0.9.9

• Add /api/validity end-point similar to Routinator's. It accepts both path and query parameters and also accepts a POST request with JSON array of asn/prefix pairs for bulk validation. Calculating these validities requires building an in-memory index for VRPs, which uses extra memory (about 400mb for five RIR TAs) and CPU (2-3 seconds on every re-validation). Building this index (and therefore, validity calculation functionality) can be switched off using --no-validity-index option.
• Generate internal unique ID of every version of the program to be able to detect upgrades of the executable file and to avoid launching worker process of a different version, which is better for stability of upgrades.
• Fix in RTR: cache pre-calculated full RTR state per protocol version to avoid routers complaining about unknown RTR PDUs.
• Hide local paths in the result of the /api/system call (can be revealed using --show-hidden-config CLI option) to avoid potential security issues.
• Memory usage optimisations.

0.9.8

• Add --allow-overclaiming option to support validation reconsidered algorithm described by the draft that is supposed to replace RFC 8360. RFC 8360 support is removed since there's no planned or actual deployment of a CA using this approach. The default for --allow-overclaiming is false, i.e. to use standard validation defined by RFC 6487.
• Fix cache erasure that may have left some LMDB maps lingering in the cache.

0.9.7

• Do no store too many older versions of payloads, they take too much disk space in case of frequent re-validations.
• Simplify and optimise disk usage

0.9.6

• Fix caching of TA certificates
• Support https://datatracker.ietf.org/doc/draft-spaghetti-sidrops-rpki-ta-tiebreaker/

0.9.5

• Filter out RTR PDUs that are not supported by the RTR version negotiated with a router. This fixes an issue when the router gets PDUs that it doesn't support.

0.9.4

• Fix rare occasions of CRLs cleaned up from the cache before references to them are removed.
• Added options --once and --vrp-output filename that together make rpki-prover run only one iteration of validation and exit. Resulting VRPs will be written to the $filename. It is safe to run such one-off instance simultaneously with an instance of rpki-prover running as a server over the same cache directory.

0.9.3

• Fix an issue when occasionally a fetcher process would die with 'Problem deserialising binary log message: [rpki-prover: forkOS_entry: interrupted], error: "Base64-encoded bytestring requires padding for ... etc.' message.
• Fix a bug when validator gets stuck with old manifests when running over an old cache.
• Fixes for robustness-related issues found by fuzzy-testing (https://arxiv.org/abs/2312.01872)
• Add --no-async-fetch option to switch off asynchronous fetching.
• Add limit of 30 minutes for CPU time used my a fetcher, it will die with an appropriate error after using that much CPU time.
• Add /api/manifests?aki=$aki API end-point for investigating manifests for CAs
• Make it an error for RRDP URIs to have different host names (https://datatracker.ietf.org/doc/draft-ietf-sidrops-rrdp-same-origin/)
• Log timestamps up to a millisecond

0.9.2

Add --no-rir-tals option preventing downloads of RIR TALs when using with --initialise.

0.9.1

Introduce --extra-tals-directory option for adding directories with TAL files. It can be repeated multiple times for multiple extra directories.

0.9.0

This is a release with features aimed at reducing latency of delivering VRPs to the end-user (a router using RTR or an API user) while saving system resources. It also adds initial support for recently introduced RPKI objects and contains some bug fixes.

• Add incremental validation algorithm. This algorithm does full validation only for newly downloaded objects that were not seen before and simplified validation (only validity time and revocation checks) for objects that are already cached. Current implementation reduces CPU usage for validation by 8-9 times, which allows to run validation much more frequently than before. This feature is enabled by default and can be switched off by the --no-incremental-validation CLI parameter.

• Add adaptive timeouts for repository fetches, i.e. every next fetch timeout is based on how much time it actually took to fetch the repository last time(s). It allows to reduce the chance of a suddenly broken or slow repository blocking all other fetches. This feature is enabled by default and can be switched off by the --no-adaptive-timeouts CLI parameter.

• Add adaptive fetch intervals for RRDP repositories based on how many deltas are fetched. Intervals can be adjusted between 1 and 10 minutes so that on average one delta is fetched every time, i.e. the validator doesn't do pointless requests but also downloads deltas approximately as often as they appear. Measurements show that most of RRDP repositories tend to publish new deltas less often than every 10 minutes, which allows to save about 30% of CPU used by fetching processes and issue about 40% less http(s) requests. This feature is a trade-off between latency and resource usage -- enabling it increases latency for rarely updated repositories. It is enabled by default and can be switched off by the --no-adaptive-fetch-intervals CLI parameter.

• Improve logic for asynchronous fetches introduced in the previous release. Now for a repository to stay in the category of "synchronously fetched" the repository needs to fetch successfully, quickly and do not require RRDP -> rsync fall back. Still almost all RRDP repositories fall into this category but the time for absolute majority of validation gets down to about 10-15 seconds.

• Support ASPA profile 16 (version without AFI field).

• Support RRDP desynchronization detection.

• Support signed prefix lists, i.e. parse, validate, store in cache. Added /api/spls API end-point.

• Add /api/vrps.csvext API end-point analogous csvext VRP format in Routinator.

• Add version parameter to most API end-points, so it's possible to get VRPs, ASPAs, GBRs, BGP certificates, etc. for previous validations and not only the last one.

• Fix an issue when unsupported or unparseable objects would make a manifest pointing at them invalid, since unparseable objects would not end up in the cache. Now an object that can't be parsed (a new profile of an object, for instance) is stored in its original ASN.1 form to avoid invalidating manifests.

• Fix long-standing performance bug when some CPU was consumed by the waiting validation process due to so-called idle garbage collection of the Haskell runtime.

• Use configured timeouts when downloading TA certificates instead of default ones.

• Switch to GHC 9.6 for both Docker images and static binaries, it reduces CPU and memory usage by 5-10% compared to previously used 8.10.