How to Make RDAP Requests Manually (curl, Postman)

RDAP (Registration Data Access Protocol) is an important protocol for retrieving registration data about domain names, IP addresses, and Autonomous Systems (AS). Unlike the older WHOIS protocol, RDAP offers a more structured and secure way of accessing this data using modern web technologies. In this article, we will explore how to make manual RDAP requests using two common tools: curl and Postman.

Basic RDAP Requests

RDAP queries are structured based on the resource you want to retrieve information about. The three primary types of resources in RDAP are domains, IP addresses, and Autonomous Systems (AS). These resources have their specific query endpoints, which you can access using either curl or Postman.

Domain Queries

To make a query for a domain, use an RDAP endpoint designed for domains. The general structure for a domain query is as follows:

https://rdap.example.com/domain/{domain-name}

For instance, to query the domain example.com, you would use the following URL:

https://rdap.example.com/domain/example.com

This will return information such as the domain's registrar, creation date, status, and potentially the contacts for the domain (if they are not hidden due to privacy protection).

IP Address Queries

RDAP also allows querying information about IP addresses. The general structure for an IP address query is:

https://rdap.example.com/ip/{ip-address}

For example, to query the IP address 8.8.8.8, the query URL would look like this:

https://rdap.example.com/ip/8.8.8.8

This will return registration details about the IP address, including the organization it is registered to, the associated network, and the IP range.

Autonomous Systems (AS) Queries

Another useful query in RDAP is for Autonomous Systems (AS). These are collections of IP addresses that are managed by a single entity, typically an Internet Service Provider (ISP) or a large organization. The query structure for AS looks like this:

https://rdap.example.com/as/{AS-number}

For instance, to query for Autonomous System number 15169, which belongs to Google, you would use:

https://rdap.example.com/as/15169

This will return data about the AS, including its associated IP address ranges, AS name, and contact information.

Understanding RDAP Parameters

When making requests to RDAP, one important aspect to understand is the Accept header. RDAP servers expect clients to specify the type of data they would like to receive in the response. To request data in the standard RDAP format, the Accept header must be set to:

Accept: application/rdap+json

This tells the RDAP server that you want the response to be in JSON format, which is a structured and machine-readable format. The JSON format makes it easy to parse the response and extract specific data, such as domain registration dates, nameservers, or contact details.

Example with curl

Using curl, you can make a simple request like this:

curl -H "Accept: application/rdap+json" https://rdap.example.com/domain/example.com

This command sends a GET request to the RDAP server and specifies that the response should be in JSON format.

Example with Postman

In Postman, you can set the Accept header in the "Headers" tab of your request:

• Key: Accept
• Value: application/rdap+json

Once you've set this header, you can simply send a GET request to the appropriate RDAP URL, such as https://rdap.example.com/domain/example.com, and Postman will display the response in JSON format.

Handling Errors in RDAP Requests

When working with RDAP, it's important to handle errors properly. There are several common error codes that you may encounter, including 404 (Not Found) and 429 (Rate Limit Exceeded).

Error 404: Not Found

If you make an RDAP query for a domain, IP address, or AS that doesn't exist or isn't registered, the RDAP server will typically return a 404 error. This means that no data was found for the requested resource.

For example, if you query a domain that does not exist, the response might look like this:

HTTP/1.1 404 Not Found Content-Type: application/rdap+json Content-Length: 70 { "errorCode": 404, "title": "Resource Not Found", "description": "The requested domain does not exist in the RDAP database." }

To handle this error, you should check the response code and handle the case where no data is returned by your application, providing an appropriate message to the user.

Error 429: Rate Limit Exceeded

If you send too many requests in a short period, you may hit the rate limit set by the RDAP server. When this happens, the server will return a 429 error, which means "Too Many Requests." The server may also include a Retry-After header, indicating how long you should wait before sending another request.

For example, the response for a rate-limited request might look like this:

HTTP/1.1 429 Too Many Requests Content-Type: application/rdap+json Retry-After: 60 Content-Length: 72 { "errorCode": 429, "title": "Rate Limit Exceeded", "description": "You have exceeded the maximum number of allowed requests. Please try again after 60 seconds." }

In this case, you should pause your requests for the duration specified in the Retry-After header (60 seconds, in this example) and try again later.

Conclusion

Making manual RDAP requests is straightforward and can be accomplished with simple tools like curl and Postman. By understanding the query structure, correctly setting the request headers (such as Accept: application/rdap+json), and handling errors like 404 and 429, you can effectively retrieve valuable registration data for domains, IP addresses, and Autonomous Systems. Whether you're performing simple domain lookups or automating requests for monitoring purposes, RDAP offers a secure and structured alternative to the outdated WHOIS protocol.