DNSSEC Debugger - HEALTHINDICATORS.GOV

Domain Name:

Time: 2025-09-14 08:24:45 UTC

Analyzing DNSSEC problems for HEALTHINDICATORS.GOV

DS=20326/SHA-256 is now in the chain-of-trust

	Checking DS between Trust Anchor and .
	`. IN DS ( 20326 8 2 e06d44b80b8f1d39a95c0b0d7c65d08458e880409bbc683457104237c7f8ec8d )`
	Query to e.root-servers.net for ./DNSKEY
	Received 1414 bytes from 192.203.230.10
	;; Response received from [192.203.230.10] 1414 octets ;; HEADER SECTION ;; id = 17438 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; do = 1 co = 0 ;; qdcount = 1 ancount = 5 ;; nscount = 0 arcount = 1 ;; { "EDNS-VERSION": 0, ;; "FLAGS": "8000", ;; "RCODE": 0, ;; "UDPSIZE": 65535, ;; "OPTIONS": [ ] ;; } ;; QUESTION SECTION (1 record) ;; . IN DNSKEY ;; ANSWER SECTION (5 records) . 172800 IN DNSKEY ( 257 3 8 AwEAAaz/tAm8yTn4Mfeh5eyI96WSVexTBAvkMgJzkKTOiW1vkIbzxeF3+/4RgWOq7HrxRixHlFlE xOLAJr5emLvN7SWXgnLh4+B5xQlNVz8Og8kvArMtNROxVQuCaSnIDdD5LKyWbRd2n9WGe2R8PzgC mr3EgVLrjyBxWezF0jLHwVN8efS3rCj/EWgvIWgb9tarpVUDK/b58Da+sqqls3eNbuv7pr+eoZG+ SrDK6nWeL3c6H5Apxz7LjVc1uTIdsIXxuOLYA4/ilBmSVIzuDWfdRUfhHdY6+cn8HFRm+2hM8AnX GXws9555KrUB5qihylGa8subX2Nn6UwNR1AkUTV74bU= ) ; keytag 20326 . 172800 IN DNSKEY ( 257 3 8 AwEAAa96jeuknZlaeSrvyAJj6ZHv28hhOKkx3rLGXVaC6rXTsDc449/cidltpkyGwCJNnOAlFNKF 2jBosZBU5eeHspaQWOmOElZsjICMQMC3aeHbGiShvZsx4wMYSjH8e7Vrhbu6irwCzVBApESjbUdp WWmEnhathWu1jo+siFUiRAAxm9qyJNg/wOZqqzL/dL/q8PkcRU5oUKEpUge71M3ej2/7CPqpdVwu MoTvoB+ZOT4YeGyxMvHmbrxlFzGOHOijtzN+u1TQNatX2XBuzZNQ1K+s2CXkPIZo7s6JgZyvaBev YtxPvYLw4z9mR7K2vaF18UYH9Z9GNUUeayffKC73PYc= ) ; keytag 38696 . 172800 IN DNSKEY ( 256 3 8 AwEAAbEbGCpGTDrcZTWqWWE72nphyshpRcILdzCVlBGU9Ln1Fui9kkseUOP+g5GLUeVFKdTloeRT A9+EYiQdXgWXmXmuW/nGxZjAikluF/O9NzLVrr5iZnth2xu+F48nrJlAgWWiMNau54NI5sZ3iVQf hFsq2pZmf43RauRPniYMShOLO7EBWWXr5glDSgZGS9fSm6xHwwF+g8D4m8oanjvdCBNxXzSEKS31 ibxjLifTfvwCg3y4XXcNW9U6Nu3JmoKUdxqpPPIkBvVQbIz4UO2FwaR13uXC03ALP1Yx2QNSS4SZ lcIMtAftQR9wtCiuPWQnFv4jkzWqlhp1Lmf7bcoL9yk= ) ; keytag 53148 . 172800 IN DNSKEY ( 256 3 8 AwEAAbauxLSFZ+KSWi2cT6TJbm3d+GIVqb2N1XnDjMsRme0b6JlGp/cvwmM5CaJ5LQ7tG1r7LuTH jYZadtbNk2nZmclq9r4KInS48ungoAZb0gJXVw8IvBTBb1YWQmiBqD285pJuORwTii7DF++nNJJk 3i55HJt9SmBI7m7t8nvx7OOY/w0inxg3fLH2uY0SKO8he4FGwMc4Ubiab8N8Yhyhh+FkKKdD/+oA cuGF75PjlSXO460B4MlNLlEcjDEzIsKauRYx4YVgSaNomGhMMFblmXRzgW+1R6ywvm5mC9+omlyy izZp2GJfPwGMezuKSGDndO6CYYEc5/lsRhvBYsGjdPM= ) ; keytag 46441 . 172800 IN RRSIG ( DNSKEY 8 0 172800 20250930000000 20250909000000 20326 . aqj52+DKW6PhTa31l3xyxa0lbMd8T/UyK1sNUC42EY1+cSp0hSC0VlW82RsWYU5G5NmewrInT/Sx glWFlFz94yVqiKAK7ZNQr94nRbA7okrrlfnloiBi3cQ1IvEUgvNcmlZMLTeA6rINvdcBwS7ljMOH m0vQDce9IOxhQT7iAu23oiNORw5nWG/npNkYRFDD4yQvD3HsNeXFTuyDuc57ZEjs/pnIG5nkcqx7 tp/ba3XbOGllDr/V/0ubak7OeWum1eckIljqUsx5BnfBfIA7rJ2JJBIT7JMJ/O/cflTKoJFHQoKG TVYrNVBq9vsnZ01Q4ss688IvI8vO3zkP6LQLEA== ) ;; AUTHORITY SECTION (0 records) ;; ADDITIONAL SECTION (1 record) ;; { "EDNS-VERSION": 0 }
	Found 4 DNSKEY records for .
	`. 172800 IN DNSKEY ( 257 3 8 AwEAAaz/tAm8yTn4Mfeh5eyI96WSVexTBAvkMgJzkKTOiW1vkIbzxeF3+/4RgWOq7HrxRixHlFlE xOLAJr5emLvN7SWXgnLh4+B5xQlNVz8Og8kvArMtNROxVQuCaSnIDdD5LKyWbRd2n9WGe2R8PzgC mr3EgVLrjyBxWezF0jLHwVN8efS3rCj/EWgvIWgb9tarpVUDK/b58Da+sqqls3eNbuv7pr+eoZG+ SrDK6nWeL3c6H5Apxz7LjVc1uTIdsIXxuOLYA4/ilBmSVIzuDWfdRUfhHdY6+cn8HFRm+2hM8AnX GXws9555KrUB5qihylGa8subX2Nn6UwNR1AkUTV74bU= ) ; keytag 20326`
	`. 172800 IN DNSKEY ( 257 3 8 AwEAAa96jeuknZlaeSrvyAJj6ZHv28hhOKkx3rLGXVaC6rXTsDc449/cidltpkyGwCJNnOAlFNKF 2jBosZBU5eeHspaQWOmOElZsjICMQMC3aeHbGiShvZsx4wMYSjH8e7Vrhbu6irwCzVBApESjbUdp WWmEnhathWu1jo+siFUiRAAxm9qyJNg/wOZqqzL/dL/q8PkcRU5oUKEpUge71M3ej2/7CPqpdVwu MoTvoB+ZOT4YeGyxMvHmbrxlFzGOHOijtzN+u1TQNatX2XBuzZNQ1K+s2CXkPIZo7s6JgZyvaBev YtxPvYLw4z9mR7K2vaF18UYH9Z9GNUUeayffKC73PYc= ) ; keytag 38696`
	`. 172800 IN DNSKEY ( 256 3 8 AwEAAbEbGCpGTDrcZTWqWWE72nphyshpRcILdzCVlBGU9Ln1Fui9kkseUOP+g5GLUeVFKdTloeRT A9+EYiQdXgWXmXmuW/nGxZjAikluF/O9NzLVrr5iZnth2xu+F48nrJlAgWWiMNau54NI5sZ3iVQf hFsq2pZmf43RauRPniYMShOLO7EBWWXr5glDSgZGS9fSm6xHwwF+g8D4m8oanjvdCBNxXzSEKS31 ibxjLifTfvwCg3y4XXcNW9U6Nu3JmoKUdxqpPPIkBvVQbIz4UO2FwaR13uXC03ALP1Yx2QNSS4SZ lcIMtAftQR9wtCiuPWQnFv4jkzWqlhp1Lmf7bcoL9yk= ) ; keytag 53148`
	`. 172800 IN DNSKEY ( 256 3 8 AwEAAbauxLSFZ+KSWi2cT6TJbm3d+GIVqb2N1XnDjMsRme0b6JlGp/cvwmM5CaJ5LQ7tG1r7LuTH jYZadtbNk2nZmclq9r4KInS48ungoAZb0gJXVw8IvBTBb1YWQmiBqD285pJuORwTii7DF++nNJJk 3i55HJt9SmBI7m7t8nvx7OOY/w0inxg3fLH2uY0SKO8he4FGwMc4Ubiab8N8Yhyhh+FkKKdD/+oA cuGF75PjlSXO460B4MlNLlEcjDEzIsKauRYx4YVgSaNomGhMMFblmXRzgW+1R6ywvm5mC9+omlyy izZp2GJfPwGMezuKSGDndO6CYYEc5/lsRhvBYsGjdPM= ) ; keytag 46441`
	DNSKEY=20326/SEP is now in the chain-of-trust
	DS=20326/SHA-256 verifies DNSKEY=20326/SEP
	Found 1 RRSIGs over DNSKEY RRset
	`. 172800 IN RRSIG ( DNSKEY 8 0 172800 20250930000000 20250909000000 20326 . aqj52+DKW6PhTa31l3xyxa0lbMd8T/UyK1sNUC42EY1+cSp0hSC0VlW82RsWYU5G5NmewrInT/Sx glWFlFz94yVqiKAK7ZNQr94nRbA7okrrlfnloiBi3cQ1IvEUgvNcmlZMLTeA6rINvdcBwS7ljMOH m0vQDce9IOxhQT7iAu23oiNORw5nWG/npNkYRFDD4yQvD3HsNeXFTuyDuc57ZEjs/pnIG5nkcqx7 tp/ba3XbOGllDr/V/0ubak7OeWum1eckIljqUsx5BnfBfIA7rJ2JJBIT7JMJ/O/cflTKoJFHQoKG TVYrNVBq9vsnZ01Q4ss688IvI8vO3zkP6LQLEA== )`
	RRSIG=20326 and DNSKEY=20326/SEP verifies the DNSKEY RRset
	DNSKEY=38696/SEP is now in the chain-of-trust
	DNSKEY=53148 is now in the chain-of-trust
	DNSKEY=46441 is now in the chain-of-trust
	Query to j.root-servers.net for HEALTHINDICATORS.GOV/A
	Received 627 bytes from 192.58.128.30
	;; Response received from [192.58.128.30] 627 octets ;; HEADER SECTION ;; id = 10479 ;; qr = 1 aa = 0 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; do = 1 co = 0 ;; qdcount = 1 ancount = 0 ;; nscount = 6 arcount = 9 ;; { "EDNS-VERSION": 0, ;; "FLAGS": "8000", ;; "RCODE": 0, ;; "UDPSIZE": 1472, ;; "OPTIONS": [ ] ;; } ;; QUESTION SECTION (1 record) ;; HEALTHINDICATORS.GOV. IN A ;; ANSWER SECTION (0 records) ;; AUTHORITY SECTION (6 records) GOV. 172800 IN NS a.ns.GOV. GOV. 172800 IN NS b.ns.GOV. GOV. 172800 IN NS c.ns.GOV. GOV. 172800 IN NS d.ns.GOV. GOV. 86400 IN DS ( 2536 13 2 0baf26b7bbf313a859046fd3b1ee49ddfba33934cfb3e717c21e2a2935c2f259 ) GOV. 86400 IN RRSIG ( DS 8 1 86400 20250927050000 20250914040000 46441 . Sms240JYvUoBg0sa6m9VIUj9Dj2W81rOWvGAd8YfC8xT48FIvcCYtrPF9I8bBOwy20UTZcG+RYTT R7SARlkK2XjLfG5DaA8MbPyJj9WgwGYT2Kg4iSHxz4x7b0tLopsLLVp1vABMZ7EliqTdH/H0lTE1 RjC1kUJDjGDRBwTHjHhMJvq3rRhvRFOb0c5+Uft1IUG47eDPwuGWe3yHCNj7BfxvQAU6mpAE44An BkdjGa9GxIbQZlDj2Q8Mgwq5FtSPdC+28uYoTR1wTxbjUY4YqGXL1m6Wk80gkovfyAV5bFlnfIzn C+bCIbKddbX9QtaBDLbJdM0gyuoldGXIxIC2sQ== ) ;; ADDITIONAL SECTION (9 records) a.ns.GOV. 172800 IN A 199.33.230.1 b.ns.GOV. 172800 IN A 199.33.231.1 c.ns.GOV. 172800 IN A 199.33.232.1 d.ns.GOV. 172800 IN A 199.33.233.1 a.ns.GOV. 172800 IN AAAA 2001:503:ff40::1 b.ns.GOV. 172800 IN AAAA 2001:503:ff41::1 c.ns.GOV. 172800 IN AAAA 2001:503:ff42::1 d.ns.GOV. 172800 IN AAAA 2001:503:ff43::1 ;; { "EDNS-VERSION": 0 }
	Query to l.root-servers.net for GOV/DNSKEY
	Received 610 bytes from 199.7.83.42
	;; Response received from [199.7.83.42] 610 octets ;; HEADER SECTION ;; id = 46898 ;; qr = 1 aa = 0 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; do = 1 co = 0 ;; qdcount = 1 ancount = 0 ;; nscount = 6 arcount = 9 ;; { "EDNS-VERSION": 0, ;; "FLAGS": "8000", ;; "RCODE": 0, ;; "UDPSIZE": 4096, ;; "OPTIONS": [ ] ;; } ;; QUESTION SECTION (1 record) ;; GOV. IN DNSKEY ;; ANSWER SECTION (0 records) ;; AUTHORITY SECTION (6 records) GOV. 172800 IN NS a.ns.GOV. GOV. 172800 IN NS b.ns.GOV. GOV. 172800 IN NS c.ns.GOV. GOV. 172800 IN NS d.ns.GOV. GOV. 86400 IN DS ( 2536 13 2 0baf26b7bbf313a859046fd3b1ee49ddfba33934cfb3e717c21e2a2935c2f259 ) GOV. 86400 IN RRSIG ( DS 8 1 86400 20250927050000 20250914040000 46441 . Sms240JYvUoBg0sa6m9VIUj9Dj2W81rOWvGAd8YfC8xT48FIvcCYtrPF9I8bBOwy20UTZcG+RYTT R7SARlkK2XjLfG5DaA8MbPyJj9WgwGYT2Kg4iSHxz4x7b0tLopsLLVp1vABMZ7EliqTdH/H0lTE1 RjC1kUJDjGDRBwTHjHhMJvq3rRhvRFOb0c5+Uft1IUG47eDPwuGWe3yHCNj7BfxvQAU6mpAE44An BkdjGa9GxIbQZlDj2Q8Mgwq5FtSPdC+28uYoTR1wTxbjUY4YqGXL1m6Wk80gkovfyAV5bFlnfIzn C+bCIbKddbX9QtaBDLbJdM0gyuoldGXIxIC2sQ== ) ;; ADDITIONAL SECTION (9 records) a.ns.GOV. 172800 IN A 199.33.230.1 a.ns.GOV. 172800 IN AAAA 2001:503:ff40::1 b.ns.GOV. 172800 IN A 199.33.231.1 b.ns.GOV. 172800 IN AAAA 2001:503:ff41::1 c.ns.GOV. 172800 IN A 199.33.232.1 c.ns.GOV. 172800 IN AAAA 2001:503:ff42::1 d.ns.GOV. 172800 IN A 199.33.233.1 d.ns.GOV. 172800 IN AAAA 2001:503:ff43::1 ;; { "EDNS-VERSION": 0 }
	Found child zone GOV

GOV

	Checking DS between . and GOV
	Query to l.root-servers.net for GOV/DS
	Received 367 bytes from 199.7.83.42
	;; Response received from [199.7.83.42] 367 octets ;; HEADER SECTION ;; id = 32299 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; do = 1 co = 0 ;; qdcount = 1 ancount = 2 ;; nscount = 0 arcount = 1 ;; { "EDNS-VERSION": 0, ;; "FLAGS": "8000", ;; "RCODE": 0, ;; "UDPSIZE": 4096, ;; "OPTIONS": [ ] ;; } ;; QUESTION SECTION (1 record) ;; GOV. IN DS ;; ANSWER SECTION (2 records) GOV. 86400 IN DS ( 2536 13 2 0baf26b7bbf313a859046fd3b1ee49ddfba33934cfb3e717c21e2a2935c2f259 ) GOV. 86400 IN RRSIG ( DS 8 1 86400 20250927050000 20250914040000 46441 . Sms240JYvUoBg0sa6m9VIUj9Dj2W81rOWvGAd8YfC8xT48FIvcCYtrPF9I8bBOwy20UTZcG+RYTT R7SARlkK2XjLfG5DaA8MbPyJj9WgwGYT2Kg4iSHxz4x7b0tLopsLLVp1vABMZ7EliqTdH/H0lTE1 RjC1kUJDjGDRBwTHjHhMJvq3rRhvRFOb0c5+Uft1IUG47eDPwuGWe3yHCNj7BfxvQAU6mpAE44An BkdjGa9GxIbQZlDj2Q8Mgwq5FtSPdC+28uYoTR1wTxbjUY4YqGXL1m6Wk80gkovfyAV5bFlnfIzn C+bCIbKddbX9QtaBDLbJdM0gyuoldGXIxIC2sQ== ) ;; AUTHORITY SECTION (0 records) ;; ADDITIONAL SECTION (1 record) ;; { "EDNS-VERSION": 0 }
	Found 1 DS records for GOV in the . zone
	DS=2536/SHA-256 has algorithm ECDSAP256SHA256
	Found 1 RRSIGs over DS RRset
	`GOV. 86400 IN RRSIG ( DS 8 1 86400 20250927050000 20250914040000 46441 . Sms240JYvUoBg0sa6m9VIUj9Dj2W81rOWvGAd8YfC8xT48FIvcCYtrPF9I8bBOwy20UTZcG+RYTT R7SARlkK2XjLfG5DaA8MbPyJj9WgwGYT2Kg4iSHxz4x7b0tLopsLLVp1vABMZ7EliqTdH/H0lTE1 RjC1kUJDjGDRBwTHjHhMJvq3rRhvRFOb0c5+Uft1IUG47eDPwuGWe3yHCNj7BfxvQAU6mpAE44An BkdjGa9GxIbQZlDj2Q8Mgwq5FtSPdC+28uYoTR1wTxbjUY4YqGXL1m6Wk80gkovfyAV5bFlnfIzn C+bCIbKddbX9QtaBDLbJdM0gyuoldGXIxIC2sQ== )`
	RRSIG=46441 and DNSKEY=46441 verifies the DS RRset
	DS=2536/SHA-256 is now in the chain-of-trust
	`GOV. 86400 IN DS ( 2536 13 2 0baf26b7bbf313a859046fd3b1ee49ddfba33934cfb3e717c21e2a2935c2f259 )`
	Query to c.ns.GOV for GOV/DNSKEY
	Received 291 bytes from 199.33.232.1
	;; Response received from [199.33.232.1] 291 octets ;; HEADER SECTION ;; id = 16447 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; do = 1 co = 0 ;; qdcount = 1 ancount = 3 ;; nscount = 0 arcount = 1 ;; { "EDNS-VERSION": 0, ;; "FLAGS": "8000", ;; "RCODE": 0, ;; "UDPSIZE": 1232, ;; "OPTIONS": [ ] ;; } ;; QUESTION SECTION (1 record) ;; GOV. IN DNSKEY ;; ANSWER SECTION (3 records) GOV. 3600 IN DNSKEY ( 257 3 13 D6ZhJTObQw3+kcewWf5iTHbzD3uTdbs5xf0kQfP/VXZcDovWJd0DUgHlp2VC002aLDCwhLoPPVN2 VfyoPnjCqg== ) ; keytag 2536 GOV. 3600 IN DNSKEY ( 256 3 13 Of5kU9k4XfdcPwCK9k/zRJNu+Xspnw/BDd+1V6ZpDXRIpHe35BnHTZUBJN9gd6++HkiGXx2YnTji iO7/q+Yamg== ) ; keytag 35496 GOV. 3600 IN RRSIG ( DNSKEY 13 1 3600 20251101110613 20250901110613 2536 gov. D1H2/lQxqi95pn45IcLLiEhJqLj7xvGsuBj73AYEAzqX48/P7GQMRCj7rQAOTEwKoZaj70cVbIvD dPV4T5L9mw== ) ;; AUTHORITY SECTION (0 records) ;; ADDITIONAL SECTION (1 record) ;; { "EDNS-VERSION": 0 }
	Found 2 DNSKEY records for GOV
	`GOV. 3600 IN DNSKEY ( 257 3 13 D6ZhJTObQw3+kcewWf5iTHbzD3uTdbs5xf0kQfP/VXZcDovWJd0DUgHlp2VC002aLDCwhLoPPVN2 VfyoPnjCqg== ) ; keytag 2536`
	`GOV. 3600 IN DNSKEY ( 256 3 13 Of5kU9k4XfdcPwCK9k/zRJNu+Xspnw/BDd+1V6ZpDXRIpHe35BnHTZUBJN9gd6++HkiGXx2YnTji iO7/q+Yamg== ) ; keytag 35496`
	DNSKEY=2536/SEP is now in the chain-of-trust
	DS=2536/SHA-256 verifies DNSKEY=2536/SEP
	Found 1 RRSIGs over DNSKEY RRset
	`GOV. 3600 IN RRSIG ( DNSKEY 13 1 3600 20251101110613 20250901110613 2536 gov. D1H2/lQxqi95pn45IcLLiEhJqLj7xvGsuBj73AYEAzqX48/P7GQMRCj7rQAOTEwKoZaj70cVbIvD dPV4T5L9mw== )`
	RRSIG=2536 and DNSKEY=2536/SEP verifies the DNSKEY RRset
	DNSKEY=35496 is now in the chain-of-trust
	Query to b.ns.GOV for HEALTHINDICATORS.GOV/A
	Received 325 bytes from 199.33.231.1
	;; Response received from [199.33.231.1] 325 octets ;; HEADER SECTION ;; id = 31716 ;; qr = 1 aa = 0 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; do = 1 co = 0 ;; qdcount = 1 ancount = 0 ;; nscount = 8 arcount = 1 ;; { "EDNS-VERSION": 0, ;; "FLAGS": "8000", ;; "RCODE": 0, ;; "UDPSIZE": 1232, ;; "OPTIONS": [ ] ;; } ;; QUESTION SECTION (1 record) ;; HEALTHINDICATORS.GOV. IN A ;; ANSWER SECTION (0 records) ;; AUTHORITY SECTION (8 records) HEALTHINDICATORS.GOV. 10800 IN NS a1-43.akam.net. HEALTHINDICATORS.GOV. 10800 IN NS a2-64.akam.net. HEALTHINDICATORS.GOV. 10800 IN NS a28-65.akam.net. HEALTHINDICATORS.GOV. 10800 IN NS a5-66.akam.net. HEALTHINDICATORS.GOV. 10800 IN NS a8-67.akam.net. HEALTHINDICATORS.GOV. 10800 IN NS a9-64.akam.net. HEALTHINDICATORS.GOV. 3600 IN DS ( 65425 13 2 0c37c911340b0671f081e7f43ae802aaa42aa29de02608976ceb760735461d5f ) HEALTHINDICATORS.GOV. 3600 IN RRSIG ( DS 13 2 3600 20250915092445 20250913072445 35496 gov. mD0KG/+fgvXMuvabhQqcKjSOlau/xeRZxhA2T0Ekm7NjgJbJWgg3QEuQMvMUa5k8Q0SoCfFhjp22 Y4vU8Umk/A== ) ;; ADDITIONAL SECTION (1 record) ;; { "EDNS-VERSION": 0 }
	Query to c.ns.GOV for HEALTHINDICATORS.GOV/DNSKEY
	Received 325 bytes from 199.33.232.1
	;; Response received from [199.33.232.1] 325 octets ;; HEADER SECTION ;; id = 24547 ;; qr = 1 aa = 0 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; do = 1 co = 0 ;; qdcount = 1 ancount = 0 ;; nscount = 8 arcount = 1 ;; { "EDNS-VERSION": 0, ;; "FLAGS": "8000", ;; "RCODE": 0, ;; "UDPSIZE": 1232, ;; "OPTIONS": [ ] ;; } ;; QUESTION SECTION (1 record) ;; HEALTHINDICATORS.GOV. IN DNSKEY ;; ANSWER SECTION (0 records) ;; AUTHORITY SECTION (8 records) HEALTHINDICATORS.GOV. 10800 IN NS a1-43.akam.net. HEALTHINDICATORS.GOV. 10800 IN NS a2-64.akam.net. HEALTHINDICATORS.GOV. 10800 IN NS a28-65.akam.net. HEALTHINDICATORS.GOV. 10800 IN NS a5-66.akam.net. HEALTHINDICATORS.GOV. 10800 IN NS a8-67.akam.net. HEALTHINDICATORS.GOV. 10800 IN NS a9-64.akam.net. HEALTHINDICATORS.GOV. 3600 IN DS ( 65425 13 2 0c37c911340b0671f081e7f43ae802aaa42aa29de02608976ceb760735461d5f ) HEALTHINDICATORS.GOV. 3600 IN RRSIG ( DS 13 2 3600 20250915092445 20250913072445 35496 gov. ykqdhN6wh3JTHjv7Jujt5Bv5eYRM9K2VZ/XtG6Q/AK5wBipmCKvuNacd7FfFcvCC+shi4QLsvyrA HMurcAvA5A== ) ;; ADDITIONAL SECTION (1 record) ;; { "EDNS-VERSION": 0 }
	Found child zone HEALTHINDICATORS.GOV

HEALTHINDICATORS.GOV

	Checking DS between GOV and HEALTHINDICATORS.GOV
	Query to c.ns.GOV for HEALTHINDICATORS.GOV/DS
	Received 196 bytes from 199.33.232.1
	;; Response received from [199.33.232.1] 196 octets ;; HEADER SECTION ;; id = 12034 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; do = 1 co = 0 ;; qdcount = 1 ancount = 2 ;; nscount = 0 arcount = 1 ;; { "EDNS-VERSION": 0, ;; "FLAGS": "8000", ;; "RCODE": 0, ;; "UDPSIZE": 1232, ;; "OPTIONS": [ ] ;; } ;; QUESTION SECTION (1 record) ;; HEALTHINDICATORS.GOV. IN DS ;; ANSWER SECTION (2 records) HEALTHINDICATORS.GOV. 3600 IN DS ( 65425 13 2 0c37c911340b0671f081e7f43ae802aaa42aa29de02608976ceb760735461d5f ) HEALTHINDICATORS.GOV. 3600 IN RRSIG ( DS 13 2 3600 20250915092445 20250913072445 35496 gov. MPugJEYlxp10cZDNVgM9DbgWLUHuAM3hKaXx5DIr63XRBIir9FLNNVcXGR9lvAFgZnEaF06Ba4mX de39nnDahA== ) ;; AUTHORITY SECTION (0 records) ;; ADDITIONAL SECTION (1 record) ;; { "EDNS-VERSION": 0 }
	Found 1 DS records for HEALTHINDICATORS.GOV in the GOV zone
	DS=65425/SHA-256 has algorithm ECDSAP256SHA256
	Found 1 RRSIGs over DS RRset
	`HEALTHINDICATORS.GOV. 3600 IN RRSIG ( DS 13 2 3600 20250915092445 20250913072445 35496 gov. MPugJEYlxp10cZDNVgM9DbgWLUHuAM3hKaXx5DIr63XRBIir9FLNNVcXGR9lvAFgZnEaF06Ba4mX de39nnDahA== )`
	RRSIG=35496 and DNSKEY=35496 verifies the DS RRset
	DS=65425/SHA-256 is now in the chain-of-trust
	`HEALTHINDICATORS.GOV. 3600 IN DS ( 65425 13 2 0c37c911340b0671f081e7f43ae802aaa42aa29de02608976ceb760735461d5f )`
	Query to a9-64.akam.net for HEALTHINDICATORS.GOV/DNSKEY
	Received 601 bytes from 184.85.248.64
	;; Response received from [184.85.248.64] 601 octets ;; HEADER SECTION ;; id = 19526 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; do = 1 co = 0 ;; qdcount = 1 ancount = 6 ;; nscount = 0 arcount = 1 ;; { "EDNS-VERSION": 0, ;; "FLAGS": "8000", ;; "RCODE": 0, ;; "UDPSIZE": 4096, ;; "OPTIONS": [ ] ;; } ;; QUESTION SECTION (1 record) ;; HEALTHINDICATORS.GOV. IN DNSKEY ;; ANSWER SECTION (6 records) HEALTHINDICATORS.GOV. 7200 IN DNSKEY ( 257 3 13 k+tp9IHDV+XVSJOu+YJvmOyb6ALjkF6DrkD3jt92l6i2v/mk22eMXrlMv3trwujNV/zEWvH63BFR RGLR4JUXAg== ) ; keytag 23777 HEALTHINDICATORS.GOV. 7200 IN DNSKEY ( 257 3 13 MrVVBIcDanJSp7qkSthuUUCb3idiQpUO8Rjhzn3zJTsf3ZhcjjfnQi1M48Tx9E61ttvm4LCqCYPM CL+Vneku0g== ) ; keytag 65425 HEALTHINDICATORS.GOV. 7200 IN DNSKEY ( 256 3 13 EQIf8Jv5Qm0TI825UsKvwcSqgoCgDbirJE0O6ZeFMO7TqMZrAB1CBjsp+U2qILB0NNebAd96R+ap Ry40VjBX9w== ) ; keytag 31351 HEALTHINDICATORS.GOV. 7200 IN DNSKEY ( 256 3 13 U4HIidVFUESn0ZKp3fJO4tlw736T2XAVqycDqagpDh9mlQx2rK+hn+5wq16HU03PHYmzdJmSKgj/ 1c8YlKur0w== ) ; keytag 45886 HEALTHINDICATORS.GOV. 7200 IN RRSIG ( DNSKEY 13 2 7200 20250917082107 20250914072107 23777 healthindicators.gov. OaEunlAsxFvSy5DWRw/OeRgWsPqdOoFQ9kAHcBV9LCgMFBKvLZIztd90/3c3LBiwIGVJG/FPq9a6 zRed4oA/AQ== ) HEALTHINDICATORS.GOV. 7200 IN RRSIG ( DNSKEY 13 2 7200 20250917082107 20250914072107 65425 healthindicators.gov. UKMrHxSiW9A7QW+T6swJHIdZSxokKKF7LCYMjKmQv+XfU/q/KJEnugy9tmcAqxFsnHHa4BdmyST/ ipzhUL2Z1w== ) ;; AUTHORITY SECTION (0 records) ;; ADDITIONAL SECTION (1 record) ;; { "EDNS-VERSION": 0 }
	Found 4 DNSKEY records for HEALTHINDICATORS.GOV
	`HEALTHINDICATORS.GOV. 7200 IN DNSKEY ( 257 3 13 k+tp9IHDV+XVSJOu+YJvmOyb6ALjkF6DrkD3jt92l6i2v/mk22eMXrlMv3trwujNV/zEWvH63BFR RGLR4JUXAg== ) ; keytag 23777`
	`HEALTHINDICATORS.GOV. 7200 IN DNSKEY ( 257 3 13 MrVVBIcDanJSp7qkSthuUUCb3idiQpUO8Rjhzn3zJTsf3ZhcjjfnQi1M48Tx9E61ttvm4LCqCYPM CL+Vneku0g== ) ; keytag 65425`
	`HEALTHINDICATORS.GOV. 7200 IN DNSKEY ( 256 3 13 EQIf8Jv5Qm0TI825UsKvwcSqgoCgDbirJE0O6ZeFMO7TqMZrAB1CBjsp+U2qILB0NNebAd96R+ap Ry40VjBX9w== ) ; keytag 31351`
	`HEALTHINDICATORS.GOV. 7200 IN DNSKEY ( 256 3 13 U4HIidVFUESn0ZKp3fJO4tlw736T2XAVqycDqagpDh9mlQx2rK+hn+5wq16HU03PHYmzdJmSKgj/ 1c8YlKur0w== ) ; keytag 45886`
	DNSKEY=65425/SEP is now in the chain-of-trust
	DS=65425/SHA-256 verifies DNSKEY=65425/SEP
	Found 2 RRSIGs over DNSKEY RRset
	`HEALTHINDICATORS.GOV. 7200 IN RRSIG ( DNSKEY 13 2 7200 20250917082107 20250914072107 23777 healthindicators.gov. OaEunlAsxFvSy5DWRw/OeRgWsPqdOoFQ9kAHcBV9LCgMFBKvLZIztd90/3c3LBiwIGVJG/FPq9a6 zRed4oA/AQ== )`
	`HEALTHINDICATORS.GOV. 7200 IN RRSIG ( DNSKEY 13 2 7200 20250917082107 20250914072107 65425 healthindicators.gov. UKMrHxSiW9A7QW+T6swJHIdZSxokKKF7LCYMjKmQv+XfU/q/KJEnugy9tmcAqxFsnHHa4BdmyST/ ipzhUL2Z1w== )`
	RRSIG=23777 and DNSKEY=23777/SEP verifies the DNSKEY RRset
	RRSIG=65425 and DNSKEY=65425/SEP verifies the DNSKEY RRset
	DNSKEY=23777/SEP is now in the chain-of-trust
	DNSKEY=31351 is now in the chain-of-trust
	DNSKEY=45886 is now in the chain-of-trust
	Query to a28-65.akam.net for HEALTHINDICATORS.GOV/A
	Received 414 bytes from 95.100.173.65
	;; Response received from [95.100.173.65] 414 octets ;; HEADER SECTION ;; id = 35103 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; do = 1 co = 0 ;; qdcount = 1 ancount = 0 ;; nscount = 4 arcount = 1 ;; { "EDNS-VERSION": 0, ;; "FLAGS": "8000", ;; "RCODE": 0, ;; "UDPSIZE": 4096, ;; "OPTIONS": [ ] ;; } ;; QUESTION SECTION (1 record) ;; HEALTHINDICATORS.GOV. IN A ;; ANSWER SECTION (0 records) ;; AUTHORITY SECTION (4 records) HEALTHINDICATORS.GOV. 3600 IN SOA ( ns2.cdc.GOV. dnsadmin.cdc.GOV. 740946732 ;serial 10800 ;refresh 3600 ;retry 604800 ;expire 84600 ;minimum ) HEALTHINDICATORS.GOV. 3600 IN RRSIG ( SOA 13 2 3600 20250917082107 20250914072107 31351 healthindicators.gov. j/7nn/lEFYtja5OmW9evMYS4VNhfESHxcrmHHYH7+jjGt085eoY+dTIGirqeVLNPFqltLr9n5/Hi /EtvjD+gxg== ) nvs8jbkdfmk8sndgp7lg789e90v7jj5a.HEALTHINDICATORS.GOV. 84600 IN NSEC3 ( 1 0 0 - 700rvp7kd08sjeaiisauob6k5b5g59m4 NS SOA TXT RRSIG DNSKEY NSEC3PARAM ) nvs8jbkdfmk8sndgp7lg789e90v7jj5a.HEALTHINDICATORS.GOV. 84600 IN RRSIG ( NSEC3 13 3 84600 20250917082107 20250914072107 31351 healthindicators.gov. gtmY97UNmRSP3+XPGHyFpuNQdmWqpPPnLJn5+dl1RjK8Po/ki8XHOj8D5U6Q/ESlbuH78Ku5hE5M 2TBwfFBnLQ== ) ;; ADDITIONAL SECTION (1 record) ;; { "EDNS-VERSION": 0 }
	a28-65.akam.net is authoritative for HEALTHINDICATORS.GOV
	Found RRSIG signed by healthindicators.gov zone
	Query to a8-67.akam.net for HEALTHINDICATORS.GOV/SOA
	Received 463 bytes from 2.16.40.67
	;; Response received from [2.16.40.67] 463 octets ;; HEADER SECTION ;; id = 5720 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; do = 1 co = 0 ;; qdcount = 1 ancount = 2 ;; nscount = 7 arcount = 1 ;; { "EDNS-VERSION": 0, ;; "FLAGS": "8000", ;; "RCODE": 0, ;; "UDPSIZE": 4096, ;; "OPTIONS": [ ] ;; } ;; QUESTION SECTION (1 record) ;; HEALTHINDICATORS.GOV. IN SOA ;; ANSWER SECTION (2 records) HEALTHINDICATORS.GOV. 3600 IN SOA ( ns2.cdc.GOV. dnsadmin.cdc.GOV. 740946732 ;serial 10800 ;refresh 3600 ;retry 604800 ;expire 84600 ;minimum ) HEALTHINDICATORS.GOV. 3600 IN RRSIG ( SOA 13 2 3600 20250917082107 20250914072107 31351 healthindicators.gov. j/7nn/lEFYtja5OmW9evMYS4VNhfESHxcrmHHYH7+jjGt085eoY+dTIGirqeVLNPFqltLr9n5/Hi /EtvjD+gxg== ) ;; AUTHORITY SECTION (7 records) HEALTHINDICATORS.GOV. 3600 IN NS a9-64.akam.net. HEALTHINDICATORS.GOV. 3600 IN NS a1-43.akam.net. HEALTHINDICATORS.GOV. 3600 IN NS a8-67.akam.net. HEALTHINDICATORS.GOV. 3600 IN NS a5-66.akam.net. HEALTHINDICATORS.GOV. 3600 IN NS a28-65.akam.net. HEALTHINDICATORS.GOV. 3600 IN NS a2-64.akam.net. HEALTHINDICATORS.GOV. 3600 IN RRSIG ( NS 13 2 3600 20250917082107 20250914072107 31351 healthindicators.gov. fO8aO1ZSGWoZP+tW7Jl8mu3Av+Q/aaduZclcGWgVAB74kf5fA1F5rzQu2WqzPtqDrohkODfN6+gr HXgWkxBxaA== ) ;; ADDITIONAL SECTION (1 record) ;; { "EDNS-VERSION": 0 }
	Query to a2-64.akam.net for HEALTHINDICATORS.GOV/SOA
	Received 463 bytes from 95.100.174.64
	;; Response received from [95.100.174.64] 463 octets ;; HEADER SECTION ;; id = 59970 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; do = 1 co = 0 ;; qdcount = 1 ancount = 2 ;; nscount = 7 arcount = 1 ;; { "EDNS-VERSION": 0, ;; "FLAGS": "8000", ;; "RCODE": 0, ;; "UDPSIZE": 4096, ;; "OPTIONS": [ ] ;; } ;; QUESTION SECTION (1 record) ;; HEALTHINDICATORS.GOV. IN SOA ;; ANSWER SECTION (2 records) HEALTHINDICATORS.GOV. 3600 IN SOA ( ns2.cdc.GOV. dnsadmin.cdc.GOV. 740946732 ;serial 10800 ;refresh 3600 ;retry 604800 ;expire 84600 ;minimum ) HEALTHINDICATORS.GOV. 3600 IN RRSIG ( SOA 13 2 3600 20250917082107 20250914072107 31351 healthindicators.gov. j/7nn/lEFYtja5OmW9evMYS4VNhfESHxcrmHHYH7+jjGt085eoY+dTIGirqeVLNPFqltLr9n5/Hi /EtvjD+gxg== ) ;; AUTHORITY SECTION (7 records) HEALTHINDICATORS.GOV. 3600 IN NS a2-64.akam.net. HEALTHINDICATORS.GOV. 3600 IN NS a1-43.akam.net. HEALTHINDICATORS.GOV. 3600 IN NS a8-67.akam.net. HEALTHINDICATORS.GOV. 3600 IN NS a9-64.akam.net. HEALTHINDICATORS.GOV. 3600 IN NS a28-65.akam.net. HEALTHINDICATORS.GOV. 3600 IN NS a5-66.akam.net. HEALTHINDICATORS.GOV. 3600 IN RRSIG ( NS 13 2 3600 20250917082107 20250914072107 31351 healthindicators.gov. fO8aO1ZSGWoZP+tW7Jl8mu3Av+Q/aaduZclcGWgVAB74kf5fA1F5rzQu2WqzPtqDrohkODfN6+gr HXgWkxBxaA== ) ;; ADDITIONAL SECTION (1 record) ;; { "EDNS-VERSION": 0 }
	Query to a1-43.akam.net for HEALTHINDICATORS.GOV/SOA
	Received 463 bytes from 193.108.91.43
	;; Response received from [193.108.91.43] 463 octets ;; HEADER SECTION ;; id = 34550 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; do = 1 co = 0 ;; qdcount = 1 ancount = 2 ;; nscount = 7 arcount = 1 ;; { "EDNS-VERSION": 0, ;; "FLAGS": "8000", ;; "RCODE": 0, ;; "UDPSIZE": 4096, ;; "OPTIONS": [ ] ;; } ;; QUESTION SECTION (1 record) ;; HEALTHINDICATORS.GOV. IN SOA ;; ANSWER SECTION (2 records) HEALTHINDICATORS.GOV. 3600 IN SOA ( ns2.cdc.GOV. dnsadmin.cdc.GOV. 740946732 ;serial 10800 ;refresh 3600 ;retry 604800 ;expire 84600 ;minimum ) HEALTHINDICATORS.GOV. 3600 IN RRSIG ( SOA 13 2 3600 20250917082107 20250914072107 31351 healthindicators.gov. j/7nn/lEFYtja5OmW9evMYS4VNhfESHxcrmHHYH7+jjGt085eoY+dTIGirqeVLNPFqltLr9n5/Hi /EtvjD+gxg== ) ;; AUTHORITY SECTION (7 records) HEALTHINDICATORS.GOV. 3600 IN NS a5-66.akam.net. HEALTHINDICATORS.GOV. 3600 IN NS a1-43.akam.net. HEALTHINDICATORS.GOV. 3600 IN NS a8-67.akam.net. HEALTHINDICATORS.GOV. 3600 IN NS a9-64.akam.net. HEALTHINDICATORS.GOV. 3600 IN NS a2-64.akam.net. HEALTHINDICATORS.GOV. 3600 IN NS a28-65.akam.net. HEALTHINDICATORS.GOV. 3600 IN RRSIG ( NS 13 2 3600 20250917082107 20250914072107 31351 healthindicators.gov. fO8aO1ZSGWoZP+tW7Jl8mu3Av+Q/aaduZclcGWgVAB74kf5fA1F5rzQu2WqzPtqDrohkODfN6+gr HXgWkxBxaA== ) ;; ADDITIONAL SECTION (1 record) ;; { "EDNS-VERSION": 0 }
	Query to a5-66.akam.net for HEALTHINDICATORS.GOV/SOA
	Received 463 bytes from 95.100.168.66
	;; Response received from [95.100.168.66] 463 octets ;; HEADER SECTION ;; id = 60432 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; do = 1 co = 0 ;; qdcount = 1 ancount = 2 ;; nscount = 7 arcount = 1 ;; { "EDNS-VERSION": 0, ;; "FLAGS": "8000", ;; "RCODE": 0, ;; "UDPSIZE": 4096, ;; "OPTIONS": [ ] ;; } ;; QUESTION SECTION (1 record) ;; HEALTHINDICATORS.GOV. IN SOA ;; ANSWER SECTION (2 records) HEALTHINDICATORS.GOV. 3600 IN SOA ( ns2.cdc.GOV. dnsadmin.cdc.GOV. 740946732 ;serial 10800 ;refresh 3600 ;retry 604800 ;expire 84600 ;minimum ) HEALTHINDICATORS.GOV. 3600 IN RRSIG ( SOA 13 2 3600 20250917082107 20250914072107 31351 healthindicators.gov. j/7nn/lEFYtja5OmW9evMYS4VNhfESHxcrmHHYH7+jjGt085eoY+dTIGirqeVLNPFqltLr9n5/Hi /EtvjD+gxg== ) ;; AUTHORITY SECTION (7 records) HEALTHINDICATORS.GOV. 3600 IN NS a28-65.akam.net. HEALTHINDICATORS.GOV. 3600 IN NS a5-66.akam.net. HEALTHINDICATORS.GOV. 3600 IN NS a2-64.akam.net. HEALTHINDICATORS.GOV. 3600 IN NS a8-67.akam.net. HEALTHINDICATORS.GOV. 3600 IN NS a1-43.akam.net. HEALTHINDICATORS.GOV. 3600 IN NS a9-64.akam.net. HEALTHINDICATORS.GOV. 3600 IN RRSIG ( NS 13 2 3600 20250917082107 20250914072107 31351 healthindicators.gov. fO8aO1ZSGWoZP+tW7Jl8mu3Av+Q/aaduZclcGWgVAB74kf5fA1F5rzQu2WqzPtqDrohkODfN6+gr HXgWkxBxaA== ) ;; ADDITIONAL SECTION (1 record) ;; { "EDNS-VERSION": 0 }
	Query to a9-64.akam.net for HEALTHINDICATORS.GOV/SOA
	Received 463 bytes from 184.85.248.64
	;; Response received from [184.85.248.64] 463 octets ;; HEADER SECTION ;; id = 31350 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; do = 1 co = 0 ;; qdcount = 1 ancount = 2 ;; nscount = 7 arcount = 1 ;; { "EDNS-VERSION": 0, ;; "FLAGS": "8000", ;; "RCODE": 0, ;; "UDPSIZE": 4096, ;; "OPTIONS": [ ] ;; } ;; QUESTION SECTION (1 record) ;; HEALTHINDICATORS.GOV. IN SOA ;; ANSWER SECTION (2 records) HEALTHINDICATORS.GOV. 3600 IN SOA ( ns2.cdc.GOV. dnsadmin.cdc.GOV. 740946732 ;serial 10800 ;refresh 3600 ;retry 604800 ;expire 84600 ;minimum ) HEALTHINDICATORS.GOV. 3600 IN RRSIG ( SOA 13 2 3600 20250917082107 20250914072107 31351 healthindicators.gov. j/7nn/lEFYtja5OmW9evMYS4VNhfESHxcrmHHYH7+jjGt085eoY+dTIGirqeVLNPFqltLr9n5/Hi /EtvjD+gxg== ) ;; AUTHORITY SECTION (7 records) HEALTHINDICATORS.GOV. 3600 IN NS a5-66.akam.net. HEALTHINDICATORS.GOV. 3600 IN NS a9-64.akam.net. HEALTHINDICATORS.GOV. 3600 IN NS a8-67.akam.net. HEALTHINDICATORS.GOV. 3600 IN NS a28-65.akam.net. HEALTHINDICATORS.GOV. 3600 IN NS a1-43.akam.net. HEALTHINDICATORS.GOV. 3600 IN NS a2-64.akam.net. HEALTHINDICATORS.GOV. 3600 IN RRSIG ( NS 13 2 3600 20250917082107 20250914072107 31351 healthindicators.gov. fO8aO1ZSGWoZP+tW7Jl8mu3Av+Q/aaduZclcGWgVAB74kf5fA1F5rzQu2WqzPtqDrohkODfN6+gr HXgWkxBxaA== ) ;; ADDITIONAL SECTION (1 record) ;; { "EDNS-VERSION": 0 }
	Query to a28-65.akam.net for HEALTHINDICATORS.GOV/A
	Received 414 bytes from 95.100.173.65
	;; Response received from [95.100.173.65] 414 octets ;; HEADER SECTION ;; id = 47810 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; do = 1 co = 0 ;; qdcount = 1 ancount = 0 ;; nscount = 4 arcount = 1 ;; { "EDNS-VERSION": 0, ;; "FLAGS": "8000", ;; "RCODE": 0, ;; "UDPSIZE": 4096, ;; "OPTIONS": [ ] ;; } ;; QUESTION SECTION (1 record) ;; HEALTHINDICATORS.GOV. IN A ;; ANSWER SECTION (0 records) ;; AUTHORITY SECTION (4 records) nvs8jbkdfmk8sndgp7lg789e90v7jj5a.HEALTHINDICATORS.GOV. 84600 IN NSEC3 ( 1 0 0 - 700rvp7kd08sjeaiisauob6k5b5g59m4 NS SOA TXT RRSIG DNSKEY NSEC3PARAM ) nvs8jbkdfmk8sndgp7lg789e90v7jj5a.HEALTHINDICATORS.GOV. 84600 IN RRSIG ( NSEC3 13 3 84600 20250917082107 20250914072107 31351 healthindicators.gov. gtmY97UNmRSP3+XPGHyFpuNQdmWqpPPnLJn5+dl1RjK8Po/ki8XHOj8D5U6Q/ESlbuH78Ku5hE5M 2TBwfFBnLQ== ) HEALTHINDICATORS.GOV. 3600 IN SOA ( ns2.cdc.GOV. dnsadmin.cdc.GOV. 740946732 ;serial 10800 ;refresh 3600 ;retry 604800 ;expire 84600 ;minimum ) HEALTHINDICATORS.GOV. 3600 IN RRSIG ( SOA 13 2 3600 20250917082107 20250914072107 31351 healthindicators.gov. j/7nn/lEFYtja5OmW9evMYS4VNhfESHxcrmHHYH7+jjGt085eoY+dTIGirqeVLNPFqltLr9n5/Hi /EtvjD+gxg== ) ;; ADDITIONAL SECTION (1 record) ;; { "EDNS-VERSION": 0 }
	NSEC3 validation not implemented yet
	Found 1 RRSIGs over SOA RRset
	`HEALTHINDICATORS.GOV. 3600 IN RRSIG ( SOA 13 2 3600 20250917082107 20250914072107 31351 healthindicators.gov. j/7nn/lEFYtja5OmW9evMYS4VNhfESHxcrmHHYH7+jjGt085eoY+dTIGirqeVLNPFqltLr9n5/Hi /EtvjD+gxg== )`
	RRSIG=31351 and DNSKEY=31351 verifies the SOA RRset

HEALTHINDICATORS.GOV

	Query to a8-67.akam.net for HEALTHINDICATORS.GOV/A
	Received 414 bytes from 2.16.40.67
	;; Response received from [2.16.40.67] 414 octets ;; HEADER SECTION ;; id = 20821 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; do = 1 co = 0 ;; qdcount = 1 ancount = 0 ;; nscount = 4 arcount = 1 ;; { "EDNS-VERSION": 0, ;; "FLAGS": "8000", ;; "RCODE": 0, ;; "UDPSIZE": 4096, ;; "OPTIONS": [ ] ;; } ;; QUESTION SECTION (1 record) ;; HEALTHINDICATORS.GOV. IN A ;; ANSWER SECTION (0 records) ;; AUTHORITY SECTION (4 records) nvs8jbkdfmk8sndgp7lg789e90v7jj5a.HEALTHINDICATORS.GOV. 84600 IN NSEC3 ( 1 0 0 - 700rvp7kd08sjeaiisauob6k5b5g59m4 NS SOA TXT RRSIG DNSKEY NSEC3PARAM ) nvs8jbkdfmk8sndgp7lg789e90v7jj5a.HEALTHINDICATORS.GOV. 84600 IN RRSIG ( NSEC3 13 3 84600 20250917082107 20250914072107 31351 healthindicators.gov. gtmY97UNmRSP3+XPGHyFpuNQdmWqpPPnLJn5+dl1RjK8Po/ki8XHOj8D5U6Q/ESlbuH78Ku5hE5M 2TBwfFBnLQ== ) HEALTHINDICATORS.GOV. 3600 IN SOA ( ns2.cdc.GOV. dnsadmin.cdc.GOV. 740946732 ;serial 10800 ;refresh 3600 ;retry 604800 ;expire 84600 ;minimum ) HEALTHINDICATORS.GOV. 3600 IN RRSIG ( SOA 13 2 3600 20250917082107 20250914072107 31351 healthindicators.gov. j/7nn/lEFYtja5OmW9evMYS4VNhfESHxcrmHHYH7+jjGt085eoY+dTIGirqeVLNPFqltLr9n5/Hi /EtvjD+gxg== ) ;; ADDITIONAL SECTION (1 record) ;; { "EDNS-VERSION": 0 }
	a8-67.akam.net is authoritative for HEALTHINDICATORS.GOV
	Found RRSIG signed by healthindicators.gov zone
	Query to a8-67.akam.net for HEALTHINDICATORS.GOV/A
	Received 414 bytes from 2.16.40.67
	;; Response received from [2.16.40.67] 414 octets ;; HEADER SECTION ;; id = 43922 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; do = 1 co = 0 ;; qdcount = 1 ancount = 0 ;; nscount = 4 arcount = 1 ;; { "EDNS-VERSION": 0, ;; "FLAGS": "8000", ;; "RCODE": 0, ;; "UDPSIZE": 4096, ;; "OPTIONS": [ ] ;; } ;; QUESTION SECTION (1 record) ;; HEALTHINDICATORS.GOV. IN A ;; ANSWER SECTION (0 records) ;; AUTHORITY SECTION (4 records) nvs8jbkdfmk8sndgp7lg789e90v7jj5a.HEALTHINDICATORS.GOV. 84600 IN NSEC3 ( 1 0 0 - 700rvp7kd08sjeaiisauob6k5b5g59m4 NS SOA TXT RRSIG DNSKEY NSEC3PARAM ) nvs8jbkdfmk8sndgp7lg789e90v7jj5a.HEALTHINDICATORS.GOV. 84600 IN RRSIG ( NSEC3 13 3 84600 20250917082107 20250914072107 31351 healthindicators.gov. gtmY97UNmRSP3+XPGHyFpuNQdmWqpPPnLJn5+dl1RjK8Po/ki8XHOj8D5U6Q/ESlbuH78Ku5hE5M 2TBwfFBnLQ== ) HEALTHINDICATORS.GOV. 3600 IN SOA ( ns2.cdc.GOV. dnsadmin.cdc.GOV. 740946732 ;serial 10800 ;refresh 3600 ;retry 604800 ;expire 84600 ;minimum ) HEALTHINDICATORS.GOV. 3600 IN RRSIG ( SOA 13 2 3600 20250917082107 20250914072107 31351 healthindicators.gov. j/7nn/lEFYtja5OmW9evMYS4VNhfESHxcrmHHYH7+jjGt085eoY+dTIGirqeVLNPFqltLr9n5/Hi /EtvjD+gxg== ) ;; ADDITIONAL SECTION (1 record) ;; { "EDNS-VERSION": 0 }
	NSEC3 validation not implemented yet
	Found 1 RRSIGs over SOA RRset
	`HEALTHINDICATORS.GOV. 3600 IN RRSIG ( SOA 13 2 3600 20250917082107 20250914072107 31351 healthindicators.gov. j/7nn/lEFYtja5OmW9evMYS4VNhfESHxcrmHHYH7+jjGt085eoY+dTIGirqeVLNPFqltLr9n5/Hi /EtvjD+gxg== )`
	RRSIG=31351 and DNSKEY=31351 verifies the SOA RRset

HEALTHINDICATORS.GOV

	Query to a9-64.akam.net for HEALTHINDICATORS.GOV/A
	Received 414 bytes from 184.85.248.64
	;; Response received from [184.85.248.64] 414 octets ;; HEADER SECTION ;; id = 59957 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; do = 1 co = 0 ;; qdcount = 1 ancount = 0 ;; nscount = 4 arcount = 1 ;; { "EDNS-VERSION": 0, ;; "FLAGS": "8000", ;; "RCODE": 0, ;; "UDPSIZE": 4096, ;; "OPTIONS": [ ] ;; } ;; QUESTION SECTION (1 record) ;; HEALTHINDICATORS.GOV. IN A ;; ANSWER SECTION (0 records) ;; AUTHORITY SECTION (4 records) HEALTHINDICATORS.GOV. 3600 IN SOA ( ns2.cdc.GOV. dnsadmin.cdc.GOV. 740946732 ;serial 10800 ;refresh 3600 ;retry 604800 ;expire 84600 ;minimum ) HEALTHINDICATORS.GOV. 3600 IN RRSIG ( SOA 13 2 3600 20250917082107 20250914072107 31351 healthindicators.gov. j/7nn/lEFYtja5OmW9evMYS4VNhfESHxcrmHHYH7+jjGt085eoY+dTIGirqeVLNPFqltLr9n5/Hi /EtvjD+gxg== ) nvs8jbkdfmk8sndgp7lg789e90v7jj5a.HEALTHINDICATORS.GOV. 84600 IN NSEC3 ( 1 0 0 - 700rvp7kd08sjeaiisauob6k5b5g59m4 NS SOA TXT RRSIG DNSKEY NSEC3PARAM ) nvs8jbkdfmk8sndgp7lg789e90v7jj5a.HEALTHINDICATORS.GOV. 84600 IN RRSIG ( NSEC3 13 3 84600 20250917082107 20250914072107 31351 healthindicators.gov. gtmY97UNmRSP3+XPGHyFpuNQdmWqpPPnLJn5+dl1RjK8Po/ki8XHOj8D5U6Q/ESlbuH78Ku5hE5M 2TBwfFBnLQ== ) ;; ADDITIONAL SECTION (1 record) ;; { "EDNS-VERSION": 0 }
	a9-64.akam.net is authoritative for HEALTHINDICATORS.GOV
	Found RRSIG signed by healthindicators.gov zone
	Query to a9-64.akam.net for HEALTHINDICATORS.GOV/A
	Received 414 bytes from 184.85.248.64
	;; Response received from [184.85.248.64] 414 octets ;; HEADER SECTION ;; id = 1154 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; do = 1 co = 0 ;; qdcount = 1 ancount = 0 ;; nscount = 4 arcount = 1 ;; { "EDNS-VERSION": 0, ;; "FLAGS": "8000", ;; "RCODE": 0, ;; "UDPSIZE": 4096, ;; "OPTIONS": [ ] ;; } ;; QUESTION SECTION (1 record) ;; HEALTHINDICATORS.GOV. IN A ;; ANSWER SECTION (0 records) ;; AUTHORITY SECTION (4 records) nvs8jbkdfmk8sndgp7lg789e90v7jj5a.HEALTHINDICATORS.GOV. 84600 IN NSEC3 ( 1 0 0 - 700rvp7kd08sjeaiisauob6k5b5g59m4 NS SOA TXT RRSIG DNSKEY NSEC3PARAM ) nvs8jbkdfmk8sndgp7lg789e90v7jj5a.HEALTHINDICATORS.GOV. 84600 IN RRSIG ( NSEC3 13 3 84600 20250917082107 20250914072107 31351 healthindicators.gov. gtmY97UNmRSP3+XPGHyFpuNQdmWqpPPnLJn5+dl1RjK8Po/ki8XHOj8D5U6Q/ESlbuH78Ku5hE5M 2TBwfFBnLQ== ) HEALTHINDICATORS.GOV. 3600 IN SOA ( ns2.cdc.GOV. dnsadmin.cdc.GOV. 740946732 ;serial 10800 ;refresh 3600 ;retry 604800 ;expire 84600 ;minimum ) HEALTHINDICATORS.GOV. 3600 IN RRSIG ( SOA 13 2 3600 20250917082107 20250914072107 31351 healthindicators.gov. j/7nn/lEFYtja5OmW9evMYS4VNhfESHxcrmHHYH7+jjGt085eoY+dTIGirqeVLNPFqltLr9n5/Hi /EtvjD+gxg== ) ;; ADDITIONAL SECTION (1 record) ;; { "EDNS-VERSION": 0 }
	NSEC3 validation not implemented yet
	Found 1 RRSIGs over SOA RRset
	`HEALTHINDICATORS.GOV. 3600 IN RRSIG ( SOA 13 2 3600 20250917082107 20250914072107 31351 healthindicators.gov. j/7nn/lEFYtja5OmW9evMYS4VNhfESHxcrmHHYH7+jjGt085eoY+dTIGirqeVLNPFqltLr9n5/Hi /EtvjD+gxg== )`
	RRSIG=31351 and DNSKEY=31351 verifies the SOA RRset

HEALTHINDICATORS.GOV

	Query to a1-43.akam.net for HEALTHINDICATORS.GOV/A
	Received 414 bytes from 193.108.91.43
	;; Response received from [193.108.91.43] 414 octets ;; HEADER SECTION ;; id = 14819 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; do = 1 co = 0 ;; qdcount = 1 ancount = 0 ;; nscount = 4 arcount = 1 ;; { "EDNS-VERSION": 0, ;; "FLAGS": "8000", ;; "RCODE": 0, ;; "UDPSIZE": 4096, ;; "OPTIONS": [ ] ;; } ;; QUESTION SECTION (1 record) ;; HEALTHINDICATORS.GOV. IN A ;; ANSWER SECTION (0 records) ;; AUTHORITY SECTION (4 records) nvs8jbkdfmk8sndgp7lg789e90v7jj5a.HEALTHINDICATORS.GOV. 84600 IN NSEC3 ( 1 0 0 - 700rvp7kd08sjeaiisauob6k5b5g59m4 NS SOA TXT RRSIG DNSKEY NSEC3PARAM ) nvs8jbkdfmk8sndgp7lg789e90v7jj5a.HEALTHINDICATORS.GOV. 84600 IN RRSIG ( NSEC3 13 3 84600 20250917082107 20250914072107 31351 healthindicators.gov. gtmY97UNmRSP3+XPGHyFpuNQdmWqpPPnLJn5+dl1RjK8Po/ki8XHOj8D5U6Q/ESlbuH78Ku5hE5M 2TBwfFBnLQ== ) HEALTHINDICATORS.GOV. 3600 IN SOA ( ns2.cdc.GOV. dnsadmin.cdc.GOV. 740946732 ;serial 10800 ;refresh 3600 ;retry 604800 ;expire 84600 ;minimum ) HEALTHINDICATORS.GOV. 3600 IN RRSIG ( SOA 13 2 3600 20250917082107 20250914072107 31351 healthindicators.gov. j/7nn/lEFYtja5OmW9evMYS4VNhfESHxcrmHHYH7+jjGt085eoY+dTIGirqeVLNPFqltLr9n5/Hi /EtvjD+gxg== ) ;; ADDITIONAL SECTION (1 record) ;; { "EDNS-VERSION": 0 }
	a1-43.akam.net is authoritative for HEALTHINDICATORS.GOV
	Found RRSIG signed by healthindicators.gov zone
	Query to a1-43.akam.net for HEALTHINDICATORS.GOV/A
	Received 414 bytes from 193.108.91.43
	;; Response received from [193.108.91.43] 414 octets ;; HEADER SECTION ;; id = 43418 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; do = 1 co = 0 ;; qdcount = 1 ancount = 0 ;; nscount = 4 arcount = 1 ;; { "EDNS-VERSION": 0, ;; "FLAGS": "8000", ;; "RCODE": 0, ;; "UDPSIZE": 4096, ;; "OPTIONS": [ ] ;; } ;; QUESTION SECTION (1 record) ;; HEALTHINDICATORS.GOV. IN A ;; ANSWER SECTION (0 records) ;; AUTHORITY SECTION (4 records) HEALTHINDICATORS.GOV. 3600 IN SOA ( ns2.cdc.GOV. dnsadmin.cdc.GOV. 740946732 ;serial 10800 ;refresh 3600 ;retry 604800 ;expire 84600 ;minimum ) HEALTHINDICATORS.GOV. 3600 IN RRSIG ( SOA 13 2 3600 20250917082107 20250914072107 31351 healthindicators.gov. j/7nn/lEFYtja5OmW9evMYS4VNhfESHxcrmHHYH7+jjGt085eoY+dTIGirqeVLNPFqltLr9n5/Hi /EtvjD+gxg== ) nvs8jbkdfmk8sndgp7lg789e90v7jj5a.HEALTHINDICATORS.GOV. 84600 IN NSEC3 ( 1 0 0 - 700rvp7kd08sjeaiisauob6k5b5g59m4 NS SOA TXT RRSIG DNSKEY NSEC3PARAM ) nvs8jbkdfmk8sndgp7lg789e90v7jj5a.HEALTHINDICATORS.GOV. 84600 IN RRSIG ( NSEC3 13 3 84600 20250917082107 20250914072107 31351 healthindicators.gov. gtmY97UNmRSP3+XPGHyFpuNQdmWqpPPnLJn5+dl1RjK8Po/ki8XHOj8D5U6Q/ESlbuH78Ku5hE5M 2TBwfFBnLQ== ) ;; ADDITIONAL SECTION (1 record) ;; { "EDNS-VERSION": 0 }
	NSEC3 validation not implemented yet
	Found 1 RRSIGs over SOA RRset
	`HEALTHINDICATORS.GOV. 3600 IN RRSIG ( SOA 13 2 3600 20250917082107 20250914072107 31351 healthindicators.gov. j/7nn/lEFYtja5OmW9evMYS4VNhfESHxcrmHHYH7+jjGt085eoY+dTIGirqeVLNPFqltLr9n5/Hi /EtvjD+gxg== )`
	RRSIG=31351 and DNSKEY=31351 verifies the SOA RRset

HEALTHINDICATORS.GOV

	Query to a2-64.akam.net for HEALTHINDICATORS.GOV/A
	Received 414 bytes from 95.100.174.64
	;; Response received from [95.100.174.64] 414 octets ;; HEADER SECTION ;; id = 29773 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; do = 1 co = 0 ;; qdcount = 1 ancount = 0 ;; nscount = 4 arcount = 1 ;; { "EDNS-VERSION": 0, ;; "FLAGS": "8000", ;; "RCODE": 0, ;; "UDPSIZE": 4096, ;; "OPTIONS": [ ] ;; } ;; QUESTION SECTION (1 record) ;; HEALTHINDICATORS.GOV. IN A ;; ANSWER SECTION (0 records) ;; AUTHORITY SECTION (4 records) HEALTHINDICATORS.GOV. 3600 IN SOA ( ns2.cdc.GOV. dnsadmin.cdc.GOV. 740946732 ;serial 10800 ;refresh 3600 ;retry 604800 ;expire 84600 ;minimum ) HEALTHINDICATORS.GOV. 3600 IN RRSIG ( SOA 13 2 3600 20250917082107 20250914072107 31351 healthindicators.gov. j/7nn/lEFYtja5OmW9evMYS4VNhfESHxcrmHHYH7+jjGt085eoY+dTIGirqeVLNPFqltLr9n5/Hi /EtvjD+gxg== ) nvs8jbkdfmk8sndgp7lg789e90v7jj5a.HEALTHINDICATORS.GOV. 84600 IN NSEC3 ( 1 0 0 - 700rvp7kd08sjeaiisauob6k5b5g59m4 NS SOA TXT RRSIG DNSKEY NSEC3PARAM ) nvs8jbkdfmk8sndgp7lg789e90v7jj5a.HEALTHINDICATORS.GOV. 84600 IN RRSIG ( NSEC3 13 3 84600 20250917082107 20250914072107 31351 healthindicators.gov. gtmY97UNmRSP3+XPGHyFpuNQdmWqpPPnLJn5+dl1RjK8Po/ki8XHOj8D5U6Q/ESlbuH78Ku5hE5M 2TBwfFBnLQ== ) ;; ADDITIONAL SECTION (1 record) ;; { "EDNS-VERSION": 0 }
	a2-64.akam.net is authoritative for HEALTHINDICATORS.GOV
	Found RRSIG signed by healthindicators.gov zone
	Query to a2-64.akam.net for HEALTHINDICATORS.GOV/A
	Received 414 bytes from 95.100.174.64
	;; Response received from [95.100.174.64] 414 octets ;; HEADER SECTION ;; id = 29268 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; do = 1 co = 0 ;; qdcount = 1 ancount = 0 ;; nscount = 4 arcount = 1 ;; { "EDNS-VERSION": 0, ;; "FLAGS": "8000", ;; "RCODE": 0, ;; "UDPSIZE": 4096, ;; "OPTIONS": [ ] ;; } ;; QUESTION SECTION (1 record) ;; HEALTHINDICATORS.GOV. IN A ;; ANSWER SECTION (0 records) ;; AUTHORITY SECTION (4 records) nvs8jbkdfmk8sndgp7lg789e90v7jj5a.HEALTHINDICATORS.GOV. 84600 IN NSEC3 ( 1 0 0 - 700rvp7kd08sjeaiisauob6k5b5g59m4 NS SOA TXT RRSIG DNSKEY NSEC3PARAM ) nvs8jbkdfmk8sndgp7lg789e90v7jj5a.HEALTHINDICATORS.GOV. 84600 IN RRSIG ( NSEC3 13 3 84600 20250917082107 20250914072107 31351 healthindicators.gov. gtmY97UNmRSP3+XPGHyFpuNQdmWqpPPnLJn5+dl1RjK8Po/ki8XHOj8D5U6Q/ESlbuH78Ku5hE5M 2TBwfFBnLQ== ) HEALTHINDICATORS.GOV. 3600 IN SOA ( ns2.cdc.GOV. dnsadmin.cdc.GOV. 740946732 ;serial 10800 ;refresh 3600 ;retry 604800 ;expire 84600 ;minimum ) HEALTHINDICATORS.GOV. 3600 IN RRSIG ( SOA 13 2 3600 20250917082107 20250914072107 31351 healthindicators.gov. j/7nn/lEFYtja5OmW9evMYS4VNhfESHxcrmHHYH7+jjGt085eoY+dTIGirqeVLNPFqltLr9n5/Hi /EtvjD+gxg== ) ;; ADDITIONAL SECTION (1 record) ;; { "EDNS-VERSION": 0 }
	NSEC3 validation not implemented yet
	Found 1 RRSIGs over SOA RRset
	`HEALTHINDICATORS.GOV. 3600 IN RRSIG ( SOA 13 2 3600 20250917082107 20250914072107 31351 healthindicators.gov. j/7nn/lEFYtja5OmW9evMYS4VNhfESHxcrmHHYH7+jjGt085eoY+dTIGirqeVLNPFqltLr9n5/Hi /EtvjD+gxg== )`
	RRSIG=31351 and DNSKEY=31351 verifies the SOA RRset

HEALTHINDICATORS.GOV

	Query to a5-66.akam.net for HEALTHINDICATORS.GOV/A
	Received 414 bytes from 95.100.168.66
	;; Response received from [95.100.168.66] 414 octets ;; HEADER SECTION ;; id = 62136 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; do = 1 co = 0 ;; qdcount = 1 ancount = 0 ;; nscount = 4 arcount = 1 ;; { "EDNS-VERSION": 0, ;; "FLAGS": "8000", ;; "RCODE": 0, ;; "UDPSIZE": 4096, ;; "OPTIONS": [ ] ;; } ;; QUESTION SECTION (1 record) ;; HEALTHINDICATORS.GOV. IN A ;; ANSWER SECTION (0 records) ;; AUTHORITY SECTION (4 records) HEALTHINDICATORS.GOV. 3600 IN SOA ( ns2.cdc.GOV. dnsadmin.cdc.GOV. 740946732 ;serial 10800 ;refresh 3600 ;retry 604800 ;expire 84600 ;minimum ) HEALTHINDICATORS.GOV. 3600 IN RRSIG ( SOA 13 2 3600 20250917082107 20250914072107 31351 healthindicators.gov. j/7nn/lEFYtja5OmW9evMYS4VNhfESHxcrmHHYH7+jjGt085eoY+dTIGirqeVLNPFqltLr9n5/Hi /EtvjD+gxg== ) nvs8jbkdfmk8sndgp7lg789e90v7jj5a.HEALTHINDICATORS.GOV. 84600 IN NSEC3 ( 1 0 0 - 700rvp7kd08sjeaiisauob6k5b5g59m4 NS SOA TXT RRSIG DNSKEY NSEC3PARAM ) nvs8jbkdfmk8sndgp7lg789e90v7jj5a.HEALTHINDICATORS.GOV. 84600 IN RRSIG ( NSEC3 13 3 84600 20250917082107 20250914072107 31351 healthindicators.gov. gtmY97UNmRSP3+XPGHyFpuNQdmWqpPPnLJn5+dl1RjK8Po/ki8XHOj8D5U6Q/ESlbuH78Ku5hE5M 2TBwfFBnLQ== ) ;; ADDITIONAL SECTION (1 record) ;; { "EDNS-VERSION": 0 }
	a5-66.akam.net is authoritative for HEALTHINDICATORS.GOV
	Found RRSIG signed by healthindicators.gov zone
	Query to a5-66.akam.net for HEALTHINDICATORS.GOV/A
	Received 414 bytes from 95.100.168.66
	;; Response received from [95.100.168.66] 414 octets ;; HEADER SECTION ;; id = 23142 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; do = 1 co = 0 ;; qdcount = 1 ancount = 0 ;; nscount = 4 arcount = 1 ;; { "EDNS-VERSION": 0, ;; "FLAGS": "8000", ;; "RCODE": 0, ;; "UDPSIZE": 4096, ;; "OPTIONS": [ ] ;; } ;; QUESTION SECTION (1 record) ;; HEALTHINDICATORS.GOV. IN A ;; ANSWER SECTION (0 records) ;; AUTHORITY SECTION (4 records) nvs8jbkdfmk8sndgp7lg789e90v7jj5a.HEALTHINDICATORS.GOV. 84600 IN NSEC3 ( 1 0 0 - 700rvp7kd08sjeaiisauob6k5b5g59m4 NS SOA TXT RRSIG DNSKEY NSEC3PARAM ) nvs8jbkdfmk8sndgp7lg789e90v7jj5a.HEALTHINDICATORS.GOV. 84600 IN RRSIG ( NSEC3 13 3 84600 20250917082107 20250914072107 31351 healthindicators.gov. gtmY97UNmRSP3+XPGHyFpuNQdmWqpPPnLJn5+dl1RjK8Po/ki8XHOj8D5U6Q/ESlbuH78Ku5hE5M 2TBwfFBnLQ== ) HEALTHINDICATORS.GOV. 3600 IN SOA ( ns2.cdc.GOV. dnsadmin.cdc.GOV. 740946732 ;serial 10800 ;refresh 3600 ;retry 604800 ;expire 84600 ;minimum ) HEALTHINDICATORS.GOV. 3600 IN RRSIG ( SOA 13 2 3600 20250917082107 20250914072107 31351 healthindicators.gov. j/7nn/lEFYtja5OmW9evMYS4VNhfESHxcrmHHYH7+jjGt085eoY+dTIGirqeVLNPFqltLr9n5/Hi /EtvjD+gxg== ) ;; ADDITIONAL SECTION (1 record) ;; { "EDNS-VERSION": 0 }
	NSEC3 validation not implemented yet
	Found 1 RRSIGs over SOA RRset
	`HEALTHINDICATORS.GOV. 3600 IN RRSIG ( SOA 13 2 3600 20250917082107 20250914072107 31351 healthindicators.gov. j/7nn/lEFYtja5OmW9evMYS4VNhfESHxcrmHHYH7+jjGt085eoY+dTIGirqeVLNPFqltLr9n5/Hi /EtvjD+gxg== )`
	RRSIG=31351 and DNSKEY=31351 verifies the SOA RRset

Move your mouse over any or symbols for remediation hints.

Want a second opinion? Test HEALTHINDICATORS.GOV at dnsviz.net.

DNSSEC Debugger

↓ Advanced options ↑ Advanced options

Trust Anchor:
Name Servers: