...
- valid - database has a record and origin AS is valid.
- invalid - database has a record and origin AS is invalid.
- unknown - database does not have information of prefix and origin AS.
- unverified - set when none of the RPKI sessions of the RPKI group has synced database. This value can be used to handle total failure of the RPKI.
| Code Block | ||
|---|---|---|
| ||
/routing/filter/rule
add chain=bgp_in rule="rpki-verify myRpkiGroup"
add chain=bgp_in rule="if (rpki invalid) { reject } else { accept }" |
...