...
RouterOS implements the Resource Public Key Infrastructure (RPKI) to Router Protocol defined in RFC8210. RTR is a very lightweight low memory footprint protocol, to reliably get prefix validation data from RPKI validators.
More information on RPKI and how to set up validators can be found in the APNIC RIPE blog:
https://blog.apnic.net/20222019/0410/0628/how-to-installing-an-rpki-validator-2/
Basic Example
Let's consider that we have our own RTR server on our network with IP address 192.168.1.1:
...
Property | Description |
---|---|
address (IPv4/6) mandatory | Address of the RTR server |
disabled(yes | no; Default: no) | Whether the item is ignored. |
expire-interval (integer [600..172800]; Default: 7200) | Time interval [s] polled data is considered valid in the absence of a valid subsequent update from the validator. |
group (string) mandatory | Name of the group a database is assigned to. |
port (integer [0..65535]; Default: 323) | Connection port number |
preference (integer [0..4294967295]; Default: 0) | If there are multiple RTR sources, the preference number indicates a more preferred one. A lesser number higher number is preferred. If preference is not configured then lowest remote IP within a group is preferred, if IPs are equal then lowest remote port is preferred. |
refresh-interval (integer [1..86400]; Default: 3600) | Time interval [s] to poll the newest data from the validator. |
retry-interval (integer [1..7200]; Default: 600) | Time Interval [s] to retry after the failed data poll from the validator. |
vrf(name; Default: main) | Name of the VRF table used to bind the connection to. |
...