TLD SLA Compliance Metrics
Spec 10DNS
| Period | Availability | RTT Compliance | RTT p50 | RTT p95 | Checks | TSLAC |
|---|---|---|---|---|---|---|
| 24h | 100% | 100% | 71ms | 227ms | 32 | |
| 7d | 100% | 100% | 70ms | 241ms | 1768 | |
| 30d | 94.48% | 94.48% | 71ms | 241ms | 2361 |
RDAP
| Period | Availability | RTT Compliance | RTT p50 | RTT p95 | Checks | TSLAC |
|---|---|---|---|---|---|---|
| 24h | 100% | 100% | 171ms | 247ms | 8 | |
| 7d | 100% | 100% | 173ms | 177ms | 216 | |
| 30d | 100% | 100% | 171ms | 177ms | 300 |
DNSSEC Validation Metrics
Registry Agreement Spec 6DNSSEC is required by the Registry Agreement (Specification 6) but is not part of the Spec 10 SLA. We monitor DNSSEC validation independently.
| Period | Validation Rate | RTT p50 | RTT p95 | Checks | Status |
|---|---|---|---|---|---|
| 24h | 100% | 140ms | 155ms | 18 | |
| 7d | 99.55% | 136ms | 200ms | 220 | |
| 30d | 99.67% | 137ms | 187ms | 304 |
Unlike Spec 10 services, DNSSEC has no formal availability SLA. Thresholds shown are operational guidelines.
Current Check Status
Reported by Any53 Probes| Type | AF | RTT | Last Check | Source | Details | Status | TSLAC |
|---|---|---|---|---|---|---|---|
DNS
|
v4 | 124ms | 3 hours, 28 minutes ago | local | NSID: app12.nrt1.hosts.meta.r… | OK | |
DNS
|
v6 | 140ms | 3 hours, 28 minutes ago | local | NSID: app11.nrt1.hosts.meta.r… | OK | |
DNSSEC
|
v4 | 141ms | 4 hours, 11 minutes ago | local | Key: 40711 | OK | |
DNSSEC
|
v6 | 152ms | 4 hours, 11 minutes ago | local | Key: 40711 | OK | |
RDAP
|
v4 | 165ms | 1 hour, 55 minutes ago | local | TLS 1.3 | OK | |
RDAP
|
v6 | 172ms | 1 hour, 55 minutes ago | local | TLS 1.3 | OK |
RDAP HTTPS Timing
172ms total
DNS Lookup
—
TCP Connect
48ms
TLS Handshake
54ms
Time to First Byte
171ms
TLS 1.3 / TLS_AES_128_GCM_SHA256
Nameservers
8 IPs tested| Hostname | IP Address | AF | Status |
|---|---|---|---|
a0.nic.onl |
65.22.136.1 |
v4 | |
a0.nic.onl |
2a01:8840:86::1 |
v6 | |
a2.nic.onl |
65.22.139.1 |
v4 | |
a2.nic.onl |
2a01:8840:89::1 |
v6 | |
b0.nic.onl |
65.22.137.1 |
v4 | |
b0.nic.onl |
2a01:8840:87::1 |
v6 | |
c0.nic.onl |
65.22.138.1 |
v4 | |
c0.nic.onl |
2a01:8840:88::1 |
v6 |
Per ICANN Spec 10, we test all delegated nameserver IPs independently.
Test With Your Computer
DNS
dig @a0.nic.onl onl. SOA +dnssec +nsid
Query SOA with DNSSEC validation and NSID
drill -D onl. SOA @a0.nic.onl
Alternative using drill with DNSSEC trace
RDAP
curl -sS "https://rdap.identitydigital.services/rdap/domain/nic.onl" | jq .
Fetch RDAP JSON (positive lookup)
curl -I -sS "https://rdap.identitydigital.services/rdap/domain/nic.onl"
Headers only (check TLS, timing)
Open in Browser
View RDAP response directly
Registry Information
Active
TLD
.onl
Operator
iRegistry GmbH
RDAP Server
https://rdap.identitydigital.services/rdap/
RDAP Client
ICANN SLA Requirements
Per ICANN Registry Agreement Specification 10:
DNS SLA
UDP RTT ≤ 500ms for 95% of queries.
Availability: 99% (max 432 min/month downtime).
RDAP SLA
RTT ≤ 4000ms for 95% of queries.
Availability: 98% (max 864 min/month downtime).
API Access
JSON APIAccess .onl compliance metrics programmatically via our REST API.
Quick Start
GET
/any53/api/v1/compliance/onl/
curl -H "X-API-Key: ${YOUR_API_KEY}" \
"https://www.any53.com/any53/api/v1/compliance/onl/"
Example Response
{
"tld": "onl",
"display_name": ".onl",
"operator": "iRegistry GmbH",
"updated_at": "2026-01-31T12:00:00Z",
"dns": {
"availability_24h": 99.99,
"rtt_p50_ms": 12,
"rtt_p95_ms": 42,
"sla_threshold_ms": 500
},
"rdds": {
"protocol": "RDAP",
"availability_24h": 99.95,
"rtt_p50_ms": 180,
"rtt_p95_ms": 412,
"sla_threshold_ms": 4000
},
"servers": {
"rdap_url": "https://rdap.identitydigital.services/rdap/"
},
"spec10_compliant": true
}
Generate API Key
Get a free API key to start making requests. Provide an email to upgrade to the verified tier (600 requests/hour).
Save this key now! It cannot be retrieved later.
Tier:
Rate limit: /hour
Endpoints
| Endpoint | Description | Tier |
|---|---|---|
GET /compliance/ |
List all monitored TLDs | All |
GET /compliance/{tld}/ |
Current metrics for a TLD | All |
GET /compliance/{tld}/history/ |
Historical time-series data | Organization |
GET /compliance/{tld}/probes/ |
Per-probe breakdown | Organization |
POST /compliance/keys/ |
Generate a new API key | No auth |
Rate Limits
| Tier | Rate Limit | Features |
|---|---|---|
| Anonymous | 100/hour | Current snapshot, hourly aggregates |
| Verified | 600/hour | Current snapshot, hourly aggregates |
| Organization | 6000/hour | Historical data, per-minute resolution, per-probe breakdown |