We are happy to announce the latest release of Routinator, version 0.7.1 ’Moonlight and Love Songs.’
Routinator is an RPKI relying party software that collects and validates statements in the Resource Public Key Infrastructure (RPKI) about allowed route origins and makes them available to the BGP workflow.
While this release is primarily a maintenance release, updating the versions of the libraries used, it brings one interesting change: The TALs included now contain HTTPS URIs for the trust anchor certificates of four of the five RIRs.
Originally, the trust anchor certificates – like everything else in RPKI – were downloaded using rsync. With RRDP now allowing to download RPKI data using HTTPS and option was added in RFC 8630 allow downloading the trust anchor certificates directly via HTTPS. Routinator is supported this since version 0.6 and now all four RIRs that support RRDP have also published their trust anchor certificate via HTTPS.
Consequently, we have updated the TALs that come with Routinator to include the HTTPS URIs for these locations. Starting with the release, Routinator will also prefer HTTPS URIs over rsync URIs unless the use of RRDP has been disabled.
Since Routinator uses the TALs stored on disk, you will need to re-install the set of TALs using the command routinator init -f in order for the new URIs to become effective.