My IP Help

RDAP

Also known as: Registration Data Access Protocol

The Registration Data Access Protocol — a modern JSON/HTTPS replacement for WHOIS that returns structured registration data for IP addresses, ASNs, and domain names.

Last updated:

What is RDAP?

RDAP (Registration Data Access Protocol) is the modern replacement for WHOIS. It exposes registration data — who owns an IP block, an ASN, or a domain name — through a standardized JSON over HTTPS API instead of WHOIS's ad-hoc plain-text format. RDAP was standardized in 2015 (RFC 7480–RFC 7484) and has been the preferred protocol for IP and ASN lookups since ICANN mandated it alongside WHOIS in 2019.

How RDAP improves on WHOIS

RDAP addresses several long-standing WHOIS problems:

  • Structured JSON output instead of inconsistent free-text responses that differed by registry
  • Predictable URL patterns like https://rdap.arin.net/registry/ip/8.8.8.8 and https://rdap.arin.net/registry/autnum/15169
  • Internationalization for non-ASCII contact names and addresses
  • HTTPS with standard authentication instead of unauthenticated port-43 queries
  • Tiered access allowing privileged clients to see contact details hidden from public queries
  • Bootstrap mechanism — a single starting point (https://data.iana.org/rdap/ipv4.json) tells clients which RIR to query for any given IP

What RDAP returns for an IP

A typical RDAP response for an IP address includes:

  • The allocated CIDR range that contains the IP
  • The organization or entity that holds the allocation
  • Abuse contact details (email, phone) — essential for reporting attacks originating from the block
  • Registration and last-modified dates
  • The parent ASN and network handle

Abuse teams and threat intelligence platforms rely on RDAP to automate abuse reporting at scale, since its structured output can be parsed reliably across all five regional registries. Our IP lookup enriches every result with RDAP data where available.

Frequently Asked Questions

Both return registration data for IPs, ASNs, and domains. RDAP returns it as structured JSON over HTTPS at predictable URLs; WHOIS returns unstructured plain text over TCP port 43, formatted differently by every registry. RDAP also supports internationalization, tiered access for authenticated requesters, and a built-in bootstrap mechanism so a client knows which RIR to query for any given IP. ICANN mandated RDAP support for all gTLD registries in 2019.
Send an HTTPS GET to the appropriate RDAP server's URL. For an IP, use a regional registry endpoint like `https://rdap.arin.net/registry/ip/8.8.8.8` or `https://rdap.db.ripe.net/ip/2001:db8::1`. For an ASN, use the `/autnum/` path. The bootstrap file at `https://data.iana.org/rdap/ipv4.json` lists which RIR is authoritative for any given prefix. Most modern WHOIS tools (`whois` on Linux, online WHOIS lookups) automatically prefer RDAP under the hood.
Yes. All five Regional Internet Registries (ARIN, RIPE, APNIC, LACNIC, AFRINIC) operate public RDAP servers free of charge, with the same fair-use rate limits that apply to WHOIS — typically a few queries per second for unauthenticated clients, higher for authenticated ones. There is no commercial paywall on the registration data itself. Some registrars layer paid bulk-access services on top for high-volume customers.
Yes. RDAP for domain names was mandated by ICANN for all gTLDs starting in August 2019. Domain RDAP queries hit the registrar's RDAP server (e.g. `https://rdap.markmonitor.com/rdap/domain/example.com`) and return the same structured fields you would see in a WHOIS response — registrar, dates, name servers, redacted registrant contact. Some ccTLDs (`.uk`, `.de`, `.ru`) implement RDAP as well; others still rely on legacy WHOIS only.
WHOIS had accumulated decades of problems: inconsistent free-text output that required custom parsers per registry, no internationalization for non-ASCII data, no authentication tiers so personal data was either fully public or fully hidden, and no single specification — just folklore. The IETF designed RDAP from 2012 onward (standardized as RFCs 7480-7484 in 2015) to replace WHOIS with a clean JSON-over-HTTPS API. ICANN's mandate drove deployment.
Back to glossary