AS WHOIS Data

Websitehttps://www.radb.net/
CategoryASN & Network Metadata

AS WHOIS data provides detailed registration information for Autonomous Systems, sourced from RADB (Route Arbiter Database) and the Regional Internet Registries. This includes organization contacts, creation dates, administrative and technical handles, and routing policy information. We use this data to provide comprehensive AS profiles on rtsak.com and robtex.com.

Source:AS WHOIS Data

What is AS WHOIS Data?

WHOIS is the internet's original directory service, predating the web itself. For Autonomous Systems, WHOIS records contain the authoritative registration details maintained by the organization that allocated the ASN. These records are distributed across multiple databases:

  • RADB (Route Arbiter Database) - The largest public Internet Routing Registry, operated by Merit Network. Contains route objects, aut-num objects, and maintainer records submitted by network operators worldwide
  • ARIN - Handles ASN registrations for North America
  • RIPE NCC - Manages European, Middle Eastern, and Central Asian ASN allocations. Maintains the most detailed and structured WHOIS records
  • APNIC - Covers the Asia-Pacific region
  • LACNIC - Serves Latin America and the Caribbean
  • AFRINIC - Manages African allocations

Each AS WHOIS record typically includes the ASN, organization name, registration date, country, abuse contact email, administrative and technical contacts, and in some registries, routing policy expressed in RPSL (Routing Policy Specification Language). The aut-num object in RIPE format, for example, can describe the AS's import and export policies, peering relationships, and administrative hierarchy.

WHOIS data is considered authoritative for ownership questions. While BGP data shows what is happening in the routing table right now, WHOIS records show who is officially allocated the resource and how to contact them.

How We Use This Data

On rtsak.com and robtex.com, AS lookup pages display WHOIS-derived registration details alongside live BGP routing data. This combination answers both "who owns this ASN?" (WHOIS) and "what are they doing with it?" (BGP).

The organization name and country from WHOIS records provide identity context that raw ASN numbers lack. Abuse contact information is particularly valuable for network operators who need to report security incidents to the responsible party for a given network. Creation dates help distinguish long-established networks from recently allocated ones, which can be relevant in security assessments.

We also use WHOIS data to cross-reference against BGP observations. If a prefix is being announced by an AS whose WHOIS record shows a different organization than expected, it could indicate a legitimate transfer, a hosting arrangement, or potentially a routing anomaly worth investigating.

FAQ

Why do WHOIS records sometimes show different information than what BGP data suggests?
WHOIS records reflect official allocations and registrations, which are updated through formal processes with the RIRs. BGP data reflects the live routing table, which changes dynamically. An organization might transfer IP space to another entity but WHOIS updates lag behind. Or a hosting provider might announce customer IP space, so BGP shows one AS but WHOIS shows the customer as the registered holder. Both perspectives are valid and complementary.
What is RADB and why is it important?
RADB (Route Arbiter Database) is the largest public Internet Routing Registry, containing over a million route and aut-num objects. Network operators register their routing intentions in RADB so that peers can build prefix filters and validate BGP announcements. Unlike RIR databases which only contain the registry's own allocations, RADB accepts registrations from operators worldwide regardless of their RIR affiliation, making it a central clearinghouse for routing policy data.
Are WHOIS abuse contacts actually monitored?
Quality varies enormously. Major ISPs, cloud providers, and enterprise networks typically maintain responsive abuse desks that act on legitimate reports. Smaller networks, especially in jurisdictions with lax oversight, may have unmonitored abuse contacts or generic email addresses that are never checked. Some bullet-proof hosting providers intentionally ignore abuse reports. The presence of an abuse contact in WHOIS is required by RIR policy but does not guarantee responsiveness.