Hello Mahmoud
First of all, a clarification. VPRN BGP is a term used exclusively by Nokia to define a Layer 3 VPN over an MPLS network. So what we’re talking about, more generically is Layer 3 VPN for MPLS. So your question then is, can we use RPKI BGP validation in an MPLS L3 VPN environment.
Secondly, for the benefit of other readers, RPKI-based BGP origin AS validation is a feature that helps prevent network administrators from inadvertently advertising routes to networks they don’t control. It uses a Resource Public Key Infrastructure (RPKI) server to authenticate that certain BGP prefixes originated from an expected AS before the prefixes are allowed to be advertised. More about this can be found here:
Now, remember that the purpose of this feature is to ensure that you don’t accidentally advertise prefixes into a network you don’t control. However, in the case of MPLS, if you are using BGP between your CE and PE routers, you can advertise whatever you want without fear of injecting anything into such a network. Remember that the routing protocol employed between the CE and PE routers has the purpose of advertising whatever internal networks you want to all of your other sites connected to the MPLS VPN. Because of the use of the MPLS VPN feature, such injected routes will not interfere with the operation of the MPLS infrastructure. Thus, such a feature is actually of no benefit.
Can you tell us more about what you would like to achieve? If you tell us the reason you would like to implement something like this, we will be in a better position to help you find a solution that will fit your needs.
I hope this has been helpful!
Laz