while i share your wariness of aws, it is for vendor lock-in, not
My main concern with moving RPKI repositories and the RIPE Database to the cloud is with the choice of AWS as provider, basically because Amazon is a US-based company. We know that tech companies in the US have handed over data to the US government - sometimes without a warrant, sometimes with. We know that the US law has provisions for secret subpoenas...
i don't take this as a credible threat; though i assume well thought out encryption, both at rest and in transit, and serious key hygiene by the ncc. but i would be inclined to a multi-cloud approach, providing not only redundancy, but also forcing avoidance of vendor lock-in.
I wasn't sure whether I should bother sending this mail, because I worry that this effort is being run like a Dutch government project. That means that people are fully informed, their opinions are listened to, and then the project proceeds exactly as the government planned without change.
it does have that aroma. but, being an engineer, i will judge by results. randy