Installation

System Requirements

Routinator has minimal system requirements. When choosing a system, make sure you have 1GB of available memory and 4GB of disk space for the application. This will give you ample margin for the RPKI repositories to grow over time, as adoption increases. A powerful CPU is not required.

As new RPKI repositories can emerge in any IP address range and on any domain name, outbound traffic must not be blocked based on IP or DNS in any way. Routinator only needs to establish outbound connections via HTTPS and rsync, on ports 443 and 873, respectively.

Binary Packages

Getting started with Routinator is really easy by installing a binary package for either Debian and Ubuntu or for Red Hat Enterprise Linux (RHEL) and compatible systems such as Rocky Linux. Alternatively, you can run with Docker.

You can also build Routinator from the source code using Cargo, Rust’s build system and package manager. Cargo lets you to run Routinator on almost any operating system and CPU architecture. Refer to the Building From Source section to get started.

To install a Routinator package, you need the 64-bit version of one of these Debian versions:

  • Debian Bullseye 11

  • Debian Buster 10

  • Debian Stretch 9

Packages for the amd64/x86_64 architecture are available for all listed versions. In addition, we offer armhf architecture packages for Debian/Raspbian Bullseye, and arm64 for Buster.

First update the apt package index:

sudo apt update

Then install packages to allow apt to use a repository over HTTPS:

sudo apt install \
  ca-certificates \
  curl \
  gnupg \
  lsb-release

Add the GPG key from NLnet Labs:

curl -fsSL https://packages.nlnetlabs.nl/aptkey.asc | sudo gpg --dearmor -o /usr/share/keyrings/nlnetlabs-archive-keyring.gpg

Now, use the following command to set up the main repository:

echo \
"deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/nlnetlabs-archive-keyring.gpg] https://packages.nlnetlabs.nl/linux/debian \
$(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/nlnetlabs.list > /dev/null

Update the apt package index once more:

sudo apt update

You can now install Routinator with:

sudo apt install routinator

Before running Routinator for the first time, you must prepare the directory for the local RPKI cache, as well as the directory where the Trust Anchor Locator (TAL) files reside. After entering this command, follow the instructions provided about the ARIN TAL:

sudo routinator-init

To learn more about this process refer to the Initialisation section. After successful initialisation you can enable Routinator with:

sudo systemctl enable --now routinator

By default, Routinator will start the RTR server on port 3323 and the HTTP server on port 8323. These, and other values can be changed in the configuration file located in /etc/routinator/routinator.conf.

You can check the status of Routinator with:

sudo systemctl status routinator

You can view the logs with:

sudo journalctl --unit=routinator

New in version 0.9.0: RPM packages

New in version 0.11.0: Debian packages for armhf and arm64 architecture

New in version 0.11.2: Ubuntu packages for Jammy 22.04 (LTS)

Updating

To update an existing Routinator installation, first update the repository using:

sudo apt update

You can use this command to get an overview of the available versions:

sudo apt policy routinator

You can upgrade an existing Routinator installation to the latest version using:

sudo apt --only-upgrade install routinator

Installing Specific Versions

Before every new release of Routinator, one or more release candidates are provided for testing through every installation method. You can also install a specific version, if needed.

If you would like to try out release candidates of Routinator you can add the proposed repository to the existing main repository described earlier.

Assuming you already have followed the steps to install regular releases, run this command to add the additional repository:

echo \
"deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/nlnetlabs-archive-keyring.gpg] https://packages.nlnetlabs.nl/linux/debian \
$(lsb_release -cs)-proposed main" | sudo tee /etc/apt/sources.list.d/nlnetlabs-proposed.list > /dev/null

Make sure to update the apt package index:

sudo apt update

You can now use this command to get an overview of the available versions:

sudo apt policy routinator

You can install a specific version using <package name>=<version>, e.g.:

sudo apt install routinator=0.9.0~rc2-1buster