Detailed ASPA_INVALID logging? (responsible AS and ASPA object)
Christoph
cm at appliedprivacy.net
Mon Jan 5 13:43:17 CET 2026
Hello,
we started to validate (logging only) ASPA objects with this:
if (aspa_check_downstream(at) = ASPA_INVALID) then
{
print "ASPA INVALID announcement (monitoring only): ", net, "
AS path: ", bgp_path;
}
Example output:
ASPA INVALID announcement: 91.223.183.0/24 AS path: (path 1764 5405 6830
206659 197477 215563)
Then we manually investigate which AS along the path is responsible for
the ASPA_INVALID result by asking routinator for the ASPA objects of all
involved ASNs, example output for ASN6830 showing an AS0 ASPA:
"aspas": [
{ "customer": "AS6830", "providers": ["AS0"], "ta": "ripe" }
]
Depending on the length of the AS path this is cumbersome. Is there a
way to write the first responsible AS and ASPA object to the log that
caused the ASPA_INVALID result?
best regards,
Christoph
More information about the Bird-users
mailing list