Man page - krillta(1)

Packages contas this manual

Manual

KRILLTA(1) Krill KRILLTA(1)

krillta - Krill Trust Anchor




krillta SUBCOMMAND [options]

The krillta tool is used for managing a Krill based RPKI Trust Anchor.


Manage the Trust Anchor Proxy


Initialise the proxy


Get the proxy ID certificate details


Manage the repository for proxy


Get RFC 8183 publisher request


Show the configured repository for the proxy


Configure (add) the repository for the proxy

OPTIONS


Path to the Publisher Response XML file






Manage interactions with the associated signer


Initialise signer association

OPTIONS


Path to the the Trust Anchor Signer info file (as 'signer show')




Update signer association

OPTIONS


Path to the the Trust Anchor Signer info file (as 'signer show')




Make a NEW request for the signer (fails if a request exists)

show-request

Show existing request for the signer (fails if there is no request)

process-response

Process a response from the signer. Fails it not for the open request

OPTIONS


Path to the the Trust Anchor Signer info file (as 'signer show')






Manage children under the TA proxy


Add a child

OPTIONS


Path to the child info JSON (from krillc show)


The ASN resources for the child

-4 <IPV4>, --ipv4=<IPV4>

The IPv4 resources for the child

-6 <IPV6>, --ipv6=<IPV6>

The IPv6 resources for the child




Get parent response for child

OPTIONS


Name of the child CA







OPTIONS


The full URI to the Krill server


The secret token for the Krill server


Report format


Only show the API call and exit




Manage the Trust Anchor Signer


Initialise the signer

OPTIONS


Path to the proxy ID JSON file


Path to the proxy repository contact JSON file


The rsync URI used for TA certificate on TAL and AIA


The HTTPS URI used for the TAL


Import an existing private key in PEM format


Set the initial manifest number




Reissue the TA certificate

OPTIONS


Path to the proxy ID JSON file


Path to the proxy repository contact JSON file


The rsync URI used for TA certificate on TAL and AIA


The HTTPS URI used for the TAL




Show the signer info


Process a proxy request

OPTIONS


Path to TA proxy request JSON file


Override the next manifest number




Show last response


Show full history of proxy signer exchanges



OPTIONS


krill(1), krill.conf(5), krillc(1), krillup(1)

NLnet Labs

2018–2026, NLnet Labs

March 3, 2026 0.16.0