TLD SLA Compliance Metrics
Spec 10DNS
| Period | Availability | RTT Compliance | RTT p50 | RTT p95 | Checks | TSLAC |
|---|---|---|---|---|---|---|
| 24h | 100% | 100% | 1.0ms | 1.0ms | 72 | |
| 7d | 100% | 100% | 1.0ms | 123ms | 1014 | |
| 30d | 95.67% | 95.67% | 1.0ms | 123ms | 1346 |
RDAP
| Period | Availability | RTT Compliance | RTT p50 | RTT p95 | Checks | TSLAC |
|---|---|---|---|---|---|---|
| 24h | 100% | 100% | 307ms | 330ms | 12 | |
| 7d | 100% | 100% | 306ms | 405ms | 228 | |
| 30d | 100% | 100% | 307ms | 392ms | 312 |
EPP *
| Period | Availability | RTT Compliance | RTT p50 | RTT p95 | Checks | TSLAC |
|---|---|---|---|---|---|---|
| 24h | 100% | 100% | 45ms | 50ms | 2 | |
| 7d | 100% | 100% | 42ms | 47ms | 8 | |
| 30d | 100% | 100% | 32ms | 35ms | 18 |
DNSSEC Validation Metrics
Registry Agreement Spec 6DNSSEC is required by the Registry Agreement (Specification 6) but is not part of the Spec 10 SLA. We monitor DNSSEC validation independently.
| Period | Validation Rate | RTT p50 | RTT p95 | Checks | Status |
|---|---|---|---|---|---|
| 24h | 100% | 19ms | 19ms | 8 | |
| 7d | 100% | 19ms | 19ms | 190 | |
| 30d | 100% | 19ms | 19ms | 262 |
Unlike Spec 10 services, DNSSEC has no formal availability SLA. Thresholds shown are operational guidelines.
Current Check Status
Reported by Any53 Probes| Type | AF | RTT | Last Check | Source | Details | Status | TSLAC |
|---|---|---|---|---|---|---|---|
DNS
|
v4 | 1.3ms | 10 minutes ago | local | NSID: 1.ord.pch | OK | |
DNS
|
v6 | 1.2ms | 10 minutes ago | local | NSID: 1.ord.pch | OK | |
DNSSEC
|
v4 | 20ms | 5 minutes ago | local | Key: 35642 | OK | |
DNSSEC
|
v6 | 19ms | 5 minutes ago | local | Key: 35642 | OK | |
EPP *
|
v4 | 50ms | 17 hours, 56 minutes ago | local | Tudor EPP (Mock) v2.0 | OK | |
EPP *
|
v6 | 46ms | 17 hours, 56 minutes ago | local | Tudor EPP (Mock) v2.0 | OK | |
RDAP
|
v4 | 287ms | 1 hour, 58 minutes ago | local | TLS 1.3 | OK | |
RDAP
|
v6 | 317ms | 1 hour, 58 minutes ago | local | TLS 1.3 | OK |
RDAP HTTPS Timing
317ms total
DNS Lookup
—
TCP Connect
99ms
TLS Handshake
104ms
Time to First Byte
316ms
TLS 1.3 / TLS_AES_256_GCM_SHA384
Nameservers
6 IPs tested| Hostname | IP Address | AF | Status |
|---|---|---|---|
apple-ns.pch.net |
203.119.88.1 |
v4 | |
apple-ns.pch.net |
2001:dd8:7:6001:dc::1 |
v6 | |
c.ns.apple.com |
204.19.119.1 |
v4 | |
c.ns.apple.com |
2620:171:800:714::1 |
v6 | |
d.ns.apple.com |
204.26.57.1 |
v4 | |
d.ns.apple.com |
2620:171:801:714::1 |
v6 |
Per ICANN Spec 10, we test all delegated nameserver IPs independently.
Test With Your Computer
DNS
dig @apple-ns.pch.net apple. SOA +dnssec +nsid
Query SOA with DNSSEC validation and NSID
drill -D apple. SOA @apple-ns.pch.net
Alternative using drill with DNSSEC trace
RDAP
curl -sS "https://rdap.nic.apple/domain/nic.apple" | jq .
Fetch RDAP JSON (positive lookup)
curl -I -sS "https://rdap.nic.apple/domain/nic.apple"
Headers only (check TLS, timing)
Open in Browser
View RDAP response directly
Registry Information
ActiveICANN SLA Requirements
Per ICANN Registry Agreement Specification 10:
DNS SLA
UDP RTT ≤ 500ms for 95% of queries.
Availability: 99% (max 432 min/month downtime).
RDAP SLA
RTT ≤ 4000ms for 95% of queries.
Availability: 98% (max 864 min/month downtime).
EPP SLA
RTT ≤ 4000ms for 95% of commands (Spec 10 §5).
Availability: 98% (max 864 min/month downtime).
(Demo mode)
API Access
JSON APIAccess .apple compliance metrics programmatically via our REST API.
Quick Start
GET
/any53/api/v1/compliance/apple/
curl -H "X-API-Key: ${YOUR_API_KEY}" \
"https://www.any53.com/any53/api/v1/compliance/apple/"
Example Response
{
"tld": "apple",
"display_name": ".apple",
"operator": "Apple Inc.",
"updated_at": "2026-01-31T12:00:00Z",
"dns": {
"availability_24h": 99.99,
"rtt_p50_ms": 12,
"rtt_p95_ms": 42,
"sla_threshold_ms": 500
},
"rdds": {
"protocol": "RDAP",
"availability_24h": 99.95,
"rtt_p50_ms": 180,
"rtt_p95_ms": 412,
"sla_threshold_ms": 4000
},
"servers": {
"rdap_url": "https://rdap.nic.apple/"
},
"spec10_compliant": true
}
Generate API Key
Get a free API key to start making requests. Provide an email to upgrade to the verified tier (600 requests/hour).
Save this key now! It cannot be retrieved later.
Tier:
Rate limit: /hour
Endpoints
| Endpoint | Description | Tier |
|---|---|---|
GET /compliance/ |
List all monitored TLDs | All |
GET /compliance/{tld}/ |
Current metrics for a TLD | All |
GET /compliance/{tld}/history/ |
Historical time-series data | Organization |
GET /compliance/{tld}/probes/ |
Per-probe breakdown | Organization |
POST /compliance/keys/ |
Generate a new API key | No auth |
Rate Limits
| Tier | Rate Limit | Features |
|---|---|---|
| Anonymous | 100/hour | Current snapshot, hourly aggregates |
| Verified | 600/hour | Current snapshot, hourly aggregates |
| Organization | 6000/hour | Historical data, per-minute resolution, per-probe breakdown |