Object Classes
In RDAP, the information being queried is an RDAP object, and the types or classes of those objects are known
as object classes. They are defined in RFC 9083. Each
instance of an object class is REQUIRED to have the objectClassName
attribute.
RDAP defines 5 core object classes:
- Entity - a person, organization, group, etc…
- Domain - a DNS registration
- Nameserver - a nameserver (i.e. DNS host) registration
- IP Network - an IP address block registration
- Autnum - an Autonomous System Number block registration
Object classes are composed of the common data structures as well as other JSON structures specific to each. Many of these common structures are repeated in each object class, and they generally have the following form:
{
"objectClassName" : "different for every object class",
"handle" : "registry-unique-id",
"status" : [
// ...
],
"entities" : [
// ...
],
"links" : [
// ...
],
"remarks" : [
// ...
],
"events" : [
// ...
],
"port43" : "whois.somewhere"
// the structures specific to each object class
// ...
}
When objects are returned as the top-most value of the response, such as in responses to
lookups, they would have the rdapConformance
array and optionally some notices.
{
"rdapConformance" : [ "rdap_level_0" ],
"notices" : [
// ...
],
"objectClassName" : "different for every object class",
"handle" : "registry-unique-id",
// etc, ...
}
As hinted at above, all the object classes can have child entities. And some can have child IP networks, child autnums, and child nameservers. The diagram below depicts these relationships.
---
title: RDAP Object Classes
---
erDiagram
Entity ||--o{ Entity : "has subordinate contacts"
Entity ||--o{ "IP Network": "associate with"
Entity ||--o{ Autnum: "associate with"
"IP Network" ||--o{ Entity : "has contacts"
Autnum ||--o{ Entity : "has contacts"
Domain ||--o{ Entity : "has contacts"
Domain ||--o{ Nameserver : "served by"
Domain ||--o| "IP Network" : "reverse DNS"
Nameserver ||--o{ Entity : "has contacts"
Entity
An entity represents a person, organization, role or group of people. In Whois parlance, these are often called “contacts”.
The entity object class has the following JSON data structures:
| Name | Value |
|---|---|
objectClassName | (REQUIRED) must be “entity”. See objectClassName |
handle | a registry-unique string identifier. See handle. |
vcardArray | see jCard/vCard |
roles | an array of strings describing the role the entity fulfills with repect to the object that is its parent. These values must be registered in the IANA RDAP JSON Values registry. |
publicIds | a common type defined here |
entities | an array of objects as defined by this object class. See entity children. |
remarks | a common type defined here |
links | a common type defined here |
events | a common type defined here |
asEventActor | an array of events without the eventActor JSON member. These are meant to define the entity as being the event actor. This is seldom used. |
status | a common type defined here |
port43 | a common type defined here |
networks | an array of IP networks. See IP network children. |
autnums | an array of autnums. See autnum children. |
The following is a contrived example of an entity. Keep in mind that
rdapConformance and
notices are common to all
RDAP responses.
{
"rdapConformance":[
"rdap_level_0"
],
"notices":[
{
"title":"Terms of Use",
"description":[
"The data and services are subject to the Terms of Use available at: https://www.arin.net/whois_tou.html"
],
"links":[
{
"value":"http://nic.lunar/entity/example",
"rel":"terms-of-service",
"type":"text/html",
"href":"https://www.nic.lunar/rdap_tou.html"
}
]
}
],
"handle":"entity-dnr",
"objectClassName":"entity",
"vcardArray" : [
"vcard",
[
["version", {}, "text", "4.0"],
["fn", {}, "text", "Allice Allison"],
["kind", {}, "text", "individual"],
["lang", { "pref": "1" }, "language-tag", "fr"],
["lang", { "pref": "2" }, "language-tag", "en"],
["org", { "type": "work" }, "text", "Registry of the Moon"],
["title", {}, "text", "Research Scientist"],
["role", {}, "text", "Project Lead"],
["adr",
{ "type": "work" },
"text",
[
"",
"",
"123 Maple Syrup Lane",
"Quebec",
"QC",
"G1V 2M2",
"Canada"
]
],
["tel",
{ "type": ["work", "voice"], "pref": "1" },
"uri",
"tel:+1-418-555-9254;ext=102"
],
["tel",
{ "type": ["work", "cell", "voice", "video", "text"] },
"uri",
"tel:+1-418-555-6501"
],
["email",
{ "type": "work" },
"text",
"allice.allison@nic.lunar"
]
]
],
"status":[ "validated", "locked" ],
"publicIds" :
[
{
"type": "IANA Registry",
"identifier" : "1"
}
],
"remarks":[
{
"title": "A Poem",
"description":[
"She sells sea shells down by the sea shore.",
"Originally written by Terry Sullivan."
]
},
{
"title": "A Story",
"description":[
"It was the best of times, it was the worst of times, it was the age of wisdom, it was the age of foolishness, it was the epoch of belief, it was the epoch of incredulity, it was the season of Light, it was the season of Darkness, it was the spring of hope, it was the winter of despair, we had everything before us, we had nothing before us, we were all going direct to heaven, we were all going direct the other way - in short, the period was so far like the present period, that some of its noisiest authorities insisted on its being received, for good or for evil, in the superlative degree of comparison only.",
"By Charles Dickens"
]
}
],
"links":[
{
"value":"https://rdap.nic.lunar/entity/entity-dnr",
"rel":"self",
"href":"https://rdap.nic.lunar/entity/entity-dnr"
}
],
"port43":"whois.nic.lunar",
"events":[
{
"eventAction":"registration",
"eventDate":"1990-12-31T23:59:60Z"
},
{
"eventAction":"last changed",
"eventDate":"1991-12-31T23:59:60Z",
"eventActor":"joe@bob.com"
}
]
}
Domain
A domain object represents a domain registration. This is the most complicated of all the object classes.
The domain object class has the following JSON data structures:
| Name | Value |
|---|---|
objectClassName | (REQUIRED) must be “domain”. See objectClassName. |
handle | a registry-unique string identifier. See handle. |
ldhName | a letters-digits-hyphens (ldh, aka ASCII-only) domain name. |
unicodeName | the U-label version of an Internationalized Domain Name (IDN). |
variants | set of variant IDNs for this domain. See variants. |
nameservers | an array of nameserver objects. See nameserver children. |
secureDNS | DNSSEC information. See DNSSEC data. |
publicIds | a common type defined here |
entities | an array of entity objects. See entity children. |
remarks | a common type defined here |
links | a common type defined here |
events | a common type defined here |
status | a common type defined here |
port43 | a common type defined here |
network | a single instance of IP networks. |
The following is a contrived example of a domain. Keep in mind that
rdapConformance is common to all RDAP responses.
{
"objectClassName" : "domain",
"handle" : "ex1-1",
"ldhName" : "xn--fo-5ja.example",
"unicodeName" : "fóo.example",
"status" : [ "locked", "transfer prohibited" ],
"nameservers" :
[
{
"objectClassName" : "nameserver",
"handle" : "ns1-1",
"ldhName" : "ns1.example.com",
"status" : [ "active" ],
"ipAddresses" :
{
"v6": [ "2001:db8::123", "2001:db8::124" ],
"v4": [ "192.0.2.1", "192.0.2.2" ]
},
"links" :
[
{
"value" : "https://example.net/nameserver/ns1.example.com",
"rel" : "self",
"href" : "https://example.net/nameserver/ns1.example.com",
"type" : "application/rdap+json"
}
],
"events" :
[
{
"eventAction" : "registration", "eventDate" : "1990-12-31T23:59:59Z"
},
{
"eventAction" : "last changed", "eventDate" : "1991-12-31T23:59:59Z"
}
]
},
{
"objectClassName" : "nameserver",
"handle" : "ns2-1",
"ldhName" : "ns2.example.com",
"status" : [ "active" ],
"ipAddresses" :
{
"v6" : [ "2001:db8::125", "2001:db8::126" ],
"v4" : [ "192.0.2.3", "192.0.2.4" ]
},
"links" :
[
{
"value" : "https://example.net/nameserver/ns2.example.com",
"rel" : "self",
"href" : "https://example.net/nameserver/ns2.example.com",
"type" : "application/rdap+json"
}
],
"events" :
[
{
"eventAction" : "registration", "eventDate" : "1990-12-31T23:59:59Z"
},
{
"eventAction" : "last changed", "eventDate" : "1991-12-31T23:59:59Z"
}
]
}
],
"links" :
[
{
"value": "https://example.net/domain/xn--fo-5ja.example",
"rel" : "self",
"href" : "https://example.net/domain/xn--fo-5ja.example",
"type" : "application/rdap+json"
}
],
"events" :
[
{
"eventAction" : "registration", "eventDate" : "1990-12-31T23:59:59Z"
},
{
"eventAction" : "last changed", "eventDate" : "1991-12-31T23:59:59Z",
"eventActor" : "alice@example.com"
},
{
"eventAction" : "transfer", "eventDate" : "1991-12-31T23:59:59Z",
"eventActor" : "alice@example.com"
},
{
"eventAction" : "expiration", "eventDate" : "2016-12-31T23:59:59Z",
"eventActor" : "alice@example.com"
}
],
"entities" :
[
{
"objectClassName" : "entity",
"handle" : "regnt1-1",
"status" : [ "validated" ],
"roles" : [ "registrant" ],
"vcardArray":[
"vcard",
[ [ "version", {}, "text", "4.0" ],
[ "fn", {}, "text", "Alice Allison" ],
[ "kind", {}, "text", "individual" ],
[ "email", { "type":"work" }, "text", "alice@example.com" ] ]
],
"links" :
[
{
"value" : "https://example.net/entity/regnt1-1",
"rel" : "self",
"href" : "https://example.net/entity/regnt1-1",
"type" : "application/rdap+json"
}
],
"events" :
[
{
"eventAction" : "registration", "eventDate" : "2015-12-31T23:59:59Z"
},
{
"eventAction" : "last changed", "eventDate" : "2016-12-31T23:59:59Z"
}
]
}
]
}
Variants
The variants structure describes domains that are internationalized variants of the domain registration. This
is an array of objects, each with the following members:
| Name | Value |
|---|---|
relation | array of strings, each a “domain variant relation” from the RDAP JSON Values IANA Registry. |
idnTable | the name of the IDN table. |
variantNames | array of objects in the form {"ldhName": "xn--fo-5ja.example", "unicodeName": "fóo.example"} |
The following excerpt is an example from RFC 9083:
"variants" :
[
{
"relation" : [ "registered", "conjoined" ],
"variantNames" :
[
{
"ldhName" : "xn--fo-cka.example",
"unicodeName" : "fõo.example"
},
{
"ldhName" : "xn--fo-fka.example",
"unicodeName" : "föo.example"
}
]
},
{
"relation" : [ "unregistered", "registration restricted" ],
"idnTable": ".EXAMPLE Swedish",
"variantNames" :
[
{
"ldhName": "xn--fo-8ja.example",
"unicodeName" : "fôo.example"
}
]
}
]
DNSSEC
The secureDNS structure describes the information about the domain’s DNS Security Extensions (DNSSEC). The topic
of DNSSEC is broad. For understanding the meaning of the fields of this structure, readers should consult
RFC 4034.
One interesting aspect of the secureDNS information is that RDAP can convey their updates separately from the
domain name itself using the links and events.
| Name | Value |
|---|---|
zoneSigned | true if the domain’s zone is signed, otherwise false. |
delegationSigned | true if the domain’s parent zone has signed the delegation to this domain, otherwise false. |
dsData | an array of objects describing Delegation Signer objects. See below. |
keyData | an array of objects describing DNS Key objects. See below. |
dsData
| Name | Value |
|---|---|
keyTag | the integer of the key tag field of a DS record. |
algorithm | the integer of the algorithm field of a DS record. |
digest | string containing the hexadecimal digest of the DS record. |
digestType | the integer of the digest type of DS record. |
links | a common type defined here |
events | a common type defined here |
keyData
| Name | Value |
|---|---|
flag | the integer of the flag field of a DNSKEY record. |
protocol | the integer of the protocol field of a DNSKEY record. |
publicKey | string containing the hexadecimal digest of a DNSKEY record public key. |
algorithm | the integer of the algorithm field of a DNSKEY record. |
links | a common type defined here |
events | a common type defined here |
secureDNS example
"secureDNS" : {
"delegationSigned" : true,
"dsData" : [
{
"algorithm" : 13,
"digest" : "B9BEC0EAC0F064929C8586DB185537787015EC3A48F0894BEA74DEEA452F3060",
"digestType" : 2,
"events" : [
{
"eventAction" : "registration",
"eventDate" : "2018-03-27T20:09:08Z"
},
{
"eventAction" : "last changed",
"eventDate" : "2022-04-27T20:19:46Z"
}
],
"keyTag" : 47828
}
]
}
Nameserver Children
Registries can differ in how they model nameservers, often referred to as “hosts”. None of the RIRs allow direct registration of nameservers as they must be carefully managed to compose reverse DNS. Some DNRs do allow direct registration of nameservers and some do not.
When a registry treats nameservers a “firs-class” objects (objects with a registration distinct from other objects), this is often called the “host object” model. Otherwise, this is often called the “host attribute” model.
The example given above shows a “host object” model.
The “host attribute” model is usually much simpler, where the nameservers do not have
a handle or other meta-data separate from the domain. The following is an example.
"nameserver" : [
{
"objectClassName" : "nameserver",
"ldhName" : "ns1.example.com"
},
{
"objectClassName" : "nameserver",
"ldhName" : "ns2.example.com"
}
]
Sometimes they may include the IP addresses of the nameservers.
"nameserver" : [
{
"objectClassName" : "nameserver",
"ldhName" : "ns1.example.com",
"ipAddresses" :
{
"v6": [ "2001:db8::123", "2001:db8::124" ],
"v4": [ "192.0.2.1", "192.0.2.2" ]
}
},
{
"objectClassName" : "nameserver",
"ldhName" : "ns2.example.com",
"ipAddresses" :
{
"v6" : [ "2001:db8::125", "2001:db8::126" ],
"v4" : [ "192.0.2.3", "192.0.2.4" ]
},
}
]
Nameserver
The nameserver object class represents nameservers, or hosts as they are often called. They are most commonly children of domain objects (see above), but can be registerable objects as well.
The nameserver object class has the following structures:
| Name | Value |
|---|---|
objectClassName | (REQUIRED) must be “nameserver”. See objectClassName. |
handle | a registry-unique string identifier. See handle. |
ldhName | a letters-digits-hyphens (ldh, aka ASCII-only) fully-qualified domain name of the nameserver. |
unicodeName | the U-label version of Internationalized Domain Name (IDN) of the nameserver. |
ipAddresses | an array of objects, each with a v4 and v6 string array containing the IP addresses of the nameserver. |
entities | an array of entity objects. See entity children. |
remarks | a common type defined here |
links | a common type defined here |
events | a common type defined here |
status | a common type defined here |
port43 | a common type defined here |
The following is a contrived example of a nameserver. Keep in mind that
rdapConformance is common to all RDAP responses.
{
"rdapConformance" : [
"rdap_level_0"
],
"objectClassName" : "nameserver",
"handle" : "ns1-1",
"ldhName" : "ns1.xn--fo-5ja.example",
"unicodeName" : "ns1.foo.example",
"ipAddresses" : {
"v4" : [
"192.0.2.1",
"192.0.2.2"
],
"v6" : [
"2001:db8::123"
]
},
"links" : [
{
"href" : "https://example.com/nameserver/ns1.xn--fo-5ja.example",
"rel" : "self",
"value" : "https://example.com/nameserver/ns1.xn--fo-5ja.example"
}
],
"remarks" : [
{
"description" : [
"This is a sacrificial nameserver.",
"It is used for the temporary assignment of domains before deletion."
]
}
],
"status" : [
"active"
],
"events" : [
{
"eventAction" : "registration",
"eventDate" : "1990-12-31T23:59:60Z"
},
{
"eventAction" : "last changed",
"eventActor" : "alice@example.com",
"eventDate" : "1991-12-31T23:59:60Z"
}
]
}
IP Network
The “ip network” object class represents the registration of an IP address block. As not all INRRs require
registrations on CIDR block boundaries, the IP address object defines the
registration with a startAddress and endAddress.
This object class has the following structures:
| Name | Value |
|---|---|
objectClassName | (REQUIRED) must be “ip network”. See objectClassName. |
handle | a registry-unique string identifier. See handle. |
startAddress | a string containing the start IP address. |
endAddress | a string containing the end IP address. |
ipVersion | a string of either “v4” or “v6” denoting the IP address family version. |
name | a name for the registration usually given by the registration holder. |
type | a string containing an RIR classification of the registration. |
country | a string with the ISO 3166-2 Alpha2 country code where the network originates traffic. |
parentHandle | the handle of the parent network. |
entities | an array of entity objects. See entity children. |
remarks | a common type defined here |
links | a common type defined here |
events | a common type defined here |
status | a common type defined here |
port43 | a common type defined here |
The following is an example of an IP network taken from APNIC and edited for
educational purposes. Keep in mind that
rdapConformance and notices are
common to all RDAP responses.
{
"rdapConformance" : [ "rdap_level_0" ],
"notices" : [
{
"title" : "Whois Inaccuracy Reporting",
"description" : [ "If you see inaccuracies in the results, please visit: " ],
"links" : [
{
"href" : "https://www.apnic.net/manage-ip/using-whois/abuse-and-spamming/invalid-contact-form",
"rel" : "inaccuracy-report",
"type" : "text/html",
"value" : "https://rdap.apnic.net/ip/101.1.1.1"
}
]
}
],
"objectClassName" : "ip network",
"handle" : "101.1.0.0 - 101.1.3.255",
"ipVersion" : "v4",
"startAddress" : "101.1.0.0",
"endAddress" : "101.1.3.255",
"country" : "CN",
"name" : "CHINANET-FJ",
"status" : [ "active" ],
"type" : "ALLOCATED PORTABLE",
"entities" : [
{
"objectClassName" : "entity",
"handle" : "IRT-CHINANET-CN",
"roles" : [
"abuse"
],
"remarks" : [
{
"title" : "remarks",
"description" : [ "anti-spam@chinatelecom.cn was validated on 2024-04-15" ]
}
],
"vcardArray" : [
"vcard",
[
[ "version", {}, "text", "4.0" ],
[ "fn", {}, "text", "IRT-CHINANET-CN" ],
[ "kind", {}, "text", "group" ],
[
"adr",
{
"label" : "No.31 ,jingrong street,beijing\n100032"
},
"text",
[ "", "", "", "", "", "", "" ]
],
[ "email", {}, "text", "anti-spam@chinatelecom.cn" ]
]
],
"events" : [
{ "eventAction" : "registration", "eventDate" : "2010-11-15T00:31:55Z" },
{ "eventAction" : "last changed", "eventDate" : "2024-04-15T01:54:23Z" }
],
"links" : [
{
"href" : "https://rdap.apnic.net/entity/IRT-CHINANET-CN",
"rel" : "self",
"type" : "application/rdap+json",
"value" : "https://rdap.apnic.net/ip/101.1.1.1"
}
],
},
],
"events" : [
{ "eventAction" : "registration", "eventDate" : "2011-04-14T02:07:48Z" },
{ "eventAction" : "last changed", "eventDate" : "2021-06-15T08:05:33Z" }
],
"links" : [
{
"href" : "https://rdap.apnic.net/ip/101.1.0.0/22",
"rel" : "self",
"type" : "application/rdap+json",
"value" : "https://rdap.apnic.net/ip/101.1.1.1"
},
{
"href" : "https://netox.apnic.net/search/101.1.0.0%2F22?utm_source=rdap&utm_medium=result&utm_campaign=rdap_result",
"rel" : "related",
"type" : "text/html",
"value" : "https://rdap.apnic.net/ip/101.1.1.1"
}
],
"remarks" : [
{
"title" : "description",
"description" : [
"CHINANET FUJIAN PROVINCE NETWORK",
"China Telecom",
"No.31,jingrong street",
"Beijing 100032"
]
}
],
}
Autnum
The “autnum” object class represents a registration of a block of Autonomous System Numbers (ASNs). To some, the fact that they are represented as a block instead of a single ASN may seem odd as it is rare that a network is allocated more than one at a time. However, both the IANA and ARIN allocate them in blocks, though this is rare for ARIN.
Similar to the IP Network object class, these blocks are represented with a startNum and a endNum.
It has the following structures:
| Name | Value |
|---|---|
objectClassName | (REQUIRED) must be “autnum”. See objectClassName. |
handle | a registry-unique string identifier. See handle. |
startNum | a string containing the starting ASN. |
endAddress | a string containing the ending ASN. |
name | a name for the registration usually given by the registration holder. |
type | a string containing an RIR classification of the registration. |
country | a string with the ISO 3166-2 Alpha2 country code where the network originates traffic. |
entities | an array of entity objects. See entity children. |
remarks | a common type defined here |
links | a common type defined here |
events | a common type defined here |
status | a common type defined here |
port43 | a common type defined here |
The following is an example of an autnum taken from APNIC and edited for
educational purposes. Keep in mind that
rdapConformance and notices are
common to all RDAP responses.
{
"rdapConformance" : [ "rdap_level_0" ],
"notices" : [
{
"description" : [
"This is the APNIC WHOIS Database query service. The objects are in RDAP format.",
"This information has been partially mirrored by APNIC from IDNIC."
],
"links" : [
{
"href" : "http://www.apnic.net/db/dbcopyright.html",
"rel" : "terms-of-service",
"type" : "text/html",
"value" : "https://idnic.rdap.apnic.net/autnum/64297"
}
],
"title" : "Terms and Conditions"
}
],
"objectClassName" : "autnum",
"handle" : "AS64297",
"startAutnum" : 64297,
"endAutnum" : 64297,
"name" : "GLOBALMANDIRI-AS-ID",
"country" : "ID",
"status" : [
"active"
],
"entities" : [
{
"handle" : "MYH18-AP",
"objectClassName" : "entity",
"roles" : [
"administrative",
"technical"
],
"events" : [
{ "eventAction" : "registration", "eventDate" : "2019-08-20T06:25:43Z" },
{ "eventAction" : "last changed", "eventDate" : "2016-10-26T03:33:39Z" }
],
"links" : [
{
"href" : "https://idnic.rdap.apnic.net/entity/MYH18-AP",
"rel" : "self",
"type" : "application/rdap+json",
"value" : "https://idnic.rdap.apnic.net/autnum/64297"
}
],
"vcardArray" : [
"vcard",
[
[ "version", {}, "text", "4.0" ],
[ "fn", {}, "text", "M Yusuf Hamid" ],
[ "kind", {}, "text", "individual" ],
[ "adr",
{
"label" : "Jl. Muhammadiyah Lr.139 B/24\nMelayu, Wajo\nSulawesi Selatan 90144"
},
"text",
[ "", "", "", "", "", "", "" ]
],
[ "email", {}, "text", "noc@globalmandiri.co.id" ]
]
]
},
],
"events" : [
{ "eventAction" : "registration", "eventDate" : "2019-08-20T06:30:32Z" },
{ "eventAction" : "last changed", "eventDate" : "2023-05-03T06:00:56Z" }
],
"links" : [
{
"href" : "https://idnic.rdap.apnic.net/autnum/64297",
"rel" : "self",
"type" : "application/rdap+json",
"value" : "https://idnic.rdap.apnic.net/autnum/64297"
}
],
"remarks" : [
{
"description" : [
"Send Spam & Abuse reports to: xchange@globallink.net.id"
]
}
]
}
Entity Children
As noted above, all objects can have a entities value that is an array of entities, including an entity.
This means that entities can be nested, which is useful when showing the relationship between entities.
{
// ...
"entities" : [
{
"objectClassName" : "entity",
"handle" : "big-company-1",
"roles" : [ "registrant" ],
// ...
"entities" : [
{
"objectClassName" : "entity",
"handle" : "employee-1",
"roles" : [ "technical" ]
// ...
}
]
}
]
}
IP Network Children
Entities may have multiple IP network children. This is used to allow RIR members to enumerate the number of networks they hold.
{
"objectClassName" : "entity",
"networks" : [
{
"objectClassName" : "ip network",
"handle" : "net1"
// ...
},
{
"objectClassName" : "ip network",
"handle" : "net2"
// ...
}
]
// ...
}
Autnum Children
Similarly, entities may also have autnum children. Again, this is used to allow RIR members to enumerate the number of autnum registrations they hold.
{
"objectClassName" : "entity",
"autnums" : [
{
"objectClassName" : "autnum",
"handle" : "asn-1-1"
// ...
},
{
"objectClassName" : "autnum",
"handle" : "asn-2-1"
// ...
}
]
// ...
}