RDAP has taken over as the modern way to look up registration data for domains, IP ranges, and autonomous system numbers. xTom’s open source Rust client wraps that protocol in a fast CLI with readable output, smart query detection, and flexible JSON support. Learn more about it in this article.
Publish date: 3/31/2026
If you’ve ever used whois and thought, “this works, but it really feels like it belongs to another era,” RDAP is the answer.
RDAP, short for Registration Data Access Protocol, is the structured successor to WHOIS. It gives users a standard way to query registration data for domains, IP addresses, CIDR ranges, autonomous system numbers, nameservers, and entities, while also supporting machine-readable JSON, better HTTP semantics, and more predictable responses. ICANN has also moved generic TLD registration lookups over to RDAP, with WHOIS sunset for gTLDs on January 28, 2025.
That shift matters for sysadmins, network operators, security teams, and developers. It also explains why a good RDAP client is worth having on hand.
And that's exactly why we created our open source xtomcom/rdap project. It's a Rust-based RDAP client built for the command line, and it’s meant to make those lookups faster, cleaner, and easier to work with than the old habits many Linux users still rely on.
WHOIS was always a bit messy. Output formats varied, registries handled responses differently, and parsing the results for scripts often turned into a mess of brittle text processing.
RDAP improves that by using HTTP and JSON, along with a standard model for responses. It also supports bootstrap-based service discovery, which means a client can figure out the authoritative RDAP service for a given domain, IP block, or ASN instead of relying on a pile of hardcoded guesses. That bootstrap model is part of the RDAP standards and is tied to IANA’s published registries.
In practice, that means RDAP is better suited to both terminal use and automation.
A good RDAP client should help with a few things:
That’s exactly where this Rust client fits in.
The xtomcom/rdap project is a fork of Akaere-NetWorks/rdap, extended with more features and bug fixes. It’s written in Rust and can be used both as a CLI tool and as a library in Rust projects.
At a high level, it supports:
That already makes it more flexible than the way many people still use whois, which often means jumping between different services or manually changing syntax depending on what they want to inspect.
What stands out here is that the tool isn’t only about returning raw data. It also tries to make RDAP pleasant to use from a terminal. The default text output is colorized and formatted for readability, while JSON and pretty JSON output are there when you want to pipe results into another tool or service.
Rust is a good fit for networking utilities that need to be fast, efficient, and dependable.
This project uses asynchronous I/O with Tokio, efficient HTTP handling, and Serde for JSON parsing. That matters because RDAP is an HTTP-based protocol, and even simple lookups can involve redirects, referrals, bootstrap discovery, cache reads, and multiple remote queries.
For a CLI tool, the result is straightforward: fast startup, low overhead, and a small binary that’s easy to ship around.
For developers, the library side is just as useful. You can query RDAP programmatically, detect object types automatically, serialize responses to JSON, and build services on top of it without writing your own RDAP stack from scratch.
A lot of RDAP clients can fetch data. Fewer of them make the experience smooth.
This project adds a handful of practical features that matter in real use.
You can pass a value like a domain, IP, CIDR block, or AS number, and the client will detect the query type automatically. That makes the CLI feel natural:
rdap example.com
rdap 8.8.8.8
rdap 8.8.8.0/24
rdap AS15169
For day-to-day use, that’s exactly how most people want a lookup tool to behave.
One of the more useful additions is multi-layer RDAP querying for domains.
For domain names, registry-level data and registrar-level data can differ in presentation and detail. This client can follow registrar referrals, so you can inspect both layers rather than stopping at the first answer. That’s handy when you want a fuller picture of status codes, registrar details, nameservers, abuse contacts, and redacted registrant information.
RDAP discovery is better than the old WHOIS approach, but real-world naming infrastructure still has edge cases. The tool includes configurable TLD overrides for ccTLDs that may not behave exactly how users expect through the normal bootstrap flow.
It also supports a local configuration model with updateable downloaded files and persistent local override files. In other words, you can update the general config without wiping your own custom settings.
That is a small feature, but a very practical one.
For IP and ASN work, showing abuse contacts quickly is genuinely useful.
If you’re investigating suspicious traffic, checking ownership of an IP block, or trying to find the right point of contact for a network issue, having abuse details surfaced directly in the output saves time.
Some tools lean too hard in one direction. They’re either nice for humans and annoying for automation, or good for JSON workflows and miserable to read in a terminal.
This one handles both use cases well. You can use the default text mode when you’re working interactively, then switch to:
rdap -f json example.com
rdap -f json-pretty example.com
That makes it a decent fit for shell pipelines, dashboards, web services, and internal tooling.
The project supports a few different installation paths.
You can build it from source with Cargo:
git clone https://github.com/xtomcom/rdap.git
cd rdap
cargo build --release
sudo cp target/release/rdap /usr/local/bin/
There are also package options for Debian and Ubuntu, RPM-based distributions, and macOS through Homebrew. That matters because network tools are most useful when they’re easy to install on the systems where people already work.
For Linux admins, packaging support is always a plus. It means you can get the tool onto a workstation, jump box, or admin VM without treating it like a one-off experiment.
Debian (via extrepo):
sudo apt update && sudo apt install extrepo -y
sudo extrepo enable xtom
sudo apt update && sudo apt install rdap -y
One-Line Style:
sudo apt install -y lsb-release ca-certificates apt-transport-https curl gnupg dpkg
# Add xTom repository
curl -fsSL https://repo.xtom.com/xtom.key | bash -c 'gpg --dearmor > /usr/share/keyrings/xtom.gpg'
echo "deb [signed-by=/usr/share/keyrings/xtom.gpg] https://repo.xtom.com/deb stable main" | sudo tee /etc/apt/sources.list.d/xtom.list
sudo apt update
sudo apt install rdap
DEB822:
sudo apt install -y lsb-release ca-certificates apt-transport-https curl gnupg dpkg
curl -fsSL https://repo.xtom.com/xtom.key | bash -c 'gpg --dearmor > /usr/share/keyrings/xtom.gpg'
sudo bash -c 'cat > /etc/apt/sources.list.d/xtom.sources << EOF
Components: main
Architectures: $(dpkg --print-architecture)
Suites: stable
Types: deb
Uris: https://repo.xtom.com/deb
Signed-By: /usr/share/keyrings/xtom.gpg
EOF'
sudo apt update
sudo apt install rdap -y
# Add xTom repository
sudo curl -o /etc/yum.repos.d/xtom.repo https://repo.xtom.com/rpm/xtom.repo
sudo dnf install rdap
# Install Homebrew https://brew.sh/
brew tap xtomcom/brew
brew install xtomcom/brew/rdap
The nice thing about this client is that the basic usage is simple.
A domain lookup:
rdap example.com
An IP lookup:
rdap 192.0.2.1
A CIDR lookup:
rdap 8.8.8.0/24
An ASN lookup:
rdap AS8888
Verbose output:
rdap -v AS8888
And if you need to force a query type or server, you can:
rdap -t domain example.com
rdap -s https://rdap.verisign.com/com/v1 example.com
That mix of convenience and explicit control is what makes a CLI tool stick.
This isn’t just a neat GitHub project for protocol enthusiasts. There are real day-to-day use cases for it.
If you’re a sysadmin, it helps when you need to inspect domain registration data, IP ownership, or ASN details without relying on random web lookup sites.
If you work in abuse handling or incident response, it gives you a quicker path to network details and abuse contacts.
If you’re a developer, the Rust library means you can build RDAP lookups into your own services, customer tooling, dashboards, or automation scripts.
And if you work in hosting or network operations, it’s the kind of utility that ends up in your standard toolbox because you keep finding reasons to use it.
The CLI is only half the story.
Because the project is also a Rust library, you can add it directly to Cargo.toml and query RDAP from your own applications. That opens up a lot of possibilities:
The examples in the repository show how to create a client, auto-detect query types, work with domain and IP models, and serialize responses. There’s even an integration example using Axum for a simple web service.
That makes the project useful beyond the terminal. It can be the base layer for higher-level tooling.
The configuration system is one of the smarter parts of the project.
It uses a layered priority model, with local user overrides above downloaded configs, system-wide configs, and finally built-in defaults. That means you can have a usable zero-config experience out of the box, while still being able to customize behavior when needed.
The rdap --update command updates config files from GitHub and refreshes the IANA TLD list, while keeping *.local.json files intact. That split is a good design choice because it avoids the usual problem where an update stomps on local changes.
For people managing odd TLD edge cases or internal lookup workflows, that flexibility matters more than it might seem at first glance.
A lot of admins still default to whois because it’s familiar.
That isn’t irrational, but the internet’s registration data ecosystem has moved on. RDAP is now the standard path for structured registration data, especially for gTLDs, and its use of JSON, HTTP, referrals, and standardized responses makes it a better long-term fit for both human use and automation.
Compared with older habits, this client gives you:
That’s a meaningful upgrade.
This tool makes the most sense for:
sysadmins who want a better replacement for scattered whois usage, network engineers who need fast ASN and IP ownership lookups, developers building network-aware tooling in Rust, and security teams that need readable registration and abuse contact data.
It’s also a nice fit for anyone who wants a small open source CLI tool that feels modern instead of patched together.
RDAP is no longer the “next” protocol for registration lookups, it’s the current one. With WHOIS sunset for gTLD registration data and the broader move toward structured, machine-readable responses, having a good RDAP client is becoming less of a nice extra and more of a practical necessity.
The xtomcom/rdap project is a solid example of what that client should look like. It’s fast, readable, scriptable, flexible enough for real-world use, and useful both as a CLI and as a Rust library.
For teams running their own infrastructure, that kind of utility fits naturally alongside reliable dedicated servers, colocation, NVMe-powered scalable KVM VPS through V.PS, IP transit, shared hosting, and other IT services. xTom would love to help!
Ready to discuss your infrastructure needs? Contact the team to explore the right solution for your projects.
RDAP stands for Registration Data Access Protocol. It is the standards-based successor to WHOIS for looking up registration data related to domain names, IP addresses, autonomous system numbers, and related internet resources. RDAP uses HTTP and structured responses, usually JSON, instead of the loose text formatting common in WHOIS.
For generic top-level domains, yes. ICANN announced the WHOIS sunset for gTLD registration data on January 28, 2025, making RDAP the definitive protocol in that area.
It supports domain queries, TLD queries, IP address lookups, CIDR ranges, AS numbers, entity lookups, nameserver queries, and search queries based on the project documentation you provided.
Yes. The project works as both a command-line tool and a Rust library. It supports JSON output for scripting and includes examples for integrating it into Rust applications and web services.
A local RDAP client is faster to work with, easier to automate, and better suited to shell workflows, incident response, and internal tooling. It also lets you control output format, timeouts, referrals, and server selection directly from the command line.
Yes. It supports compact JSON and pretty-printed JSON, which makes it useful for scripts, APIs, dashboards, and data processing workflows.
The biggest strengths are the Rust implementation, auto-detection of query types, readable terminal output, multi-layer domain lookups, abuse contact display, configurable overrides, and the ability to use it as a reusable library instead of only as a CLI.