DNSSEC Debugger - HEALTHINDICATORS.GOV

Back to Verisign Labs Tools

Domain Name:

Detail: more(+) / less(-)

Time: 2026-06-11 15:23:57 UTC

Analyzing DNSSEC problems for HEALTHINDICATORS.GOV

DS=20326/SHA-256 is now in the chain-of-trust

DS=38696/SHA-256 is now in the chain-of-trust

	Checking DS between Trust Anchor and .
	`. IN DS ( 20326 8 2 e06d44b80b8f1d39a95c0b0d7c65d08458e880409bbc683457104237c7f8ec8d )`
	`. IN DS ( 38696 8 2 683d2d0acb8c9b712a1948b27f741219298d0a450d612c483af444a4c0fb2b16 )`
	Query to i.root-servers.net for ./DNSKEY
	Received 1139 bytes from 192.36.148.17
	;; Response received from [192.36.148.17] 1139 octets ;; HEADER SECTION ;; id = 13064 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; do = 1 co = 0 ;; qdcount = 1 ancount = 4 ;; nscount = 0 arcount = 1 ;; { "EDNS-VERSION": 0, ;; "FLAGS": "8000", ;; "RCODE": 0, ;; "UDPSIZE": 1232, ;; "OPTIONS": [ ] ;; } ;; QUESTION SECTION (1 record) ;; . IN DNSKEY ;; ANSWER SECTION (4 records) . 172800 IN DNSKEY ( 257 3 8 AwEAAa96jeuknZlaeSrvyAJj6ZHv28hhOKkx3rLGXVaC6rXTsDc449/cidltpkyGwCJNnOAlFNKF 2jBosZBU5eeHspaQWOmOElZsjICMQMC3aeHbGiShvZsx4wMYSjH8e7Vrhbu6irwCzVBApESjbUdp WWmEnhathWu1jo+siFUiRAAxm9qyJNg/wOZqqzL/dL/q8PkcRU5oUKEpUge71M3ej2/7CPqpdVwu MoTvoB+ZOT4YeGyxMvHmbrxlFzGOHOijtzN+u1TQNatX2XBuzZNQ1K+s2CXkPIZo7s6JgZyvaBev YtxPvYLw4z9mR7K2vaF18UYH9Z9GNUUeayffKC73PYc= ) ; keytag 38696 . 172800 IN DNSKEY ( 257 3 8 AwEAAaz/tAm8yTn4Mfeh5eyI96WSVexTBAvkMgJzkKTOiW1vkIbzxeF3+/4RgWOq7HrxRixHlFlE xOLAJr5emLvN7SWXgnLh4+B5xQlNVz8Og8kvArMtNROxVQuCaSnIDdD5LKyWbRd2n9WGe2R8PzgC mr3EgVLrjyBxWezF0jLHwVN8efS3rCj/EWgvIWgb9tarpVUDK/b58Da+sqqls3eNbuv7pr+eoZG+ SrDK6nWeL3c6H5Apxz7LjVc1uTIdsIXxuOLYA4/ilBmSVIzuDWfdRUfhHdY6+cn8HFRm+2hM8AnX GXws9555KrUB5qihylGa8subX2Nn6UwNR1AkUTV74bU= ) ; keytag 20326 . 172800 IN DNSKEY ( 256 3 8 AwEAAb5dDYffpgAJ8VUGLwQtWXPlQWsjIFJtCM00/XaKU+8ln+ofah3q2KxEIjvzQg+nqdxRj+8e mtPne1mtYcbFWP4Q9E+DniOJLK09R05FuzvGbrG7DDdRDUX/cedFdV7O8pFEAYpJqYNR9BCTIAV9 73DO2biauKSA31b7I2lK/woxoR1tf5cqJ4SMbJUviuHicAEoUi2ATswloZNWd5T5thmEFZnxFx7D 5UgKCY7oflS7+GU7dNJwEtmFnWYVETHN0kHXVz6aguouaAZp706YXNIoR/iTgQhmsR7XX+wL0Z8Q M2LxQIyU6vRZ06IyuJMGRMiwkSuGElbumyBt12JZbrU= ) ; keytag 54393 . 172800 IN RRSIG ( DNSKEY 8 0 172800 20260701000000 20260610000000 20326 . j4xwc5ju8Rar7jcd8yX1jGrb5c85D/uGNLvUpiKCzuSVqv0zhUS56KtqD0JmBo1rC+aWxywONWS6 o76i4p5TOOWFWdrops0E/Vw3OFQW+jLxsscc+Y9WUbK1PxTB3UPdWfiHw3azpvgsaaUdXAWeev5t MWZXcj4NM7NoCZJk9ig5onr298AVFZoFNZP6edyzWhyhkMX0DOxBH1M8+c8te2dFpck09pK2GEvA P5Cf1zlsGmZOiZRxB2mDLOXnCbqwJnHQSyhpW9QZkJGJbogrNPwMWdV+X3xcQ5n+dL9aRLtAkKeS p8FDo1ZeGo9xAbha9AjeCyPF3VkSRQEw9owjJg== ) ;; AUTHORITY SECTION (0 records) ;; ADDITIONAL SECTION (1 record) ;; { "EDNS-VERSION": 0 }
	Found 3 DNSKEY records for .
	`. 172800 IN DNSKEY ( 257 3 8 AwEAAa96jeuknZlaeSrvyAJj6ZHv28hhOKkx3rLGXVaC6rXTsDc449/cidltpkyGwCJNnOAlFNKF 2jBosZBU5eeHspaQWOmOElZsjICMQMC3aeHbGiShvZsx4wMYSjH8e7Vrhbu6irwCzVBApESjbUdp WWmEnhathWu1jo+siFUiRAAxm9qyJNg/wOZqqzL/dL/q8PkcRU5oUKEpUge71M3ej2/7CPqpdVwu MoTvoB+ZOT4YeGyxMvHmbrxlFzGOHOijtzN+u1TQNatX2XBuzZNQ1K+s2CXkPIZo7s6JgZyvaBev YtxPvYLw4z9mR7K2vaF18UYH9Z9GNUUeayffKC73PYc= ) ; keytag 38696`
	`. 172800 IN DNSKEY ( 257 3 8 AwEAAaz/tAm8yTn4Mfeh5eyI96WSVexTBAvkMgJzkKTOiW1vkIbzxeF3+/4RgWOq7HrxRixHlFlE xOLAJr5emLvN7SWXgnLh4+B5xQlNVz8Og8kvArMtNROxVQuCaSnIDdD5LKyWbRd2n9WGe2R8PzgC mr3EgVLrjyBxWezF0jLHwVN8efS3rCj/EWgvIWgb9tarpVUDK/b58Da+sqqls3eNbuv7pr+eoZG+ SrDK6nWeL3c6H5Apxz7LjVc1uTIdsIXxuOLYA4/ilBmSVIzuDWfdRUfhHdY6+cn8HFRm+2hM8AnX GXws9555KrUB5qihylGa8subX2Nn6UwNR1AkUTV74bU= ) ; keytag 20326`
	`. 172800 IN DNSKEY ( 256 3 8 AwEAAb5dDYffpgAJ8VUGLwQtWXPlQWsjIFJtCM00/XaKU+8ln+ofah3q2KxEIjvzQg+nqdxRj+8e mtPne1mtYcbFWP4Q9E+DniOJLK09R05FuzvGbrG7DDdRDUX/cedFdV7O8pFEAYpJqYNR9BCTIAV9 73DO2biauKSA31b7I2lK/woxoR1tf5cqJ4SMbJUviuHicAEoUi2ATswloZNWd5T5thmEFZnxFx7D 5UgKCY7oflS7+GU7dNJwEtmFnWYVETHN0kHXVz6aguouaAZp706YXNIoR/iTgQhmsR7XX+wL0Z8Q M2LxQIyU6vRZ06IyuJMGRMiwkSuGElbumyBt12JZbrU= ) ; keytag 54393`
	DNSKEY=38696/SEP is now in the chain-of-trust
	DS=38696/SHA-256 verifies DNSKEY=38696/SEP
	DNSKEY=20326/SEP is now in the chain-of-trust
	DS=20326/SHA-256 verifies DNSKEY=20326/SEP
	Found 1 RRSIGs over DNSKEY RRset
	`. 172800 IN RRSIG ( DNSKEY 8 0 172800 20260701000000 20260610000000 20326 . j4xwc5ju8Rar7jcd8yX1jGrb5c85D/uGNLvUpiKCzuSVqv0zhUS56KtqD0JmBo1rC+aWxywONWS6 o76i4p5TOOWFWdrops0E/Vw3OFQW+jLxsscc+Y9WUbK1PxTB3UPdWfiHw3azpvgsaaUdXAWeev5t MWZXcj4NM7NoCZJk9ig5onr298AVFZoFNZP6edyzWhyhkMX0DOxBH1M8+c8te2dFpck09pK2GEvA P5Cf1zlsGmZOiZRxB2mDLOXnCbqwJnHQSyhpW9QZkJGJbogrNPwMWdV+X3xcQ5n+dL9aRLtAkKeS p8FDo1ZeGo9xAbha9AjeCyPF3VkSRQEw9owjJg== )`
	RRSIG=20326 and DNSKEY=20326/SEP verifies the DNSKEY RRset
	DNSKEY=54393 is now in the chain-of-trust
	Query to h.root-servers.net for HEALTHINDICATORS.GOV/A
	Received 627 bytes from 198.97.190.53
	;; Response received from [198.97.190.53] 627 octets ;; HEADER SECTION ;; id = 11294 ;; qr = 1 aa = 0 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; do = 1 co = 0 ;; qdcount = 1 ancount = 0 ;; nscount = 6 arcount = 9 ;; { "EDNS-VERSION": 0, ;; "FLAGS": "8000", ;; "RCODE": 0, ;; "UDPSIZE": 1232, ;; "OPTIONS": [ ] ;; } ;; QUESTION SECTION (1 record) ;; HEALTHINDICATORS.GOV. IN A ;; ANSWER SECTION (0 records) ;; AUTHORITY SECTION (6 records) GOV. 172800 IN NS a.ns.GOV. GOV. 172800 IN NS b.ns.GOV. GOV. 172800 IN NS c.ns.GOV. GOV. 172800 IN NS d.ns.GOV. GOV. 86400 IN DS ( 2536 13 2 0baf26b7bbf313a859046fd3b1ee49ddfba33934cfb3e717c21e2a2935c2f259 ) GOV. 86400 IN RRSIG ( DS 8 1 86400 20260624050000 20260611040000 54393 . sh0oBOu6VesUzF5Gkz5BNpYbE/d9/Q0ZB+l1uLMOlzA7wQgKs3tC6p/F0NGl8LRDt1fp+QkdhBqZ sFY9P2QkiQGuazAXJC6lUQjnJFtAGG6aY3FE/+f6Q1otzxLD4nNBdfxZwTcIkqu+u5DGZ1XJ14YD Ja1Vykw0FCRoqba1McrESzgLHxyxyXBdjcrklwGmHpuZSRUpYE51g01LqURhqe+E1i43r8K2gV3g NjrOaFgo8hXgNUN07jM8i9IIz0n1oQ5Cz5wZgj+rezjnMEMsX6UCr+ctBoo0c/oiQyfMLRYXZ0at 3gNlAj11IISF82c7/ahtd9c6MXatLRZPsSyKMw== ) ;; ADDITIONAL SECTION (9 records) a.ns.GOV. 172800 IN A 199.33.230.1 b.ns.GOV. 172800 IN A 199.33.231.1 c.ns.GOV. 172800 IN A 199.33.232.1 d.ns.GOV. 172800 IN A 199.33.233.1 a.ns.GOV. 172800 IN AAAA 2001:503:ff40::1 b.ns.GOV. 172800 IN AAAA 2001:503:ff41::1 c.ns.GOV. 172800 IN AAAA 2001:503:ff42::1 d.ns.GOV. 172800 IN AAAA 2001:503:ff43::1 ;; { "EDNS-VERSION": 0 }
	Query to e.root-servers.net for GOV/DNSKEY
	Received 610 bytes from 192.203.230.10
	;; Response received from [192.203.230.10] 610 octets ;; HEADER SECTION ;; id = 23116 ;; qr = 1 aa = 0 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; do = 1 co = 0 ;; qdcount = 1 ancount = 0 ;; nscount = 6 arcount = 9 ;; { "EDNS-VERSION": 0, ;; "FLAGS": "8000", ;; "RCODE": 0, ;; "UDPSIZE": 1472, ;; "OPTIONS": [ ] ;; } ;; QUESTION SECTION (1 record) ;; GOV. IN DNSKEY ;; ANSWER SECTION (0 records) ;; AUTHORITY SECTION (6 records) GOV. 172800 IN NS a.ns.GOV. GOV. 172800 IN NS b.ns.GOV. GOV. 172800 IN NS c.ns.GOV. GOV. 172800 IN NS d.ns.GOV. GOV. 86400 IN DS ( 2536 13 2 0baf26b7bbf313a859046fd3b1ee49ddfba33934cfb3e717c21e2a2935c2f259 ) GOV. 86400 IN RRSIG ( DS 8 1 86400 20260624050000 20260611040000 54393 . sh0oBOu6VesUzF5Gkz5BNpYbE/d9/Q0ZB+l1uLMOlzA7wQgKs3tC6p/F0NGl8LRDt1fp+QkdhBqZ sFY9P2QkiQGuazAXJC6lUQjnJFtAGG6aY3FE/+f6Q1otzxLD4nNBdfxZwTcIkqu+u5DGZ1XJ14YD Ja1Vykw0FCRoqba1McrESzgLHxyxyXBdjcrklwGmHpuZSRUpYE51g01LqURhqe+E1i43r8K2gV3g NjrOaFgo8hXgNUN07jM8i9IIz0n1oQ5Cz5wZgj+rezjnMEMsX6UCr+ctBoo0c/oiQyfMLRYXZ0at 3gNlAj11IISF82c7/ahtd9c6MXatLRZPsSyKMw== ) ;; ADDITIONAL SECTION (9 records) a.ns.GOV. 172800 IN A 199.33.230.1 a.ns.GOV. 172800 IN AAAA 2001:503:ff40::1 b.ns.GOV. 172800 IN A 199.33.231.1 b.ns.GOV. 172800 IN AAAA 2001:503:ff41::1 c.ns.GOV. 172800 IN A 199.33.232.1 c.ns.GOV. 172800 IN AAAA 2001:503:ff42::1 d.ns.GOV. 172800 IN A 199.33.233.1 d.ns.GOV. 172800 IN AAAA 2001:503:ff43::1 ;; { "EDNS-VERSION": 0 }
	Found child zone GOV

GOV

	Checking DS between . and GOV
	Query to m.root-servers.net for GOV/DS
	Received 370 bytes from 202.12.27.33
	;; Response received from [202.12.27.33] 370 octets ;; HEADER SECTION ;; id = 44496 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; do = 1 co = 0 ;; qdcount = 1 ancount = 2 ;; nscount = 0 arcount = 1 ;; { "EDNS-VERSION": 0, ;; "FLAGS": "8000", ;; "RCODE": 0, ;; "UDPSIZE": 1232, ;; "OPTIONS": [ ] ;; } ;; QUESTION SECTION (1 record) ;; GOV. IN DS ;; ANSWER SECTION (2 records) gov. 86400 IN DS ( 2536 13 2 0baf26b7bbf313a859046fd3b1ee49ddfba33934cfb3e717c21e2a2935c2f259 ) gov. 86400 IN RRSIG ( DS 8 1 86400 20260624050000 20260611040000 54393 . sh0oBOu6VesUzF5Gkz5BNpYbE/d9/Q0ZB+l1uLMOlzA7wQgKs3tC6p/F0NGl8LRDt1fp+QkdhBqZ sFY9P2QkiQGuazAXJC6lUQjnJFtAGG6aY3FE/+f6Q1otzxLD4nNBdfxZwTcIkqu+u5DGZ1XJ14YD Ja1Vykw0FCRoqba1McrESzgLHxyxyXBdjcrklwGmHpuZSRUpYE51g01LqURhqe+E1i43r8K2gV3g NjrOaFgo8hXgNUN07jM8i9IIz0n1oQ5Cz5wZgj+rezjnMEMsX6UCr+ctBoo0c/oiQyfMLRYXZ0at 3gNlAj11IISF82c7/ahtd9c6MXatLRZPsSyKMw== ) ;; AUTHORITY SECTION (0 records) ;; ADDITIONAL SECTION (1 record) ;; { "EDNS-VERSION": 0 }
	Found 1 DS records for GOV in the . zone
	DS=2536/SHA-256 has algorithm ECDSAP256SHA256
	Found 1 RRSIGs over DS RRset
	`gov. 86400 IN RRSIG ( DS 8 1 86400 20260624050000 20260611040000 54393 . sh0oBOu6VesUzF5Gkz5BNpYbE/d9/Q0ZB+l1uLMOlzA7wQgKs3tC6p/F0NGl8LRDt1fp+QkdhBqZ sFY9P2QkiQGuazAXJC6lUQjnJFtAGG6aY3FE/+f6Q1otzxLD4nNBdfxZwTcIkqu+u5DGZ1XJ14YD Ja1Vykw0FCRoqba1McrESzgLHxyxyXBdjcrklwGmHpuZSRUpYE51g01LqURhqe+E1i43r8K2gV3g NjrOaFgo8hXgNUN07jM8i9IIz0n1oQ5Cz5wZgj+rezjnMEMsX6UCr+ctBoo0c/oiQyfMLRYXZ0at 3gNlAj11IISF82c7/ahtd9c6MXatLRZPsSyKMw== )`
	RRSIG=54393 and DNSKEY=54393 verifies the DS RRset
	DS=2536/SHA-256 is now in the chain-of-trust
	`gov. 86400 IN DS ( 2536 13 2 0baf26b7bbf313a859046fd3b1ee49ddfba33934cfb3e717c21e2a2935c2f259 )`
	Query to a.ns.GOV for GOV/DNSKEY
	Received 291 bytes from 199.33.230.1
	;; Response received from [199.33.230.1] 291 octets ;; HEADER SECTION ;; id = 30220 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; do = 1 co = 0 ;; qdcount = 1 ancount = 3 ;; nscount = 0 arcount = 1 ;; { "EDNS-VERSION": 0, ;; "FLAGS": "8000", ;; "RCODE": 0, ;; "UDPSIZE": 1232, ;; "OPTIONS": [ ] ;; } ;; QUESTION SECTION (1 record) ;; GOV. IN DNSKEY ;; ANSWER SECTION (3 records) GOV. 3600 IN DNSKEY ( 257 3 13 D6ZhJTObQw3+kcewWf5iTHbzD3uTdbs5xf0kQfP/VXZcDovWJd0DUgHlp2VC002aLDCwhLoPPVN2 VfyoPnjCqg== ) ; keytag 2536 GOV. 3600 IN DNSKEY ( 256 3 13 Of5kU9k4XfdcPwCK9k/zRJNu+Xspnw/BDd+1V6ZpDXRIpHe35BnHTZUBJN9gd6++HkiGXx2YnTji iO7/q+Yamg== ) ; keytag 35496 GOV. 3600 IN RRSIG ( DNSKEY 13 1 3600 20260723110631 20260523110631 2536 gov. KuwBJAdUDPtJavW6u6F8ib8E+R3O8hIRJ3mN+zRdmXbJ7LYMyAN5A6mf1nr9I/8WsCmSxZS5Nehw XiGC/1k0Iw== ) ;; AUTHORITY SECTION (0 records) ;; ADDITIONAL SECTION (1 record) ;; { "EDNS-VERSION": 0 }
	Found 2 DNSKEY records for GOV
	`GOV. 3600 IN DNSKEY ( 257 3 13 D6ZhJTObQw3+kcewWf5iTHbzD3uTdbs5xf0kQfP/VXZcDovWJd0DUgHlp2VC002aLDCwhLoPPVN2 VfyoPnjCqg== ) ; keytag 2536`
	`GOV. 3600 IN DNSKEY ( 256 3 13 Of5kU9k4XfdcPwCK9k/zRJNu+Xspnw/BDd+1V6ZpDXRIpHe35BnHTZUBJN9gd6++HkiGXx2YnTji iO7/q+Yamg== ) ; keytag 35496`
	DNSKEY=2536/SEP is now in the chain-of-trust
	DS=2536/SHA-256 verifies DNSKEY=2536/SEP
	Found 1 RRSIGs over DNSKEY RRset
	`GOV. 3600 IN RRSIG ( DNSKEY 13 1 3600 20260723110631 20260523110631 2536 gov. KuwBJAdUDPtJavW6u6F8ib8E+R3O8hIRJ3mN+zRdmXbJ7LYMyAN5A6mf1nr9I/8WsCmSxZS5Nehw XiGC/1k0Iw== )`
	RRSIG=2536 and DNSKEY=2536/SEP verifies the DNSKEY RRset
	DNSKEY=35496 is now in the chain-of-trust
	Query to d.ns.GOV for HEALTHINDICATORS.GOV/A
	Received 325 bytes from 199.33.233.1
	;; Response received from [199.33.233.1] 325 octets ;; HEADER SECTION ;; id = 49895 ;; qr = 1 aa = 0 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; do = 1 co = 0 ;; qdcount = 1 ancount = 0 ;; nscount = 8 arcount = 1 ;; { "EDNS-VERSION": 0, ;; "FLAGS": "8000", ;; "RCODE": 0, ;; "UDPSIZE": 1232, ;; "OPTIONS": [ ] ;; } ;; QUESTION SECTION (1 record) ;; HEALTHINDICATORS.GOV. IN A ;; ANSWER SECTION (0 records) ;; AUTHORITY SECTION (8 records) HEALTHINDICATORS.GOV. 10800 IN NS a1-43.akam.net. HEALTHINDICATORS.GOV. 10800 IN NS a2-64.akam.net. HEALTHINDICATORS.GOV. 10800 IN NS a28-65.akam.net. HEALTHINDICATORS.GOV. 10800 IN NS a5-66.akam.net. HEALTHINDICATORS.GOV. 10800 IN NS a8-67.akam.net. HEALTHINDICATORS.GOV. 10800 IN NS a9-64.akam.net. HEALTHINDICATORS.GOV. 3600 IN DS ( 23777 13 2 b89f45d1099b8e5b2f5bcd3d29dacdfa2c255f44e05f62c1ad1c200f27134ff9 ) HEALTHINDICATORS.GOV. 3600 IN RRSIG ( DS 13 2 3600 20260612162358 20260610142358 35496 gov. m4sVQ+//UC6l9Kwb/PgpnA4whHFLc18fNiXSVi+V5KaHdbCtVsUBZ/XTf6wJSnz5wpDGel/gQm06 9Gq2mfaV0w== ) ;; ADDITIONAL SECTION (1 record) ;; { "EDNS-VERSION": 0 }
	Query to d.ns.GOV for HEALTHINDICATORS.GOV/DNSKEY
	Received 325 bytes from 199.33.233.1
	;; Response received from [199.33.233.1] 325 octets ;; HEADER SECTION ;; id = 52484 ;; qr = 1 aa = 0 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; do = 1 co = 0 ;; qdcount = 1 ancount = 0 ;; nscount = 8 arcount = 1 ;; { "EDNS-VERSION": 0, ;; "FLAGS": "8000", ;; "RCODE": 0, ;; "UDPSIZE": 1232, ;; "OPTIONS": [ ] ;; } ;; QUESTION SECTION (1 record) ;; HEALTHINDICATORS.GOV. IN DNSKEY ;; ANSWER SECTION (0 records) ;; AUTHORITY SECTION (8 records) HEALTHINDICATORS.GOV. 10800 IN NS a1-43.akam.net. HEALTHINDICATORS.GOV. 10800 IN NS a2-64.akam.net. HEALTHINDICATORS.GOV. 10800 IN NS a28-65.akam.net. HEALTHINDICATORS.GOV. 10800 IN NS a5-66.akam.net. HEALTHINDICATORS.GOV. 10800 IN NS a8-67.akam.net. HEALTHINDICATORS.GOV. 10800 IN NS a9-64.akam.net. HEALTHINDICATORS.GOV. 3600 IN DS ( 23777 13 2 b89f45d1099b8e5b2f5bcd3d29dacdfa2c255f44e05f62c1ad1c200f27134ff9 ) HEALTHINDICATORS.GOV. 3600 IN RRSIG ( DS 13 2 3600 20260612162358 20260610142358 35496 gov. bRV01uSGUaUH3vU4Sqx/ON4UmJCv+zh8JLorxpbRb++X6oKEToAPYNSXfr0W374OdA78TYlMieaL 7fKq0cy4iw== ) ;; ADDITIONAL SECTION (1 record) ;; { "EDNS-VERSION": 0 }
	Found child zone HEALTHINDICATORS.GOV

HEALTHINDICATORS.GOV

	Checking DS between GOV and HEALTHINDICATORS.GOV
	Query to a.ns.GOV for HEALTHINDICATORS.GOV/DS
	Received 196 bytes from 199.33.230.1
	;; Response received from [199.33.230.1] 196 octets ;; HEADER SECTION ;; id = 8942 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; do = 1 co = 0 ;; qdcount = 1 ancount = 2 ;; nscount = 0 arcount = 1 ;; { "EDNS-VERSION": 0, ;; "FLAGS": "8000", ;; "RCODE": 0, ;; "UDPSIZE": 1232, ;; "OPTIONS": [ ] ;; } ;; QUESTION SECTION (1 record) ;; HEALTHINDICATORS.GOV. IN DS ;; ANSWER SECTION (2 records) HEALTHINDICATORS.GOV. 3600 IN DS ( 23777 13 2 b89f45d1099b8e5b2f5bcd3d29dacdfa2c255f44e05f62c1ad1c200f27134ff9 ) HEALTHINDICATORS.GOV. 3600 IN RRSIG ( DS 13 2 3600 20260612162358 20260610142358 35496 gov. ufg0Hjt53u1LVu75KjWdyDodIoR+JO16uNH+s2UK9hQaTjNIeV2deis86k3Tf6lyiOMHH24mHgCX L/WzrXD36Q== ) ;; AUTHORITY SECTION (0 records) ;; ADDITIONAL SECTION (1 record) ;; { "EDNS-VERSION": 0 }
	Found 1 DS records for HEALTHINDICATORS.GOV in the GOV zone
	DS=23777/SHA-256 has algorithm ECDSAP256SHA256
	Found 1 RRSIGs over DS RRset
	`HEALTHINDICATORS.GOV. 3600 IN RRSIG ( DS 13 2 3600 20260612162358 20260610142358 35496 gov. ufg0Hjt53u1LVu75KjWdyDodIoR+JO16uNH+s2UK9hQaTjNIeV2deis86k3Tf6lyiOMHH24mHgCX L/WzrXD36Q== )`
	RRSIG=35496 and DNSKEY=35496 verifies the DS RRset
	DS=23777/SHA-256 is now in the chain-of-trust
	`HEALTHINDICATORS.GOV. 3600 IN DS ( 23777 13 2 b89f45d1099b8e5b2f5bcd3d29dacdfa2c255f44e05f62c1ad1c200f27134ff9 )`
	Query to a2-64.akam.net for HEALTHINDICATORS.GOV/DNSKEY
	Received 405 bytes from 95.100.174.64
	;; Response received from [95.100.174.64] 405 octets ;; HEADER SECTION ;; id = 1029 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; do = 1 co = 0 ;; qdcount = 1 ancount = 4 ;; nscount = 0 arcount = 1 ;; { "EDNS-VERSION": 0, ;; "FLAGS": "8000", ;; "RCODE": 0, ;; "UDPSIZE": 4096, ;; "OPTIONS": [ ] ;; } ;; QUESTION SECTION (1 record) ;; HEALTHINDICATORS.GOV. IN DNSKEY ;; ANSWER SECTION (4 records) HEALTHINDICATORS.GOV. 7200 IN DNSKEY ( 256 3 13 gtPboF3r/6wF42ZdUo6KAN5zatoH9IBEu8FthrZuR6vGgMLfE094YqbrrJvx0z/8HiXnDx0RDu9i un6Pv80Awg== ) ; keytag 28490 HEALTHINDICATORS.GOV. 7200 IN DNSKEY ( 257 3 13 k+tp9IHDV+XVSJOu+YJvmOyb6ALjkF6DrkD3jt92l6i2v/mk22eMXrlMv3trwujNV/zEWvH63BFR RGLR4JUXAg== ) ; keytag 23777 HEALTHINDICATORS.GOV. 7200 IN DNSKEY ( 256 3 13 KPlaEC2UX6HcdgNdD+G53kBk3LJRwSMFGiU1/JPYpzSfbsuIuGmG/FsF5qGHcjhIYnBn9cQMEXmj hWRG599xdw== ) ; keytag 34746 HEALTHINDICATORS.GOV. 7200 IN RRSIG ( DNSKEY 13 2 7200 20260613202256 20260610192256 23777 healthindicators.gov. /loKnORdW6kgoq4xkUHEFq4RVd8ZTBIgi4KrFm8TsvZeQ8Z0XyI7XaYMFoXbDPSwR6y0KKGFD1oG MM9GZtp/bg== ) ;; AUTHORITY SECTION (0 records) ;; ADDITIONAL SECTION (1 record) ;; { "EDNS-VERSION": 0 }
	Found 3 DNSKEY records for HEALTHINDICATORS.GOV
	`HEALTHINDICATORS.GOV. 7200 IN DNSKEY ( 256 3 13 gtPboF3r/6wF42ZdUo6KAN5zatoH9IBEu8FthrZuR6vGgMLfE094YqbrrJvx0z/8HiXnDx0RDu9i un6Pv80Awg== ) ; keytag 28490`
	`HEALTHINDICATORS.GOV. 7200 IN DNSKEY ( 257 3 13 k+tp9IHDV+XVSJOu+YJvmOyb6ALjkF6DrkD3jt92l6i2v/mk22eMXrlMv3trwujNV/zEWvH63BFR RGLR4JUXAg== ) ; keytag 23777`
	`HEALTHINDICATORS.GOV. 7200 IN DNSKEY ( 256 3 13 KPlaEC2UX6HcdgNdD+G53kBk3LJRwSMFGiU1/JPYpzSfbsuIuGmG/FsF5qGHcjhIYnBn9cQMEXmj hWRG599xdw== ) ; keytag 34746`
	DNSKEY=23777/SEP is now in the chain-of-trust
	DS=23777/SHA-256 verifies DNSKEY=23777/SEP
	Found 1 RRSIGs over DNSKEY RRset
	`HEALTHINDICATORS.GOV. 7200 IN RRSIG ( DNSKEY 13 2 7200 20260613202256 20260610192256 23777 healthindicators.gov. /loKnORdW6kgoq4xkUHEFq4RVd8ZTBIgi4KrFm8TsvZeQ8Z0XyI7XaYMFoXbDPSwR6y0KKGFD1oG MM9GZtp/bg== )`
	RRSIG=23777 and DNSKEY=23777/SEP verifies the DNSKEY RRset
	DNSKEY=28490 is now in the chain-of-trust
	DNSKEY=34746 is now in the chain-of-trust
	Query to a28-65.akam.net for HEALTHINDICATORS.GOV/A
	Received 414 bytes from 95.100.173.65
	;; Response received from [95.100.173.65] 414 octets ;; HEADER SECTION ;; id = 64418 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; do = 1 co = 0 ;; qdcount = 1 ancount = 0 ;; nscount = 4 arcount = 1 ;; { "EDNS-VERSION": 0, ;; "FLAGS": "8000", ;; "RCODE": 0, ;; "UDPSIZE": 4096, ;; "OPTIONS": [ ] ;; } ;; QUESTION SECTION (1 record) ;; HEALTHINDICATORS.GOV. IN A ;; ANSWER SECTION (0 records) ;; AUTHORITY SECTION (4 records) HEALTHINDICATORS.GOV. 3600 IN SOA ( ns2.cdc.GOV. dnsadmin.cdc.GOV. 740946733 ;serial 10800 ;refresh 3600 ;retry 604800 ;expire 84600 ;minimum ) HEALTHINDICATORS.GOV. 3600 IN RRSIG ( SOA 13 2 3600 20260613202256 20260610192256 34746 healthindicators.gov. vu4Yr6Q0AKgShnTmqmjAzYLHxwXr+26DyC6Ah44BzBUh42KGlyEdh7qUw6ET4Wj2full/6k7QZ9Y UD38Gzq6UA== ) nvs8jbkdfmk8sndgp7lg789e90v7jj5a.HEALTHINDICATORS.GOV. 84600 IN NSEC3 ( 1 0 0 - 700rvp7kd08sjeaiisauob6k5b5g59m4 NS SOA TXT RRSIG DNSKEY NSEC3PARAM ) nvs8jbkdfmk8sndgp7lg789e90v7jj5a.HEALTHINDICATORS.GOV. 84600 IN RRSIG ( NSEC3 13 3 84600 20260613202256 20260610192256 34746 healthindicators.gov. 4RJYI02wFuHoE2RPimTeyZpa/H7Uv2GD/BZGoJPbpmde759x2O4lxMMkajeLHtzIyqVhqqfya/hj qY2iXy0dfw== ) ;; ADDITIONAL SECTION (1 record) ;; { "EDNS-VERSION": 0 }
	a28-65.akam.net is authoritative for HEALTHINDICATORS.GOV
	Found RRSIG signed by healthindicators.gov zone
	Query to a2-64.akam.net for HEALTHINDICATORS.GOV/SOA
	Received 463 bytes from 95.100.174.64
	;; Response received from [95.100.174.64] 463 octets ;; HEADER SECTION ;; id = 9654 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; do = 1 co = 0 ;; qdcount = 1 ancount = 2 ;; nscount = 7 arcount = 1 ;; { "EDNS-VERSION": 0, ;; "FLAGS": "8000", ;; "RCODE": 0, ;; "UDPSIZE": 4096, ;; "OPTIONS": [ ] ;; } ;; QUESTION SECTION (1 record) ;; HEALTHINDICATORS.GOV. IN SOA ;; ANSWER SECTION (2 records) HEALTHINDICATORS.GOV. 3600 IN SOA ( ns2.cdc.GOV. dnsadmin.cdc.GOV. 740946733 ;serial 10800 ;refresh 3600 ;retry 604800 ;expire 84600 ;minimum ) HEALTHINDICATORS.GOV. 3600 IN RRSIG ( SOA 13 2 3600 20260613202256 20260610192256 34746 healthindicators.gov. vu4Yr6Q0AKgShnTmqmjAzYLHxwXr+26DyC6Ah44BzBUh42KGlyEdh7qUw6ET4Wj2full/6k7QZ9Y UD38Gzq6UA== ) ;; AUTHORITY SECTION (7 records) HEALTHINDICATORS.GOV. 3600 IN NS a1-43.akam.net. HEALTHINDICATORS.GOV. 3600 IN NS a28-65.akam.net. HEALTHINDICATORS.GOV. 3600 IN NS a2-64.akam.net. HEALTHINDICATORS.GOV. 3600 IN NS a9-64.akam.net. HEALTHINDICATORS.GOV. 3600 IN NS a5-66.akam.net. HEALTHINDICATORS.GOV. 3600 IN NS a8-67.akam.net. HEALTHINDICATORS.GOV. 3600 IN RRSIG ( NS 13 2 3600 20260613202256 20260610192256 34746 healthindicators.gov. RMeTeAuH2brERAuRiHHQma6+gDCat9ZGqoKAl4RednYggcg5IdVcA38ivVh624uK1EVWOcWxMQpC z628EwFkWg== ) ;; ADDITIONAL SECTION (1 record) ;; { "EDNS-VERSION": 0 }
	Query to a9-64.akam.net for HEALTHINDICATORS.GOV/SOA
	Received 463 bytes from 184.85.248.64
	;; Response received from [184.85.248.64] 463 octets ;; HEADER SECTION ;; id = 49770 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; do = 1 co = 0 ;; qdcount = 1 ancount = 2 ;; nscount = 7 arcount = 1 ;; { "EDNS-VERSION": 0, ;; "FLAGS": "8000", ;; "RCODE": 0, ;; "UDPSIZE": 4096, ;; "OPTIONS": [ ] ;; } ;; QUESTION SECTION (1 record) ;; HEALTHINDICATORS.GOV. IN SOA ;; ANSWER SECTION (2 records) HEALTHINDICATORS.GOV. 3600 IN SOA ( ns2.cdc.GOV. dnsadmin.cdc.GOV. 740946733 ;serial 10800 ;refresh 3600 ;retry 604800 ;expire 84600 ;minimum ) HEALTHINDICATORS.GOV. 3600 IN RRSIG ( SOA 13 2 3600 20260613202256 20260610192256 34746 healthindicators.gov. vu4Yr6Q0AKgShnTmqmjAzYLHxwXr+26DyC6Ah44BzBUh42KGlyEdh7qUw6ET4Wj2full/6k7QZ9Y UD38Gzq6UA== ) ;; AUTHORITY SECTION (7 records) HEALTHINDICATORS.GOV. 3600 IN NS a2-64.akam.net. HEALTHINDICATORS.GOV. 3600 IN NS a1-43.akam.net. HEALTHINDICATORS.GOV. 3600 IN NS a28-65.akam.net. HEALTHINDICATORS.GOV. 3600 IN NS a9-64.akam.net. HEALTHINDICATORS.GOV. 3600 IN NS a8-67.akam.net. HEALTHINDICATORS.GOV. 3600 IN NS a5-66.akam.net. HEALTHINDICATORS.GOV. 3600 IN RRSIG ( NS 13 2 3600 20260613202256 20260610192256 34746 healthindicators.gov. RMeTeAuH2brERAuRiHHQma6+gDCat9ZGqoKAl4RednYggcg5IdVcA38ivVh624uK1EVWOcWxMQpC z628EwFkWg== ) ;; ADDITIONAL SECTION (1 record) ;; { "EDNS-VERSION": 0 }
	Query to a1-43.akam.net for HEALTHINDICATORS.GOV/SOA
	Received 463 bytes from 193.108.91.43
	;; Response received from [193.108.91.43] 463 octets ;; HEADER SECTION ;; id = 15334 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; do = 1 co = 0 ;; qdcount = 1 ancount = 2 ;; nscount = 7 arcount = 1 ;; { "EDNS-VERSION": 0, ;; "FLAGS": "8000", ;; "RCODE": 0, ;; "UDPSIZE": 4096, ;; "OPTIONS": [ ] ;; } ;; QUESTION SECTION (1 record) ;; HEALTHINDICATORS.GOV. IN SOA ;; ANSWER SECTION (2 records) HEALTHINDICATORS.GOV. 3600 IN SOA ( ns2.cdc.GOV. dnsadmin.cdc.GOV. 740946733 ;serial 10800 ;refresh 3600 ;retry 604800 ;expire 84600 ;minimum ) HEALTHINDICATORS.GOV. 3600 IN RRSIG ( SOA 13 2 3600 20260613202256 20260610192256 34746 healthindicators.gov. vu4Yr6Q0AKgShnTmqmjAzYLHxwXr+26DyC6Ah44BzBUh42KGlyEdh7qUw6ET4Wj2full/6k7QZ9Y UD38Gzq6UA== ) ;; AUTHORITY SECTION (7 records) HEALTHINDICATORS.GOV. 3600 IN NS a9-64.akam.net. HEALTHINDICATORS.GOV. 3600 IN NS a1-43.akam.net. HEALTHINDICATORS.GOV. 3600 IN NS a28-65.akam.net. HEALTHINDICATORS.GOV. 3600 IN NS a8-67.akam.net. HEALTHINDICATORS.GOV. 3600 IN NS a5-66.akam.net. HEALTHINDICATORS.GOV. 3600 IN NS a2-64.akam.net. HEALTHINDICATORS.GOV. 3600 IN RRSIG ( NS 13 2 3600 20260613202256 20260610192256 34746 healthindicators.gov. RMeTeAuH2brERAuRiHHQma6+gDCat9ZGqoKAl4RednYggcg5IdVcA38ivVh624uK1EVWOcWxMQpC z628EwFkWg== ) ;; ADDITIONAL SECTION (1 record) ;; { "EDNS-VERSION": 0 }
	Query to a5-66.akam.net for HEALTHINDICATORS.GOV/SOA
	Received 463 bytes from 95.100.168.66
	;; Response received from [95.100.168.66] 463 octets ;; HEADER SECTION ;; id = 53641 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; do = 1 co = 0 ;; qdcount = 1 ancount = 2 ;; nscount = 7 arcount = 1 ;; { "EDNS-VERSION": 0, ;; "FLAGS": "8000", ;; "RCODE": 0, ;; "UDPSIZE": 4096, ;; "OPTIONS": [ ] ;; } ;; QUESTION SECTION (1 record) ;; HEALTHINDICATORS.GOV. IN SOA ;; ANSWER SECTION (2 records) HEALTHINDICATORS.GOV. 3600 IN SOA ( ns2.cdc.GOV. dnsadmin.cdc.GOV. 740946733 ;serial 10800 ;refresh 3600 ;retry 604800 ;expire 84600 ;minimum ) HEALTHINDICATORS.GOV. 3600 IN RRSIG ( SOA 13 2 3600 20260613202256 20260610192256 34746 healthindicators.gov. vu4Yr6Q0AKgShnTmqmjAzYLHxwXr+26DyC6Ah44BzBUh42KGlyEdh7qUw6ET4Wj2full/6k7QZ9Y UD38Gzq6UA== ) ;; AUTHORITY SECTION (7 records) HEALTHINDICATORS.GOV. 3600 IN NS a28-65.akam.net. HEALTHINDICATORS.GOV. 3600 IN NS a1-43.akam.net. HEALTHINDICATORS.GOV. 3600 IN NS a2-64.akam.net. HEALTHINDICATORS.GOV. 3600 IN NS a5-66.akam.net. HEALTHINDICATORS.GOV. 3600 IN NS a9-64.akam.net. HEALTHINDICATORS.GOV. 3600 IN NS a8-67.akam.net. HEALTHINDICATORS.GOV. 3600 IN RRSIG ( NS 13 2 3600 20260613202256 20260610192256 34746 healthindicators.gov. RMeTeAuH2brERAuRiHHQma6+gDCat9ZGqoKAl4RednYggcg5IdVcA38ivVh624uK1EVWOcWxMQpC z628EwFkWg== ) ;; ADDITIONAL SECTION (1 record) ;; { "EDNS-VERSION": 0 }
	Query to a8-67.akam.net for HEALTHINDICATORS.GOV/SOA
	Received 463 bytes from 2.16.40.67
	;; Response received from [2.16.40.67] 463 octets ;; HEADER SECTION ;; id = 9759 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; do = 1 co = 0 ;; qdcount = 1 ancount = 2 ;; nscount = 7 arcount = 1 ;; { "EDNS-VERSION": 0, ;; "FLAGS": "8000", ;; "RCODE": 0, ;; "UDPSIZE": 4096, ;; "OPTIONS": [ ] ;; } ;; QUESTION SECTION (1 record) ;; HEALTHINDICATORS.GOV. IN SOA ;; ANSWER SECTION (2 records) HEALTHINDICATORS.GOV. 3600 IN SOA ( ns2.cdc.GOV. dnsadmin.cdc.GOV. 740946733 ;serial 10800 ;refresh 3600 ;retry 604800 ;expire 84600 ;minimum ) HEALTHINDICATORS.GOV. 3600 IN RRSIG ( SOA 13 2 3600 20260613202256 20260610192256 34746 healthindicators.gov. vu4Yr6Q0AKgShnTmqmjAzYLHxwXr+26DyC6Ah44BzBUh42KGlyEdh7qUw6ET4Wj2full/6k7QZ9Y UD38Gzq6UA== ) ;; AUTHORITY SECTION (7 records) HEALTHINDICATORS.GOV. 3600 IN NS a1-43.akam.net. HEALTHINDICATORS.GOV. 3600 IN NS a2-64.akam.net. HEALTHINDICATORS.GOV. 3600 IN NS a28-65.akam.net. HEALTHINDICATORS.GOV. 3600 IN NS a8-67.akam.net. HEALTHINDICATORS.GOV. 3600 IN NS a5-66.akam.net. HEALTHINDICATORS.GOV. 3600 IN NS a9-64.akam.net. HEALTHINDICATORS.GOV. 3600 IN RRSIG ( NS 13 2 3600 20260613202256 20260610192256 34746 healthindicators.gov. RMeTeAuH2brERAuRiHHQma6+gDCat9ZGqoKAl4RednYggcg5IdVcA38ivVh624uK1EVWOcWxMQpC z628EwFkWg== ) ;; ADDITIONAL SECTION (1 record) ;; { "EDNS-VERSION": 0 }
	Query to a28-65.akam.net for HEALTHINDICATORS.GOV/A
	NSEC3 validation not implemented yet
	Found 1 RRSIGs over SOA RRset
	`HEALTHINDICATORS.GOV. 3600 IN RRSIG ( SOA 13 2 3600 20260613202256 20260610192256 34746 healthindicators.gov. vu4Yr6Q0AKgShnTmqmjAzYLHxwXr+26DyC6Ah44BzBUh42KGlyEdh7qUw6ET4Wj2full/6k7QZ9Y UD38Gzq6UA== )`
	RRSIG=34746 and DNSKEY=34746 verifies the SOA RRset

HEALTHINDICATORS.GOV

	Query to a5-66.akam.net for HEALTHINDICATORS.GOV/A
	Received 414 bytes from 95.100.168.66
	;; Response received from [95.100.168.66] 414 octets ;; HEADER SECTION ;; id = 9667 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; do = 1 co = 0 ;; qdcount = 1 ancount = 0 ;; nscount = 4 arcount = 1 ;; { "EDNS-VERSION": 0, ;; "FLAGS": "8000", ;; "RCODE": 0, ;; "UDPSIZE": 4096, ;; "OPTIONS": [ ] ;; } ;; QUESTION SECTION (1 record) ;; HEALTHINDICATORS.GOV. IN A ;; ANSWER SECTION (0 records) ;; AUTHORITY SECTION (4 records) HEALTHINDICATORS.GOV. 3600 IN SOA ( ns2.cdc.GOV. dnsadmin.cdc.GOV. 740946733 ;serial 10800 ;refresh 3600 ;retry 604800 ;expire 84600 ;minimum ) HEALTHINDICATORS.GOV. 3600 IN RRSIG ( SOA 13 2 3600 20260613202256 20260610192256 34746 healthindicators.gov. vu4Yr6Q0AKgShnTmqmjAzYLHxwXr+26DyC6Ah44BzBUh42KGlyEdh7qUw6ET4Wj2full/6k7QZ9Y UD38Gzq6UA== ) nvs8jbkdfmk8sndgp7lg789e90v7jj5a.HEALTHINDICATORS.GOV. 84600 IN NSEC3 ( 1 0 0 - 700rvp7kd08sjeaiisauob6k5b5g59m4 NS SOA TXT RRSIG DNSKEY NSEC3PARAM ) nvs8jbkdfmk8sndgp7lg789e90v7jj5a.HEALTHINDICATORS.GOV. 84600 IN RRSIG ( NSEC3 13 3 84600 20260613202256 20260610192256 34746 healthindicators.gov. 4RJYI02wFuHoE2RPimTeyZpa/H7Uv2GD/BZGoJPbpmde759x2O4lxMMkajeLHtzIyqVhqqfya/hj qY2iXy0dfw== ) ;; ADDITIONAL SECTION (1 record) ;; { "EDNS-VERSION": 0 }
	a5-66.akam.net is authoritative for HEALTHINDICATORS.GOV
	Found RRSIG signed by healthindicators.gov zone
	Query to a5-66.akam.net for HEALTHINDICATORS.GOV/A
	NSEC3 validation not implemented yet
	Found 1 RRSIGs over SOA RRset
	`HEALTHINDICATORS.GOV. 3600 IN RRSIG ( SOA 13 2 3600 20260613202256 20260610192256 34746 healthindicators.gov. vu4Yr6Q0AKgShnTmqmjAzYLHxwXr+26DyC6Ah44BzBUh42KGlyEdh7qUw6ET4Wj2full/6k7QZ9Y UD38Gzq6UA== )`
	RRSIG=34746 and DNSKEY=34746 verifies the SOA RRset

HEALTHINDICATORS.GOV

	Query to a2-64.akam.net for HEALTHINDICATORS.GOV/A
	Received 414 bytes from 95.100.174.64
	;; Response received from [95.100.174.64] 414 octets ;; HEADER SECTION ;; id = 44325 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; do = 1 co = 0 ;; qdcount = 1 ancount = 0 ;; nscount = 4 arcount = 1 ;; { "EDNS-VERSION": 0, ;; "FLAGS": "8000", ;; "RCODE": 0, ;; "UDPSIZE": 4096, ;; "OPTIONS": [ ] ;; } ;; QUESTION SECTION (1 record) ;; HEALTHINDICATORS.GOV. IN A ;; ANSWER SECTION (0 records) ;; AUTHORITY SECTION (4 records) nvs8jbkdfmk8sndgp7lg789e90v7jj5a.HEALTHINDICATORS.GOV. 84600 IN NSEC3 ( 1 0 0 - 700rvp7kd08sjeaiisauob6k5b5g59m4 NS SOA TXT RRSIG DNSKEY NSEC3PARAM ) nvs8jbkdfmk8sndgp7lg789e90v7jj5a.HEALTHINDICATORS.GOV. 84600 IN RRSIG ( NSEC3 13 3 84600 20260613202256 20260610192256 34746 healthindicators.gov. 4RJYI02wFuHoE2RPimTeyZpa/H7Uv2GD/BZGoJPbpmde759x2O4lxMMkajeLHtzIyqVhqqfya/hj qY2iXy0dfw== ) HEALTHINDICATORS.GOV. 3600 IN SOA ( ns2.cdc.GOV. dnsadmin.cdc.GOV. 740946733 ;serial 10800 ;refresh 3600 ;retry 604800 ;expire 84600 ;minimum ) HEALTHINDICATORS.GOV. 3600 IN RRSIG ( SOA 13 2 3600 20260613202256 20260610192256 34746 healthindicators.gov. vu4Yr6Q0AKgShnTmqmjAzYLHxwXr+26DyC6Ah44BzBUh42KGlyEdh7qUw6ET4Wj2full/6k7QZ9Y UD38Gzq6UA== ) ;; ADDITIONAL SECTION (1 record) ;; { "EDNS-VERSION": 0 }
	a2-64.akam.net is authoritative for HEALTHINDICATORS.GOV
	Found RRSIG signed by healthindicators.gov zone
	Query to a2-64.akam.net for HEALTHINDICATORS.GOV/A
	NSEC3 validation not implemented yet
	Found 1 RRSIGs over SOA RRset
	`HEALTHINDICATORS.GOV. 3600 IN RRSIG ( SOA 13 2 3600 20260613202256 20260610192256 34746 healthindicators.gov. vu4Yr6Q0AKgShnTmqmjAzYLHxwXr+26DyC6Ah44BzBUh42KGlyEdh7qUw6ET4Wj2full/6k7QZ9Y UD38Gzq6UA== )`
	RRSIG=34746 and DNSKEY=34746 verifies the SOA RRset

HEALTHINDICATORS.GOV

	Query to a1-43.akam.net for HEALTHINDICATORS.GOV/A
	Received 414 bytes from 193.108.91.43
	;; Response received from [193.108.91.43] 414 octets ;; HEADER SECTION ;; id = 2194 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; do = 1 co = 0 ;; qdcount = 1 ancount = 0 ;; nscount = 4 arcount = 1 ;; { "EDNS-VERSION": 0, ;; "FLAGS": "8000", ;; "RCODE": 0, ;; "UDPSIZE": 4096, ;; "OPTIONS": [ ] ;; } ;; QUESTION SECTION (1 record) ;; HEALTHINDICATORS.GOV. IN A ;; ANSWER SECTION (0 records) ;; AUTHORITY SECTION (4 records) nvs8jbkdfmk8sndgp7lg789e90v7jj5a.HEALTHINDICATORS.GOV. 84600 IN NSEC3 ( 1 0 0 - 700rvp7kd08sjeaiisauob6k5b5g59m4 NS SOA TXT RRSIG DNSKEY NSEC3PARAM ) nvs8jbkdfmk8sndgp7lg789e90v7jj5a.HEALTHINDICATORS.GOV. 84600 IN RRSIG ( NSEC3 13 3 84600 20260613202256 20260610192256 34746 healthindicators.gov. 4RJYI02wFuHoE2RPimTeyZpa/H7Uv2GD/BZGoJPbpmde759x2O4lxMMkajeLHtzIyqVhqqfya/hj qY2iXy0dfw== ) HEALTHINDICATORS.GOV. 3600 IN SOA ( ns2.cdc.GOV. dnsadmin.cdc.GOV. 740946733 ;serial 10800 ;refresh 3600 ;retry 604800 ;expire 84600 ;minimum ) HEALTHINDICATORS.GOV. 3600 IN RRSIG ( SOA 13 2 3600 20260613202256 20260610192256 34746 healthindicators.gov. vu4Yr6Q0AKgShnTmqmjAzYLHxwXr+26DyC6Ah44BzBUh42KGlyEdh7qUw6ET4Wj2full/6k7QZ9Y UD38Gzq6UA== ) ;; ADDITIONAL SECTION (1 record) ;; { "EDNS-VERSION": 0 }
	a1-43.akam.net is authoritative for HEALTHINDICATORS.GOV
	Found RRSIG signed by healthindicators.gov zone
	Query to a1-43.akam.net for HEALTHINDICATORS.GOV/A
	NSEC3 validation not implemented yet
	Found 1 RRSIGs over SOA RRset
	`HEALTHINDICATORS.GOV. 3600 IN RRSIG ( SOA 13 2 3600 20260613202256 20260610192256 34746 healthindicators.gov. vu4Yr6Q0AKgShnTmqmjAzYLHxwXr+26DyC6Ah44BzBUh42KGlyEdh7qUw6ET4Wj2full/6k7QZ9Y UD38Gzq6UA== )`
	RRSIG=34746 and DNSKEY=34746 verifies the SOA RRset

HEALTHINDICATORS.GOV

	Query to a9-64.akam.net for HEALTHINDICATORS.GOV/A
	Received 414 bytes from 184.85.248.64
	;; Response received from [184.85.248.64] 414 octets ;; HEADER SECTION ;; id = 32836 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; do = 1 co = 0 ;; qdcount = 1 ancount = 0 ;; nscount = 4 arcount = 1 ;; { "EDNS-VERSION": 0, ;; "FLAGS": "8000", ;; "RCODE": 0, ;; "UDPSIZE": 4096, ;; "OPTIONS": [ ] ;; } ;; QUESTION SECTION (1 record) ;; HEALTHINDICATORS.GOV. IN A ;; ANSWER SECTION (0 records) ;; AUTHORITY SECTION (4 records) nvs8jbkdfmk8sndgp7lg789e90v7jj5a.HEALTHINDICATORS.GOV. 84600 IN NSEC3 ( 1 0 0 - 700rvp7kd08sjeaiisauob6k5b5g59m4 NS SOA TXT RRSIG DNSKEY NSEC3PARAM ) nvs8jbkdfmk8sndgp7lg789e90v7jj5a.HEALTHINDICATORS.GOV. 84600 IN RRSIG ( NSEC3 13 3 84600 20260613202256 20260610192256 34746 healthindicators.gov. 4RJYI02wFuHoE2RPimTeyZpa/H7Uv2GD/BZGoJPbpmde759x2O4lxMMkajeLHtzIyqVhqqfya/hj qY2iXy0dfw== ) HEALTHINDICATORS.GOV. 3600 IN SOA ( ns2.cdc.GOV. dnsadmin.cdc.GOV. 740946733 ;serial 10800 ;refresh 3600 ;retry 604800 ;expire 84600 ;minimum ) HEALTHINDICATORS.GOV. 3600 IN RRSIG ( SOA 13 2 3600 20260613202256 20260610192256 34746 healthindicators.gov. vu4Yr6Q0AKgShnTmqmjAzYLHxwXr+26DyC6Ah44BzBUh42KGlyEdh7qUw6ET4Wj2full/6k7QZ9Y UD38Gzq6UA== ) ;; ADDITIONAL SECTION (1 record) ;; { "EDNS-VERSION": 0 }
	a9-64.akam.net is authoritative for HEALTHINDICATORS.GOV
	Found RRSIG signed by healthindicators.gov zone
	Query to a9-64.akam.net for HEALTHINDICATORS.GOV/A
	NSEC3 validation not implemented yet
	Found 1 RRSIGs over SOA RRset
	`HEALTHINDICATORS.GOV. 3600 IN RRSIG ( SOA 13 2 3600 20260613202256 20260610192256 34746 healthindicators.gov. vu4Yr6Q0AKgShnTmqmjAzYLHxwXr+26DyC6Ah44BzBUh42KGlyEdh7qUw6ET4Wj2full/6k7QZ9Y UD38Gzq6UA== )`
	RRSIG=34746 and DNSKEY=34746 verifies the SOA RRset

HEALTHINDICATORS.GOV

	Query to a8-67.akam.net for HEALTHINDICATORS.GOV/A
	Received 414 bytes from 2.16.40.67
	;; Response received from [2.16.40.67] 414 octets ;; HEADER SECTION ;; id = 24980 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; do = 1 co = 0 ;; qdcount = 1 ancount = 0 ;; nscount = 4 arcount = 1 ;; { "EDNS-VERSION": 0, ;; "FLAGS": "8000", ;; "RCODE": 0, ;; "UDPSIZE": 4096, ;; "OPTIONS": [ ] ;; } ;; QUESTION SECTION (1 record) ;; HEALTHINDICATORS.GOV. IN A ;; ANSWER SECTION (0 records) ;; AUTHORITY SECTION (4 records) HEALTHINDICATORS.GOV. 3600 IN SOA ( ns2.cdc.GOV. dnsadmin.cdc.GOV. 740946733 ;serial 10800 ;refresh 3600 ;retry 604800 ;expire 84600 ;minimum ) HEALTHINDICATORS.GOV. 3600 IN RRSIG ( SOA 13 2 3600 20260613202256 20260610192256 34746 healthindicators.gov. vu4Yr6Q0AKgShnTmqmjAzYLHxwXr+26DyC6Ah44BzBUh42KGlyEdh7qUw6ET4Wj2full/6k7QZ9Y UD38Gzq6UA== ) nvs8jbkdfmk8sndgp7lg789e90v7jj5a.HEALTHINDICATORS.GOV. 84600 IN NSEC3 ( 1 0 0 - 700rvp7kd08sjeaiisauob6k5b5g59m4 NS SOA TXT RRSIG DNSKEY NSEC3PARAM ) nvs8jbkdfmk8sndgp7lg789e90v7jj5a.HEALTHINDICATORS.GOV. 84600 IN RRSIG ( NSEC3 13 3 84600 20260613202256 20260610192256 34746 healthindicators.gov. 4RJYI02wFuHoE2RPimTeyZpa/H7Uv2GD/BZGoJPbpmde759x2O4lxMMkajeLHtzIyqVhqqfya/hj qY2iXy0dfw== ) ;; ADDITIONAL SECTION (1 record) ;; { "EDNS-VERSION": 0 }
	a8-67.akam.net is authoritative for HEALTHINDICATORS.GOV
	Found RRSIG signed by healthindicators.gov zone
	Query to a8-67.akam.net for HEALTHINDICATORS.GOV/A
	NSEC3 validation not implemented yet
	Found 1 RRSIGs over SOA RRset
	`HEALTHINDICATORS.GOV. 3600 IN RRSIG ( SOA 13 2 3600 20260613202256 20260610192256 34746 healthindicators.gov. vu4Yr6Q0AKgShnTmqmjAzYLHxwXr+26DyC6Ah44BzBUh42KGlyEdh7qUw6ET4Wj2full/6k7QZ9Y UD38Gzq6UA== )`
	RRSIG=34746 and DNSKEY=34746 verifies the SOA RRset

Move your mouse over any or symbols for remediation hints.

Want a second opinion? Test HEALTHINDICATORS.GOV at dnsviz.net.

DNSSEC Debugger

↓ Advanced options ↑ Advanced options

Trust Anchor:
Name Servers: