feat: update cf.pub key and cache file path

talves · talves · commit ec1486a6ebc4 · 2024-02-29T11:13:18.000Z
The private key that encrypts the file in `https://rpki.cloudflare.com/rpki.json` is being rotated. In order to avoid any downtime, we created a second file with the new encryption key in `https://rpki.cloudflare.com/v2/rpki.json`. In this PR, we update the path for the cache file, so we use the newly encrypted v2/rpki.json, and also the new public key in cf.pub that matches it. The old file will also need to be updated so we can deprecate the old encryption keys. You need to download this new release to make sure your code does not break when the key is updated. Alternatively, you can continue to use the release you are using now and simply update cf.pub and pass the -cache flag with the correct url. DEADLINE: 18-03-2024 !!!!
diff --git a/cmd/gortr/cf.pub b/cmd/gortr/cf.pub
@@ -1,4 +1,4 @@
 -----BEGIN PUBLIC KEY-----
-MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEyXAt9Sa+WVHxZqrYfdqcro8+D+Br
-JANBXv226o03qjt3yT7wWGeRYqNOliZ+KEyn09y0qJS0qs5YTHWzQKZnBg==
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEEvh5HhsIBgt8gOLbTHrDcDMB9Kk2
+LzxJj75hAr9FCjyCljETiw5ArYYmFvgM4htqAdvBf1IOFtPGKRP1bllg5A==
 -----END PUBLIC KEY-----
diff --git a/cmd/gortr/gortr.go b/cmd/gortr/gortr.go
@@ -82,7 +82,7 @@ var (
 	Verify    = flag.Bool("verify", true, "Check signature using provided public key (disable by passing -verify=false)")
 	PublicKey = flag.String("verify.key", "cf.pub", "Public key path (PEM file)")
 
-	CacheBin  = flag.String("cache", "https://rpki.cloudflare.com/rpki.json", "URL of the cached JSON data")
+	CacheBin  = flag.String("cache", "https://rpki.cloudflare.com/v2/rpki.json", "URL of the cached JSON data")
 	UseSerial = flag.String("useserial", "disable", "Use serial contained in file (disable, startup, full)")
 
 	Etag            = flag.Bool("etag", true, "Enable Etag header")
