Routinator 3000 and the RPKI project

[Alex Band <alex () nlnetlabs nl>]

Hello all!

Several months ago NLnet Labs committed to building a free open source RPKI toolset to help making BGP routing more 
secure. This project includes a Certificate Authority, allowing you to run a Delegated CA on your own systems as a 
child of one or more RIRs, a Publication Server that lets you publish RPKI material or let a third party do it on your 
behalf and lastly Relying Party software, in order to validate RPKI data and feed it to your routers.

I want to give you a little update on where we are now. Since kicking off this project, RIPE NCC and NIC.br have 
graciously committed to funding these efforts, ensuring we can dedicate full time resources on this in the coming 
years. 

In the mean time, we’ve released (and then fixed :cough:) the first version of our Relying Party software. It’s 
designed to be super lean (as in, runs fine on a Pi Zero) and implements the basic set of functionality: fetching and 
validating RPKI data and exposing route origin attestations both as output (CSV, JSON, RPSL) and to routers via the 
RPKI-RTR protocol. 

We’re very much looking forward to your operational feedback, to ensure this package runs well in a wide variety of 
environments. Going forward, we’ll be focussing on monitoring for the next release.

You can find the source code and further details on Github:
https://github.com/NLnetLabs/routinator

Cheers,

Alex Band
NLnet Labs