junos rpki config

A. JunOS:
---------------------------------------------------------------------------------------------------------

1. Establish session with RPKI Validator

	set routing-options validation group RPKI session 202.125.96.46 refresh-time 120
	set routing-options validation group RPKI session 202.125.96.46 hold-time 180
	set routing-options validation group RPKI session 202.125.96.46 port 8282
	set routing-options validation group RPKI session 202.125.96.46 local-address 202.125.96.254

2. Configure policy to tag ROA

	set policy-options policy-statement ROUTE-VALIDATION term valid from protocol bgp
	set policy-options policy-statement ROUTE-VALIDATION term valid from validation-database valid
	set policy-options policy-statement ROUTE-VALIDATION term valid then local-preference 110
	set policy-options policy-statement ROUTE-VALIDATION term valid then validation-state valid
	set policy-options policy-statement ROUTE-VALIDATION term valid then accept

	set policy-options policy-statement ROUTE-VALIDATION term invalid from protocol bgp
	set policy-options policy-statement ROUTE-VALIDATION term invalid from validation-database invalid
	set policy-options policy-statement ROUTE-VALIDATION term invalid then local-preference 90
	set policy-options policy-statement ROUTE-VALIDATION term invalid then validation-state invalid
	set policy-options policy-statement ROUTE-VALIDATION term invalid then accept

	set policy-options policy-statement ROUTE-VALIDATION term unknown from protocol bgp
	set policy-options policy-statement ROUTE-VALIDATION term unknown from validation-database unknown
	set policy-options policy-statement ROUTE-VALIDATION term unknown then local-preference 100
	set policy-options policy-statement ROUTE-VALIDATION term unknown then validation-state unknown
	set policy-options policy-statement ROUTE-VALIDATION term unknown then accept

3. Push policy to the BGP neighbour

	set protocols bgp import ROUTE-VALIDATION