Automatic pull of documentation from Wiki.

svn path=/trunk/; revision=6007

2 files changed, 78 insertions, 29 deletions

diff --git a/doc/doc.RPKI.Utils b/doc/doc.RPKI.Utils
index e6f89794..b9cd79b5 100644
--- a/doc/doc.RPKI.Utils
+++ b/doc/doc.RPKI.Utils
@@ -7,19 +7,19 @@ install".
 ***** uri *****
 
 uri is a utility program to extract URIs from the SIA, AIA, and CRLDP
-extensions of one or more X.509v3 certificates.
+extensions of one or more X.509v3 certificates, either specified directly or as
+CMS objects containing X.509v3 certificates within the CMS wrapper. Input files
+must be in DER format.
 
 Usage:
 
-  $ uri [-p | -d] cert [cert...]
+  $ uri [-h | --help] [-s | --single-line] cert [cert...]
 
--d Input is in DER format
+-h --help        show help
 
--p Input is in PEM format
+-s --single-line Single output line per input file
 
--s Single output line per input file
-
--v Verbose mode
+   cert          Object(s) to examine
 
 The rp/utils directory in the source tree also includes a few experimental AWK
 scripts to post-process the uri program's output in various ways.
@@ -30,54 +30,82 @@ hashdir copies an authenticated result tree from an rcynic run into the format
 expected by most OpenSSL-based programs: a collection of "PEM" format files
 with names in the form that OpenSSL's -CApath lookup routines expect. This can
 be useful for validating RPKI objects which are not distributed as part of the
-repository system.
+repository system. Input files must be in DER format.
 
 Usage:
 
-  $ hashdir input-directory output-directory
+  $ hashdir [-h | --help] [-v | --verbose] rcynic_directory output_directory
+
+-h --help           Show help
+
+-v --verbose        Whistle while you work
+
+   rcynic_directory rcynic authenticated output tree
+
+   output_directory Output directory to create
 
 ***** print_rpki_manifest *****
 
-print_rpki_manifest prettyprints the content of a manifest. It does NOT attempt
-to verify the signature. Usage:
+print_rpki_manifest pretty-prints the content of a manifest. It does NOT
+attempt to verify the signature. Input files must be in DER format.
+
+Usage:
+
+  $ print_rpki_manifest [-h | --help] [-c | --cms] manifest [manifest...]
+
+-h --help   Show help
 
-  $ print_rpki_manifest [-c] manifest [manifest...]
+-c --cms    Print text representation of entire CMS blob
 
--c Print text representation of entire CMS blob
+   manifest Manifest(s) to print
 
 ***** print_roa *****
 
-print_roa prettyprints the content of a ROA. It does NOT attempt to verify the
-signature.
+print_roa pretty-prints the content of a ROA. It does NOT attempt to verify the
+signature. Input files must be in DER format.
 
 Usage:
 
-  $ print_roa [-b] [-c] [-s] ROA [ROA...]
+  $ print_roa [-h | --help] [-b | --brief] [-c | --cms] [-s | --signing-time]
+  ROA [ROA...]
+
+-h --help         Show help
+
+-b --brief        Brief mode (only show ASN and prefix)
 
--b Brief mode (only show ASN and prefix)
+-c --cms          Print text representation of entire CMS blob
 
--c Print text representation of entire CMS blob
+-s --signing-time Show CMS signingTime
 
--s Show CMS signingTime
+   ROA            ROA object(s) to print
 
 ***** find_roa *****
 
 find_roa searches the authenticated result tree from an rcynic run for ROAs
-matching specified prefixes.
+matching specified prefixes. Input files must be in DER format.
 
 Usage:
 
-  $ find_roa authtree prefix [prefix...]
+  $ find_roa [-h | --help] [-a | --all]
+             [-m | --match-maxlength ] [-f | --show-filenames]
+             [-i | --show-inception]   [-e | --show-expiration]
+             authtree [prefix...]
 
-The find_roa directory also includes a script {{{test_roa.sh}, which uses
-hashdir, print_roa, find_roa, and the OpenSSL command line tool. find_roa
-builds a hashed directory, searches for ROAs matching specified prefixes,
-verifies the CMS signature and certificate path of each ROA found, and
-prettyprints each ROA that passes the checks.
+-h --help            Show help
 
-Usage:
+-a --all             Show all ROAs, do no prefix matching at all
+
+-e --show-expiration Show ROA chain expiration dates
+
+-f --show-filenames  Show filenames instead of URIs
 
-  $ test_roa.sh authtree prefix [prefix...]
+-i --show-inception  Show inception dates
+
+-m -match-maxlength  Pay attention to maxLength values
+
+   authtree          rcynic authenticated output tree
+
+   prefix            ROA prefix(es) to on which to match
 
 ***** scan_roas *****
 
@@ -90,4 +118,25 @@ validated ROA payload after an rcynic validation run.
 
 Usage:
 
-  $ scan_roas authtree
+  $ scan_roas [-h | --help] rcynic_dir [rcynic_dir...]
+
+-h --help     Show help
+
+   rcynic_dir rcynic authenticated output tree
+
+***** scan_routercerts *****
+
+scan_routercerts searchs the authenticated result tree from an rcynic run for
+BGPSEC router certificates, and prints out data of interest to the rpki-rtr
+code.
+
+Other programs such as the rpki-rtr client use scan_routercerts to extract the
+validated ROA payload after an rcynic validation run.
+
+Usage:
+
+  $ scan_routercerts [-h | --help] rcynic_dir [rcynic_dir...]
+
+-h --help     Show help
+
+   rcynic_dir rcynic authenticated output tree
diff --git a/doc/manual.pdf b/doc/manual.pdf
index 2cc41a1b..7da7fd39 100644
--- a/doc/manual.pdf
+++ b/doc/manual.pdf