DNSSEC Analyzer - CRT2014-2024REVIEW.GOV

Domain Name:

Time: 2019-06-20 16:06:52 UTC, NTP stratum 4

Analyzing DNSSEC problems for CRT2014-2024REVIEW.GOV

DS=20326/SHA-256 is now in the chain-of-trust

	Checking DS between Trust Anchor and .
	`. IN DS ( 20326 8 2 e06d44b80b8f1d39a95c0b0d7c65d08458e880409bbc683457104237c7f8ec8d )`
	Query to e.root-servers.net for ./DNSKEY
	Received 1139 bytes from 192.203.230.10
	;; Answer received from 192.203.230.10 (1139 bytes) ;; HEADER SECTION ;; id = 18095 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; qdcount = 1 ancount = 4 nscount = 0 arcount = 1 ;; do = 1 ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option: ;; QUESTION SECTION (1 record) ;; . IN DNSKEY ;; ANSWER SECTION (4 records) . 172800 IN DNSKEY ( 257 3 8 AwEAAaz/tAm8yTn4Mfeh5eyI96WSVexTBAvkMgJzkKTOiW1vkIbzxeF3+/4RgWOq7HrxRixHlFlE xOLAJr5emLvN7SWXgnLh4+B5xQlNVz8Og8kvArMtNROxVQuCaSnIDdD5LKyWbRd2n9WGe2R8PzgC mr3EgVLrjyBxWezF0jLHwVN8efS3rCj/EWgvIWgb9tarpVUDK/b58Da+sqqls3eNbuv7pr+eoZG+ SrDK6nWeL3c6H5Apxz7LjVc1uTIdsIXxuOLYA4/ilBmSVIzuDWfdRUfhHdY6+cn8HFRm+2hM8AnX GXws9555KrUB5qihylGa8subX2Nn6UwNR1AkUTV74bU= ) ; Key ID = 20326 . 172800 IN DNSKEY ( 256 3 8 AwEAAeVDC34GZILwsQJy97K2Fst4P3XYZrXLyrkausYzSqEjSUulgh+iLgHg0y7FIF890+sIjXsk 7KLJUmCOWfYWPorNKEOKLk5Zx/4M6D3IHZE3O3m/Eahrc28qQzmTLxiMZAW65MvR2UO3LxVtYOPB EBiDgAQD47x2JLsJYtavCzNL5WiUk59OgvHmDqmcC7VXYBhK8V8Tic089XJgExGeplKWUt9yyc31 ra1swJX51XsOaQz17+vyLVH8AZP26KvKFiZeoRbaq6vl+hc8HQnI2ug5rA2zoz3MsSQBvP1f/Hvq sWxLqwXXKyDD1QM639U+XzVB8CYigyscRP22QCnwKIU= ) ; Key ID = 25266 . 172800 IN DNSKEY ( 256 3 8 AwEAAcTQyaIe6nt3xSPOG2L/YfwBkOVTJN6mlnZ249O5Rtt3ZSRQHxQSW61AODYw6bvgxrrGq8ee OuenFjcSYgNAMcBYoEYYmKDW6e9EryW4ZaT/MCq+8Am06oR40xAA3fClOM6QjRcT85tP41Go946A icBGP8XOP/Aj1aI/oPRGzRnboUPUok/AzTNnW5npBU69+BuiIwYE7mQOiNBFePyvjQBdoiuYbmuD 3Py0IyjlBxzZUXbqLsRL9gYFkCqeTY29Ik7usuzMTa+JRSLz6KGS5RSJ7CTSMjZg8aNaUbN2dvGh akJPh92HnLvMA3TefFgbKJphFNPA3BWSKLZ02cRWXqM= ) ; Key ID = 59944 . 172800 IN RRSIG ( DNSKEY 8 0 172800 20190711000000 20190620000000 20326 . LeNUOIxGGe+xAKxr13YIXNqMAxVH7RuDXQyVclUuxA9aENp0+yYkeIL+/lkTteEhdHXNVZqYch8Q rvcsuCpDN2gKx5D5M04gKAjR5ywgvEdsZHr9DhjCZ3uvXKvbPsi614QpjYCxxvtq/ZZE6dhm59K3 N3T8Mhm5l36b6w+fR1F3Kc+eeJqy2ZjVxNe9CClE4Qy6q78Yu6rS1vZkuzG1l2AT9Gko72StWbds U2Ry9fBk+uCJOLxej37z5Rfi5EAzFcnfwQYryqCRt2go9PuD0/AulqG8wmTVz23tnwnaxowkYKxF H2yE0d7pDiFjvOyUHdGPXYwl/+GDmjrQsN6JPQ== ) ;; AUTHORITY SECTION (0 records) ;; ADDITIONAL SECTION (1 record) ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option:
	Found 3 DNSKEY records for .
	`. 172800 IN DNSKEY ( 257 3 8 AwEAAaz/tAm8yTn4Mfeh5eyI96WSVexTBAvkMgJzkKTOiW1vkIbzxeF3+/4RgWOq7HrxRixHlFlE xOLAJr5emLvN7SWXgnLh4+B5xQlNVz8Og8kvArMtNROxVQuCaSnIDdD5LKyWbRd2n9WGe2R8PzgC mr3EgVLrjyBxWezF0jLHwVN8efS3rCj/EWgvIWgb9tarpVUDK/b58Da+sqqls3eNbuv7pr+eoZG+ SrDK6nWeL3c6H5Apxz7LjVc1uTIdsIXxuOLYA4/ilBmSVIzuDWfdRUfhHdY6+cn8HFRm+2hM8AnX GXws9555KrUB5qihylGa8subX2Nn6UwNR1AkUTV74bU= ) ; Key ID = 20326`
	`. 172800 IN DNSKEY ( 256 3 8 AwEAAeVDC34GZILwsQJy97K2Fst4P3XYZrXLyrkausYzSqEjSUulgh+iLgHg0y7FIF890+sIjXsk 7KLJUmCOWfYWPorNKEOKLk5Zx/4M6D3IHZE3O3m/Eahrc28qQzmTLxiMZAW65MvR2UO3LxVtYOPB EBiDgAQD47x2JLsJYtavCzNL5WiUk59OgvHmDqmcC7VXYBhK8V8Tic089XJgExGeplKWUt9yyc31 ra1swJX51XsOaQz17+vyLVH8AZP26KvKFiZeoRbaq6vl+hc8HQnI2ug5rA2zoz3MsSQBvP1f/Hvq sWxLqwXXKyDD1QM639U+XzVB8CYigyscRP22QCnwKIU= ) ; Key ID = 25266`
	`. 172800 IN DNSKEY ( 256 3 8 AwEAAcTQyaIe6nt3xSPOG2L/YfwBkOVTJN6mlnZ249O5Rtt3ZSRQHxQSW61AODYw6bvgxrrGq8ee OuenFjcSYgNAMcBYoEYYmKDW6e9EryW4ZaT/MCq+8Am06oR40xAA3fClOM6QjRcT85tP41Go946A icBGP8XOP/Aj1aI/oPRGzRnboUPUok/AzTNnW5npBU69+BuiIwYE7mQOiNBFePyvjQBdoiuYbmuD 3Py0IyjlBxzZUXbqLsRL9gYFkCqeTY29Ik7usuzMTa+JRSLz6KGS5RSJ7CTSMjZg8aNaUbN2dvGh akJPh92HnLvMA3TefFgbKJphFNPA3BWSKLZ02cRWXqM= ) ; Key ID = 59944`
	DNSKEY=20326/SEP is now in the chain-of-trust
	DS=20326/SHA-256 verifies DNSKEY=20326/SEP
	Found 1 RRSIGs over DNSKEY RRset
	`. 172800 IN RRSIG ( DNSKEY 8 0 172800 20190711000000 20190620000000 20326 . LeNUOIxGGe+xAKxr13YIXNqMAxVH7RuDXQyVclUuxA9aENp0+yYkeIL+/lkTteEhdHXNVZqYch8Q rvcsuCpDN2gKx5D5M04gKAjR5ywgvEdsZHr9DhjCZ3uvXKvbPsi614QpjYCxxvtq/ZZE6dhm59K3 N3T8Mhm5l36b6w+fR1F3Kc+eeJqy2ZjVxNe9CClE4Qy6q78Yu6rS1vZkuzG1l2AT9Gko72StWbds U2Ry9fBk+uCJOLxej37z5Rfi5EAzFcnfwQYryqCRt2go9PuD0/AulqG8wmTVz23tnwnaxowkYKxF H2yE0d7pDiFjvOyUHdGPXYwl/+GDmjrQsN6JPQ== )`
	RRSIG=20326 and DNSKEY=20326/SEP verifies the DNSKEY RRset
	DNSKEY=25266 is now in the chain-of-trust
	DNSKEY=59944 is now in the chain-of-trust
	Query to h.root-servers.net for CRT2014-2024REVIEW.GOV/A
	Error querying h.root-servers.net/2001:500:1:0:0:0:0:53 for CRT2014-2024REVIEW.GOV/A: 'IPv6 transport disabled'
	Received 677 bytes from 198.97.190.53
	;; Answer received from 198.97.190.53 (677 bytes) ;; HEADER SECTION ;; id = 35351 ;; qr = 1 aa = 0 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; qdcount = 1 ancount = 0 nscount = 7 arcount = 9 ;; do = 1 ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option: ;; QUESTION SECTION (1 record) ;; CRT2014-2024REVIEW.GOV. IN A ;; ANSWER SECTION (0 records) ;; AUTHORITY SECTION (7 records) GOV. 172800 IN NS a.gov-servers.net. GOV. 172800 IN NS b.gov-servers.net. GOV. 172800 IN NS c.gov-servers.net. GOV. 172800 IN NS d.gov-servers.net. GOV. 86400 IN DS 7698 8 1 6f109b46a80cea9613dc86d5a3e065520505aafe GOV. 86400 IN DS ( 7698 8 2 6bc949e638442ead0bdaf0935763c8d003760384ff15ebbd5ce86bb5559561f0 ) GOV. 86400 IN RRSIG ( DS 8 1 86400 20190703050000 20190620040000 25266 . AM0VTnKwtUisnOmvf4e3dMfKJ50OGWaWbootMyp4iYZmFanReltA/jSBIkBkYqLnyruItyj//CZD gLexeSrLOm3uK3LEdmkowLp44fsexaBJrEifio4Ybn3ohC1E3IGbXPHmZ0AHmpEwOwddb8FXxU2u weQCWGAiICmNrPnEi4ZxBLoZGAZlzK9BJ28iTA3f4vEMWSBJX2zD1PD10AWrl/3Jb1hv4/iYj+Cz Q5pMmjnKiRkE4Kj4dpGTVBd9L+suF9LX9/0SAoMZpDT75Ukyzk1fa3jqXD34S+Te82kDkBV+u1Ka 6p5mMJCHDje65bbTHh2WND6PUty+Ba33ds07Wg== ) ;; ADDITIONAL SECTION (9 records) a.gov-servers.net. 172800 IN A 69.36.157.30 b.gov-servers.net. 172800 IN A 209.112.123.30 c.gov-servers.net. 172800 IN A 69.36.153.30 d.gov-servers.net. 172800 IN A 81.19.194.30 a.gov-servers.net. 172800 IN AAAA 2001:500:4431::2:30 b.gov-servers.net. 172800 IN AAAA 2620:74:27::2:30 c.gov-servers.net. 172800 IN AAAA 2620:74:28::2:30 d.gov-servers.net. 172800 IN AAAA 2620:74:29::2:30 ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option:
	Query to i.root-servers.net for GOV/DNSKEY
	Error querying i.root-servers.net/2001:7fe:0:0:0:0:0:53 for GOV/DNSKEY: 'IPv6 transport disabled'
	Received 661 bytes from 192.36.148.17
	;; Answer received from 192.36.148.17 (661 bytes) ;; HEADER SECTION ;; id = 11722 ;; qr = 1 aa = 0 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; qdcount = 1 ancount = 0 nscount = 7 arcount = 9 ;; do = 1 ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option: ;; QUESTION SECTION (1 record) ;; GOV. IN DNSKEY ;; ANSWER SECTION (0 records) ;; AUTHORITY SECTION (7 records) gov. 172800 IN NS b.gov-servers.net. gov. 172800 IN NS d.gov-servers.net. gov. 172800 IN NS c.gov-servers.net. gov. 172800 IN NS a.gov-servers.net. gov. 86400 IN DS ( 7698 8 2 6bc949e638442ead0bdaf0935763c8d003760384ff15ebbd5ce86bb5559561f0 ) gov. 86400 IN DS 7698 8 1 6f109b46a80cea9613dc86d5a3e065520505aafe gov. 86400 IN RRSIG ( DS 8 1 86400 20190703050000 20190620040000 25266 . AM0VTnKwtUisnOmvf4e3dMfKJ50OGWaWbootMyp4iYZmFanReltA/jSBIkBkYqLnyruItyj//CZD gLexeSrLOm3uK3LEdmkowLp44fsexaBJrEifio4Ybn3ohC1E3IGbXPHmZ0AHmpEwOwddb8FXxU2u weQCWGAiICmNrPnEi4ZxBLoZGAZlzK9BJ28iTA3f4vEMWSBJX2zD1PD10AWrl/3Jb1hv4/iYj+Cz Q5pMmjnKiRkE4Kj4dpGTVBd9L+suF9LX9/0SAoMZpDT75Ukyzk1fa3jqXD34S+Te82kDkBV+u1Ka 6p5mMJCHDje65bbTHh2WND6PUty+Ba33ds07Wg== ) ;; ADDITIONAL SECTION (9 records) a.gov-servers.net. 172800 IN A 69.36.157.30 a.gov-servers.net. 172800 IN AAAA 2001:500:4431::2:30 b.gov-servers.net. 172800 IN A 209.112.123.30 b.gov-servers.net. 172800 IN AAAA 2620:74:27::2:30 c.gov-servers.net. 172800 IN A 69.36.153.30 c.gov-servers.net. 172800 IN AAAA 2620:74:28::2:30 d.gov-servers.net. 172800 IN A 81.19.194.30 d.gov-servers.net. 172800 IN AAAA 2620:74:29::2:30 ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option:
	Found child zone GOV

GOV

	Checking DS between . and GOV
	Query to c.root-servers.net for GOV/DS
	Received 406 bytes from 192.33.4.12
	;; Answer received from 192.33.4.12 (406 bytes) ;; HEADER SECTION ;; id = 39926 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; qdcount = 1 ancount = 3 nscount = 0 arcount = 1 ;; do = 1 ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option: ;; QUESTION SECTION (1 record) ;; GOV. IN DS ;; ANSWER SECTION (3 records) gov. 86400 IN DS ( 7698 8 2 6bc949e638442ead0bdaf0935763c8d003760384ff15ebbd5ce86bb5559561f0 ) gov. 86400 IN DS 7698 8 1 6f109b46a80cea9613dc86d5a3e065520505aafe gov. 86400 IN RRSIG ( DS 8 1 86400 20190703050000 20190620040000 25266 . AM0VTnKwtUisnOmvf4e3dMfKJ50OGWaWbootMyp4iYZmFanReltA/jSBIkBkYqLnyruItyj//CZD gLexeSrLOm3uK3LEdmkowLp44fsexaBJrEifio4Ybn3ohC1E3IGbXPHmZ0AHmpEwOwddb8FXxU2u weQCWGAiICmNrPnEi4ZxBLoZGAZlzK9BJ28iTA3f4vEMWSBJX2zD1PD10AWrl/3Jb1hv4/iYj+Cz Q5pMmjnKiRkE4Kj4dpGTVBd9L+suF9LX9/0SAoMZpDT75Ukyzk1fa3jqXD34S+Te82kDkBV+u1Ka 6p5mMJCHDje65bbTHh2WND6PUty+Ba33ds07Wg== ) ;; AUTHORITY SECTION (0 records) ;; ADDITIONAL SECTION (1 record) ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option:
	Found 2 DS records for GOV in the . zone
	DS=7698/SHA-256 has algorithm RSASHA256
	DS=7698/SHA-1 has algorithm RSASHA256
	Found 1 RRSIGs over DS RRset
	`gov. 86400 IN RRSIG ( DS 8 1 86400 20190703050000 20190620040000 25266 . AM0VTnKwtUisnOmvf4e3dMfKJ50OGWaWbootMyp4iYZmFanReltA/jSBIkBkYqLnyruItyj//CZD gLexeSrLOm3uK3LEdmkowLp44fsexaBJrEifio4Ybn3ohC1E3IGbXPHmZ0AHmpEwOwddb8FXxU2u weQCWGAiICmNrPnEi4ZxBLoZGAZlzK9BJ28iTA3f4vEMWSBJX2zD1PD10AWrl/3Jb1hv4/iYj+Cz Q5pMmjnKiRkE4Kj4dpGTVBd9L+suF9LX9/0SAoMZpDT75Ukyzk1fa3jqXD34S+Te82kDkBV+u1Ka 6p5mMJCHDje65bbTHh2WND6PUty+Ba33ds07Wg== )`
	RRSIG=25266 and DNSKEY=25266 verifies the DS RRset
	DS=7698/SHA-256 is now in the chain-of-trust
	`gov. 86400 IN DS ( 7698 8 2 6bc949e638442ead0bdaf0935763c8d003760384ff15ebbd5ce86bb5559561f0 )`
	`gov. 86400 IN DS 7698 8 1 6f109b46a80cea9613dc86d5a3e065520505aafe`
	Query to a.gov-servers.net for GOV/DNSKEY
	Error querying a.gov-servers.net/2001:500:4431:0:0:0:2:30 for GOV/DNSKEY: 'IPv6 transport disabled'
	Received 743 bytes from 69.36.157.30
	;; Answer received from 69.36.157.30 (743 bytes) ;; HEADER SECTION ;; id = 24304 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; qdcount = 1 ancount = 3 nscount = 0 arcount = 1 ;; do = 1 ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option: ;; QUESTION SECTION (1 record) ;; GOV. IN DNSKEY ;; ANSWER SECTION (3 records) GOV. 86400 IN DNSKEY ( 257 3 8 AQO8daaz7B+yshOfL60rytKd9aOSujgponEw3fwBMEC3/+e9XzHw2k+VKnbJTZ+QaVtpfUd1q9HK ZIv/ck83Gl5TjYKE5jtUZ2kpEDZfVNGv6yx0smtWAXv1nCJS9ohnyOTd397eMojGDHqkEC+uojES cZheEkMxzgCZwDAs+/CSU7mSuHtCRZn19xlZUd5Gv7yDQ3mbOUwuy30oSk0z1Q5UUPpoihOugIZH FX6Jk7NLiW2wlqfq9qhV4zj7TiBiJY0mCc4zHN8/aq2VKDHp2Na7mWzvKyTy+SYQkBQ/08LbPwj9 YMc+uCzKL6sU/ObHv17EFhD8aPDftTHZvV9L+OZr ) ; Key ID = 7698 GOV. 86400 IN DNSKEY ( 256 3 8 AQPO0gfZTyKZiRSwF/XvW9ta+joX/SlCfvNcTsNT4t5edmGhhiRNf45246Z4L6Cx3n93FPHtW91n F+M1gCPyxewRyAM0/UVrqBwutdPQnR8vsQ/WzdsAk50loby/jGN7UAStU/FzllD2qIq4uJ8HcLZW Qth9JV8vKuqVYXgPfhx5lw== ) ; Key ID = 43583 GOV. 86400 IN RRSIG ( DNSKEY 8 1 86400 20190701214731 20190616214231 7698 gov. gr3SMpnqXuv1bmrBjl6FAfUBvevP1IZX6nHz+ka815FjVHQX48JOHZv7lLJ8J1JMT2TxzbvUsdcU fE0JSvtMF6Dt97g4f4t4A3dtXGzDnsipCY2uOXa7ACncWiLjOjYiXxjUhsZjqS3epq0WQExuvUFU DTwTuZdx+qsU8b9gzzWjD8DDeE3Ri8utmMaMM8+5sxfqtBlqZmI9tjRJ6a4P2yV8RXWpZzlp6bRi yheZTE2RTru+NhrZ/LFtyC1M66lpS7r7T9iy6sDnbALVuo6kRfMy8PGL0mDbWitWO1Hi+NDEkaaQ hSSCo3Iv9oidW08kEV89hTlhH9Nh8oeo86bHog== ) ;; AUTHORITY SECTION (0 records) ;; ADDITIONAL SECTION (1 record) ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option:
	Found 2 DNSKEY records for GOV
	`GOV. 86400 IN DNSKEY ( 257 3 8 AQO8daaz7B+yshOfL60rytKd9aOSujgponEw3fwBMEC3/+e9XzHw2k+VKnbJTZ+QaVtpfUd1q9HK ZIv/ck83Gl5TjYKE5jtUZ2kpEDZfVNGv6yx0smtWAXv1nCJS9ohnyOTd397eMojGDHqkEC+uojES cZheEkMxzgCZwDAs+/CSU7mSuHtCRZn19xlZUd5Gv7yDQ3mbOUwuy30oSk0z1Q5UUPpoihOugIZH FX6Jk7NLiW2wlqfq9qhV4zj7TiBiJY0mCc4zHN8/aq2VKDHp2Na7mWzvKyTy+SYQkBQ/08LbPwj9 YMc+uCzKL6sU/ObHv17EFhD8aPDftTHZvV9L+OZr ) ; Key ID = 7698`
	`GOV. 86400 IN DNSKEY ( 256 3 8 AQPO0gfZTyKZiRSwF/XvW9ta+joX/SlCfvNcTsNT4t5edmGhhiRNf45246Z4L6Cx3n93FPHtW91n F+M1gCPyxewRyAM0/UVrqBwutdPQnR8vsQ/WzdsAk50loby/jGN7UAStU/FzllD2qIq4uJ8HcLZW Qth9JV8vKuqVYXgPfhx5lw== ) ; Key ID = 43583`
	DNSKEY=7698/SEP is now in the chain-of-trust
	DS=7698/SHA-256 verifies DNSKEY=7698/SEP
	DS=7698/SHA-1 verifies DNSKEY=7698/SEP
	Found 1 RRSIGs over DNSKEY RRset
	`GOV. 86400 IN RRSIG ( DNSKEY 8 1 86400 20190701214731 20190616214231 7698 gov. gr3SMpnqXuv1bmrBjl6FAfUBvevP1IZX6nHz+ka815FjVHQX48JOHZv7lLJ8J1JMT2TxzbvUsdcU fE0JSvtMF6Dt97g4f4t4A3dtXGzDnsipCY2uOXa7ACncWiLjOjYiXxjUhsZjqS3epq0WQExuvUFU DTwTuZdx+qsU8b9gzzWjD8DDeE3Ri8utmMaMM8+5sxfqtBlqZmI9tjRJ6a4P2yV8RXWpZzlp6bRi yheZTE2RTru+NhrZ/LFtyC1M66lpS7r7T9iy6sDnbALVuo6kRfMy8PGL0mDbWitWO1Hi+NDEkaaQ hSSCo3Iv9oidW08kEV89hTlhH9Nh8oeo86bHog== )`
	RRSIG=7698 and DNSKEY=7698/SEP verifies the DNSKEY RRset
	DNSKEY=43583 is now in the chain-of-trust
	Query to b.gov-servers.net for CRT2014-2024REVIEW.GOV/A
	Error querying b.gov-servers.net/2620:74:27:0:0:0:2:30 for CRT2014-2024REVIEW.GOV/A: 'IPv6 transport disabled'
	Received 390 bytes from 209.112.123.30
	;; Answer received from 209.112.123.30 (390 bytes) ;; HEADER SECTION ;; id = 29729 ;; qr = 1 aa = 0 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; qdcount = 1 ancount = 0 nscount = 4 arcount = 5 ;; do = 1 ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option: ;; QUESTION SECTION (1 record) ;; CRT2014-2024REVIEW.GOV. IN A ;; ANSWER SECTION (0 records) ;; AUTHORITY SECTION (4 records) CRT2014-2024REVIEW.GOV. 86400 IN NS ns1.bpa.GOV. CRT2014-2024REVIEW.GOV. 86400 IN NS ns2.bpa.GOV. CRT2014-2024REVIEW.GOV. 3600 IN DS ( 27211 8 2 0ef7cea294656edf722d62f98a269d32ea0bff8cefa05a7d3a593b1936336a18 ) CRT2014-2024REVIEW.GOV. 3600 IN RRSIG ( DS 8 2 3600 20190627101007 20190620101007 43583 gov. zlgBPNFv90ZCIn+LEtDuXaijYNGraNOoq2Xe215lUBapEKsyFxZtM3IM4d0JDadGJRMD6QwQ0BqU RjtFHhrv2Nm8wbf9ROyu2Lws1lIGad7wjxFfDGSCxdiNWv4J2sMbvfNDx6F85/9VLmEiLeXm/7+R mGjzmDS/bJm2BdNg45s= ) ;; ADDITIONAL SECTION (5 records) ns1.bpa.GOV. 86400 IN A 170.160.36.10 ns1.bpa.GOV. 86400 IN AAAA 2620:137:401a:10db::10 ns2.bpa.GOV. 86400 IN A 170.160.100.10 ns2.bpa.GOV. 86400 IN AAAA 2620:137:401b:10db::10 ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option:
	Query to b.gov-servers.net for CRT2014-2024REVIEW.GOV/DNSKEY
	Received 390 bytes from 209.112.123.30
	;; Answer received from 209.112.123.30 (390 bytes) ;; HEADER SECTION ;; id = 23231 ;; qr = 1 aa = 0 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; qdcount = 1 ancount = 0 nscount = 4 arcount = 5 ;; do = 1 ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option: ;; QUESTION SECTION (1 record) ;; CRT2014-2024REVIEW.GOV. IN DNSKEY ;; ANSWER SECTION (0 records) ;; AUTHORITY SECTION (4 records) CRT2014-2024REVIEW.GOV. 86400 IN NS ns1.bpa.GOV. CRT2014-2024REVIEW.GOV. 86400 IN NS ns2.bpa.GOV. CRT2014-2024REVIEW.GOV. 3600 IN DS ( 27211 8 2 0ef7cea294656edf722d62f98a269d32ea0bff8cefa05a7d3a593b1936336a18 ) CRT2014-2024REVIEW.GOV. 3600 IN RRSIG ( DS 8 2 3600 20190627101007 20190620101007 43583 gov. zlgBPNFv90ZCIn+LEtDuXaijYNGraNOoq2Xe215lUBapEKsyFxZtM3IM4d0JDadGJRMD6QwQ0BqU RjtFHhrv2Nm8wbf9ROyu2Lws1lIGad7wjxFfDGSCxdiNWv4J2sMbvfNDx6F85/9VLmEiLeXm/7+R mGjzmDS/bJm2BdNg45s= ) ;; ADDITIONAL SECTION (5 records) ns1.bpa.GOV. 86400 IN A 170.160.36.10 ns1.bpa.GOV. 86400 IN AAAA 2620:137:401a:10db::10 ns2.bpa.GOV. 86400 IN A 170.160.100.10 ns2.bpa.GOV. 86400 IN AAAA 2620:137:401b:10db::10 ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option:
	Found child zone CRT2014-2024REVIEW.GOV

CRT2014-2024REVIEW.GOV

	Checking DS between GOV and CRT2014-2024REVIEW.GOV
	Query to d.gov-servers.net for CRT2014-2024REVIEW.GOV/DS
	Error querying d.gov-servers.net/2620:74:29:0:0:0:2:30 for CRT2014-2024REVIEW.GOV/DS: 'IPv6 transport disabled'
	Received 262 bytes from 81.19.194.30
	;; Answer received from 81.19.194.30 (262 bytes) ;; HEADER SECTION ;; id = 11705 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; qdcount = 1 ancount = 2 nscount = 0 arcount = 1 ;; do = 1 ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 1472 ;; option: ;; QUESTION SECTION (1 record) ;; CRT2014-2024REVIEW.GOV. IN DS ;; ANSWER SECTION (2 records) CRT2014-2024REVIEW.GOV. 3600 IN DS ( 27211 8 2 0ef7cea294656edf722d62f98a269d32ea0bff8cefa05a7d3a593b1936336a18 ) CRT2014-2024REVIEW.GOV. 3600 IN RRSIG ( DS 8 2 3600 20190627101007 20190620101007 43583 gov. zlgBPNFv90ZCIn+LEtDuXaijYNGraNOoq2Xe215lUBapEKsyFxZtM3IM4d0JDadGJRMD6QwQ0BqU RjtFHhrv2Nm8wbf9ROyu2Lws1lIGad7wjxFfDGSCxdiNWv4J2sMbvfNDx6F85/9VLmEiLeXm/7+R mGjzmDS/bJm2BdNg45s= ) ;; AUTHORITY SECTION (0 records) ;; ADDITIONAL SECTION (1 record) ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 1472 ;; option:
	Found 1 DS records for CRT2014-2024REVIEW.GOV in the GOV zone
	DS=27211/SHA-256 has algorithm RSASHA256
	Found 1 RRSIGs over DS RRset
	`CRT2014-2024REVIEW.GOV. 3600 IN RRSIG ( DS 8 2 3600 20190627101007 20190620101007 43583 gov. zlgBPNFv90ZCIn+LEtDuXaijYNGraNOoq2Xe215lUBapEKsyFxZtM3IM4d0JDadGJRMD6QwQ0BqU RjtFHhrv2Nm8wbf9ROyu2Lws1lIGad7wjxFfDGSCxdiNWv4J2sMbvfNDx6F85/9VLmEiLeXm/7+R mGjzmDS/bJm2BdNg45s= )`
	RRSIG=43583 and DNSKEY=43583 verifies the DS RRset
	DS=27211/SHA-256 is now in the chain-of-trust
	`CRT2014-2024REVIEW.GOV. 3600 IN DS ( 27211 8 2 0ef7cea294656edf722d62f98a269d32ea0bff8cefa05a7d3a593b1936336a18 )`
	Query to ns2.bpa.GOV for CRT2014-2024REVIEW.GOV/DNSKEY
	Error querying ns2.bpa.GOV/2620:137:401b:10db:0:0:0:10 for CRT2014-2024REVIEW.GOV/DNSKEY: 'IPv6 transport disabled'
	Received 1809 bytes from 170.160.100.10
	;; Answer received from 170.160.100.10 (1809 bytes) ;; HEADER SECTION ;; id = 33686 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; qdcount = 1 ancount = 6 nscount = 0 arcount = 1 ;; do = 1 ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option: ;; QUESTION SECTION (1 record) ;; CRT2014-2024REVIEW.GOV. IN DNSKEY ;; ANSWER SECTION (6 records) CRT2014-2024REVIEW.GOV. 86400 IN DNSKEY ( 257 3 8 AwEAAaYdR/o6IK83R4KVNYVziGJo1ceMshRP9zBTxCO0jXvBYBQ/feYiApYNUgtQ8DSjJDKdHRA3 7hvihBYjOB0+bzqkJk6JU/Y0ynX547AbWTNpMOeik/8v7CtuI84aHeADRljGBaVu62/qHj9JlObz zixNZZM33FjmxnC00isY01EJcOfqEz6jwj1RGc/kLNo2is/0RnQJC6sWfA9g6ERaPJ3xrT4fhSl1 aTfK6vIhgbR4ju491o39WR+gIfTwIvmgJ16zZw0BA8m8FtXdF6ozLCoB7OPIxa96hEboo5r14spR TXcL1teOt+azqmVeqBSWugXTmnmXXjIFDnBXSQZ22e8= ) ; Key ID = 27211 CRT2014-2024REVIEW.GOV. 86400 IN DNSKEY ( 256 3 8 AwEAAe+yiObPkfIOM5FiMnNXNUTGuujpnRwFzPV90W4UjHqUIKZTLCDD6SLwegr8czXI9Ru6mMTX W5lmoQwcD5mkEoDsTZsc3a4IByNovk47FfwGx8hnbikygF6oqUHw+eWaeJZtTdl9azP5LVPrHUkF hiEkuUBFLaiO1e4nf7gvrtsKmp8Xhc5DMj3R7Hv0XKUKIH6pP0GqyMguclprRMtTr2Q55ZYzQvTM YJ8t+F8joa8L2ewObDq/A6EJA+EwIetnd+Et9P7Vj7320UnhLvpilWwAVeuAGmBTOrtEjbB7DAQ3 AcKPWB9gl0Gr1HNzI5eo/QBX/C7Nr1iDg5JbhacQAqc= ) ; Key ID = 57963 CRT2014-2024REVIEW.GOV. 86400 IN DNSKEY ( 256 3 8 AwEAAfEhpZYHD1zf1RYqGM7LUg/ttIz6Mp70R7ORO66wUgPVl18ClLx1SjGSih39qst63auRXN1F +ri5bXzTX0OoA27gZnJCF0lPhI2GzgKDTvXl0Dy+Nn4T+FyWrwMBSas+XgUJ1JzNZcuNsgjCPcb8 ARk6YUMA2n6hB7U5egya4oZxZfdYXBHJpettRd7y2EDpqbcZaP1i2F/BELWh6ua/K/tGHCSEnaG4 L6ccMmR32qyITHNi1H7UvTDJAxKGPw8NLi4//EflwInSdxmTqPpFGQemfHVPQ/ZyzaWY0ZkgXAIw WOPc7mGKbJGJvkdSeCBFUkT+FrLy0KL6M6XAKtx8BYE= ) ; Key ID = 38328 CRT2014-2024REVIEW.GOV. 86400 IN RRSIG ( DNSKEY 8 2 86400 20190626222833 20190619222833 27211 crt2014-2024review.gov. BdyJJ2MGP6gTOf2glKET506sjajPn5UHyJJk/IQSPzRJurmR4rQqaZJpBViFKrBN4LxwHjZnfuAu GJe+22kZadHkRPdmhhiHOigHI4WinWXqiWtf2ANckNF0w7przDy2d1I4eMhxQo5n+w/YZooHkSax RygCv1UgO9MwpaEfQvwvf1XNyIOZY05Riph5dGKm/Rsx/lHHvbsYvnnwXmCtRkT3wUr9LsRpf4gD LlFQgAI8wniJtaM2/ONPas978deuJQPSfLIkTLAH0geJbhgPEiPjcjpErV4cDGMvaVhKKm4e7bu2 rqzHkT5UyB+ec4PCs1tdvrM/QNaHQylEGel2TA== ) CRT2014-2024REVIEW.GOV. 86400 IN RRSIG ( DNSKEY 8 2 86400 20190626222833 20190619222833 57963 crt2014-2024review.gov. aAIdV+tZapsPR6xvzT0MJrFwM36vfKZOY8r3YID1G+hLRxpGeWpzzIhNsCtP7L7OrMPzoOAdBzFl gv0XRxdtPwxrzNMzfRUeOsH71TBiKA81OWX4Rj9T/9VDJAnTy2GkK/LxHeMrwFcD44rcv0+1AxmR lliYVNLSKdHZ9AzEnPk8KwXnGeLQbthCFzh+djOOXN0PcWnlonhokjtNKO97Fh6ft7+aHCHHOP8a odgzqgUhIL7cFG5mQlopFTGyE+m1lcMtFajTvoM/qDLA5fiuEMkaAD5a4fBIGMknRG2Mc6CrGqdc yS7/s+TjYq+sv3Knurxqzrxr4Y8xJzJJ2jj8vg== ) CRT2014-2024REVIEW.GOV. 86400 IN RRSIG ( DNSKEY 8 2 86400 20190626222833 20190619222833 38328 crt2014-2024review.gov. m6zlxLf87oU1vjftzCmkcDWz/Auzy4BUtbpyZc2gl0JwLFRUZUIbD0tSCBABpDDgbDWt4gK7J58S 5gqo/3X4Lh8sw1BBB6TAShSrjM2UVfypu0l5paBVgaAp9MseMKUzZY/ki8Dfqus5UEMCqUDy+PMH GiEj1CESIg/Ur4FIY9ZQKEDgwVIMWafe93DqwHPWTeZMPaloLjQwuuozST1r/eIJV7Oknf3DHS7w mOkItKhZjrHv7M8QnwQsjNNSEPwS4Em3JPkGmPYjhMyFze1fwIDk1UeA/tXtTl5GpmpoahaozygW wkQsrkoM9eI0jem7NAwJmUnK2EVKzljOJVeeXw== ) ;; AUTHORITY SECTION (0 records) ;; ADDITIONAL SECTION (1 record) ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option:
	Found 3 DNSKEY records for CRT2014-2024REVIEW.GOV
	`CRT2014-2024REVIEW.GOV. 86400 IN DNSKEY ( 257 3 8 AwEAAaYdR/o6IK83R4KVNYVziGJo1ceMshRP9zBTxCO0jXvBYBQ/feYiApYNUgtQ8DSjJDKdHRA3 7hvihBYjOB0+bzqkJk6JU/Y0ynX547AbWTNpMOeik/8v7CtuI84aHeADRljGBaVu62/qHj9JlObz zixNZZM33FjmxnC00isY01EJcOfqEz6jwj1RGc/kLNo2is/0RnQJC6sWfA9g6ERaPJ3xrT4fhSl1 aTfK6vIhgbR4ju491o39WR+gIfTwIvmgJ16zZw0BA8m8FtXdF6ozLCoB7OPIxa96hEboo5r14spR TXcL1teOt+azqmVeqBSWugXTmnmXXjIFDnBXSQZ22e8= ) ; Key ID = 27211`
	`CRT2014-2024REVIEW.GOV. 86400 IN DNSKEY ( 256 3 8 AwEAAe+yiObPkfIOM5FiMnNXNUTGuujpnRwFzPV90W4UjHqUIKZTLCDD6SLwegr8czXI9Ru6mMTX W5lmoQwcD5mkEoDsTZsc3a4IByNovk47FfwGx8hnbikygF6oqUHw+eWaeJZtTdl9azP5LVPrHUkF hiEkuUBFLaiO1e4nf7gvrtsKmp8Xhc5DMj3R7Hv0XKUKIH6pP0GqyMguclprRMtTr2Q55ZYzQvTM YJ8t+F8joa8L2ewObDq/A6EJA+EwIetnd+Et9P7Vj7320UnhLvpilWwAVeuAGmBTOrtEjbB7DAQ3 AcKPWB9gl0Gr1HNzI5eo/QBX/C7Nr1iDg5JbhacQAqc= ) ; Key ID = 57963`
	`CRT2014-2024REVIEW.GOV. 86400 IN DNSKEY ( 256 3 8 AwEAAfEhpZYHD1zf1RYqGM7LUg/ttIz6Mp70R7ORO66wUgPVl18ClLx1SjGSih39qst63auRXN1F +ri5bXzTX0OoA27gZnJCF0lPhI2GzgKDTvXl0Dy+Nn4T+FyWrwMBSas+XgUJ1JzNZcuNsgjCPcb8 ARk6YUMA2n6hB7U5egya4oZxZfdYXBHJpettRd7y2EDpqbcZaP1i2F/BELWh6ua/K/tGHCSEnaG4 L6ccMmR32qyITHNi1H7UvTDJAxKGPw8NLi4//EflwInSdxmTqPpFGQemfHVPQ/ZyzaWY0ZkgXAIw WOPc7mGKbJGJvkdSeCBFUkT+FrLy0KL6M6XAKtx8BYE= ) ; Key ID = 38328`
	DNSKEY=27211/SEP is now in the chain-of-trust
	DS=27211/SHA-256 verifies DNSKEY=27211/SEP
	Found 3 RRSIGs over DNSKEY RRset
	`CRT2014-2024REVIEW.GOV. 86400 IN RRSIG ( DNSKEY 8 2 86400 20190626222833 20190619222833 27211 crt2014-2024review.gov. BdyJJ2MGP6gTOf2glKET506sjajPn5UHyJJk/IQSPzRJurmR4rQqaZJpBViFKrBN4LxwHjZnfuAu GJe+22kZadHkRPdmhhiHOigHI4WinWXqiWtf2ANckNF0w7przDy2d1I4eMhxQo5n+w/YZooHkSax RygCv1UgO9MwpaEfQvwvf1XNyIOZY05Riph5dGKm/Rsx/lHHvbsYvnnwXmCtRkT3wUr9LsRpf4gD LlFQgAI8wniJtaM2/ONPas978deuJQPSfLIkTLAH0geJbhgPEiPjcjpErV4cDGMvaVhKKm4e7bu2 rqzHkT5UyB+ec4PCs1tdvrM/QNaHQylEGel2TA== )`
	`CRT2014-2024REVIEW.GOV. 86400 IN RRSIG ( DNSKEY 8 2 86400 20190626222833 20190619222833 57963 crt2014-2024review.gov. aAIdV+tZapsPR6xvzT0MJrFwM36vfKZOY8r3YID1G+hLRxpGeWpzzIhNsCtP7L7OrMPzoOAdBzFl gv0XRxdtPwxrzNMzfRUeOsH71TBiKA81OWX4Rj9T/9VDJAnTy2GkK/LxHeMrwFcD44rcv0+1AxmR lliYVNLSKdHZ9AzEnPk8KwXnGeLQbthCFzh+djOOXN0PcWnlonhokjtNKO97Fh6ft7+aHCHHOP8a odgzqgUhIL7cFG5mQlopFTGyE+m1lcMtFajTvoM/qDLA5fiuEMkaAD5a4fBIGMknRG2Mc6CrGqdc yS7/s+TjYq+sv3Knurxqzrxr4Y8xJzJJ2jj8vg== )`
	`CRT2014-2024REVIEW.GOV. 86400 IN RRSIG ( DNSKEY 8 2 86400 20190626222833 20190619222833 38328 crt2014-2024review.gov. m6zlxLf87oU1vjftzCmkcDWz/Auzy4BUtbpyZc2gl0JwLFRUZUIbD0tSCBABpDDgbDWt4gK7J58S 5gqo/3X4Lh8sw1BBB6TAShSrjM2UVfypu0l5paBVgaAp9MseMKUzZY/ki8Dfqus5UEMCqUDy+PMH GiEj1CESIg/Ur4FIY9ZQKEDgwVIMWafe93DqwHPWTeZMPaloLjQwuuozST1r/eIJV7Oknf3DHS7w mOkItKhZjrHv7M8QnwQsjNNSEPwS4Em3JPkGmPYjhMyFze1fwIDk1UeA/tXtTl5GpmpoahaozygW wkQsrkoM9eI0jem7NAwJmUnK2EVKzljOJVeeXw== )`
	RRSIG=27211 and DNSKEY=27211/SEP verifies the DNSKEY RRset
	RRSIG=57963 and DNSKEY=57963 verifies the DNSKEY RRset
	RRSIG=38328 and DNSKEY=38328 verifies the DNSKEY RRset
	DNSKEY=57963 is now in the chain-of-trust
	DNSKEY=38328 is now in the chain-of-trust
	Query to ns1.bpa.GOV for CRT2014-2024REVIEW.GOV/A
	Received 1347 bytes from 170.160.36.10
	;; Answer received from 170.160.36.10 (1347 bytes) ;; HEADER SECTION ;; id = 33336 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; qdcount = 1 ancount = 3 nscount = 4 arcount = 1 ;; do = 1 ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option: ;; QUESTION SECTION (1 record) ;; CRT2014-2024REVIEW.GOV. IN A ;; ANSWER SECTION (3 records) CRT2014-2024REVIEW.GOV. 1800 IN A 170.160.42.18 CRT2014-2024REVIEW.GOV. 1800 IN RRSIG ( A 8 2 1800 20190625235408 20190618235408 57963 crt2014-2024review.gov. WMnpfroWSTVIYL9xeJ4tRers7HWC4lz9wEcolI0fUuiWBKzb3P1CtkPoscxswwMp++52IzFybdel wl1raeEQCPGJMWB+84a2VURTQ8CV++PWTJ5K5YAg4b0zDk3unC/IjTLTWrmaBb0xU7+OH976Devj JnVCeKgJwRTv/Jie9YdzcPykk1i32csTOAvYAWBhcVAEU7NC0Aps/OeRzcHhfcF4aXhJ2Xi65nCo Vwsxo1LN5oI75cNU0pwm5jtJ5bv560tcLd1/R2xtWwMiO59St2Yv2caPykXSodag/36pIJ+OUKYC GbB9yQFE/64Ltw22m0f6esiJ0WDr+mZheGmBqQ== ) CRT2014-2024REVIEW.GOV. 1800 IN RRSIG ( A 8 2 1800 20190626224329 20190619224329 38328 crt2014-2024review.gov. yd1301hgseaA9Xv4uXngTrb2bOx8keZmcWbNifjsOzB4qSa8ybRzaZgfwtqrwDeHBO6x49UTpPBM U8lI8VdRmZqg/jdjRbjGuLCjyCNZUDIpIoO7kj1+hTyGiN7rxMrA0Z/1FO3GyWvLN4k6VNxY63SN 01dqrIhQzUV/++zSbUQiIOr1ne+glTM08IWxB4aV5lyPbzvAFfDTedyujWTewklsUkeuMHkRIKfu cyP+q6oeEdn2qVKsscLsqc+RkSM0bmMh3sHJfdXcDQclim+FJ/PJg96n3VdTUggi8wkLyuuMPI3n /v28yiRejc5U9hO4riUOKS4vHkzcQ9svBPsUsA== ) ;; AUTHORITY SECTION (4 records) CRT2014-2024REVIEW.GOV. 86400 IN NS ns1.bpa.GOV. CRT2014-2024REVIEW.GOV. 86400 IN NS ns2.bpa.GOV. CRT2014-2024REVIEW.GOV. 86400 IN RRSIG ( NS 8 2 86400 20190625235408 20190618235408 57963 crt2014-2024review.gov. HMxEfDxoxZxUSaYRLWsOx1TjR+W4a7eGYh1diqUFqeFQMhFhrxBw6W7rl1YKOr+Rrs6CcwnSBWVd ndht6KsV3C8Dfgoji5f/ZdUsQiiRbMSmcOVL1xOxVtL6WNW5pWru7v1C+1I3Rfj8H5wpOcjQt/6k pq4RXzyexxjki5gJa3Apk8L7Y/4MuU3H9LnD/17tZ/jZCy4xEghnGFAcMyIxunI/34x5k/p8owg8 dmQCB9x098yZXK60CS/AVVV4tzq6Z2OhT0x9EogkfZrLh3LoReMjfGdBYezqaV231zxMDmADDVqa djLS6mlUjC7mwgLcZhi7Bc/OGwF72PcOZ6qHEg== ) CRT2014-2024REVIEW.GOV. 86400 IN RRSIG ( NS 8 2 86400 20190626224329 20190619224329 38328 crt2014-2024review.gov. Atj18u6jRbl1EQj8CbCAJlOX5VeFiO6mk8Yyo/XQIZxZHpEOwOcLRfqBLA5o6kKf3nfDsuzqK1F2 61W2s+L5fEIVdbzdq4SJ3EAdp1VuTT/6R7EMjoZxROiUnLTZZlZecepN4+038VtmXa5ydGbu51Ep 5joe0IpWdZ5HaSuKYQlM9KAS4mUILWDwx+W1bhYgcXSJgLiXMAVa0envKhcGOXKcE7BntyW3ysE3 AgoSekbksJsW+xSceGdw6K1uhkF07y8wtBx3QX/k8am5s+anJOResPl2q9Hvdl4kGqEn2MDPP7xr vmi7HE39+BQXtSyzpB4GoRV+ZEKeFaJUIF4l1A== ) ;; ADDITIONAL SECTION (1 record) ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option:
	CRT2014-2024REVIEW.GOV is authoritative for CRT2014-2024REVIEW.GOV
	Found RRSIG signed by crt2014-2024review.gov zone
	Query to ns2.bpa.GOV for CRT2014-2024REVIEW.GOV/SOA
	Received 1378 bytes from 170.160.100.10
	;; Answer received from 170.160.100.10 (1378 bytes) ;; HEADER SECTION ;; id = 34496 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; qdcount = 1 ancount = 3 nscount = 4 arcount = 1 ;; do = 1 ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option: ;; QUESTION SECTION (1 record) ;; CRT2014-2024REVIEW.GOV. IN SOA ;; ANSWER SECTION (3 records) CRT2014-2024REVIEW.GOV. 43200 IN SOA ( ns1.bpa.GOV. hostmaster.bpa.GOV. 2018092102 ;serial 43200 ;refresh 3600 ;retry 1209600 ;expire 3600 ;minimum ) CRT2014-2024REVIEW.GOV. 43200 IN RRSIG ( SOA 8 2 43200 20190627055002 20190620055002 57963 crt2014-2024review.gov. yClLtzv7eMslhgIi4qI081qWKxFAE2Zw+CoHMWjGqOlYQTj+qQwqo2qCLvvqz8BTd1wh9g7mGoX/ KP4bD+71S3kds+uPiR9zcnAceI4aWGO9EA/uCI9crliy1AZJqRraGX4RfMMIJQ/NpqUCLmBi2MMs Uh2YKX5B7TwDMFqFGcBYh+3x82tGHxgXIJk7D3Rahl4ScOrjNjrvihvCgrePZIv4XpVA8cdd64FO 8F2ZdcvaJf3bAzFwdbqxb7NSTAwOAXB9zsagSiAyeO4mAmFYvM7Hypm/duyvJfehDtsUOp0u4yev FxmObSVG9XGuM4ATcb40KUXCb7ujODYZi6Bz7g== ) CRT2014-2024REVIEW.GOV. 43200 IN RRSIG ( SOA 8 2 43200 20190627055002 20190620055002 38328 crt2014-2024review.gov. BFrsQCZuo2m8fMlhmmEPNxmi0WlTVh5Q1ClyOuumGt+Xsf1f9HOKP01BqZfg7XYPH5WSResnMLV5 xGdDEk4BqnBA6vZL5OP+o0LBbrNYYT115czJgzo7pwuGjkUYE3eH1FL0FADDlQ7a1ZwQGoiDEPKE i+pqBfOwHg3x96pWWIyPoAh+2Iyaw6WfEcge+EOjivROgdGrQWaXQVWOFYX96QJmdMbLlTcSourG z+KuQVo4R9pq8rNwma2qxVL0nvlXtlue/7inKmC98Qhw5/4HKWVKrbewyyEdB4XnT+VnJRuEbzzs TTndY9zhZ7trYOaxEr2Z9FxNJOsk9amNBakFXQ== ) ;; AUTHORITY SECTION (4 records) CRT2014-2024REVIEW.GOV. 86400 IN NS ns2.bpa.GOV. CRT2014-2024REVIEW.GOV. 86400 IN NS ns1.bpa.GOV. CRT2014-2024REVIEW.GOV. 86400 IN RRSIG ( NS 8 2 86400 20190625231411 20190618231411 57963 crt2014-2024review.gov. 5QYFZIQLXYLpEb1yxmYkCyO77xGvpzeHrIVNizVFtWmO5JQ8i+IMmvcr31GcnhxfUPIJN4Qj0b4w 40/+oz50t1YvHnPdb4nWVbqHjir8egPICnxEihZbAWMQXPUqyHdvdzrHLx531QGkUrb6oyZabgla qgf4I/ZaTebNWBqlwsv3QjYdQBM2qSlyZQezcA+B7lmBKjcnMnLdjeY5dVA2lloa+wJh7HOSQ1iN l4Jhrn6JJSHPXjC/cbKBVqCC4HrUvvEj0TX0dd5ahzOR7mrOPP9J701A1r/SIRX+4GpYXQBjJL33 j20mZiUGh44lipw6I/d8eR136irs66/gAfCijg== ) CRT2014-2024REVIEW.GOV. 86400 IN RRSIG ( NS 8 2 86400 20190626225001 20190619225001 38328 crt2014-2024review.gov. HWnb0vJjwnZNJBq/jYxtNQsSwL+zTgeJvND8d3ttTGr52lEFQjY4dx5MczA+q86t5uHZ613tH48A T+8u4BwGwYQ1tOGuXego4PRQNYldCh+ME2+znYQZ401zBOWxrZwvyn7sNV3KK/NuuLmCBk/mlJyo b1zPqCUqSGJZOrP+V3fvFdEX1TYXo7WptoFDlGXp2z4Q8kSzkKIFTu4HbOc/9ATVgR0wxjUlRTl4 XEFNt8HZjKZ9Hc/3YVkpKmkJC+HaMwcCrpTeATpuWJgQxEZyR3lHBODrj8QDp+KOxa64KIF2GYAZ 3386xUDotDR+VpiuGvOQtDcjRRaemKxcVOiU1A== ) ;; ADDITIONAL SECTION (1 record) ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option:
	Query to ns1.bpa.GOV for CRT2014-2024REVIEW.GOV/SOA
	Received 1378 bytes from 170.160.36.10
	;; Answer received from 170.160.36.10 (1378 bytes) ;; HEADER SECTION ;; id = 59251 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; qdcount = 1 ancount = 3 nscount = 4 arcount = 1 ;; do = 1 ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option: ;; QUESTION SECTION (1 record) ;; CRT2014-2024REVIEW.GOV. IN SOA ;; ANSWER SECTION (3 records) CRT2014-2024REVIEW.GOV. 43200 IN SOA ( ns1.bpa.GOV. hostmaster.bpa.GOV. 2018092102 ;serial 43200 ;refresh 3600 ;retry 1209600 ;expire 3600 ;minimum ) CRT2014-2024REVIEW.GOV. 43200 IN RRSIG ( SOA 8 2 43200 20190627053534 20190620053534 57963 crt2014-2024review.gov. kArFYEc5NEa1SUoSZak3ZEeHSaoNKJOarlLJOnO0HZK7oUqOKKOG57QyhFLFunJC3MWMMIEfnCmD U2son4ye3sbLctdbc6CWJhhTXsfGW5ayhypQF2DJ57wwWDbZnqhBL9ZVvkqEUJCo62DqVlRhvLst KvsE0LApbVOi93yZfWZ9m/AXOYe9K4LmgHUxNQYeEW/HK3g7fr1zXU4dxDhiB9Ci9qu+RoHYc4FO 86LvSNn8mqvOLKDFxDime1TA4Icf4O9zGboPpp/D/x2RvKyx4YnMdFKER7w/NbPmTDpuHZAr9kdS cbbSQgJOqLCoGNjGGetUTZQhiusxct4eKPV12w== ) CRT2014-2024REVIEW.GOV. 43200 IN RRSIG ( SOA 8 2 43200 20190627053534 20190620053534 38328 crt2014-2024review.gov. BkiXlRozvsdXLY5ph5A+8JNPCG6JrRJPLKxh8E87lvSGp0bKmcg1gqP4Pkm7iobZH93Av79nUX4T FqZKru4K1JRRgaw71ETtR6dA1l6cETQFFfsqSzs12Q5o0UWoxDgqkWrN0uF7mK5SJ6wXVFa+z/Yj 07dd6PSJo7sXkT2r4Z5MDjHuXmgu6xEyCWe1ik5xile/AUHP4PiWGnfXF4KkPoVQ+sykdfL4BEB3 QOy26ScZ7tt4XtSNmFg4KRBTIKN2BC/+POy/79aLoKxAKbeqAo+8oadZ0N24MvAHoRQKJoi0NqFS CMYcKUGm3I4UXWaqhd+PexnG1DkegjR3GqKAsQ== ) ;; AUTHORITY SECTION (4 records) CRT2014-2024REVIEW.GOV. 86400 IN NS ns1.bpa.GOV. CRT2014-2024REVIEW.GOV. 86400 IN NS ns2.bpa.GOV. CRT2014-2024REVIEW.GOV. 86400 IN RRSIG ( NS 8 2 86400 20190625231005 20190618231005 57963 crt2014-2024review.gov. fz+pSISHUk3VM8eaZZh1flNW449FX8dGEZ+rrtB9VR4R4eEiZ9th4mOVvikP2VRLu4ZLSYVr52ED 4ZWm4ZBQvMQox8R5bsDgFZU01QWeJoIsWs/52f5Y/LRpn1HVYKSLNu4uMR4quL740smSTUU/+efW Nea1GfJMOBDQ+BSK+vBRSI0KBVBe42W93Ys9pCxb4dteOs3AOEfh9nIUWigpTsSN4f5FBfq0kYeT 3seiEYKmglyfe1/CTHPGWrn54cYRhPuZ+qe4R7B0F3X+DDx3sRQIUErQ3exbRExyNGSr3lb0cqZU 9tkwhlXlUFxlP17yXLchyvGins4kxuNlwqQd4g== ) CRT2014-2024REVIEW.GOV. 86400 IN RRSIG ( NS 8 2 86400 20190626222956 20190619222956 38328 crt2014-2024review.gov. pPVzErYq1WkjXImCEqyXNHnpU3n2G0mo4Pp7MwIwrGOt6o3XwgSz+5ukp1vrFxmUVJa7Y2EKKoOi rkEYUHts5RNvfOJhENcmZ9ZCmMAX0CxrmTl/h/no1Ee7iYqwzobMN16Q/0lRb4XQO94bM8l/Hf9n qnHbYF5GrXCMmOjQ1GCSTK6fmYzX3YM0N+ZXoYCzZBu2I66yaZZ85TTA4riga6g9FbQekl4NyeQt cKqilD4X+pIBvIDQPfBkG0O3zrQP3S5yB1kRQ1/MtK3rILNaOB3Cti7bztHizpu3F5Bhdk35odbi bBkB3ijR5IC7PTL1CdMadzK0nh5gp+bspKOtzg== ) ;; ADDITIONAL SECTION (1 record) ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option:
	Query to ns1.bpa.GOV for CRT2014-2024REVIEW.GOV/A
	Received 1347 bytes from 170.160.36.10
	;; Answer received from 170.160.36.10 (1347 bytes) ;; HEADER SECTION ;; id = 13284 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; qdcount = 1 ancount = 3 nscount = 4 arcount = 1 ;; do = 1 ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option: ;; QUESTION SECTION (1 record) ;; CRT2014-2024REVIEW.GOV. IN A ;; ANSWER SECTION (3 records) CRT2014-2024REVIEW.GOV. 1800 IN A 170.160.42.18 CRT2014-2024REVIEW.GOV. 1800 IN RRSIG ( A 8 2 1800 20190626012952 20190619012952 57963 crt2014-2024review.gov. MZgLd7i+kbc9IgUr/Ik7Fatj9YuQIpqHCQmh5A2udNjy3mGyyTBAEPeqnf7utmZJuUAqkmEJC749 sKLZ0pRHmw11YBlygzXZIcPjF7Et3sMYM3i3p8znwX3189Q+d1beF9jPBRQ43VDbDnUbLSHphwtW WR0lOSwbbgyMUIHX6T2Wf4bsHa4x3udJ2gFIQ8dD373zGYpeZsjBXx5hvzsCk+ln2kpgIptMLyym IQjAnQQ3lHGDlYHsSOH6IvksreEOzaSajTS5ADA2SR2aIcrVt/YUtsDuID9osjt4Ue6suajzFPXA nX1/z0u9T6pto4NGxpxNrQZ/ViLZE437FJcxlw== ) CRT2014-2024REVIEW.GOV. 1800 IN RRSIG ( A 8 2 1800 20190626222957 20190619222957 38328 crt2014-2024review.gov. iL6HzKc9sT2tNwt22Vetnctn7iYN1mSpu+pZaCm7ie1AdAiypBrjtxYGlHmKNMAJB5tzF8pPQSm/ PjvkKn+HlivRB45qg9WT9iRzqg0iJo66jaSCqM+zEcD6oSaLZxjcYgWfmyQXc8AihTjKOX+TNH9A sD6gqau6Fm0W3+zxgzafMYDmxm54NeSCrO0SsBUn3tb4GrEskZr6+fz2SE6KyGG4DeKt/MOvPcvw 69SUi5zh1Sv2FRAGmY92Gene8mXVAc1w9V4dLCqBOLwG9ExmBGF+HiLdNISRRE5aE5yTeVK3k+m4 70o1MecMYZYQsxaRrG15RsrZ/PbwPdCR6gpYoA== ) ;; AUTHORITY SECTION (4 records) CRT2014-2024REVIEW.GOV. 86400 IN NS ns1.bpa.GOV. CRT2014-2024REVIEW.GOV. 86400 IN NS ns2.bpa.GOV. CRT2014-2024REVIEW.GOV. 86400 IN RRSIG ( NS 8 2 86400 20190626000202 20190619000202 57963 crt2014-2024review.gov. G+dp2ByNMKEih2ga1KYRUyQRu0yBXSOIYcAKg9tfZw0YR63gM+THvOT6Qd0oL0m/4ZAyDKdErPjW BbhHzzcIOB86q5Oh3wkd6gse4SnnFVRzQWHGkvOdP98Rji+Wa7wtfCYvC6KJyNcN1c4PHefiobu+ axuZUZ9tCqZgL8R2SSScJwz9wFlXcy88Tb3pYVbVzw4okkgaFfkNuzuFaB3OYm6DW/4hGwtQyCxA ya6+ecbP0NkfAwq+SBJ/6mGRd+dLRVb2lIIbsQoYqnTgFt8nYBH1nuSmF78V7Oedx/dWLNvpkxiA Fxo/T+l6SqcEgIzX564XFOkjZ0Aijeb0LXQ0gQ== ) CRT2014-2024REVIEW.GOV. 86400 IN RRSIG ( NS 8 2 86400 20190626222957 20190619222957 38328 crt2014-2024review.gov. 5HRaE7L9o0z6zAxS1EjTHXtjhd3fUEchbK86KWmaAQ9j2T2l3DvmRgg1Pt9oKPNnNi99VA75q6vF aPIn0HoLtLrrbCyv7DBdwNu1AJGe1214fmoyiTCTHOa8YARJR7QUoiCMDSwUTzv2mgkT+TjpDo3L YGyNK9U+qMHWucNeiR0+AQSup0c9NwEJHT+LcO35uy/zm6MxfUthASTbHT1ajqv9CZHnPG1gYmwO 8qg84ZJkmFGMCmFF8v7kVjSdK/dsT0TOH94rUWByrac1ceIxfPIWreYudzWZsGkSkFpQBy9uKf5k e6em/pKyZfoGnFkLUaQsSXaFyU9mq0DRqCI3LQ== ) ;; ADDITIONAL SECTION (1 record) ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option:
	CRT2014-2024REVIEW.GOV A RR has value 170.160.42.18
	Found 2 RRSIGs over A RRset
	`CRT2014-2024REVIEW.GOV. 1800 IN RRSIG ( A 8 2 1800 20190626012952 20190619012952 57963 crt2014-2024review.gov. MZgLd7i+kbc9IgUr/Ik7Fatj9YuQIpqHCQmh5A2udNjy3mGyyTBAEPeqnf7utmZJuUAqkmEJC749 sKLZ0pRHmw11YBlygzXZIcPjF7Et3sMYM3i3p8znwX3189Q+d1beF9jPBRQ43VDbDnUbLSHphwtW WR0lOSwbbgyMUIHX6T2Wf4bsHa4x3udJ2gFIQ8dD373zGYpeZsjBXx5hvzsCk+ln2kpgIptMLyym IQjAnQQ3lHGDlYHsSOH6IvksreEOzaSajTS5ADA2SR2aIcrVt/YUtsDuID9osjt4Ue6suajzFPXA nX1/z0u9T6pto4NGxpxNrQZ/ViLZE437FJcxlw== )`
	`CRT2014-2024REVIEW.GOV. 1800 IN RRSIG ( A 8 2 1800 20190626222957 20190619222957 38328 crt2014-2024review.gov. iL6HzKc9sT2tNwt22Vetnctn7iYN1mSpu+pZaCm7ie1AdAiypBrjtxYGlHmKNMAJB5tzF8pPQSm/ PjvkKn+HlivRB45qg9WT9iRzqg0iJo66jaSCqM+zEcD6oSaLZxjcYgWfmyQXc8AihTjKOX+TNH9A sD6gqau6Fm0W3+zxgzafMYDmxm54NeSCrO0SsBUn3tb4GrEskZr6+fz2SE6KyGG4DeKt/MOvPcvw 69SUi5zh1Sv2FRAGmY92Gene8mXVAc1w9V4dLCqBOLwG9ExmBGF+HiLdNISRRE5aE5yTeVK3k+m4 70o1MecMYZYQsxaRrG15RsrZ/PbwPdCR6gpYoA== )`
	RRSIG=57963 and DNSKEY=57963 verifies the A RRset
	RRSIG=38328 and DNSKEY=38328 verifies the A RRset

Move your mouse over any or symbols for remediation hints.

Want a second opinion? Test CRT2014-2024REVIEW.GOV at dnsviz.net.

DNSSEC Analyzer

↓ Advanced options ↑ Advanced options

Trust Anchor:
Name Servers: