diff --git a/dnssec_generate.py b/dnssec_generate.py
index 2bb064d..663a050 100755
--- a/dnssec_generate.py
+++ b/dnssec_generate.py
@@ -16,17 +16,19 @@ except:
 if __name__ == '__main__':
     ds_records = {}
     for zone in zones:
-        ds = subprocess.check_output(['drill', '-s', '@localhost', '-t', 'DNSKEY', zone]).decode('utf-8')
+        cds = subprocess.check_output(['knotc', 'zone-read', zone, '@', 'CDS'])[:-1].decode('utf-8')
+        ds = {}
         try:
-            m = re.search(r'id = (\d+) \(ksk\)', ds)
-            tag = m.group(1)
-            ds = ds.split('\n')
-            ds = ds[ds.index('; equivalent DS records for key ' + tag + ':')+2].split('\t')
+            cds = cds.split(' ')
+            ds['subzone'] = cds[1]
+            ds['id'] = cds[4]
+            ds['algo'] = cds[5]
+            ds['type'] = cds[6]
+            ds['fp'] = cds[7]
         except:
             print('Unable to find ksk for', zone)
             continue
-        ds[0] = ds[0][ds[0][2:].index(' ')+3:]
-        ds[-1:] = ds[-1].split(' ')
-        ds_records[zone] = {'subzone': ds[0], 'ttl': ds[1], 'id': ds[4], 'algo': ds[5], 'type': ds[6], 'fp': ds[7]}
+        ds['ttl'] = 172800
+        ds_records[zone] = ds
     with open('dnssec.json', 'w') as dnssec:
         json.dump(ds_records, dnssec)