diff --git a/Cargo.toml b/Cargo.toml
index 21671a7..014bc21 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -10,6 +10,7 @@ edition = "2021"
 default = [ "client", "reload", "info", "authorized" ]
 reload = []
 authorized =[ "dep:jwt-compact" ]
+index = []
 info = [ "axum/json", "ssh-key/serde" ]
 client = [ "dep:url", "dep:reqwest" ]
 
diff --git a/src/api.rs b/src/api.rs
index 4141780..517ac3a 100644
--- a/src/api.rs
+++ b/src/api.rs
@@ -132,7 +132,7 @@ pub async fn run(
                         .into_iter()
                         .map(|cert| (cert.key_id().to_string(), cert))
                         .collect();
-                    debug!("reloaded certs");
+                    trace!("reloaded certs");
                 }
             }
         });
@@ -142,7 +142,10 @@ pub async fn run(
         .typed_get(get_certs_identifier)
         .typed_put(put_cert_update)
         .typed_get(get_cert_info)
-        .typed_post(post_certs_identifier)
+        .typed_post(post_certs_identifier);
+    #[cfg(feature = "index")]
+    let app = app.typed_get(list_certs);
+    let app = app
         .fallback(fallback_404)
         .layer(ServiceBuilder::new().map_request_body(body::boxed))
         .layer(TraceLayer::new_for_http())
@@ -199,6 +202,25 @@ async fn fallback_404() -> ApiResult<()> {
     Err(ApiError::CertificateNotFound)
 }
 
+#[derive(TypedPath, Deserialize)]
+#[typed_path("/certs")]
+pub struct CertList;
+
+async fn list_certs(
+    _: CertList,
+    State(ApiState { certs, .. }): State<ApiState>,
+) -> ApiResult<Json<Vec<String>>> {
+    Ok(Json(
+        certs
+            .lock()
+            .await
+            .values()
+            .into_iter()
+            .map(|cert| cert.key_id().to_string())
+            .collect(),
+    ))
+}
+
 #[derive(Debug, Serialize, Deserialize)]
 #[serde(tag = "aud", rename = "get")]
 struct AuthClaims {
@@ -390,8 +412,6 @@ async fn put_cert_update(
 mod tests {
     use std::env::temp_dir;
 
-    
-
     use super::*;
 
     fn ca_key() -> Ed25519Keypair {