BGP Security and PKI Hierarchies (was: Re: Wifi Security)

Otherwise, you have to be storing a plethora of

different signers' certificates to be able to validate all the
institution's certificates that come in.

you need those certs to verify the live data anyway

Yes, the reason why you want to validate the institution's certificates
is so you can verify the data signed with that cert (signed with the private
key associated with the public key in the cert, to be explicit).