display rpki session

Function

The display rpki session command displays configurations about a Resource Public Key Infrastructure (RPKI) session.

Format

display rpki session

display rpki session [ vpn-instance vpn-instance-name ] { ipv4-address | ipv6-address } verbose

Parameters

Parameter	Description	Value
vpn-instance vpn-instance-name	Specifies the VPN instance to which an RPKI session belongs.	The value is a string of 1 to 31 case-sensitive characters, spaces not supported. In addition, the VPN instance name must not be _public_. When double quotation marks are used around the string, spaces are allowed in the string.
ipv4-address	Specifies the IPv4 address used by an RPKI session.	The value is in dotted decimal notation.
ipv6-address	Specifies the IPv6 address used by an RPKI session.	The value is a 32-digit hexadecimal number, in the format of X:X:X:X:X:X:X:X.
verbose	Displays detailed session information.	-

Views

All views

Default Level

1: Monitoring level

Task Name and Operations

Task Name	Operations
rpki	read

Usage Guidelines

Usage Scenario

To check configurations about an RPKI session, you can run the display rpki session command. The command output helps you locate the problem and determine whether the RPKI session is properly configured.

Example

The actual command output varies according to the device. The command output here is only an example.

# Display configurations about the RPKI session with the session address 10.1.1.1.

<HUAWEI> display rpki session 10.1.1.1 verbose
RPKI server is 10.1.1.1, port 8282
RPKI current state: Established, Age: 04s
VPN-instance name: _public_
Local host: 10.1.1.2, Local port: 51979
Remote host: 10.1.1.1, Remote port: 8282
SSL-Policy name: ssl1
Refresh time : 180
Aging time : 3600
Maximum allowed rpki limit: 3
Parameter:  idle-forever
Session ID : 23100
Serial number : 8
Session Statistics:
IPv4 record : 5
IPv6 record : 3

**Table 1** Description of the **display rpki session** command output
Item	Description
RPKI server is	IP address of an RPKI server.
RPKI current state	Status of the RPKI session: Established. Idle: not yet established.
port	Port number of a TCP connection.
VPN-instance name	VPN instance to which the RPKI session belongs.
Local host	Local IP address.
Local port	Local port number.
Remote host	IP address of the RPKI server.
Remote port	Port number of the RPKI server.
SSL-Policy name	SSL policy name.
Refresh time	Interval at which validation information is updated, in seconds.
Aging time	Aging time of validation information, in seconds.
Maximum allowed rpki limit	Maximum number of Route Origination Authorization (ROA) entries that the device is allowed to receive from the RPKI session.
Session ID	Session ID.
Session Statistics	Statistics about the RPKI session, including the number of IPv4 routes recorded in ROA and the number of IPv6 routes recorded in ROA.
Serial number	Sequence number of the RPKI session.
IPv4 record	IPv4 routes recorded in ROA.
IPv6 record	IPv6 routes recorded in ROA.
Age	Age timer of the RPKI session.
Parameter	Behavior of the system after the device receives more ROA entries from the RPKI session than the configured limit.