diff --git a/nest/proto.c b/nest/proto.c
index aebb5458..36045dd1 100644
--- a/nest/proto.c
+++ b/nest/proto.c
@@ -2156,3 +2156,33 @@ proto_iterate_named(struct symbol *sym, struct protocol *proto, struct proto *ol
     return NULL;
   }
 }
+
+/*
+ * jrb0001 fix to reload protocols on RPKI change
+ *
+ */
+
+
+void
+reload_all(void)
+{
+  log(L_INFO "Reloading all protocols.");
+  struct proto *p;
+  WALK_LIST(p, proto_list)
+  {
+    if (!p->disabled && p->proto_state == PS_UP)
+    {
+      log(L_INFO "Reloading protocol %s.", p->name);
+      struct channel *c;
+      WALK_LIST(c, p->channels)
+      {
+        if (channel_reloadable(c) && c->channel_state == CS_UP)
+        {
+          channel_request_reload(c);
+          channel_request_feeding(c);
+        }
+      }
+    }
+  }
+}
+
diff --git a/nest/protocol.h b/nest/protocol.h
index d82e3983..17f2d28d 100644
--- a/nest/protocol.h
+++ b/nest/protocol.h
@@ -630,6 +630,7 @@ void *channel_config_new(const struct channel_class *cc, const char *name, uint
 void *channel_config_get(const struct channel_class *cc, const char *name, uint net_type, struct proto_config *proto);
 int channel_reconfigure(struct channel *c, struct channel_config *cf);
 
+void reload_all(void);
 
 /* Moved from route.h to avoid dependency conflicts */
 static inline void rte_update(struct proto *p, const net_addr *n, rte *new) { rte_update2(p->main_channel, n, new, p->main_source); }
diff --git a/proto/bgp/packets.c b/proto/bgp/packets.c
index 78fdd1e0..c1bf76a3 100644
--- a/proto/bgp/packets.c
+++ b/proto/bgp/packets.c
@@ -891,10 +891,10 @@ bgp_rx_open(struct bgp_conn *conn, byte *pkt, uint len)
 #define WITHDRAW(msg, args...) \
   ({ REPORT(msg, ## args); s->err_withdraw = 1; return; })
 
-#define BAD_AFI		"Unexpected AF <%u/%u> in UPDATE"
-#define BAD_NEXT_HOP	"Invalid NEXT_HOP attribute"
-#define NO_NEXT_HOP	"Missing NEXT_HOP attribute"
-#define NO_LABEL_STACK	"Missing MPLS stack"
+#define BAD_AFI		"Unexpected AF <%u/%u> in UPDATE."
+#define BAD_NEXT_HOP	"Invalid NEXT_HOP attribute %I (%s)."
+#define NO_NEXT_HOP	"Missing NEXT_HOP attribute."
+#define NO_LABEL_STACK	"Missing MPLS stack."
 
 
 static void
@@ -914,7 +914,7 @@ bgp_apply_next_hop(struct bgp_parse_state *s, rta *a, ip_addr gw, ip_addr ll)
       nbr = neigh_find(&p->p, ll, p->neigh->iface, 0);
 
     if (!nbr || (nbr->scope == SCOPE_HOST))
-      WITHDRAW(BAD_NEXT_HOP);
+      WITHDRAW(BAD_NEXT_HOP, gw, "missing or local neighbor");
 
     a->dest = RTD_UNICAST;
     a->nh.gw = nbr->addr;
@@ -924,7 +924,7 @@ bgp_apply_next_hop(struct bgp_parse_state *s, rta *a, ip_addr gw, ip_addr ll)
   else /* GW_RECURSIVE */
   {
     if (ipa_zero(gw))
-      WITHDRAW(BAD_NEXT_HOP);
+      WITHDRAW(BAD_NEXT_HOP, gw, "zero address");
 
     rtable *tab = ipa_is_ip4(gw) ? c->igp_table_ip4 : c->igp_table_ip6;
     s->hostentry = rt_get_hostentry(tab, gw, ll, c->c.table);
@@ -1086,16 +1086,16 @@ bgp_update_next_hop_ip(struct bgp_export_state *s, eattr *a, ea_list **to)
 
   /* Forbid zero next hop */
   if (ipa_zero(nh[0]) && ((len != 32) || ipa_zero(nh[1])))
-    WITHDRAW(BAD_NEXT_HOP);
+    WITHDRAW(BAD_NEXT_HOP, nh[0], "zero address");
 
   /* Forbid next hop equal to neighbor IP */
   if (ipa_equal(peer, nh[0]) || ((len == 32) && ipa_equal(peer, nh[1])))
-    WITHDRAW(BAD_NEXT_HOP);
+    WITHDRAW(BAD_NEXT_HOP, nh[0], "equals neighbor address");
 
   /* Forbid next hop with non-matching AF */
   if ((ipa_is_ip4(nh[0]) != bgp_channel_is_ipv4(s->channel)) &&
       !s->channel->ext_next_hop)
-    WITHDRAW(BAD_NEXT_HOP);
+    WITHDRAW(BAD_NEXT_HOP, nh[0], "wrong address family");
 
   /* Just check if MPLS stack */
   if (s->mpls && !bgp_find_attr(*to, BA_MPLS_LABEL_STACK))
@@ -1170,7 +1170,7 @@ bgp_decode_next_hop_ip(struct bgp_parse_state *s, byte *data, uint len, rta *a)
     ad->length = 16;
 
   if ((bgp_channel_is_ipv4(c) != ipa_is_ip4(nh[0])) && !c->ext_next_hop)
-    WITHDRAW(BAD_NEXT_HOP);
+    WITHDRAW(BAD_NEXT_HOP, nh[0], "wrong address family");
 
   // XXXX validate next hop
 
@@ -1251,7 +1251,7 @@ bgp_decode_next_hop_vpn(struct bgp_parse_state *s, byte *data, uint len, rta *a)
     bgp_parse_error(s, 9);
 
   if ((bgp_channel_is_ipv4(c) != ipa_is_ip4(nh[0])) && !c->ext_next_hop)
-    WITHDRAW(BAD_NEXT_HOP);
+    WITHDRAW(BAD_NEXT_HOP, nh[0], "wrong address family");
 
   // XXXX validate next hop
 
diff --git a/proto/rpki/packets.c b/proto/rpki/packets.c
index dd11f997..7b19e5eb 100644
--- a/proto/rpki/packets.c
+++ b/proto/rpki/packets.c
@@ -827,6 +827,8 @@ rpki_handle_end_of_data_pdu(struct rpki_cache *cache, const struct pdu_end_of_da
   cache->last_update = current_time();
   cache->serial_num = pdu->serial_num;
   rpki_cache_change_state(cache, RPKI_CS_ESTABLISHED);
+
+  reload_all();
 }
 
 /**