5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland<html>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland<head>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland<title>dnssec-settime</title>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland<meta name="generator" content="DocBook XSL Stylesheets V1.71.1">

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland<link rel="start" href="Bv9ARM.html" title="BIND 9 Administrator Reference Manual">

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland<link rel="up" href="Bv9ARM.ch10.html" title="Manual pages">

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland<link rel="prev" href="man.dnssec-revoke.html" title="dnssec-revoke">

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland<link rel="next" href="man.dnssec-signzone.html" title="dnssec-signzone">

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland</head>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland<div class="navheader">

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland<table width="100%" summary="Navigation header">

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland<tr><th colspan="3" align="center"><span class="application">dnssec-settime</span></th></tr>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland<tr>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland<td width="20%" align="left">

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland<a accesskey="p" href="man.dnssec-revoke.html">Prev</a>�</td>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland<th width="60%" align="center">Manual pages</th>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland<td width="20%" align="right">�<a accesskey="n" href="man.dnssec-signzone.html">Next</a>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland</td>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland</tr>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland</table>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland<hr>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland</div>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland<div class="refentry" lang="en">

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland<a name="man.dnssec-settime"></a><div class="titlepage"></div>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland<div class="refnamediv">

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland<h2>Name</h2>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland<p><span class="application">dnssec-settime</span> &#8212; Set the key timing metadata for a DNSSEC key</p>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland</div>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland<div class="refsynopsisdiv">

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland<h2>Synopsis</h2>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland<div class="cmdsynopsis"><p><code class="command">dnssec-settime</code> [<code class="option">-f</code>] [<code class="option">-K <em class="replaceable"><code>directory</code></em></code>] [<code class="option">-L <em class="replaceable"><code>ttl</code></em></code>] [<code class="option">-P <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-A <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-R <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-I <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-D <em class="replaceable"><code>date/offset</code></em></code>] [<code class="option">-h</code>] [<code class="option">-v <em class="replaceable"><code>level</code></em></code>] [<code class="option">-E <em class="replaceable"><code>engine</code></em></code>] {keyfile}</p></div>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland</div>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland<div class="refsect1" lang="en">

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland<a name="id2625411"></a><h2>DESCRIPTION</h2>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland<p><span><strong class="command">dnssec-settime</strong></span>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland reads a DNSSEC private key file and sets the key timing metadata

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland as specified by the <code class="option">-P</code>, <code class="option">-A</code>,

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland <code class="option">-R</code>, <code class="option">-I</code>, and <code class="option">-D</code>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland options. The metadata can then be used by

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland <span><strong class="command">dnssec-signzone</strong></span> or other signing software to

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland determine when a key is to be published, whether it should be

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland used for signing a zone, etc.

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland </p>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland<p>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland If none of these options is set on the command line,

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland then <span><strong class="command">dnssec-settime</strong></span> simply prints the key timing

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland metadata already stored in the key.

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland </p>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland<p>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland When key metadata fields are changed, both files of a key

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland pair (<code class="filename">Knnnn.+aaa+iiiii.key</code> and

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland <code class="filename">Knnnn.+aaa+iiiii.private</code>) are regenerated.

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland Metadata fields are stored in the private file. A human-readable

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland description of the metadata is also placed in comments in the key

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland file. The private file's permissions are always set to be

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland inaccessible to anyone other than the owner (mode 0600).

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland </p>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland</div>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland<div class="refsect1" lang="en">

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland<a name="id2625469"></a><h2>OPTIONS</h2>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland<div class="variablelist"><dl>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland<dt><span class="term">-f</span></dt>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland<dd><p>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland Force an update of an old-format key with no metadata fields.

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland Without this option, <span><strong class="command">dnssec-settime</strong></span> will

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland fail when attempting to update a legacy key. With this option,

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland the key will be recreated in the new format, but with the

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland original key data retained. The key's creation date will be

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland set to the present time. If no other values are specified,

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland then the key's publication and activation dates will also

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland be set to the present time.

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland </p></dd>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland<dt><span class="term">-K <em class="replaceable"><code>directory</code></em></span></dt>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland<dd><p>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland Sets the directory in which the key files are to reside.

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland </p></dd>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland<dt><span class="term">-L <em class="replaceable"><code>ttl</code></em></span></dt>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland<dd><p>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland Sets the default TTL to use for this key when it is converted

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland into a DNSKEY RR. If the key is imported into a zone,

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland this is the TTL that will be used for it, unless there was

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland already a DNSKEY RRset in place, in which case the existing TTL

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland would take precedence. Setting the default TTL to

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland <code class="literal">0</code> or <code class="literal">none</code> removes it.

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland </p></dd>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland<dt><span class="term">-h</span></dt>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland<dd><p>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland Emit usage message and exit.

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland </p></dd>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland<dt><span class="term">-v <em class="replaceable"><code>level</code></em></span></dt>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland<dd><p>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland Sets the debugging level.

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland </p></dd>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland<dt><span class="term">-E <em class="replaceable"><code>engine</code></em></span></dt>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland<dd>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland<p>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland Specifies the cryptographic hardware to use, when applicable.

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland </p>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland<p>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland When BIND is built with OpenSSL PKCS#11 support, this defaults

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland to the string "pkcs11", which identifies an OpenSSL engine

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland that can drive a cryptographic accelerator or hardware service

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland module. When BIND is built with native PKCS#11 cryptography

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland (--enable-native-pkcs11), it defaults to the path of the PKCS#11

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland provider library specified via "--with-pkcs11".

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland </p>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland</dd>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland</dl></div>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland</div>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland<div class="refsect1" lang="en">

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland<a name="id2616788"></a><h2>TIMING OPTIONS</h2>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland<p>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland Dates can be expressed in the format YYYYMMDD or YYYYMMDDHHMMSS.

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland If the argument begins with a '+' or '-', it is interpreted as

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland an offset from the present time. For convenience, if such an offset

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland is followed by one of the suffixes 'y', 'mo', 'w', 'd', 'h', or 'mi',

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland then the offset is computed in years (defined as 365 24-hour days,

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland ignoring leap years), months (defined as 30 24-hour days), weeks,

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland days, hours, or minutes, respectively. Without a suffix, the offset

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland is computed in seconds. To unset a date, use 'none' or 'never'.

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland </p>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland<div class="variablelist"><dl>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland<dt><span class="term">-P <em class="replaceable"><code>date/offset</code></em></span></dt>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland<dd><p>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland Sets the date on which a key is to be published to the zone.

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland After that date, the key will be included in the zone but will

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland not be used to sign it.

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland </p></dd>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland<dt><span class="term">-A <em class="replaceable"><code>date/offset</code></em></span></dt>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland<dd><p>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland Sets the date on which the key is to be activated. After that

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland date, the key will be included in the zone and used to sign

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland it.

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland </p></dd>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland<dt><span class="term">-R <em class="replaceable"><code>date/offset</code></em></span></dt>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland<dd><p>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland Sets the date on which the key is to be revoked. After that

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland date, the key will be flagged as revoked. It will be included

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland in the zone and will be used to sign it.

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland </p></dd>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland<dt><span class="term">-I <em class="replaceable"><code>date/offset</code></em></span></dt>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland<dd><p>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland Sets the date on which the key is to be retired. After that

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland date, the key will still be included in the zone, but it

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland will not be used to sign it.

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland </p></dd>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland<dt><span class="term">-D <em class="replaceable"><code>date/offset</code></em></span></dt>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland<dd><p>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland Sets the date on which the key is to be deleted. After that

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland date, the key will no longer be included in the zone. (It

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland may remain in the key repository, however.)

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland </p></dd>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland<dt><span class="term">-S <em class="replaceable"><code>predecessor key</code></em></span></dt>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland<dd><p>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland Select a key for which the key being modified will be an

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland explicit successor. The name, algorithm, size, and type of the

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland predecessor key must exactly match those of the key being

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland modified. The activation date of the successor key will be set

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland to the inactivation date of the predecessor. The publication

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland date will be set to the activation date minus the prepublication

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland interval, which defaults to 30 days.

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland </p></dd>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland<dt><span class="term">-i <em class="replaceable"><code>interval</code></em></span></dt>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland<dd>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland<p>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland Sets the prepublication interval for a key. If set, then

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland the publication and activation dates must be separated by at least

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland this much time. If the activation date is specified but the

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland publication date isn't, then the publication date will default

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland to this much time before the activation date; conversely, if

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland the publication date is specified but activation date isn't,

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland then activation will be set to this much time after publication.

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland </p>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland<p>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland If the key is being set to be an explicit successor to another

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland key, then the default prepublication interval is 30 days;

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland otherwise it is zero.

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland </p>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland<p>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland As with date offsets, if the argument is followed by one of

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland the suffixes 'y', 'mo', 'w', 'd', 'h', or 'mi', then the

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland interval is measured in years, months, weeks, days, hours,

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland or minutes, respectively. Without a suffix, the interval is

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland measured in seconds.

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland </p>

5c51f1241dbbdf2656d0e10011981411ed0c9673Moriah Waterland</dd>

</dl></div>

</div>

<div class="refsect1" lang="en">

<a name="id2635563"></a><h2>PRINTING OPTIONS</h2>

<p>

<span><strong class="command">dnssec-settime</strong></span> can also be used to print the

timing metadata associated with a key.

</p>

<div class="variablelist"><dl>

<dt><span class="term">-u</span></dt>

<dd><p>

Print times in UNIX epoch format.

</p></dd>

<dt><span class="term">-p <em class="replaceable"><code>C/P/A/R/I/D/all</code></em></span></dt>

<dd><p>

Print a specific metadata value or set of metadata values.

The <code class="option">-p</code> option may be followed by one or more

of the following letters to indicate which value or values to print:

<code class="option">C</code> for the creation date,

<code class="option">P</code> for the publication date,

<code class="option">A</code> for the activation date,

<code class="option">R</code> for the revocation date,

<code class="option">I</code> for the inactivation date, or

<code class="option">D</code> for the deletion date.

To print all of the metadata, use <code class="option">-p all</code>.

</p></dd>

</dl></div>

</div>

<div class="refsect1" lang="en">

<a name="id2635643"></a><h2>SEE ALSO</h2>

<p><span class="citerefentry"><span class="refentrytitle">dnssec-keygen</span>(8)</span>,

<span class="citerefentry"><span class="refentrytitle">dnssec-signzone</span>(8)</span>,

<em class="citetitle">BIND 9 Administrator Reference Manual</em>,

<em class="citetitle">RFC 5011</em>.

</p>

</div>

<div class="refsect1" lang="en">

<a name="id2635676"></a><h2>AUTHOR</h2>

<p><span class="corpauthor">Internet Systems Consortium</span>

</p>

</div>

</div>

<div class="navfooter">

<hr>

<table width="100%" summary="Navigation footer">

<tr>

<td width="40%" align="left">

<a accesskey="p" href="man.dnssec-revoke.html">Prev</a>�</td>

<td width="20%" align="center"><a accesskey="u" href="Bv9ARM.ch10.html">Up</a></td>

<td width="40%" align="right">�<a accesskey="n" href="man.dnssec-signzone.html">Next</a>

</td>

</tr>

<tr>

<td width="40%" align="left" valign="top">

<span class="application">dnssec-revoke</span>�</td>

<td width="20%" align="center"><a accesskey="h" href="Bv9ARM.html">Home</a></td>

<td width="40%" align="right" valign="top">�<span class="application">dnssec-signzone</span>

</td>

</tr>

</table>

</div>

</body>

</html>