Stale Data with RPKI Validator 3

[alkhos]

Hello, I have RIPE RPKI Validator 3 deployed on a number of VMs running Ubuntu 18.04 using the debain instructions in Wiki. It seems that we are having a couple of issues with the validator as we have it ran there for a while now:

1. Once in a while, the servers stop getting new data. I can see this by monitoring http:///api/trust-anchors/statuses and noticing that "lastUpdated" is lagging behind the current time by the matter of days. This situation goes away by restarting the rpki validator ( systemctl restart rpki-validator-3 ). But I was wondering if anybody has had a similar issue and if so, what has been the cause of it?

2. Our servers, are also deviating in terms of # errors, warnings, and even successful count in the same "trust-anchors/statuses" when compared to the ripe's public server (https://rpki-validator.ripe.net/). I can see that a log of these are errors in these categories ( as seen in the validation runs API )

• crl.next.update.before.now
• mf.past.next.update
• cert.not.valid.after
• crl.next.update.before.now
• validator.manifest.entry.found
• validator.no.local.manifest.no.manifest.in.repository
• cert.not.revoked
• validator.no.manifest.repository.failed
• validator.rpki.repository.pending

Also almost all of these errors can be tracked to RRDP repositories ( and not the RSYNC ones ). We run 8/20 build for reference. Is there any reason for such deviation? or are there specific things that we have to note in the configuration to avoid this situations?