Provided by: ldnsutils_1.7.0-3ubuntu8_amd64
ldns-keyfetcher - retrieve the DNSSEC DNSKEYs for a zone
ldns-keyfetcher [ OPTIONS ] DOMAIN
ldns-keyfetcher is used to retrieve the DNSKEYs of a zone. First it finds all authoritative nameservers of the zone by tracing it from the root down. All authoritative nameservers are then queried (using TCP) for the DNSKEY RRset of the zone apex. If the results are all the same, the key resource record set is printed.
-4 Only use IPv4 -6 Only use IPv6 -h Show a help text and exit -i Insecurer mode; there will only be one query for the DNSKEYS. There will not be crosschecking of all authoritative nameservers. -v verbosity Set the verbosity level. The following levels are available: 0: default, only print the DNSKEY RRset found, or an error on failure. 1: Show the nameservers that are queried 2: Show more info on what is checked 3: Show the intermediate results (authority and dnskey rrsets) 4: Print the answer packets that are returned -r file Use file as the root hints file, should contain A records in presentation format. The default is /etc/named.root. You can get this file from http://www.internic.net/zones/named.root. -s Don't print the keys to stdout, but store them in files. The filenames will be of the format K<file>.+<alg>.+<keytag>.key
Written by Jelte Jansen for NLnet Labs.
Report bugs to <email@example.com>.
Copyright (C) 2006 NLnet Labs. This is free software. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. 4 Apr 2006 ldns-keyfetcher(1)