feat: update cf.pub key and cache file path

The private key that encrypts the file in `https://rpki.cloudflare.com/rpki.json` is being rotated. In order to avoid any downtime, we created a second file with the new encryption key in `https://rpki.cloudflare.com/v2/rpki.json`. In this PR, we update the path for the cache file, so we use the newly encrypted v2/rpki.json, and also the new public key in cf.pub that matches it. The old file will also need to be updated so we can deprecate the old encryption keys. You need to download this new release to make sure your code does not break when the key is updated. Alternatively, you can continue to use the release you are using now and simply update cf.pub and pass the -cache flag with the correct url. DEADLINE: 18-03-2024 !!!!
cloudflare · Feb 29, 2024 · ec1486a · ec1486a
1 parent 9f01dca
commit ec1486a
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 3 deletions.
diff --git a/cmd/gortr/cf.pub b/cmd/gortr/cf.pub
@@ -1,4 +1,4 @@
 -----BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEyXAt9Sa+WVHxZqrYfdqcro8+D+Br
-JANBXv226o03qjt3yT7wWGeRYqNOliZ+KEyn09y0qJS0qs5YTHWzQKZnBg==
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEEvh5HhsIBgt8gOLbTHrDcDMB9Kk2
+LzxJj75hAr9FCjyCljETiw5ArYYmFvgM4htqAdvBf1IOFtPGKRP1bllg5A==
 -----END PUBLIC KEY-----
diff --git a/cmd/gortr/gortr.go b/cmd/gortr/gortr.go
@@ -82,7 +82,7 @@ var (
 	Verify    = flag.Bool("verify", true, "Check signature using provided public key (disable by passing -verify=false)")
 	PublicKey = flag.String("verify.key", "cf.pub", "Public key path (PEM file)")
 
-	CacheBin  = flag.String("cache", "https://rpki.cloudflare.com/rpki.json", "URL of the cached JSON data")
+	CacheBin  = flag.String("cache", "https://rpki.cloudflare.com/v2/rpki.json", "URL of the cached JSON data")
 	UseSerial = flag.String("useserial", "disable", "Use serial contained in file (disable, startup, full)")
 
 	Etag            = flag.Bool("etag", true, "Enable Etag header")