Testing RFC 5011 key roll

Edward Lewis edward.lewis at icann.org
Tue Apr 21 13:55:50 UTC 2015 

On 4/21/15, 9:45, "Tony Finch" <dot at dotat.at> wrote:
>rndc secroots
>
>You can also look in the .mkeys file.

I tried secroots with my set up, I got nothing despite the mkeys file.
(Kind of asking - does that work?):

(I had my rndc port bumped out of sudo-land, so it's overridden:)

$ rndc -p 1953 -c rndc.conf secroots

$ 

$ cat 
21ce078705d04ca6324c1d0313fc08ea99f3cef6389a6744d40bd2d9d0cd7816.mkeys
$ORIGIN .
$TTL 0	; 0 seconds
@			IN SOA	. . (
				879        ; serial
				0          ; refresh (0 seconds)
				0          ; retry (0 seconds)
				0          ; expire (0 seconds)
				0          ; minimum (0 seconds)
				)
			KEYDATA	20150421135415 20150421125042 19700101000000 257 3 8 (
				AwEAAb7pfymUZ3LzR7ldtJ5fvgxxu/Y4I7QtBmlqlhJS
				Je6Ugw+/72eYAnLYh7xHaNkAzjP6oi1rxOL0s9wj7TVU
				+r9bK+KuzOvZfKzNS+ywTdZ0QXSJSJNTLJfgaMMvnyp/
				K2LajQ4wNV1UblSqPPs9FdCXqVbxKF7i4j6h6QO61xkf
				s2LSkiPu+TCK05fizdfuDIit8KlQr6sgV1jiBrXm4kmY
				5o9txePRz8oy/C4+6IDVtA1zSlDTvsbwYk1KjHa9CXcA
				7BkuYaBlxB4zgBF/koaX55IdhbKKkwsN8qJhPanu72zq
				2933IF96RtikjvX/ugC7VBvNlGgy5dQrvKu/G7M=
				) ; KSK; alg = RSASHA256; key id = 26512
				; next refresh: Tue, 21 Apr 2015 13:54:15 GMT
				; trusted since: Tue, 21 Apr 2015 12:50:42 GMT
			KEYDATA	20150421135415 20150421135145 19700101000000 257 3 8 (
				AwEAAeHrxs5uJwldPTjAplgBzGRptPYrFgNFoPZDyrEa
				CAuNckUuHkQIMr5Pkv/XONS2CLcLmq5HtvLPzevkAjWv
				wIMhYn0nE4fTTl8diTnOFKLEcPBs/jAqKU5n/ZV5ZXiP
				NCUgg3qvXetntojb+JesE9fdYgUlWrgIUjx9y17Fhb+J
				lP56kqhxER2L0AUEFTH+x/Jxkzea6E8FFkYGUJ+tzEt0
				S+ESRaDTNmdKgqe9GAi6ID3GRYgsn9cgNIOmBYHrzhQv
				R5XaTK37nUlVMKjyQxu2Lq+lhIu9348aSt+g42QJxJ1s
				VTRPVPEVQt1s71SHuWTd/OBCz5f8fZqQrG0mA9E=
				) ; KSK; alg = RSASHA256; key id = 8869
				; next refresh: Tue, 21 Apr 2015 13:54:15 GMT
				; trusted since: Tue, 21 Apr 2015 13:51:45 GMT
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4604 bytes
Desc: not available
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20150421/ecafc86a/attachment.bin>

More information about the bind-users mailing list