Question for proper RPKI check integration in the bird v2.0.4 with Euro-IX Informational BGP communities

Ondrej Zajicek santiago at
Wed Sep 25 16:14:54 CEST 2019

On Wed, Sep 25, 2019 at 11:36:20AM +0100, Barry O'Donovan wrote:
> Hi Irene,
> looks like you're trying to put together a route server config?
> First thing that jumps out at me is you have "roa check" but it should
> be "roa_check".
> We have full working sample configs that are used in our continuous
> integration tests for IXP Manager - here's a v4 version which includes RPKI:


One note - for roa_check(), you should not use bgp_path.last_nonaggregated,
you should use bgp_path.last, or better just use implicit form:


If there is AS_SET on end position, then result should be invalid if
there are related ROAs, or unknown otherwise, (see RFC 6907), it should
not be check based on neighboring (nonaggregated) ASN.

Elen sila lumenn' omentielvo

Ondrej 'Santiago' Zajicek (email: santiago at
OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3,
"To err is human -- to blame it on a computer is even more so."

More information about the Bird-users mailing list