1.2 KiB
Input Tree Requirements
The input tree is not part of this package. The caller must prepare it before running replay.
Mirror root
The mirror root must map rsync URIs to local paths:
rsync://rpki.example.net/repo/a/b/c.roa
=> <mirror-root>/rpki.example.net/repo/a/b/c.roa
The tree must contain all objects needed by the selected TALs: TA certificates, manifests, CRLs, ROAs, ASPAs, router certs, and child CA certificates.
Both Routinator and rpki-client scripts consume this same mirror root through a local rsync command wrapper.
rpki-client working cache
For rpki-client replay, --cache-dir is only rpki-client's working cache
directory for this local run. It is not the input dataset. The authoritative
input is --mirror-root.
TALs
Provide either --tal-dir <dir> or repeated --tal <file>.
The scripts prepare a replay-local TAL copy that prefers rsync:// TA
certificate URIs. This prevents a TAL with an HTTPS URI listed first from
escaping to the network during local replay. The TAL set should match the local
tree. Mixing a tree from one run with different TALs may produce meaningless
differences.
No generation
This package does not generate the tree and does not repair missing objects.