept phase the id-ct-rpkiErikIndex and
   id-ct-rpkiErikPartition OIDs were assigned from a PEN arc.  This
   section will be updated once it is clear which IANA-managed
   registries would be best suited for OID assignment for these object
   identifiers.

12.3.  Well-Known URI

   An URI Suffix in the Well-Known URIs registry specific to Erik
   synchronization will be requested.  See https://github.com/protocol-
   registries/well-known-uris/issues/67 for the request.

   The proposed suffix is erik.

13.  References

13.1.  Normative References

   [RFC1034]  Mockapetris, P., "Domain names - concepts and facilities",
              STD 13, RFC 1034, DOI 10.17487/RFC1034, November 1987,
              <https://www.rfc-editor.org/info/rfc1034>.

   [RFC1123]  Braden, R., Ed., "Requirements for Internet Hosts -
              Application and Support", STD 3, RFC 1123,
              DOI 10.17487/RFC1123, October 1989,
              <https://www.rfc-editor.org/info/rfc1123>.

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119,
              DOI 10.17487/RFC2119, March 1997,
              <https://www.rfc-editor.org/info/rfc2119>.

   [RFC5280]  Cooper, D., Santesson, S., Farrell, S., Boeyen, S.,
              Housley, R., and W. Polk, "Internet X.509 Public Key
              Infrastructure Certificate and Certificate Revocation List
              (CRL) Profile", RFC 5280, DOI 10.17487/RFC5280, May 2008,
              <https://www.rfc-editor.org/info/rfc5280>.

   [RFC6920]  Farrell, S., Kutscher, D., Dannewitz, C., Ohlman, B.,
              Keranen, A., and P. Hallam-Baker, "Naming Things with
              Hashes", RFC 6920, DOI 10.17487/RFC6920, April 2013,
              <https://www.rfc-editor.org/info/rfc6920>.







Snijders, et al.          Expires 29 March 2026                [Page 13]

Internet-Draft   Erik Synchronization Protocol for RPKI   September 2025


   [RFC7935]  Huston, G. and G. Michaelson, Ed., "The Profile for
              Algorithms and Key Sizes for Use in the Resource Public
              Key Infrastructure", RFC 7935, DOI 10.17487/RFC7935,
              August 2016, <https://www.rfc-editor.org/info/rfc7935>.

   [RFC8174]  Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
              2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
              May 2017, <https://www.rfc-editor.org/info/rfc8174>.

   [RFC9110]  Fielding, R., Ed., Nottingham, M., Ed., and J. Reschke,
              Ed., "HTTP Semantics", STD 97, RFC 9110,
              DOI 10.17487/RFC9110, June 2022,
              <https://www.rfc-editor.org/info/rfc9110>.

   [RFC9286]  Austein, R., Huston, G., Kent, S., and M. Lepinski,
              "Manifests for the Resource Public Key Infrastructure
              (RPKI)", RFC 9286, DOI 10.17487/RFC9286, June 2022,
              <https://www.rfc-editor.org/info/rfc9286>.

   [X.690]    ITU-T, "Information technology - ASN.1 encoding rules:
              Specification of Basic Encoding Rules (BER), Canonical
              Encoding Rules (CER) and Distinguished Encoding Rules
              (DER)", ITU-T Recommendation X.690, ISO/IEC 8825-1:2021,
              February 2021,
              <https://www.itu.int/rec/T-REC-X.690-202102-I/en>.

13.2.  Informative References

   [M1987]    Merkle, R., "A Digital Signature Based on a Conventional
              Encryption Function", Advances in Cryptology -- CRYPTO '87
              Proceedings, Lecture Notes in Computer Science, Vol. 293,
              DOI 10.1007/3-540-48184-2_32, 1988,
              <https://doi.org/10.1007/3-540-48184-2_32>.

   [P2P]      Austein, R., Bush, R., Elkins, M., and L. Johansson, "RPKI
              Over Bittorrent", March 2012,
              <https://www.ietf.org/proceedings/83/slides/slides-83-
              sidr-9.pdf>.

   [RFC0677]  Johnson, P. and R. Thomas, "Maintenance of duplicate
              databases", RFC 677, DOI 10.17487/RFC0677, January 1975,
              <https://www.rfc-editor.org/info/rfc677>.

   [RFC1925]  Callon, R., "The Twelve Networking Truths", RFC 1925,
              DOI 10.17487/RFC1925, April 1996,
              <https://www.rfc-editor.org/info/rfc1925>.





Snijders, et al.          Expires 29 March 2026                [Page 14]

Internet-Draft   Erik Synchronization Protocol for RPKI   September 2025


   [RFC5781]  Weiler, S., Ward, D., and R. Housley, "The rsync URI
              Scheme", RFC 5781, DOI 10.17487/RFC5781, February 2010,
              <https://www.rfc-editor.org/info/rfc5781>.

   [RFC6480]  Lepinski, M. and S. Kent, "An Infrastructure to Support
              Secure Internet Routing", RFC 6480, DOI 10.17487/RFC6480,
              February 2012, <https://www.rfc-editor.org/info/rfc6480>.

   [RFC7115]  Bush, R., "Origin Validation Operation Based on the
              Resource Public Key Infrastructure (RPKI)", BCP 185,
              RFC 7115, DOI 10.17487/RFC7115, January 2014,
              <https://www.rfc-editor.org/info/rfc7115>.

   [RFC8182]  Bruijnzeels, T., Muravskiy, O., Weber, B., and R. Austein,
              "The RPKI Repository Delta Protocol (RRDP)", RFC 8182,
              DOI 10.17487/RFC8182, July 2017,
              <https://www.rfc-editor.org/info/rfc8182>.

   [rpkitouch]
              Snijders, J., "rpkitouch", September 2025,
              <https://www.github.com/job/rpkitouch>.

Appendix A.  Implementation status

   This section is to be removed before publishing as an RFC.

   This section records the status of known implementations of the
   protocol defined by this specification at the time of posting of this
   Internet-Draft, and is based on a proposal described in RFC 7942.
   The description of implementations in this section is intended to
   assist the IETF in its decision processes in progressing drafts to
   RFCs.  Please note that the listing of any individual implementation
   here does not imply endorsement by the IETF.  Furthermore, no effort
   has been spent to verify the information presented here that was
   supplied by IETF contributors.  This is not intended as, and must not
   be construed to be, a catalog of available implementations or their
   features.  Readers are advised to note that other implementations may
   exist.

   According to RFC 7942, "this will allow reviewers and working groups
   to assign due consideration to documents that have the benefit of
   running code, which may serve as evidence of valuable experimentation
   and feedback that have made the implemented protocols more mature.
   It is up to the individual working groups to use this information as
   they see fit".






Snijders, et al.          Expires 29 March 2026                [Page 15]

Internet-Draft   Erik Synchronization Protocol for RPKI   September 2025


   A few experimental Erik relays are available, each running on
   slightly different schedules.  Client implementers are encouraged to
   round-robin between these instances to observe results.

   http://aws.rpki-servers.org/  Dublin, Ireland, - distributed
      computing cluster (6 machines, NFS backend)

   http://atl.rpki-servers.org/  Atlanta, USA, - distributed computing
      cluster (2 machines, NFS backend)

   http://miso.sobornost.net/  Amsterdam, NL, single node

   http://nyc1.digitalocean.rpkiviews.org/  New York, USA, - single node

   An experimental Erik static content generator was developed by Job
   Snijders in the form of [rpkitouch] using C.

Appendix B.  Example objects

   Included in this section are an ErikIndex for rpki.ripe.net and an
   ErikPartition referenced from the aforementioned ErikIndex, both
   Base64 encoded.

B.1.  Example ErikIndex

   This object was retrieved from http://miso.sobornost.net/.well-
   known/erik/rpki.ripe.net.

   MIIrxwYKKwYBBAGCx1yGOqCCK7cEgiuzMIIrrxYNcnBraS5yaXBlLm5ldBgPMjAyNTA5MjMw
   NzQzMjRaBglghkgBZQMEAgEwgiuAMCkCAQAEIMQZXNoo1VHt7ExBd0EM0uv+/oqftDzHqo3m
   KNRkIPj8AgI7/zApAgEBBCAoNYzf0h4GMfXQgF6r+ZBZtQCpIMjA+Hjo/MximoIk5AICRZAw
   KQIBAgQgOf7md8O+smDgtzzFzZWJr2nsPRTevG3zO6or479L/gACAj2VMCkCAQMEIMNDymEH
   tI02zXKe3S3iRy1o9wNJ7d67xd6/X6qIpYTuAgJGWzApAgEEBCB9S1ZqZS7oRGL4flxkG1zW
   85irPg8RC6ACjrMU5LdPqgICPZYwKQIBBQQgWChTaYoMduMdh0l/2M15X42Fha3lscqvjSoR
   Sq1BA5MCAky6MCkCAQYEIDluxOgSRpTAgyuRKrZ59hRRvSmN64rqWFwyi3q7MO4HAgI/+zAp
   AgEHBCDF+bRH/b3ZLAeGkHFZ+fXqjYdw3XhoEssgA2GQF6ucJAICR/QwKQIBCAQgpbf75mXQ
   vks5nE1JkMcAiQ6JrV886N5HjM/fOvPr2WkCAki9MCkCAQkEIBQSg0aKaex+jJuJ/V50d2Jt
   2Ml+yHiNZgh4QZhrIOFEAgJJiTApAgEKBCA58F26WIwAkHsp70tCBzFlLIgFAVFpgrQGp92z
   uzwT5AICOAMwKQIBCwQgPu7gxZWUyYwG9Vb6VDJZEQr8EkVi8vF+ZMmyZXjHg6wCAkZbMCkC
   AQwEIJjrocdQZxfxV5uLc2F4IwHgRhfeleB/rFwwNSe/yL42AgI5mzApAgENBCA+UHxU3nBN
   xFHoIcSfy0ysoO0niOQy9+CplPZWcF9ESQICSlYwKQIBDgQgw8Z/uL9p7y7Rj/u2qeK8BJgF
   4Ehn3XF6CI2XWsl9LgUCAkMsMCkCAQ8EIC/TzbiXWkH8Yh2mP8iodVK7X1GO9QeSsTO/5Qek
   CeaUAgI8zDApAgEQBCDVpNTqAs38MWvEqlDzJ1TFckJ9CVgYmt6FSFSQ42xygAICQMYwKQIB
   EQQgOZeS+kJLCc4PvMVb4lk36n7cxbtefYYg/94q/UmpXacCAkWPMCkCARIEIMQ/ozLa/Pjn
   RU7q6BdUaQTdiPcapM7R3nZ8BGBtB6kYAgI/MDApAgETBCAHDUEkVfsUAOXfLipmGKrVE/VI
   NzGXRmv2cn2eaH/qtQICQyswKQIBFAQgft7T086QzTfzkdIA4mbDWnNTHvfR9cv7Qkf6qSWp
   iEsCAjDWMCkCARUEIFJgtg1gsk63fKXzOOAWpXOF4dTJal6+Kj8EGaVg1xcEAgJD+DApAgEW
   BCDXPJFNnFRND7Tt38BcKhSjmyhesDE6JQvozfXV2qWj+gICSlYwKQIBFwQgIPAqhHGmrcdE



Snijders, et al.          Expires 29 March 2026                [Page 16]

Internet-Draft   Erik Synchronization Protocol for RPKI   September 2025


   SBvsFxOAUMWU0c7FnxaVomXjUGDvHWgCAk/nMCkCARgEIEwrNbh0U2GXmOBcdXXG/Zq+tRYq
   OOhOVkgMjWktHYxUAgI0BzApAgEZBCAGJ6OlmtTISMftkbnawVG6o6AD648aLZeXGgb/nSn1
   LQICSlgwKQIBGgQgbPQOuOGKA92uXYX+jGOay7rU3CWee7y4+7JgcMyE2AECAk2IMCkCARsE
   IDx6NSUB07GVhDfDaAKg85VA1syyVuuPe+eH1+FysJnXAgJD+DApAgEcBCAXh9E7r1iTkXXU
   X8jdIvbh0A4nrYlNtQ86zT0DbmYS0AICS+4wKQIBHQQg48JuqRvkZAgHgfzYOZg5meIZ/AxK
   MExy7maWh499kFwCAkMsMCkCAR4EIFReiG1PQYEn2NqKd/V9BHKJKyHjCRLnviEl2sKqs0Wy
   AgJHJzApAgEfBCDwm7LyCy/LF2CBQLBm/HI+leFRcwPi9+QSN/Uo4uNAYQICRycwKQIBIAQg
   EGsvGiA5MU8RmJ3UPnpTrzg5edaDZjaOIjjJxJ1FiRECAkZaMCkCASEEIAE1i5NaZGpClrxR
   IhTRBmNSNyLNnlNeFq/hZbjeGIRrAgI4ATApAgEiBCCvjQN8pjyQdwv4npj5yKleFGb228Oj
   MNCgchn/TgCj6QICOZswKQIBIwQgy8lv2EvCBuW5PEe5WF9Mgv/tY3zMUaGM2YIJjAW/Y4kC
   Aky4MCkCASQEIK8S9WY8uEH+o13ywoyrI1aAZEVHMLmY7qQZPoePLagPAgI8zDApAgElBCBI
   b3IEFsxamFjwc0Mb6SErStl9vycM+ks917jbexU+ewICPzAwKQIBJgQgRUf0S817BPFYDGHR
   f8Ypk/PhqmnSLzrlO3atfj/6thgCAkJgMCkCAScEIP/gBrFfzcCAt5FTNm+kEX50gGvpXcNV
   4c+UsIYkuJzEAgJOVDApAgEoBCB2HaaEs07TKd8Sa+dPd74VLxQIyKoLLYjjda21x89PPwIC
   PMswKQIBKQQg0rKzmpODTukXeU4rb9WPX2RUPPgNcLoMTfynBiCf0s0CAlWAMCkCASoEIB2U
   82jsoBByaKImCjYPgMosPq7kebkZYTnM7VGVx40PAgI7DDApAgErBCCn4mFQ8D9ZyZhEkOT3
   g2UqG2/iN/aIGUas65A9NqhohgICOzIwKQIBLAQg3SuXjf7EBPmHbz5dAzBe28SCOPnonS8+
   jS3B3kSHDPgCAjmcMCkCAS0EIK4vPdPDJ3rJl5keYW1aQncvIogHGtW3AhjGmiUwHODFAgI2
   azApAgEuBCABO4uMPvD4uVPNdmIWYq9jfTr/ZfeWOG7jqDgSsHIARgICRY0wKQIBLwQg2yRc
   rxYv0gYnSd8oH0rH9yzo5F6CQnEZ4AK659+CZwECAk2GMCkCATAEIHyIJjOmb1X7tpQ+hhvG
   rSL7Gub/Ati/ZiK12pM6CxFpAgJGXDApAgExBCDaeWd7ItQNpvvH4Wi/6NJmesMcLwmJyYOF
   XgDOEQ/adwICOzMwKQIBMgQgf4PqCNiyzaVwZALeZSZSo6jKqTY9j9PjTerq7ChU/fECAkjA
   MCkCATMEIH5zpoCHWQfrqijk87T0LYoNyWFDPIcvGSMJTs4VDDyKAgI7MzApAgE0BCAirpuD
   iutSDpC2o36up5TcENBmn+QBCq7iqUv/LZUfMAICSlgwKQIBNQQg//kB5S436tznJCDNt1/v
   jJjliHfdN5bkwEXajoYP1sACAjzMMCkCATYEIPsflQxbdluw4f8w9Vf1Ptbc3dURvkApzeOn
   aJ7lY6suAgJKVzApAgE3BCAoiXuOwRBpkz3DEGrMwRsXNfiPS2mRjyk7M2TSSNmgWwICPmMw
   KQIBOAQgiMm+9YwiHo3zFWW9MyxUNG7zFN2djCMWZ7Te9MqauAsCAkcnMCkCATkEIOjc0lLT
   1Fyc6jMtezlsVnP5l8j/DLbdk2jD8B27GYdpAgJCYDApAgE6BCBXPaUC3JNUr0lT+7XDu89F
   v5KUDUeGNGFZkUZVMt+b1QICRMIwKQIBOwQgDU5QaUAeD/kOyh94j30C1xbM/GfBNnlxKrAJ
   QwQ22r0CAj/8MCkCATwEIOBYxCoKbHIfuOXXYKV+x5vtRwdSWlgEVdOso7nHIVjGAgI5nDAp
   AgE9BCCyhZlF4N1pdQbYiZ35JGqt7kFgPfADwZs/pL231D1KDAICOzMwKQIBPgQgvQyEeAbx
   WWhkAdp59KTMk6DHq0lscxqRvxbf/urHC1sCAkpWMCkCAT8EIO9O3XHgxVAThAWuhNWcpWwY
   J4sRtchwHB/SVkBTqn9eAgI3ODApAgFABCD5c8CSzCIVL/SOHxLBTJpxcfqDXKhJmF58sO0x
   xU30kQICSYwwKQIBQQQgKbyx6u9nWR8mpvFBDHGutbNqCa22wkNPa3WYmBXP7M8CAkjAMCkC
   AUIEIKUMi0hOCEio3qemMf7BVbdtDv1MjKazMXa6rVUaaRVqAgJExDApAgFDBCCfY0q2Ggwe
   cwkj1txl1+P1HRWJw5x6wCVtdssAuI//wgICQMYwKQIBRAQgAZfBjOikGBYDmO+vBIW0M1JZ
   PPzGHJ4cWB+Ql2EP1gACAksjMCkCAUUEII2qWEcjRcWhW7pxxf29VrG8UXKBO2woJX7z+aT9
   BINmAgI1nzApAgFGBCBY1SBEz6wAnlO18ozEUIELA1MmqLoJUJ3fHZrethqS9wICQ/cwKQIB
   RwQgKEQlaT9x7BsXFEMaeTDgenADknbXsXhdXsqYArIt/FgCAkGSMCkCAUgEIF2kp9NZAHl+
   HFPLk4+sAYFzv3J45frBnjecNI+ua5AmAgI/MDApAgFJBCCwjoBtFb0R4DzoUrRYEwG7nOj3
   yTS41wMi3GDAq3bKIgICRMMwKQIBSgQgXW7ZhJY3Q4B0N/gb+PiOuYflI/SQcxrm8MmARfaU
   iesCAj8wMCkCAUsEIKDpYvcxg5dN5v4SC6cOVkcMYun16w9sTWI54y0M6T++AgJFkDApAgFM
   BCCJEC2pnbSHsAVLkMDTcqbfwDHElUwRa7ZPcLsaJhZTHAICTlQwKQIBTQQgKOV9QZ0lGnsK
   PXgm0mWH84+NyPSAYHAAY08XcXNh2TgCAkTCMCkCAU4EIMyKM1NKY0xrfLBECPMga73tbtib
   +MsQUHPdp5dJsBj8AgJIvjApAgFPBCAX7oVWy+iUis/3E4o79ykQ1kgL1NtcwhOTVY3ri3N8
   awICPMswKQIBUAQg5q66DsfGviCnY2QurViJW9Pj0QS1IULj9nKB9qLfNvsCAkJgMCkCAVEE
   INBr2RynL0fYLv3kChzeVctoWIdO7UX95/FN292Clh8CAgI7MjApAgFSBCAUfQEnV+fPPoyd
   ZkbjmoCYBw4gWebvRhvsFxAIevEo4wICRycwKQIBUwQgEPGot59Yjv0mpWVJZdqp4ohc93rE



Snijders, et al.          Expires 29 March 2026                [Page 17]

Internet-Draft   Erik Synchronization Protocol for RPKI   September 2025


   dFVlTzaOfV/IAvQCAlJQMCkCAVQEIGzpxOH8NE+bV3pQEcSj473dW5uvW4v0LAwkWqNEBbVi
   AgJH8jApAgFVBCCIY99guAcOGUeIHMcOrA41GZMhKnt4g/x29AZbP+3JjgICQMYwKQIBVgQg
   Z9DT88fkjGmJJ05dyjvyX8L8VLPAjLfbeq3VKANYsX4CAjDYMCkCAVcEIBsyD47yBjRiv5IC
   4ApGyuc0iOQ83+ds+1PwPX3fY5jhAgJNhzApAgFYBCAnrR6ExogF072thbuvi3AT0R4MOm0Y
   mbu1kdnUCkMvbAICR/QwKQIBWQQgTk/L34ToQpRgWfPQwTSNK77xkjhOMAnXWpR2se22ynsC
   Aj/8MCkCAVoEICMyz9/tu+V3JwZ8MViHoCzPUmIcZg8+q1IbjIoJtozVAgJDKzApAgFbBCBN
   SKD4zohF+nW4sYZb1DDAPS1nmL3wYuA8fzJvANrxiQICQMcwKQIBXAQgirchc+d/kc6J9bz4
   AwYM+FDD5FYsTE8ns0ScxLojED4CAjmbMCkCAV0EIO2ZoR83S8ofRgPI2YrYoD9yVp57mfw6
   QcZ74anFGS56AgI//DApAgFeBCBPvKhdgeRa2L+L6WjPO27zoJGX9nvfFCiocIEL6iHrDQIC
   SlgwKQIBXwQg8jwdAgVrYCXxipFZrmcRO0kOeWtrqrrxHXUTzG359IECAj5jMCkCAWAEIM2j
   ntkBHb9blIQe78oxeWT/IEDvQcKBPWxVyDvPiQEUAgJMuzApAgFhBCAIh/zMmD+SVhj3JVl1
   2QZmMpC+26y12F8Ak7AiIA66tQICQZIwKQIBYgQgq1p0vHJFSWdlLjZqldp82S4jIfnpI1Bg
   OyZFmLCPGIMCAkGSMCkCAWMEIMOT9zPTo3YIZOFF/SFESqccXjojVGW+DsHyJk7HK3xdAgI+
   ZTApAgFkBCA6Rh20Q7/0hjAlJHGe+v/dgERHj4zdZ29axLt/YWmu4AICQMcwKQIBZQQgYxkg
   x2WcquxlJNi9OiB8bPakkFkMhmzIyROeDydzNQMCAj/8MCkCAWYEIBH/lYkwYg1J2Q9/DvHS
   SUXdDO32g+3RwLyeLBAoxMiIAgJHKDApAgFnBCC6uyOvK4LsQwWuBJCBF4r5DU4j+KJXvUFZ
   vfsGEHfbpwICRY8wKQIBaAQg8EY69QtWbahOfG92DEVHy2eHCUCUdSj1YSmuHmITxSACAkmM
   MCkCAWkEIJpcOYmZ8MujSJaFYvM5K5j9lbXhofkljxcaIqGxoPPYAgJQtzApAgFqBCAlGv05
   Rh5OQ7mwJv87osh8bQPbAuDkUGJ3ANiMPpwZRgICNNIwKQIBawQgkQr4E3vuKamjxV2L3GUL
   Ib56KS4xv9wQGg2HjboCz5oCAkpYMCkCAWwEIIlZR9bVw2sUzhd4chOS4zB3l3agMaYZBmWb
   SI9qNa6SAgJBkzApAgFtBCDLgFJhRjU7OwGDJ4ixNMvZmLPv+D2NMjp92cKzLFDuBQICPy8w
   KQIBbgQg/6GZNBQON3bz9atx2tBF2S2RZqKGVcjpAsCBu6OhEvACAjc3MCkCAW8EIJDgoKBE
   E8zDAxt36MhQ20IMJnG3Ofv/myfiKrfGtcPdAgJMuzApAgFwBCD/nzdfcH5SlgbOlblVbIHq
   MlaA85t5iBnJSG6IzKttEwICSMAwKQIBcQQg+0fv3Yt6vW5CId1VipE5GVuaBojCaQYKSWdT
   73gCs8cCAjTUMCkCAXIEINTtL6cL26i/1lPuKkpnwoD4Ph7L0Q7l9SRIlWNHKnA0AgJIvTAp
   AgFzBCBuWOIXRwE/Q+ziP5kEspdY+PssCCT0T3PS2mDIFhJ8eAICPMswKQIBdAQgkbdzZz2w
   SqQLl8RW1yRQEuN2F2f8uwk6Ug7ksSiJe0ECAky6MCkCAXUEIOy9+08NQoiPOemcy11H2yNS
   I4UXnDPq3pulLxT5Pqs+AgJAxjApAgF2BCBT/WixkHycPN22wsCcJO7D2+joskxG9q/ObJqa
   QtIh9QICP/owKQIBdwQgFlFqMwGbI8zHeGrsrGGjoyFs332p5f9P1nNYA7WFaV4CAkvvMCkC
   AXgEIK417E+03KRfdd8tCuZ/EshTg09TBt9eZ+KI94MRAH39AgI/+jApAgF5BCA8W0kiSgm9
   ST/HtL915ri1GBZxmz7PbPtxvmCD5MQh6gICSMAwKQIBegQg7nJOr9Sn1Nuk485VKrSHzF5+
   WlYwr1+eTRZfBrOT95wCAj/8MCkCAXsEIMzFBzjNexi2DyyGC6ZLDdRfD/ngU0gXDH74jKyf
   e8c2AgJCYDApAgF8BCAi+tuZqcUztoTPAGg/rubUNuADN5I3nfCZpk1/vZksxwICOzQwKQIB
   fQQgeGe1demh7yKilG6h1iZ35idSvJFM4WGZ9WQZTi+vaAgCAkMqMCkCAX4EIOKJbuD69Omx
   Q9jCeBWmvMw2fg6XkYVmBmHhJphuNFIIAgJBkzApAgF/BCBzbNJpRXMUBbtdjsEMZfMa+MtH
   TGVGajaAP8W4LvSYZAICLNwwKgICAIAEIBmwuy0E0KEftqKHrKS1FoRmcJZD2Mx5MtwfOcYT
   YnLAAgI00zAqAgIAgQQgs7q9UiE3n8/cL3NwGZfM+CHHTteiwUHYMxPcGVAHQsMCAjv/MCoC
   AgCCBCC5tAa5suux9IjOhjNXzo2JQrOmd3bZt4yolbA4RoBaUwICPZYwKgICAIMEIOO2WG64
   XV2nwvEm037cQ5zw5wmrE1NIETSzis9B7V+SAgJLIjAqAgIAhAQg8y9txNa25EqOsNBYWGJ2
   jl3PDrVqtV1EH9ca+4Bt4w4CAkMsMCoCAgCFBCC56nWQBPPxY7mWrXV0XXcih+1jKZ0wZ4dS
   boF4hX+LEwICQ/QwKgICAIYEILenjosqw4L0iHrlIq+JUzsKmRKgOa4BEGWj5vWRjcjLAgI8
   yjAqAgIAhwQgglxs1x5WVw9seADyiGaE72CYnvZ4nEqLcmQe8MqpEvoCAj2XMCoCAgCIBCD3
   vFCHTeh+KPeAhRn2SIOmE6fjkDgC/4gghCaq9P8lJAICQywwKgICAIkEIKK5PWakgV6iKlqG
   ldKlGbeXGdwLrWWIylO8Gi69c73RAgI/LzAqAgIAigQguXQmiZhvCosCTZdjTTvmOk56i6M3
   HI4DIwed6siSerICAkvuMCoCAgCLBCDIndMvo3ogQRaKXF8uEic0LpuLLolrS0YPslOEaL1P
   mwICQZQwKgICAIwEILo5JUDxlO91w20Ude5lnpYiuUZwHK1ywKU2sX+/TQn0AgI4BDAqAgIA
   jQQgyDjhvs1Ob7Dc6yYbN08t5R0TYiTl3G9uyiT957fW1RcCAkcmMCoCAgCOBCCKqHZUbgVm
   3zReAZqBd2MdDV+iS2WcsNAlBxwH8snp0wICRyYwKgICAI8EIDW9whMf/QNCi+PKtfHbydjf



Snijders, et al.          Expires 29 March 2026                [Page 18]

Internet-Draft   Erik Synchronization Protocol for RPKI   September 2025


   3jt+m11IUj6eFyjQcwQiAgJHJzAqAgIAkAQg7E4WFHqR1HrB+HnZrQ+/4AtECG8D97J3JqWT
   Yg+x8bgCAjc3MCoCAgCRBCBhVOInUbYQkuVELKIRji/vu7cgkar/aFqq/XoKbClQaQICNAUw
   KgICAJIEIDllMVlBs9V1YVEHOYOUgj7hb6XlsDonJt+mEL+lwyB4AgJNhzAqAgIAkwQgE5e8
   KYVNqnWPJKAcMHgF3Lgvt2BJNiLnyi4Laz2odqgCAkcoMCoCAgCUBCC4NrKPK3eyKwjbc8Y8
   o2jl7lV1mq4ZfrnjnBYS6kIu2wICOmgwKgICAJUEIHszD38FxLhd7dvfUIBlc0SXUJKcNv5M
   6LNEr0EirdCeAgI+YzAqAgIAlgQgr55IZx76I8XqDtSN0uRcYSj8PNgZNfezaUPZ3lV8EvsC
   AkZaMCoCAgCXBCBjyIayuHs54RGrfnchDlz57+Y7KitWUEgYLS0B114abAICPmIwKgICAJgE
   IHzwBCY7/XyKsIzCI5YtPL31L76j2X91xkLIQMTPR18SAgI7MjAqAgIAmQQg29bTNylDheAO
   SxXftQWRJqXf6QYTwlos4kvHsmk0JysCAkcoMCoCAgCaBCBExQTXszxRqIISbBqGakhu4B/T
   Oflrod8D6rm+sQqXEgICSL8wKgICAJsEIORHLmBpWcm9fivUbCRqivIiFW+4qFi+enRZZRAp
   pAZgAgI/MDAqAgIAnAQgokB+ngs/047/lCN68n4ibrUAOw2zHByu7pSF+2oabLMCAj5kMCoC
   AgCdBCDCwJOOdbMZtU35d3QC+LOJCGF6lUZviiGsR7t9E7kIqwICQZQwKgICAJ4EIAkL7mcK
   RoqLjWguzWm+Ex/sRiUD0JJvREkU9DAqODBdAgJOVDAqAgIAnwQgRuDth3cAlosUwaepMGIt
   OcvVqyVMebhfpHOZu6xzfvUCAkTEMCoCAgCgBCC07q37BjH9GRcI34q6Nmv+oP0md8NhUBg1
   ng0lSuz8UwICPMwwKgICAKEEIEvDhTg+59Xw04TMSndzamKo+g4pdrrc7YD7bq7y+WpBAgI/
   LzAqAgIAogQglqCQc5fqXUhrSiITZBuJAw+jgGHrxpvn+Uiz/RfSjyYCAjgDMCoCAgCjBCBa
   NixpBhu/UtsarRFcP9ZQbZ0C9ayMkRoZ23r5pYFjYAICQZMwKgICAKQEIEJtI1laLExnxUZC
   arC0Vucxn9O9KxMrRKemPxKvB2bQAgJOUTAqAgIApQQg6gJi3c/MAuJxFV0yUc5B2bMfTBKd
   8FzLaoMBwJYQyJ8CAkTAMCoCAgCmBCA1rfuygRz/Ir7ZkrPUe9p4Rpg9vK1SoEn0sJz1uM8E
   LgICPy4wKgICAKcEIOdvizJLM6O4sLN7KoizKWmm4UioRu1m9gr2SHSC2Nd3AgI/LjAqAgIA
   qAQg5HV5XtWcW5u+M1iilDZmQpdW0+FsA/RQAHEywOJaqSoCAkGSMCoCAgCpBCCxj1yZvKV+
   4waavugsqEmC9jnjCQPF+HFqB9cfwzRwxwICPMswKgICAKoEIOyuxv9jKsR/NtqvyMdj5/lP
   yUq6gDqXiTQs/pMe4N5oAgJBlDAqAgIAqwQg4+vGsAxV4Ht+l+xqELNM1T/x3O2Xp7hFfFjl
   97Gvd5wCAkGTMCoCAgCsBCCAqbZwusWzJxat6N2i/Rb+1MWKRGWd4KnP6eHG/jMYNQICRyYw
   KgICAK0EIDmdH/De0DDAcvGX4XPf82kzmHEFmzCJco37zywJhJXjAgJBkjAqAgIArgQghZvl
   JOdIcIDjYiDLCWZ2LJphfmkmDqkadrY4nTfE5zECAkMsMCoCAgCvBCCyjM7WHojIyKdqQLPi
   M4L1MKh2s6eDG396EkwbLHa3AQICU+gwKgICALAEIK7P40FO2XS7mLyFa4UpesUvsZxsmi5+
   pcrpDsFu78sgAgI9lzAqAgIAsQQgg4JPqGViXRg3GFBI1TtzZKjVwhRDpxeB+Gnlgv4ynOsC
   AkZaMCoCAgCyBCAKUL6DC90lM1/jLa2SdI10rSWaSYKJscSXAvUJpiQokgICQZMwKgICALME
   IEBRG5NI0iXjttKDR5iHTcDKbpW4sLyuu/3aQ22hWPj3AgI+YzAqAgIAtAQgVB/+e0OP0oBx
   Hs3oQCqZ/qEdWm6+ae1C1Ty3z3vgoyQCAk2IMCoCAgC1BCCL/70uF9gdMCXijxThwj7wL47Q
   S0QBspMPgU5LjuPYSAICSyIwKgICALYEIILr6tKk2wQAx0MfxtHZDUwuHrfR7HVEuUtXN3jB
   B697AgI8ADAqAgIAtwQgPlxT8ipyGINO9i5Ly/yLmNXUl+OdVrzCfYWbDAGsc5ACAkJgMCoC
   AgC4BCDWOOhy68Q10ETFUrYWQTp2VsLcQDvZ49URxfbup66KVwICPZcwKgICALkEIDOu16H0
   Jw5bKTT4eeGwQ4TFa9AltvpDnj9k+n3AYS3bAgJJizAqAgIAugQg7br4DtGjjP3coqwDRr4V
   8CZuzaWGxpTSlHRFXtqTWNcCAj/5MCoCAgC7BCB7q69j9Ux/mKwTcHwFHE84rRcxdYgpKuUH
   A4B5nMZ+QwICP/owKgICALwEIM+YZHUZwQyE9IxYloBaC2RDSRHD5yMG7pwkGDqh7O8+AgJH
   8DAqAgIAvQQgKOYWtxHkUkfJ3k4+pi6TpOaFj7kOnzNNR+0pFUzzlLECAj5jMCoCAgC+BCCN
   7A2TSITXQ39jU7SCNY9DNKLMu6MaIz0X7TluPzh8jAICOzQwKgICAL8EIIDNtWA+ClMRGQRz
   hwkQQJgxjiWXG32sm4/XxJ89M9WiAgJExDAqAgIAwAQg3Ga6ranqXbMq5frKEF3gs5crvyce
   GL9vG51jRgNe3lkCAkMqMCoCAgDBBCDDJPgkdEztcFimEqezOuJCrRSECo0J8n6OwlSpG35P
   0AICULcwKgICAMIEIGo51OjqMJ/6uV4aM66Ccs7RkrcwVwPD3xgsrVSsDRKKAgJDKzAqAgIA
   wwQgbp7rR9MyK7N+csFpnDz5Y/k0uUva57AVbCqb5SBRk5cCAjzLMCoCAgDEBCBPZtYttDeA
   QJhK84UVm9qHTn248Z0mATix9mxQh++kegICP/wwKgICAMUEILF+KzZKi4HjUJ9395oYFMyf
   juPYor1gBfIBUgex5m2FAgJH8jAqAgIAxgQguDxTOdjZj6QosUbHKqGMVtYgZG4nV+9di/ad
   DRJQ2PkCAjzKMCoCAgDHBCDrh4tE3YJ7CJPm2I0Ju4HK6jaytmplxCZg3pTQywvoywICQ/cw
   KgICAMgEIGemjtDrFSbCzW4o8Nj0CGajSBRks6v5+RwFGsNcTnAMAgI/+zAqAgIAyQQgbClv
   5v98UfjKYn0Fyn55t5bBWR4vmW77sCe111vt4ocCAj/7MCoCAgDKBCDkOJ9vGgnTdyl4jloP



Snijders, et al.          Expires 29 March 2026                [Page 19]

Internet-Draft   Erik Synchronization Protocol for RPKI   September 2025


   y/CxswJPMcPOwJVwBflsn1is6AICSYwwKgICAMsEIBTgYcoS7IkCsOTEUuUY9wJXcb0SuPir
   gdVrlA2YEuUpAgJL7TAqAgIAzAQgsGheWVvilMiczSOxaI4HdiOu/OfXXn1dXetUaKKpPqoC
   AjQIMCoCAgDNBCB8Hh8omWkEpLKouQjM5a1nj5PDUlQ/LRkXBD9R06xkuwICSlgwKgICAM4E
   ICcqyQeXM1FlSAMNYvyJ+0ohVIPXUX9RpecJr+QuYcHOAgJDLDAqAgIAzwQgc+YPSnZZzRdQ
   D/o8mO5H84xop4Wku1nE14Yuk0pTaaoCAkP3MCoCAgDQBCCUopVQSXjJJW5FTbKoQemKZEyv
   3sHSUWJEjN4BGWr0ugICRMMwKgICANEEINzwqsQ9DADesBaS0IxlCFK4XiVaSN58f2D5Qkmi
   8mqfAgI/+zAqAgIA0gQgK5ZGjRsQ/avSf+ZWoBno8EBX5GgndYK0EVeGgIajpo4CAk8fMCoC
   AgDTBCAzzjJFmnf1OGtRNSj+xuRdNpeDNqHMiUKvCRAKIrtiTAICQywwKgICANQEIGj12Lz9
   xhO04PnzXnm22rD1ixCevYvyBtMLnPZpoEKMAgJFjzAqAgIA1QQgeM+PRSwcFJ9jNNwgW7gb
   HfeSaPlIn9cW1VLLBhCSASACAkDHMCoCAgDWBCDick0Xb4gK7A7hCR7QTdSxcavQkCi+rtok
   thd4HemXswICOmYwKgICANcEINSubGAg/zG7itqj78MrzqAV0IjhUXgfKi+Wn97bbIYGAgI8
   yTAqAgIA2AQgzrrf0mo3oZNH12kaP5YJg0/68fUA3EYrhD07CuvkpAECAj/4MCoCAgDZBCDr
   XgOaBsLQMUN1WW4Hfg3hIJ2W4732xOeQ/zh8UggZCwICQyswKgICANoEIJN8F23BOUxr9ytR
   7OiBUYoxUtYoSMGZF5LMgUg7XnvJAgJJizAqAgIA2wQgScKLPMmcID4UIrEe0s1hM6UYFG6E
   Z4Mhp2m/iTifFmQCAj/7MCoCAgDcBCCpnAxOmkkLvxWJSQP8mw8tMTCS5iqROzTi3ofJUxGo
   mwICT+wwKgICAN0EIIGe5weMmbhVu1qwGbiT3SJFr89xtgVhwxA0U9Z4SK5xAgI5mzAqAgIA
   3gQgRr11O877dhCJ58SLBBj73ZL1z+tx/avHaewgJYXWblYCAki/MCoCAgDfBCDqHlZveqkE
   tUIpfTlq0bE/ZPsaVyfMXs8VnSmxMcV3HgICNmwwKgICAOAEIJKicAXor8ec7/putzWFTulw
   fASlj/rGEc0OQirHGn8RAgI/+DAqAgIA4QQgbBKfuN+i8Pld6VoA/J3vDqEETrE4l8Hc1HEk
   AjjyZ0YCAkcnMCoCAgDiBCDjOq8wNSc72ET5lFT5GJsHZEuToPnADpjbAUglu29vdgICT+sw
   KgICAOMEIMMunP77bxEi/TPfmbv23tejLSO9sgsF17QLi1XIJQvQAgI8ADAqAgIA5AQg/HIJ
   56MNRwTWFfObMxudYylIOM/mlwmIZSWZqMnG9NYCAkGRMCoCAgDlBCBqwcPVkU9f9bFaLeN9
   ncVWpiTwA6r51OZi2X2NaTZDsgICPzAwKgICAOYEINoi8+Mdwb2e9sMkOJNFuFgIjbUshx7F
   9nndrhI5xESoAgI8yzAqAgIA5wQgEawwnpqhtkuBYzdGSLagC/usXOPAhOlGb41EJsK4W6cC
   AkWPMCoCAgDoBCCO4/5rdbpG3uJKFxGFQtxOaNDwBx0P5TSvlQLSTxWEZAICThIwKgICAOkE
   IFxFi8kv2Pa01D22STJF/R8ZfJCfb65u+a4QLV2pdZA0AgJDLDAqAgIA6gQgtqdiQL6I34Oj
   mwEZUbIbBSXuBLhoxVnRlLPUJ1kH/QECAjgCMCoCAgDrBCB8juePUk3yDnCBhfHskziOT5YS
   Sr0cO0AtmQnz7xwKwwICOZgwKgICAOwEIKBPTnXfmtX/4RhWcmSNdRW1MBhL+W1Gqhlo8CD1
   jY6qAgI4ozAqAgIA7QQgxmbLfDqRcWU62ii6Z2WHqBonGhMHISHIhE2g+4pwdOcCAj2XMCoC
   AgDuBCCSucEbgymnj8Kya4QX9Z4woH+IskKwWl0UsuC4C4PobgICPZcwKgICAO8EIAsdcveE
   GDqHzjQ0ukJh3cVMlb2T9Lt0GmHoDOPVbkTfAgJDLDAqAgIA8AQgWVfUlP4yqiM61AEfVcUk
   94LD/12uG1Z/c9MLVDcPRi8CAjv/MCoCAgDxBCC1FQ8kFl8T89kQqh2sPXHQhGnLo0dhSCAN
   PGvW5C2ZzAICOmcwKgICAPIEIB66DhxH5jXOyLOhw4HNNoH6aJI97nJ48jctiEw0j6+uAgI8
   zDAqAgIA8wQgJa1EXD4yCDaHAKNxBRVGGPqxgoRBwzyMPhMOPs95edcCAjpnMCoCAgD0BCAo
   3FTszzQJMmseV2Ksx2VvFY3GIYVCADmG9MZS+ZSjAAICNzgwKgICAPUEIEkeQ+/DpMinvxL3
   WftXjKm6jWPN/1ICRxWPJLVOSgRVAgJAxTAqAgIA9gQg3G2pqs0/o48IXg1ytP1hDx5Az+JV
   esKoS7azwQfbbWECAjv/MCoCAgD3BCDpz9CX9T+wdO3RGoejDfd8g45IlNVkTWkQvlOp+Any
   vAICOZkwKgICAPgEIE2kjZzd4f06F4OkC618FyDLzSj3fpkL0ziut8C1BWDXAgI+sjAqAgIA
   +QQgn4XbqAvQ7X/bQhbDeU783K0sYqWCs/UJ14FDEK2Js18CAjUWMCoCAgD6BCBwTbJIbR3u
   B/5UGCue0sbfe+gwwI1r85ZWjRNHfqjudAICQEswKgICAPsEIKD3lTXhwZ+14VI+2zea1LHg
   GhiJ29RpVFdkbdFTCmlSAgI/fDAqAgIA/AQgq99/XBu3PCo412fjNZ2Y1ur8JuyRCZUAeC7E
   mMKkG9cCAkJgMCoCAgD9BCCGUNfF0q+JK9WdgWcjvqqghhnaJr7ByVCpqqccIcrGBQICNNMw
   KgICAP4EIMV4EJ78f5L126U8DQpKc6WS+/0rxvm6LlVJvANUHJW0AgI9ljAqAgIA/wQgH50b
   PHPlVD2ttD8e6YpSB2T+yyl52SyUhzTjCjY4aa8CAkP4







Snijders, et al.          Expires 29 March 2026                [Page 20]

Internet-Draft   Erik Synchronization Protocol for RPKI   September 2025


B.2.  Example ErikPartition

   This object was retrieved from http://miso.sobornost.net/.well-
   known/ni/sha-256/c2zSaUVzFAW7XY7BDGXzGvjLR0xlRmo2gD_FuC70mGQ.

   MIIs2AYKKwYBBAGCx1yGO6CCLMgEgizEMIIswBgPMjAyNTA5MjMwNzAxMDNaBglghkgBZQME
   AgEwgiygMIHJBCAG6UIxgyjIq982vxxKMJv/bowmDbMWO3LvgqHevfX87QICB4QEFH/v69Ff
   vGUUh6yvZ0JPR4PUPrQgAgIWlxgPMjAyNTA5MjMwNDAxMDRaMHYwdAYIKwYBBQUHMAuGaHJw
   a2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzlhLzI2ZWY2My1iNzJmLTRiM2MtOGRm
   Yy0yYmM4NDUxOTIyN2EvMS9mLV9yMFYtOFpSU0hySzluUWs5SGc5US10Q0EubWZ0MIHJBCAJ
   C/5rz8EctTLdokjtJcRbxjNkGTUDXvS/ul5awnE/6gICCGAEFH8rqG33h4iPb4WSqAam/+ow
   RsB6AgIWnxgPMjAyNTA5MjIyMzAxMTlaMHYwdAYIKwYBBQUHMAuGaHJwa2kucmlwZS5uZXQv
   cmVwb3NpdG9yeS9ERUZBVUxULzYwLzVlNjc4Ni02Mzc3LTQyMjQtYmEwNi1kYzQ3NjllZmYx
   ZjUvMS9meXVvYmZlSGlJOXZoWktvQnFiXzZqQkd3SG8ubWZ0MIHJBCANOJm2BGv14ec2gL92
   ALy6rhSrwWaoZ9RvLtuakvPH/AICB84EFH+oFqMzjTJ0HNT/+PSd2yzIOP3FAgIEDBgPMjAy
   NTA5MjMwNjAwNTdaMHYwdAYIKwYBBQUHMAuGaHJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9E
   RUZBVUxULzUzL2E0NTI4YS05MGU2LTRkOTEtYTUyYy1mMDcxN2VhNDg1YzYvMS9mNmdXb3pP
   Tk1uUWMxUF80OUozYkxNZzRfY1UubWZ0MIHJBCAQcLeR03m/qXv7ORS2kMM/0AGF7sbyiKRM
   FWUjx4lyHAICB84EFH+S33YQ8Ej0O/RMM21BxsEVfvDiAgIWLhgPMjAyNTA5MjIyMzAwMzla
   MHYwdAYIKwYBBQUHMAuGaHJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzE3LzU4
   YmUxOC0yZjM1LTRjNmEtYWE2YS03ZjcyZjQ0Yjg5ODIvMS9mNUxmZGhEd1NQUTc5RXd6YlVI
   R3dSVi04T0kubWZ0MIHJBCAWJLJq5NgRwoTGQyjxWd8kyvlpHldouFIaEXTVe2eCigICCF8E
   FH9W8olIyDLy1DS7RNXeDqEiYBsFAgIWnBgPMjAyNTA5MjMwNDAyMjlaMHYwdAYIKwYBBQUH
   MAuGaHJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNhLzIxZmJjYS04MGUwLTRi
   OGMtODYyMi00ZTg2YWQ2NGY3NzQvMS9mMWJ5aVVqSU12TFVOTHRFMWQ0T29TSmdHd1UubWZ0
   MIHJBCAZtE87O4WQcce5Xl54WOqwv/CMhhnDW7u/ZfNdcTsxlgICB84EFH/mixIjS9cDQwG8
   lrE4quJ3hgo+AgIFBxgPMjAyNTA5MjMwNDAxMDdaMHYwdAYIKwYBBQUHMAuGaHJwa2kucmlw
   ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhiLzRhMTExMS04ZjNjLTRlZGYtYjc3Yy0yZmEy
   NjMxYmMzMWMvMS9mLWFMRWlOTDF3TkRBYnlXc1RpcTRuZUdDajQubWZ0MIHJBCAdR5bZgtQs
   WmbdFbwYysmBReKtzDzrYIAbMAd65FUgdQICB84EFH/3TavU6xqhFHFE4VsCZp6YL95NAgIG
   RxgPMjAyNTA5MjMwNTAwNTBaMHYwdAYIKwYBBQUHMAuGaHJwa2kucmlwZS5uZXQvcmVwb3Np
   dG9yeS9ERUZBVUxULzdkLzBmYmJmNS1jODNkLTRiOTctOWNlYS0wNTVjNDlhYzY4MjgvMS9m
   X2ROcTlUckdxRVVjVVRoV3dKbW5wZ3YzazAubWZ0MIHJBCAk8vdyICFceQZP/jwTVpd1m7oN
   8aINdZ9yBdwal5r/wAICCBgEFH8DofjDNP2/S3je8MWS/wSQ3fSwAgIWUxgPMjAyNTA5MjMw
   MDAwNDdaMHYwdAYIKwYBBQUHMAuGaHJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
   LzY2LzNmZTFhMC1jNmZkLTRiYzQtYWFlMS05ZWUwMDY5NDJiNGIvMS9md09oLU1NMF9iOUxl
   Tjd3eFpMX0JKRGQ5TEEubWZ0MIHJBCAtzQRAh0RvVm5t5cEliNTCNV61ummB7bPmMHHs2Q6B
   qAICB84EFH9YvAhkEvTSxU+gcC2SziVJbOR5AgIUFBgPMjAyNTA5MjMwMDAwMzVaMHYwdAYI
   KwYBBQUHMAuGaHJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NjLzUzMDkzMy01
   OTE1LTRmZjItYjFmOS01MDEwZDA1Zjk5YTgvMS9mMWk4Q0dRUzlOTEZUNkJ3TFpMT0pVbHM1
   SGsubWZ0MIHJBCAvHd/7VSM5LDf/9vv6NdM4wyOY6FW5vdaHrNFW4G+5agICB4QEFH8HV8Mx
   mB4EK3RxNzUn0PZKE1a0AgISPxgPMjAyNTA5MjMwNDAxMzFaMHYwdAYIKwYBBQUHMAuGaHJw
   a2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzc4LzRmOTZmOS01NjlmLTQzM2MtYjlh
   OC02YTI2MTJkNDBmNTAvMS9md2RYd3pHWUhnUXJkSEUzTlNmUTlrb1RWclEubWZ0MIHJBCAv
   uosewYqBhxMMwPDzG2Bb7HOXqIP4n3Xrkoa4ANMKtwICB84EFH9Wid5KfOdovzq12fhUboVs
   yxk2AgIWmxgPMjAyNTA5MjMwMDAwNTZaMHYwdAYIKwYBBQUHMAuGaHJwa2kucmlwZS5uZXQv
   cmVwb3NpdG9yeS9ERUZBVUxULzc3LzY0ZDUwNS0yMjA0LTRkY2EtYTk1ZS04YjUzNzI1ODRh
   Y2QvMS9mMWFKM2twODUyaV9PclhaLUZSdWhXekxHVFkubWZ0MIHJBCAw/TNRg+KR3AigQmsm



Snijders, et al.          Expires 29 March 2026                [Page 21]

Internet-Draft   Erik Synchronization Protocol for RPKI   September 2025


   fTMLWK6AgvtqWcYmyXrbYW2gjwICB84EFH/RimpJkQzDMdyREUrlm3GF1fMNAgIWnBgPMjAy
   NTA5MjMwNDAyMjBaMHYwdAYIKwYBBQUHMAuGaHJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9E
   RUZBVUxUL2JhLzA5NDdmMi0yMmNhLTQ3Y2ItODlhZC0zZTUwYTVmMDE5OTgvMS9mOUdLYWtt
   UkRNTXgzSkVSU3VXYmNZWFY4dzAubWZ0MIHJBCA2FDd/pvoShAkRHeWEYTHP3p34AkM9F4UJ
   yiPR4yK2vAICB4QEFH9za4igJATUMEvdrV/1UEpoM+e3AgIWmBgPMjAyNTA5MjMwNDAxMDFa
   MHYwdAYIKwYBBQUHMAuGaHJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzk5LzBm
   MjVjZS1iOTc3LTQ4NTMtOWVjMy05ZTU2Y2I1NGZlZjcvMS9mM05yaUtBa0JOUXdTOTJ0WF9W
   UVNtZ3o1N2MubWZ0MIHJBCA3ePsvoey6JSimntoFj7+Uj2Jp7o3x9lxHSCHA+CvngQICCKUE
   FH/K2J3xv5mjbykMw+8PHntNAnUzAgIWdxgPMjAyNTA5MjMwNDAxMzJaMHYwdAYIKwYBBQUH
   MAuGaHJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzU1LzlmOGIxNi0yODRmLTQ1
   MTItYjNkYy0wMTVkOWYxYjRiNTAvMS9mOHJZbmZHX21hTnZLUXpEN3c4ZWUwMENkVE0ubWZ0
   MIHJBCA6w7i2aTE856qUWrqtHvcV2pGAytPzW+ItBY72cJRyTQICB4QEFH+LIYNYmDp9eiU4
   qdqbofNJTXGrAgIAwRgPMjAyNTA5MjMwMTAwMjRaMHYwdAYIKwYBBQUHMAuGaHJwa2kucmlw
   ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Q5Lzc2Y2QwMy1lYWEyLTQ5NjUtOTRlZi05OGRi
   YjY0MDJjZGQvMS9mNHNoZzFpWU9uMTZKVGlwMnB1aDgwbE5jYXMubWZ0MIHJBCA78jSLajj1
   eEmavbdMS0bHcK7ucyNY/5GhcB/BhvNRbQICB4QEFH8UzoEDt4XzUEvEsy8fTJtwzj9/AgIP
   WBgPMjAyNTA5MjMwNDAxMDVaMHYwdAYIKwYBBQUHMAuGaHJwa2kucmlwZS5uZXQvcmVwb3Np
   dG9yeS9ERUZBVUxUL2I2L2Y2OWRiZS1lMDc1LTQ0MzgtYjUzYi1mNjE2MGZhMWZiMDIvMS9m
   eFRPZ1FPM2hmTlFTOFN6THg5TW0zRE9QMzgubWZ0MIHJBCA+CnuiFF/Cda/T10RjLbIbhGiA
   6yw/wmdbNs/E5YVk6gICB84EFH/uPzggc/LD5PzP/KOExbDNgmwmAgICbBgPMjAyNTA5MjMw
   MjAxMDRaMHYwdAYIKwYBBQUHMAuGaHJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
   L2E3LzhjY2ViZi1mOWZhLTRjNDYtYWVlOC1jY2JmYTczNDI0YTcvMS9mLTRfT0NCejhzUGtf
   TV84bzRURnNNMkNiQ1kubWZ0MIHJBCBC7monZzoZgLqRkbEUcIq3ToeoeEYEbRf/yR3KXgbP
   lwICB84EFH/JVqUrc1BKTx/zRUcZkpen9d6dAgIKTxgPMjAyNTA5MjMwNTAwNTRaMHYwdAYI
   KwYBBQUHMAuGaHJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2FhLzcxYWI2OS02
   OTY1LTRiNzAtOTY4ZC1iYjU3YTRlZjcxNTMvMS9mOGxXcFN0elVFcFBIX05GUnhtU2w2ZjEz
   cDAubWZ0MIHJBCBEoOAA8szwjyi9uxLlSyErul1XChsoH4xs3+leR8c4pgICB84EFH8Yitq1
   tVIIHsrIIcmwkDlIc7MVAgIRCxgPMjAyNTA5MjMwMTAwMzBaMHYwdAYIKwYBBQUHMAuGaHJw
   a2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzkwL2E2NTUyMi1mN2M1LTQ4N2ItYjdi
   OC0yZTQ2MTQxNDFhYTQvMS9meGlLMnJXMVVnZ2V5c2doeWJDUU9VaHpzeFUubWZ0MIHJBCBH
   59+1gS6pkImGH3tVdnqkYpyPqpt5h0mEJaJjiaVljAICB84EFH+F6ZA1Q5fjbAypA6DGIMdw
   nv3NAgICyhgPMjAyNTA5MjMwNjAwNDFaMHYwdAYIKwYBBQUHMAuGaHJwa2kucmlwZS5uZXQv
   cmVwb3NpdG9yeS9ERUZBVUxULzVlLzRhZTE3NS01NWQwLTQ4NGQtOGQxMS04YzlkNTgyM2Jh
   ZDkvMS9mNFhwa0RWRGwtTnNES2tEb01ZZ3gzQ2VfYzAubWZ0MIHJBCBIo5YvqeKZhIwAq5xN
   WIHFPQYXdGHXx++Snc9OR3VklQICB4QEFH+ZGMq28fNe8bXlg8soOem3SLFYAgITcBgPMjAy
   NTA5MjMwNDAxMDhaMHYwdAYIKwYBBQUHMAuGaHJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9E
   RUZBVUxULzI2L2RmODJmYS0xMThkLTQyMTktYmExNi0xYTk2ODNjOWQ2Y2IvMS9mNWtZeXJi
   eDgxN3h0ZVdEeXlnNTZiZElzVmcubWZ0MIHJBCBUcrrYoOMnP+lR0dGSwp10yTI0ji2xK0XG
   VtH/jO9z8QICB84EFH93NN/qEgZXQS6oZ928e4TRMr94AgIPSRgPMjAyNTA5MjMwNDAyMDRa
   MHYwdAYIKwYBBQUHMAuGaHJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzdlLzY4
   MDMyNC1lZTFmLTQwZjItODhkZi0xOTY5MzE5NjJkM2MvMS9mM2MwMy1vU0JsZEJMcWhuM2J4
   N2hORXl2M2cubWZ0MIHJBCBk8ncmsVu05KJS64WUkhA4F/2Z6hhjsHEvOjGWkevNmwICB4QE
   FH9K5X7m4KnFEB/BSoelM0FQu6tGAgIF6hgPMjAyNTA5MjIyMzAwNTlaMHYwdAYIKwYBBQUH
   MAuGaHJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzJiLzExZmE0NC04ODc5LTRk
   MTktYjQ2OC01YjVkOThmNTM2MWUvMS9mMHJsZnViZ3FjVVFIOEZLaDZVelFWQzdxMFkubWZ0
   MIHJBCBloCeMud+A0BsPMrfdU2mQjsCbeBScISC/gPsgvPsQ0wICB84EFH9C0nwh2obH6fv0
   SuDlbJjz0vgLAgIOORgPMjAyNTA5MjMwNDAyMjNaMHYwdAYIKwYBBQUHMAuGaHJwa2kucmlw
   ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2E5Lzk4YjAyNC05ZDhmLTQ4NjktYTJhOS0wYWZi



Snijders, et al.          Expires 29 March 2026                [Page 22]

Internet-Draft   Erik Synchronization Protocol for RPKI   September 2025


   N2MzZmJmMzAvMS9mMExTZkNIYWhzZnAtX1JLNE9Wc21QUFMtQXMubWZ0MIHJBCBw8y/EDCcY
   Mb7gP8H5htrkZe4PVZuH0MnAfrIjELHbvAICB84EFH811a5Bf0XuhQXXbOqhs0xFg5SgAgIP
   dhgPMjAyNTA5MjMwNDAyMDRaMHYwdAYIKwYBBQUHMAuGaHJwa2kucmlwZS5uZXQvcmVwb3Np
   dG9yeS9ERUZBVUxUL2U2L2M1NDY3Yi0zOTYyLTRiNzQtYWUwZC0zNDQ3M2JjOTFkODAvMS9m
   elhWcmtGX1JlNkZCZGRzNnFHelRFV0RsS0EubWZ0MIHJBCBxZXk3VbhMC3pspd6F9s5+5rzX
   iCgmDS87bxAxcC5v9AICB84EFH/8glhd9pt8lLFqYZMv/ItuM1FWAgIScxgPMjAyNTA5MjMw
   NDAxMTRaMHYwdAYIKwYBBQUHMAuGaHJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
   L2U0LzUzMWQyYi1lMTcwLTQ5YTUtODQwNC05MmY3M2Y1NmZjNjIvMS9mX3lDV0YzMm0zeVVz
   V3Boa3lfOGkyNHpVVlkubWZ0MIHJBCB0NGwcUNfXmz+slvqbDJuuAJNSASxeJtVG+WIScDUZ
   EgICCBgEFH/g51k1ToPMGTIDgRCd4i2g8acAAgIWoRgPMjAyNTA5MjMwMTAwNTRaMHYwdAYI
   KwYBBQUHMAuGaHJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzRjLzBjNzI0My0x
   ZmZiLTQ5ZDItYjVjMS1iNDAyZThhMWQ5MzQvMS9mLURuV1RWT2c4d1pNZ09CRUozaUxhRHhw
   d0EubWZ0MIHJBCB0tjF6xFCQL8EVImZnEluq5kDbLBDcWemir9s7lRBErwICCKUEFH9RXq0J
   Xu2axMq8WrStC1hn2fAbAgIWsRgPMjAyNTA5MjMwNjAxMjBaMHYwdAYIKwYBBQUHMAuGaHJw
   a2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2E3LzVjMmE1OS02MDI1LTQwMGUtYWIy
   OC1mMGE2MjRkNDA5MTIvMS9mMUZlclFsZTdackV5cnhhdEswTFdHZlo4QnMubWZ0MIHJBCB3
   xsZEFIeGsX7ix102aTWQSKjQ7xeNF/o+rvPRBN0+MAICB84EFH/j1jtKW0BLX/g8vysVJaME
   d/ZcAgID3RgPMjAyNTA5MjMwNjAwNTRaMHYwdAYIKwYBBQUHMAuGaHJwa2kucmlwZS5uZXQv
   cmVwb3NpdG9yeS9ERUZBVUxUL2Y2LzgxYTY3Mi1mZTk4LTRkM2YtOWI4My0yY2I3YTNiNmU0
   MmYvMS9mLVBXTzBwYlFFdGYtRHlfS3hVbG93UjM5bHcubWZ0MIHJBCB4jbeXyKKmxw2qL7qN
   knQE9sC8Mbp3PB65S4tWNTn7YgICCF8EFH8+Cye45NeY+Sud4Vfx2lpDzUnlAgIQ2BgPMjAy
   NTA5MjMwNzAwNDFaMHYwdAYIKwYBBQUHMAuGaHJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9E
   RUZBVUxULzVmL2EwYzlhYy0zYTQ3LTRkNmMtYWExNS1hNDJlYzg3NzZmYmIvMS9mejRMSjdq
   azE1ajVLNTNoVl9IYVdrUE5TZVUubWZ0MIHJBCB6I7Br1qhj6mFvJAZLnxbwXjsrWAGCtEbu
   MY5nuQrj+gICB4QEFH8pZlevjQDCX9dfVuzIoos1FQV1AgIP0RgPMjAyNTA5MjMwNzAxMDNa
   MHYwdAYIKwYBBQUHMAuGaHJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2QwL2U4
   MGIzMy0zYmVlLTQ2ZWMtYjM1ZC1iYWY5NWE1MDZkMTkvMS9meWxtVjYtTkFNSmYxMTlXN01p
   aWl6VVZCWFUubWZ0MIHJBCCDkqyKnrs6AkI2WpmX5t8Dwi55XFHtP0mT5xiZIIGFcQICB84E
   FH8Xj69kAeLzcW4xdkVp33Md9Y8iAgIRDxgPMjAyNTA5MjMwNjAwNDlaMHYwdAYIKwYBBQUH
   MAuGaHJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzY2LzFiNzk2OC1jYTRkLTQ1
   ZjQtYjY3MS0yZTdmNzg0ODljZDMvMS9meGVQcjJRQjR2TnhiakYyUlduZmN4MzFqeUkubWZ0
   MIHJBCCFDDrzBUzNkumvliEbQSphMBB2WbYuFwD4ZYxe7f2+ogICCBgEFH8WgCjsDatmimfV
   v29TWMqr4zeoAgILChgPMjAyNTA5MjMwMDAxMDVaMHYwdAYIKwYBBQUHMAuGaHJwa2kucmlw
   ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NjL2IxNTI4Ni1mZDRkLTQ5ZmUtYTY5ZS03ZmFk
   ZjUwYTJlMzcvMS9meGFBS093TnEyYUtaOVdfYjFOWXlxdmpONmcubWZ0MIHJBCCKsbiYxCks
   WitfT9wl//KbqqkzkoXS5g++SNBP0lbHOwICB84EFH8dWNYt3X5HryGW/XVLs/8meYkqAgIW
   mRgPMjAyNTA5MjMwNDAxNTlaMHYwdAYIKwYBBQUHMAuGaHJwa2kucmlwZS5uZXQvcmVwb3Np
   dG9yeS9ERUZBVUxULzQ2LzI5MGE2MC03OTJmLTQ0NzUtYTlmNC1lM2I5ZTBiYWU2YWIvMS9m
   eDFZMWkzZGZrZXZJWmI5ZFV1el95WjVpU28ubWZ0MIHJBCCOXbx/KCDd6GY3H2VwgqZj6ils
   X1nuORbCFThWKwFR1wICB84EFH8RQWrjkp3ze/ZqRZzTrKY4kelGAgIWlxgPMjAyNTA5MjMw
   MDAwMzBaMHYwdAYIKwYBBQUHMAuGaHJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
   LzJmLzZiMjJlOC0zZGNkLTQ0ZGQtOTUxNC02NzU2ZjdiMGMwZGIvMS9meEZCYXVPU25mTjc5
   bXBGbk5Pc3BqaVI2VVkubWZ0MIHJBCCRycPVPeYtsaCCsUTfyqBHbPAAwsIA/BFmYeDB5Isx
   dgICB84EFH/WLkLAjhYBxFceDYijSaBQnepeAgISIxgPMjAyNTA5MjMwMDAwNTlaMHYwdAYI
   KwYBBQUHMAuGaHJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzc4L2I5MzRlZS1j
   NGJhLTQzOTEtODBiMC1lNzVhNWVhODlmZDEvMS9mOVl1UXNDT0ZnSEVWeDROaUtOSm9GQ2Q2
   bDQubWZ0MIHJBCCTyRLdagxVGYugDu6T6ET54lM06pyPjvE5S27+B9xA/QICB84EFH8z/EDS
   4DM7vHveqyvYWZVDAcDxAgIF5BgPMjAyNTA5MjIyMzAwMzVaMHYwdAYIKwYBBQUHMAuGaHJw



Snijders, et al.          Expires 29 March 2026                [Page 23]

Internet-Draft   Erik Synchronization Protocol for RPKI   September 2025


   a2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2I0LzY1YmYxZC1lYzFkLTQwZTYtODQ5
   ZC03OTc5MGQ2NmQ3ZDMvMS9melA4UU5MZ016dThlOTZySzloWmxVTUJ3UEUubWZ0MIHJBCCU
   2IRpBytL/B62SPheK1y8NuGHwWPbU8iyvkhFLuXp3gICCb0EFH9r0aawRiXFcdgw+HixwCOC
   R0CMAgIFPxgPMjAyNTA5MjMwNzAwNDRaMHYwdAYIKwYBBQUHMAuGaHJwa2kucmlwZS5uZXQv
   cmVwb3NpdG9yeS9ERUZBVUxULzQ4L2JjNjZkNy01N2FiLTQ3NWQtOTZiYS04OWI2YzMyMzE1
   YzIvMS9mMnZScHJCR0pjVngyREQ0ZUxIQUk0SkhRSXcubWZ0MIHJBCCYquVwfhlYMcmkDOxQ
   2HCsPWT69GGOnzJ/g90EwQ8rIgICB84EFH8+CHSJ7iOpQk1T+sIW7kuOASgOAgIWLhgPMjAy
   NTA5MjIyMzAwNDZaMHYwdAYIKwYBBQUHMAuGaHJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9E
   RUZBVUxUL2M2L2MyYzk5ZC1jZjkxLTRkZmItOTRkZS1hN2M2M2Q1NjJlNTYvMS9mejRJZElu
   dUk2bENUVlA2d2hidVM0NEJLQTQubWZ0MIHJBCCfyEBs3iVYfhQ3nM9w6BpR5fISnWVCBV62
   cPxv9KUEnQICB84EFH/7ARXErN3RtK3EBzeAcmrPwBr5AgILpRgPMjAyNTA5MjMwNjAxMDZa
   MHYwdAYIKwYBBQUHMAuGaHJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzYxLzUy
   NjhmYy1jZmVlLTRhYTgtOTdiZi1jYmUwMjA2NjVlZmUvMS9mX3NCRmNTczNkRzByY1FITjRC
   eWFzX0FHdmsubWZ0MIHJBCCn6U5KB9Ulxw7GIPFbaOmCIDKf8lpmKqI33H2DHzZksgICB84E
   FH9RIoN0dC31RKqTBYxaO9PRZCGZAgIODBgPMjAyNTA5MjMwNTAwNDlaMHYwdAYIKwYBBQUH
   MAuGaHJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzBhLzkzODVhYS0xYjc5LTRh
   MDItYTA5Mi0wMWViMDM2ODRmMDkvMS9mMUVpZzNSMExmVkVxcE1GakZvNzA5RmtJWmsubWZ0
   MIHJBCCpi80UrfSzwmVwcehboPdQHhrh6h9xGsVXEPoezAH0XwICB84EFH9qjl1VwkmKgmNv
   mfj8njGeB3ceAgIPnBgPMjAyNTA5MjIyMzAwNDFaMHYwdAYIKwYBBQUHMAuGaHJwa2kucmlw
   ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzc0LzI3ZmNlMS0xMWNlLTRhMzItYTY0OS1lMDc2
   YjUxNzIxYWQvMS9mMnFPWFZYQ1NZcUNZMi1aLVB5ZU1aNEhkeDQubWZ0MIHJBCCsI4WNFfQO
   MibfaZfwiXVbi3HpxPKq0qlzWTjOSZ0K6AICB84EFH8qMrpCGWgNzdWPYQHlx67BVApzAgIW
   nBgPMjAyNTA5MjMwNDAyMTZaMHYwdAYIKwYBBQUHMAuGaHJwa2kucmlwZS5uZXQvcmVwb3Np
   dG9yeS9ERUZBVUxULzU1LzE0M2U5ZS05NmU2LTQ3NGUtYWQyYy0yMmU2ZGY0NTg0YWYvMS9m
   eW95dWtJWmFBM04xWTloQWVYSHJzRlVDbk0ubWZ0MIHJBCCv8OQ2OEccYyrWLhsQ9GBsMkL+
   U1qihaQnp4htBZJ7xAICCF8EFH9QB30t2KZ6Gui2q9a7s0iQKKW7AgIWohgPMjAyNTA5MjMw
   MjAxMDJaMHYwdAYIKwYBBQUHMAuGaHJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
   LzVjL2MxYzFjZS1lYTU5LTRkY2YtYmNjYy0zZTdjYWRkODhjNzAvMS9mMUFIZlMzWXBub2E2
   TGFyMXJ1elNKQW9wYnMubWZ0MIHJBCCwbYH58Q1Hr3LbAk6xc1G6KS2L4M6cMSMGeGSmORmj
   0wICB84EFH+0PeI3/QtqKHOJIwkh0losLtGoAgIWLRgPMjAyNTA5MjMwMjAwNDFaMHYwdAYI
   KwYBBQUHMAuGaHJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzA5L2Q0ZDEyYS1h
   YjRlLTRkYmEtOTVkZS1iYzYzNzEzMGRlNmUvMS9mN1E5NGpmOUMyb29jNGtqQ1NIU1dpd3Uw
   YWcubWZ0MIHJBCC5qxrhGsdwpb32aH8xthnZZzwSXC/uTEJLN0VxpfIVKAICCBgEFH/xuBz+
   arsRjpfgMltmLq+YTy9qAgINBxgPMjAyNTA5MjMwMDAwNTRaMHYwdAYIKwYBBQUHMAuGaHJw
   a2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzc1LzE4NmExOC01ZDdmLTQzZWQtYjA2
   YS1jZWE3ZWIzNTA1MzcvMS9mX0c0SFA1cXV4R09sLUF5VzJZdXI1aFBMMm8ubWZ0MIHJBCC6
   bbXg9NGOUIrRUF7O4Kkx7JJK2UGvi48vcupkrHBNoQICB84EFH8xNg/8Gv1fHaZtgUBORmNR
   LUlnAgIUJBgPMjAyNTA5MjMwMjAwNDJaMHYwdAYIKwYBBQUHMAuGaHJwa2kucmlwZS5uZXQv
   cmVwb3NpdG9yeS9ERUZBVUxULzJkL2ZlZjVkZC0zOGVlLTRiYzUtODJmZi01ODRkNzhhMjVm
   OGMvMS9mekUyRF93YV9WOGRwbTJCUUU1R1kxRXRTV2MubWZ0MIHJBCDFP/VzX+fQNa0KUtTt
   8P0j61eHwFvSwrx0LHWDrDI3oAICB4QEFH9R3x306IZ+QeXn+S3n+dH6DBVNAgILgRgPMjAy
   NTA5MjMwNjAxMTRaMHYwdAYIKwYBBQUHMAuGaHJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9E
   RUZBVUxUL2ZhLzVlNzMxZi01MjhiLTRlMDItYWQ2OC02ZDkwMzVhZjE1MzUvMS9mMUhmSGZU
   b2huNUI1ZWY1TGVmNTBmb01GVTAubWZ0MIHJBCDNGMH6y/iAIm2VqfNabCpnclgk0F5FdiQx
   b45atOgcBwICB84EFH+bTP3JsNnjwx4Ou4Hm8bHLvcnkAgIMexgPMjAyNTA5MjMwMjAwMzRa
   MHYwdAYIKwYBBQUHMAuGaHJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzViLzgy
   NDZlYi04NDY5LTQyZGYtYTA4Zi05MGM0MjFmNTVhZGIvMS9mNXRNX2NtdzJlUERIZzY3Z2Vi
   eHNjdTl5ZVEubWZ0MIHJBCDULZ9V9GVvzrX6km+uZVhinNo5qZQvNZyoPq6ckfF4AwICB84E



Snijders, et al.          Expires 29 March 2026                [Page 24]

Internet-Draft   Erik Synchronization Protocol for RPKI   September 2025


   FH8dDjKYvtOn85+zskTtkYv2xNe/AgIUcRgPMjAyNTA5MjIyMzAwNDZaMHYwdAYIKwYBBQUH
   MAuGaHJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Y3L2U2NTA2ZS03Njg1LTQ4
   ZTctYTU4My0yMWFmM2RlZThlZTkvMS9meDBPTXBpLTA2ZnpuN095Uk8yUmlfYkUxNzgubWZ0
   MIHJBCDWykkLSOqpzcVFkVfC4KEZhaQ5iW2klfJdHpTsrQ5k1wICB4QEFH9+Xr1vpGnF43C/
   wQbE1KrR4duUAgIPBBgPMjAyNTA5MjMwNjAwMjNaMHYwdAYIKwYBBQUHMAuGaHJwa2kucmlw
   ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzIzL2MzZThlZC01OTdhLTQ4NWEtOTRhMy05ODJj
   ZmIzNTlhZWUvMS9mMzVldlcta2FjWGpjTF9CQnNUVXF0SGgyNVEubWZ0MIHJBCDi1bM+jh+B
   MioiQZihpFhx0f5+snIoLoL7iYheLRGulAICB4QEFH/xeuVHufJkHmBXf+VT3bb3SaCHAgID
   2hgPMjAyNTA5MjMwNDAxMDlaMHYwdAYIKwYBBQUHMAuGaHJwa2kucmlwZS5uZXQvcmVwb3Np
   dG9yeS9ERUZBVUxUL2E1LzFiYzBmOS1iZDdjLTRmN2EtYTQwNC1hNDNmZjI1ZDQ0N2QvMS9m
   X0Y2NVVlNThtUWVZRmRfNVZQZHR2ZEpvSWMubWZ0MIHJBCDrroFYFly0MZks0keOew0RIvBM
   lIz4sQ5J3U+8VQ+iOAICB84EFH9NWRwjrSxpR31/eh1M6OvO6VlsAgIE9RgPMjAyNTA5MjMw
   MjAwNDBaMHYwdAYIKwYBBQUHMAuGaHJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
   LzNlLzBkNjdhMi1iYzM2LTRiOTMtYjYwNC1kNGY1YzkyZDkwOTUvMS9mMDFaSENPdExHbEhm
   WDk2SFV6bzY4N3BXV3cubWZ0MIHJBCDrysEF0Mb4O38e4Yom6HOu56DkNiYSzsnLEu0z9ENq
   kwICB84EFH9DnZQkJvxnOyecyYqzX9vX6pf1AgISMxgPMjAyNTA5MjIyMzAwNDBaMHYwdAYI
   KwYBBQUHMAuGaHJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzJhLzY5YTA5Zi01
   ODA5LTQ2NTYtYjM1NS0xNDZmMjU0YWMxMzEvMS9mME9kbENRbV9HYzdKNXpKaXJOZjI5ZnFs
   X1UubWZ0MIHJBCDwigCSeW8JjL525MGaphNOYxoTjA+2y7/nxhBX30rm0QICB4QEFH8Xtvky
   OZ1YUJPRhzOU6/4bKfmMAgIOHBgPMjAyNTA5MjMwMTAwNDJaMHYwdAYIKwYBBQUHMAuGaHJw
   a2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMxL2NjMDIwMC1iYjJjLTQ1ZjYtYWM3
   NS04Mjc1NzdkZjhlZGMvMS9meGUyLVRJNW5WaFFrOUdITTVUcl9oc3AtWXcubWZ0MIHJBCD2
   OipMOZLdHyqDhwoMxCAgn3UjHiGo1ihS07IdefH2zwICB84EFH8km5VEYgaD+Us4inVRpopk
   k+0SAgICyxgPMjAyNTA5MjMwMTAwNDdaMHYwdAYIKwYBBQUHMAuGaHJwa2kucmlwZS5uZXQv
   cmVwb3NpdG9yeS9ERUZBVUxULzhiLzdhYTA0ZS00ODA3LTQ5ODgtOTEwMy04NDIzOTdlMzA2
   NDMvMS9meVNibFVSaUJvUDVTemlLZFZHbWltU1Q3UkkubWZ0

Acknowledgements

   The authors wish to thank George Michaelson, Theo de Raadt, Bob Beck,
   and Theo Buehler for the lovely conversations that led to this
   proposal.

   This protocol is named after Erik Bais, who passed away in 2024, as a
   small token of appreciation for his friendship.

Authors' Addresses

   Job Snijders
   The Netherlands
   Email: job@sobornost.net


   Tim Bruijnzeels
   RIPE NCC
   The Netherlands
   Email: tim@ripe.net




Snijders, et al.          Expires 29 March 2026                [Page 25]

Internet-Draft   Erik Synchronization Protocol for RPKI   September 2025


   Tom Harrison
   APNIC
   Australia
   Email: tomh@apnic.net


   Wataru Ohgai
   JPNIC
   Japan
   Email: alt@nic.ad.jp









































Snijders, et al.          Expires 29 March 2026                [Page 26]
