isbgpsafeyet.com icon indicating copy to clipboard operation
isbgpsafeyet.com copied to clipboard

Published 20 hours ago verified publisher icon cloudflare

RPKI endpoint returns invalid JSON on some ASNs

Open danog opened this issue 2 years ago • 9 comments

For example, when running curl -6 https://valid.rpki.cloudflare.com/bc66fd0d2 from my AS198747, the following invalid JSON payload is returned:

{"status":"valid", "asn":undefined, "name": "", "blackholed":false}

Not quite sure as to why the AS name isn't picked up from the RIPE database entry, but either way that field should contain at least null , not undefined, as that's invalid JSON that causes a generic error when running the test.

danog avatar May 09 '23 19:05 danog

Thanks for submitting the report! It seems like the AS name is updated on RIPE DB as well as showing up on Cloudflare Radar. Could you help verify that the query returns correct ASN and names now?

digizeph avatar Jun 15 '23 21:06 digizeph

Hi, yes it got fixed a while ago, but still, I feel like the backend should never return an invalid JSON payload in any condition, that feels deeply wrong :)

danog avatar Jun 15 '23 21:06 danog

Oh and also I noticed a really strange thing, looks like the security & attack dashboard is showing bogus data, not only it is showing a seemingly random percentage of network layer attacks coming from what is essentially my home network consisting of a few android devices and a raspberry pi hosting jellyfin, it is also showing data up until January 2023, even if the AS was created on 2023-04-25.

It seems like it's just showing randomly generated numbers, that doesn't seem right :)

danog avatar Jun 16 '23 11:06 danog

Hey @danog There was a bug in the Radar API, that was ignoring the ASN filter in that specific DOS endpoint, thats why you were seeing big numbers in your ASN. The data that was being displayed there was the worldwide DOS data, here is a quick side-by-side comparison of your ASN page vs worldwide image

The issue is fixed now, and thanks for reporting it

G4brym avatar Jun 16 '23 15:06 G4brym

Thank you, awesome! Has anyone fixed the other issue with the invalid JSON response returned by the rpki endpoint yet, can I close this issue?

danog avatar Jun 16 '23 19:06 danog

I'm also running into this issue, from behind AS30690 I'm receiving the same invalid JSON response which causes an error to be displayed instead of test results: {"status":"valid", "asn":undefined, "name": "", "blackholed":false}

The ASN does show up correctly on Radar and of course is reflected in ARIN records.

FrostTheFox avatar Jan 30 '24 04:01 FrostTheFox

Hey @FrostTheFox and @danog i've pushed a fix to https://valid.rpki.cloudflare.com, can you check if the endpoint is returning valid json now?

G4brym avatar Feb 02 '24 15:02 G4brym

Hey @FrostTheFox and @danog i've pushed a fix to https://valid.rpki.cloudflare.com, can you check if the endpoint is returning valid json now?

It's valid on my end now! :)

FrostTheFox avatar Feb 03 '24 23:02 FrostTheFox

My issue got already fixed several months ago, probably due to the propagation of some entry in some database, so I can't really check if the issue is still there without creating a new AS :)

danog avatar Feb 04 '24 17:02 danog