https://github.com/kjartanhr/routinator-aspa-json-to-bird2
Use the routinator vrp JSON output to build a BIRD2 ASPA validation function.
https://github.com/kjartanhr/routinator-aspa-json-to-bird2
aspa bgp bird bird2 routing-security rpki
Last synced: 6 months ago
JSON representation
Use the routinator vrp JSON output to build a BIRD2 ASPA validation function.
- Host: GitHub
- URL: https://github.com/kjartanhr/routinator-aspa-json-to-bird2
- Owner: kjartanhr
- License: mit
- Created: 2024-05-02T23:02:03.000Z (over 1 year ago)
- Default Branch: main
- Last Pushed: 2024-10-30T22:24:10.000Z (12 months ago)
- Last Synced: 2025-03-29T11:23:10.429Z (7 months ago)
- Topics: aspa, bgp, bird, bird2, routing-security, rpki
- Language: TypeScript
- Homepage:
- Size: 6.84 KB
- Stars: 2
- Watchers: 1
- Forks: 1
- Open Issues: 0
-
Metadata Files:
- Readme: readme.md
- License: LICENSE
Awesome Lists containing this project
README
# Routinator ASPA VRP to BIRD2 function
This is a simple, sloppily written, program to turn the output of the following command:
```
routinator --enable-aspa vrps -f json -o dump.json --no-route-origins --no-router-keys
```
into a BIRD2 function you can use to perform ASPA validation.
(Note that to use the `--enable-aspa` you have to compile Routinator from source. I went over this in a [blog post I wrote](https://as51019.com/posts/aspa-bird2/).)
The resulting function is named `is_aspa_valid()` and you can use it to drop invalid paths with the filter line:
```
if (!is_aspa_valid()) then reject;
```
## Usage
To run, supply an input file via the `--input`/`-i` flag. This file should be the JSON output from the routinator `vrps` command **with ASPA enabled**.
By default, the resulting function will be written to stdout. If you'd like to write it to a file you can supply an output path in the `--output`/`-o` flag.
The `--verbose`/`-v` flag will show warnings.
The `--help`/`-h` flag will show the following help menu:
```
Usage: ./gen [OPTIONS]
Options:
--help, -h Show this menu.
--verbose, -v Show warnings.
--input, -i The input file generated by \`routinator\`. (required)
--output, -o The file to output the BIRD2 function to.
--strict, -s Consider paths without ASPA invalid (NOT RECOMMENDED).
```
## Strict mode
> ⚠️ Strict mode is **NOT RECOMMENDED** for **ANY** use case.
By default the program runs with strict mode turned **off**. This means that if an ASN hasn't published any ASPA 'certificates' (are they called that?) their routes won't be filtered out.
If you **turn strict mode on** then the resulting function will **always return false** unless a previous condition (a.k.a. an ASPA 'certificate' exists) returns true.
## "Compilation" to a stand-alone binary
This is as easy as running the following command, though you will need to install Deno:
```
deno compile --allow-read --allow-write ./gen.ts
```
You can also download a pre-built binary from the releases page.
## License
Licensed under MIT as it was the easiest one to copy paste 🐱