blob: f9123a4e7a1c874471464509286b9df200c5506d (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
|
.\"
.\" This file is part of RTRlib.
.\"
.\" This file is subject to the terms and conditions of the MIT license.
.\" See the file LICENSE in the top level directory for more details.
.\"
.\" Website: http://rtrlib.realmv6.org/
.\"
.TH "rtrclient" "1"
.SH NAME
rtrclient \- rtr rpki client
.SH SYNOPSIS
.B rtrclient
[\fB\-kph\fR]
.I SOCKETS\fR...
.SH SOCKETS
.B tcp
[\fB\-kpb \fIbindaddr\fR]
.IR HOST
.IR PORT
.br
.B ssh
[\fB\-kpb \fIbindaddr\fR]
.IR HOST
.IR PORT
.IR USERNAME
(\fIPRIVATE_KEY\fR|\fIPASSWORD\fR)
[\fIHOST_KEY\fR]
.SH DESCRIPTION
\fBrtrclient\fR connects to an RPKI/RTR cache server and prints prefix, origin AS, and router key updates.
\fBrtrclient\fR can use plain tcp or ssh transport to connect to an RPKI/RTR cache server.
The amount is not limited and different transport types can be mixed arbitrarily.
.LP
For \fBtcp\fR you must specify the \fIHOST\fR and \fIPORT\fR.
.LP
For \fBssh\fR you must specify the \fIHOST\fR, \fIPORT\fR, \fIUSERNAME\fR and a file containing the \fIPRIVATE_KEY\fR or a \fIPASSWORD\fR.
By default the rtrclient will try to guess which of the two was entered. If you want to explicitly specify this see \fB-w\fR and \fB-s\fR.
You may specify a file containing a list of \fIHOST_KEY\fRs, in the well known
.B SSH_KNOWN_HOSTS
file format. See \fIsshd(8)\fR for details.
.SH OPTIONS
\fB-b \fIbindaddr\fR
.RS 4
Set explicit bind address
.RE
.B -h
.RS 4
Print help message
.RE
\fB-k\fR
.RS 4
Print information about router key updates
.RE
\fB-p\fR
.RS 4
Print information about prefix and origin AS updates
.RE
\fB-s\fR
.RS 4
Print information about connection status updates
.RE
\fB-e\fR
.RS 4
Export ROAs after completing synchronisation and exit
.RE
\fB-t\fR
.RS 4
Select template for pfx export. May be a build in template (see \fB-l\fR) or a file path to a custom template (see \fBTEMPLATES\fR)
.RE
\fB-l\fR
.RS 4
Print available templates and exit. Prints specified templated, when used with -t.
.RE
\fB-o\fR
.RS 4
Output file for export
.RE
\fB-w\fR
.RS 4
force ssh authentication information to be interpreted as a password
.RE
\fB-s\fR
.RS 4
force ssh authentication information to be interpreted as a private key
.SH TEMPLATES
Templates can be used to export ROA information in a custom format. They are written in the \fBmustache\fR(\fIhttps://mustache.github.io/\fR) templating language.
A template should contain a section called \fBroas\fR which may contain the variables \fBprefix\fR, \fBlength\fR, \fBmaxlen\fR and \fBorigin\fR.
The content of this section is expanded for every entry in the ROA table. The special variable \fBlast\fR is true for the last entry of the prefix table. See the json template for a usage example.
.SH EXAMPLES
Print prefix and origin AS updates from a tcp based server
.PP
.nf
.RS
rtrclient tcp -k rpki.example.com 323
.RE
.fi
.PP
Print prefix and router key updates from a ssh based server
.PP
.nf
.RS
rtrclient ssh -k -p rpki.example.com 22 rtr-ssh ~/.ssh/id_rsa ~/.ssh/known_hosts
.RE
.fi
.PP
Use multiple rtr server, print prefix updates for some
.PP
.nf
.RS
rtrclient tcp -p rpki.example.com 323 tcp rpki2.example.com 323 ssh -p rpki.example.com 22 rtr-ssh ~/.ssh/id_rsa
|