The Current State of RDAP

The retirement of the legacy whois service in early 2025 created a vacuum that RDAP has swiftly filled. Industry data shows a dramatic swing: monthly whois queries dropped from roughly 122 billion to 49 billion, while RDAP requests climbed to 65 billion by August. This reversal reflects both regulatory pressure and the practical benefits of a structured, JSON‑based protocol, which simplifies automated lookups for registrars, security teams, and compliance platforms.

Beyond raw query volumes, the RDAP ecosystem is maturing technically. Over 47 client applications—including web, mobile, and CLI tools—now interface with the protocol, while 22 server implementations provide authoritative and redirect services. The emergence of extensions such as the RIR Search (RFC 9910), RPKI data exposure, and the migration from jCard to JSContact demonstrates a concerted effort to address advanced use cases, from routing‑security diagnostics to richer contact information handling. These enhancements reduce reliance on ad‑hoc web services and improve data consistency across the internet’s naming infrastructure.

For stakeholders, the implications are clear. Registries and registrars must prioritize RDAP compliance to meet evolving security standards and to support the growing automation demand from enterprises and ISPs. The integration of RPKI data into RDAP promises tighter coupling between domain registration and routing security, a critical factor as BGP hijacks persist. Meanwhile, the adoption of JSContact positions RDAP for broader developer adoption, potentially spurring new analytics and risk‑management tools. As the protocol continues to evolve, it will become the de‑facto interface for domain data, shaping policy, operational efficiency, and the overall resilience of the internet’s address space.