Verifying PKI Information

During routine maintenance, you can view PKI information in the corresponding view, including information about certificate.

Run the display pki certificate enroll-status [ realm realm-name ] command to verify the certificate enrollment status.
Run the display pki cmp statistics [ session session-name ] command to verify CMP session statistics.
Run the display pki ocsp cache statistics command to verify statistics about the OCSP response cache.
Run the display pki ocsp server down-information command to verify the OCSP server Down records.
Run the display pki certificate { ca | local | ocsp } [ realm realm-name | filename file-name ] command to verify the content of CA, local, or OCSP server certificate loaded on the device.
Run the display pki certificate default { ca [ key-pair-type { rsa | sm2 } ] | local [ key-pair-type { rsa | sm2 { encipher | signature } } ] } command to verify the default CA certificate and local certificate.
Run the display pki peer-certificate { name peer-name | all } command to verify the imported peer certificates.
Run the display pki certificate command to verify the content of CA, local, OCSP, and SSL decryption certificates on LPUs.
Run the display pki ocsp cache detail command to verify the detail information of the OCSP cache.
Run the display pki rsa local-key-pair command to verify the key pair and public key on LPUs.