TLD SLA Compliance Metrics
Spec 10DNS
| Period | Availability | RTT Compliance | RTT p50 | RTT p95 | Checks | TSLAC |
|---|---|---|---|---|---|---|
| 24h | 100% | 100% | 18ms | 56ms | 858 | |
| 7d | 100% | 100% | 12ms | 24ms | 4680 | |
| 30d | 100% | 100% | 12ms | 50ms | 25987 |
RDAP
| Period | Availability | RTT Compliance | RTT p50 | RTT p95 | Checks | TSLAC |
|---|---|---|---|---|---|---|
| 24h | 100% | 100% | 72ms | 75ms | 48 | |
| 7d | 100% | 100% | 60ms | 62ms | 240 | |
| 30d | 100% | 100% | 60ms | 63ms | 1344 |
EPP *
| Period | Availability | RTT Compliance | RTT p50 | RTT p95 | Checks | TSLAC |
|---|---|---|---|---|---|---|
| 24h | 100% | 100% | 44ms | 47ms | 20 | |
| 7d | 100% | 100% | 43ms | 47ms | 120 | |
| 30d | 100% | 100% | 44ms | 47ms | 668 |
DNSSEC Validation Metrics
Registry Agreement Spec 6DNSSEC is required by the Registry Agreement (Specification 6) but is not part of the Spec 10 SLA. We monitor DNSSEC validation independently.
| Period | Validation Rate | RTT p50 | RTT p95 | Checks | Status |
|---|---|---|---|---|---|
| 24h | 100% | 51ms | 53ms | 78 | |
| 7d | 100% | 36ms | 37ms | 420 | |
| 30d | 100% | 36ms | 38ms | 2316 |
Unlike Spec 10 services, DNSSEC has no formal availability SLA. Thresholds shown are operational guidelines.
Current Check Status
Reported by Any53 Probes| Type | AF | RTT | Last Check | Source | Details | Status | TSLAC |
|---|---|---|---|---|---|---|---|
DNS
|
v4 | 18ms | 21 minutes ago | local | NSID: nnn1-usnyc-2c | OK | |
DNS
|
v6 | 19ms | 56 days, 16 hours ago | local | NSID: nnn1-usnyc-2a | OK | |
DNSSEC
|
v4 | 48ms | 22 minutes ago | local | Key: 19718 | OK | |
DNSSEC
|
v6 | 51ms | 22 minutes ago | local | Key: 19718 | OK | |
EPP *
|
v4 | 48ms | 55 minutes ago | local | Tudor EPP (Mock) v2.0 | OK | |
EPP *
|
v6 | 41ms | 55 minutes ago | local | Tudor EPP (Mock) v2.0 | OK | |
RDAP
|
v4 | 60ms | 2 hours, 3 minutes ago | local | TLS 1.3 | OK | |
RDAP
|
v6 | 61ms | 2 hours, 3 minutes ago | local | TLS 1.3 | OK |
RDAP HTTPS Timing
61ms total
DNS Lookup
—
TCP Connect
18ms
TLS Handshake
23ms
Time to First Byte
60ms
TLS 1.3 / TLS_AES_128_GCM_SHA256
Nameservers
13 IPs tested| Hostname | IP Address | AF | ASN | RPKI | Status |
|---|---|---|---|---|---|
a.gtld-servers.net |
192.5.6.30 |
v4 | — | — | |
b.gtld-servers.net |
192.33.14.30 |
v4 | AS40647 | ||
c.gtld-servers.net |
192.26.92.30 |
v4 | AS396549 | ||
d.gtld-servers.net |
192.31.80.30 |
v4 | AS396549 | ||
e.gtld-servers.net |
192.12.94.30 |
v4 | AS396549 | ||
f.gtld-servers.net |
192.35.51.30 |
v4 | AS397197 | ||
g.gtld-servers.net |
192.42.93.30 |
v4 | AS397197 | ||
h.gtld-servers.net |
192.54.112.30 |
v4 | AS397197 | ||
i.gtld-servers.net |
192.43.172.30 |
v4 | AS397197 | ||
j.gtld-servers.net |
192.48.79.30 |
v4 | AS21313 | ||
k.gtld-servers.net |
192.52.178.30 |
v4 | AS21313 | ||
l.gtld-servers.net |
192.41.162.30 |
v4 | AS21313 | ||
m.gtld-servers.net |
192.55.83.30 |
v4 | AS21313 |
Per ICANN Spec 10, we test all delegated nameserver IPs independently.
Test With Your Computer
DNS
dig @a.gtld-servers.net com. SOA +dnssec +nsid
Query SOA with DNSSEC validation and NSID
drill -D com. SOA @a.gtld-servers.net
Alternative using drill with DNSSEC trace
RDAP
curl -sS "https://rdap.verisign.com/com/v1/domain/nic.com" | jq .
Fetch RDAP JSON (positive lookup)
curl -I -sS "https://rdap.verisign.com/com/v1/domain/nic.com"
Headers only (check TLS, timing)
Open in Browser
View RDAP response directly
Registry Information
ActiveICANN SLA Requirements
Per ICANN Registry Agreement Specification 10:
DNS SLA
UDP RTT ≤ 500ms for 95% of queries.
Availability: 99% (max 432 min/month downtime).
RDAP SLA
RTT ≤ 4000ms for 95% of queries.
Availability: 98% (max 864 min/month downtime).
EPP SLA
RTT ≤ 4000ms for 95% of commands (Spec 10 §5).
Availability: 98% (max 864 min/month downtime).
(Demo mode)
API Access
JSON APIAccess .com compliance metrics programmatically via our REST API.
Quick Start
GET
/any53/api/v1/compliance/com/
curl -H "X-API-Key: ${YOUR_API_KEY}" \
"https://www.any53.com/any53/api/v1/compliance/com/"
Example Response
{
"tld": "com",
"display_name": ".com",
"operator": "VeriSign, Inc.",
"updated_at": "2026-01-31T12:00:00Z",
"dns": {
"availability_24h": 99.99,
"rtt_p50_ms": 12,
"rtt_p95_ms": 42,
"sla_threshold_ms": 500
},
"rdds": {
"protocol": "RDAP",
"availability_24h": 99.95,
"rtt_p50_ms": 180,
"rtt_p95_ms": 412,
"sla_threshold_ms": 4000
},
"servers": {
"rdap_url": "https://rdap.verisign.com/com/v1/",
"whois_host": "whois.verisign-grs.com"
},
"spec10_compliant": true
}
Generate API Key
Get a free API key to start making requests. Provide an email to upgrade to the verified tier (600 requests/hour).
Save this key now! It cannot be retrieved later.
Tier:
Rate limit: /hour
Endpoints
| Endpoint | Description | Tier |
|---|---|---|
GET /compliance/ |
List all monitored TLDs | All |
GET /compliance/{tld}/ |
Current metrics for a TLD | All |
GET /compliance/{tld}/history/ |
Historical time-series data | Organization |
GET /compliance/{tld}/probes/ |
Per-probe breakdown | Organization |
POST /compliance/keys/ |
Generate a new API key | No auth |
Rate Limits
| Tier | Rate Limit | Features |
|---|---|---|
| Anonymous | 100/hour | Current snapshot, hourly aggregates |
| Verified | 600/hour | Current snapshot, hourly aggregates |
| Organization | 6000/hour | Historical data, per-minute resolution, per-probe breakdown |