The RDATA for a KEY RR consists of flags, a protocol octet, the algorithm number, and the public key itself. The format is as follows:
1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | flags | protocol | algorithm | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | / / public key / / / +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-|
The meaning of the KEY RR owner name, flags, and protocol octet are described in Sections 3.2, 3.3 and 3.4 below respectively. The flags and algorithm must be examined before any data following the algorithm octet as they control the format and even whether there is any following data. The algorithm and public key fields are described in Section 3.5. The format of the public key is algorithm dependent.