DNSSEC Debugger

Domain Name:

Time: 2024-07-27 03:05:29 UTC

Analyzing DNSSEC problems for adf.gov

DS=20326/SHA-256 is now in the chain-of-trust

	Checking DS between Trust Anchor and .
	`. IN DS ( 20326 8 2 e06d44b80b8f1d39a95c0b0d7c65d08458e880409bbc683457104237c7f8ec8d )`
	Query to c.root-servers.net for ./DNSKEY
	Received 865 bytes from 192.33.4.12
	;; Response received from [192.33.4.12] 865 octets ;; HEADER SECTION ;; id = 62604 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; qdcount = 1 ancount = 3 nscount = 0 arcount = 1 ;; do = 1 ;; { "EDNS-VERSION": 0, ;; "FLAGS": "8000", ;; "RCODE": 0, ;; "UDPSIZE": 1232, ;; "OPTIONS": [ ] ;; } ;; QUESTION SECTION (1 record) ;; . IN DNSKEY ;; ANSWER SECTION (3 records) . 172800 IN DNSKEY ( 256 3 8 AwEAAdSiy6sslYrcZSGcuMEK4DtE8DZZY1A08kAsviAD49tocYO5m37AvIOyzeiKBWuPuJ4m9u5H onCM/ntxklZKYFyMftv8XoRwbiXdpSjfdpNHiMYTTV2oDUNMjdLFnF6HYSY48xrPbevQOYbAFGHp xqcXAQT0+BaBiAx3Ls6lXBQ3/hSVOprvDWJCQiI2OT+9+saKLddSIX6DwTVy0S5T4YY4EGg5R3c/ eKUb2/8XgKWUzlOIZsVAZZUSTKW0tX54ccAALO7Grvsx/NW62jc1xv6wWAXocOEVgB7+4Lzb7q9p 5o30+sYoGpOsKgFvMSy4oCZTQMQx2Sjd/NG2bMMw6nM= ) ; Key ID = 20038 . 172800 IN DNSKEY ( 257 3 8 AwEAAaz/tAm8yTn4Mfeh5eyI96WSVexTBAvkMgJzkKTOiW1vkIbzxeF3+/4RgWOq7HrxRixHlFlE xOLAJr5emLvN7SWXgnLh4+B5xQlNVz8Og8kvArMtNROxVQuCaSnIDdD5LKyWbRd2n9WGe2R8PzgC mr3EgVLrjyBxWezF0jLHwVN8efS3rCj/EWgvIWgb9tarpVUDK/b58Da+sqqls3eNbuv7pr+eoZG+ SrDK6nWeL3c6H5Apxz7LjVc1uTIdsIXxuOLYA4/ilBmSVIzuDWfdRUfhHdY6+cn8HFRm+2hM8AnX GXws9555KrUB5qihylGa8subX2Nn6UwNR1AkUTV74bU= ) ; Key ID = 20326 . 172800 IN RRSIG ( DNSKEY 8 0 172800 20240811000000 20240721000000 20326 . oHsHLvNMC6b1tY+OF7BG9etZbZMixRQiBD6gzpzdD32m4l0Vdh6yO0vA6ECQ3PMHihplvZGlYgZc aow5WFWod7FGAufSncGrrX+55sXKn4I/cZhBfPYh3WCCI+H7Ug29tV81VkeHSJgVd3q5LfUVYkun Czoysi01iU48KefmKZAGqzPINkOwRJT76+lyrOzSVQWvYStWsR5EGSvPQ1/tJQXOIzaEzuDDFp50 2fCJqX9CK9LcjCeleXpeDfdH+7Kk1TqRMrRHt3ehRsqh4yuR5buq+p+lCsHht28vdgjADBehrqmb hv6MGoBE3QK+rW5xuHqlu3jRV15JBY3/NnDSyQ== ) ;; AUTHORITY SECTION (0 records) ;; ADDITIONAL SECTION (1 record) ;; { "EDNS-VERSION": 0 }
	Found 2 DNSKEY records for .
	`. 172800 IN DNSKEY ( 256 3 8 AwEAAdSiy6sslYrcZSGcuMEK4DtE8DZZY1A08kAsviAD49tocYO5m37AvIOyzeiKBWuPuJ4m9u5H onCM/ntxklZKYFyMftv8XoRwbiXdpSjfdpNHiMYTTV2oDUNMjdLFnF6HYSY48xrPbevQOYbAFGHp xqcXAQT0+BaBiAx3Ls6lXBQ3/hSVOprvDWJCQiI2OT+9+saKLddSIX6DwTVy0S5T4YY4EGg5R3c/ eKUb2/8XgKWUzlOIZsVAZZUSTKW0tX54ccAALO7Grvsx/NW62jc1xv6wWAXocOEVgB7+4Lzb7q9p 5o30+sYoGpOsKgFvMSy4oCZTQMQx2Sjd/NG2bMMw6nM= ) ; Key ID = 20038`
	`. 172800 IN DNSKEY ( 257 3 8 AwEAAaz/tAm8yTn4Mfeh5eyI96WSVexTBAvkMgJzkKTOiW1vkIbzxeF3+/4RgWOq7HrxRixHlFlE xOLAJr5emLvN7SWXgnLh4+B5xQlNVz8Og8kvArMtNROxVQuCaSnIDdD5LKyWbRd2n9WGe2R8PzgC mr3EgVLrjyBxWezF0jLHwVN8efS3rCj/EWgvIWgb9tarpVUDK/b58Da+sqqls3eNbuv7pr+eoZG+ SrDK6nWeL3c6H5Apxz7LjVc1uTIdsIXxuOLYA4/ilBmSVIzuDWfdRUfhHdY6+cn8HFRm+2hM8AnX GXws9555KrUB5qihylGa8subX2Nn6UwNR1AkUTV74bU= ) ; Key ID = 20326`
	DNSKEY=20326/SEP is now in the chain-of-trust
	DS=20326/SHA-256 verifies DNSKEY=20326/SEP
	Found 1 RRSIGs over DNSKEY RRset
	`. 172800 IN RRSIG ( DNSKEY 8 0 172800 20240811000000 20240721000000 20326 . oHsHLvNMC6b1tY+OF7BG9etZbZMixRQiBD6gzpzdD32m4l0Vdh6yO0vA6ECQ3PMHihplvZGlYgZc aow5WFWod7FGAufSncGrrX+55sXKn4I/cZhBfPYh3WCCI+H7Ug29tV81VkeHSJgVd3q5LfUVYkun Czoysi01iU48KefmKZAGqzPINkOwRJT76+lyrOzSVQWvYStWsR5EGSvPQ1/tJQXOIzaEzuDDFp50 2fCJqX9CK9LcjCeleXpeDfdH+7Kk1TqRMrRHt3ehRsqh4yuR5buq+p+lCsHht28vdgjADBehrqmb hv6MGoBE3QK+rW5xuHqlu3jRV15JBY3/NnDSyQ== )`
	RRSIG=20326 and DNSKEY=20326/SEP verifies the DNSKEY RRset
	DNSKEY=20038 is now in the chain-of-trust
	Query to i.root-servers.net for adf.gov/A
	Received 617 bytes from 192.36.148.17
	;; Response received from [192.36.148.17] 617 octets ;; HEADER SECTION ;; id = 692 ;; qr = 1 aa = 0 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; qdcount = 1 ancount = 0 nscount = 6 arcount = 9 ;; do = 1 ;; { "EDNS-VERSION": 0, ;; "FLAGS": "8000", ;; "RCODE": 0, ;; "UDPSIZE": 1232, ;; "OPTIONS": [ ] ;; } ;; QUESTION SECTION (1 record) ;; adf.gov. IN A ;; ANSWER SECTION (0 records) ;; AUTHORITY SECTION (6 records) gov. 172800 IN NS c.ns.gov. gov. 172800 IN NS a.ns.gov. gov. 172800 IN NS b.ns.gov. gov. 172800 IN NS d.ns.gov. gov. 86400 IN DS ( 2536 13 2 0baf26b7bbf313a859046fd3b1ee49ddfba33934cfb3e717c21e2a2935c2f259 ) gov. 86400 IN RRSIG ( DS 8 1 86400 20240808170000 20240726160000 20038 . MkhK+ObGfAmfWylt1G+YckaU7tEEp0RHlsKq8Ht9QUBgHDl1a0F5AY5Ac0+yU+nvVs9ulbKAyUHQ 08q9/xB9+4ahH5t3zz6bRcZ+fQKZq4w6uuT7wLIQNrxv2fV3LwWNJmP9c7hbso9l4V5q9KRicgvC 4nOoOtjiFMrdS9lDi7oTgyhfqWOp9fTUvGZ6pylfJS/TESnPx5rOUdbObLy6XuzyBra2jXk57RyZ dcHOwiMib1i3kXQpRp3+UPxSiXqxZlM2Ptzyxho6R1hrxyqU8J2QZVfk6y2eN8QhUHzQPeVjzbsD OJSlzrqZY1Ql1GwjbEAj7POKZYrf/fAq57MriA== ) ;; ADDITIONAL SECTION (9 records) d.ns.gov. 172800 IN A 199.33.233.1 c.ns.gov. 172800 IN A 199.33.232.1 b.ns.gov. 172800 IN A 199.33.231.1 a.ns.gov. 172800 IN A 199.33.230.1 d.ns.gov. 172800 IN AAAA 2001:503:ff43::1 c.ns.gov. 172800 IN AAAA 2001:503:ff42::1 b.ns.gov. 172800 IN AAAA 2001:503:ff41::1 a.ns.gov. 172800 IN AAAA 2001:503:ff40::1 ;; { "EDNS-VERSION": 0 }
	Query to m.root-servers.net for gov/DNSKEY
	Received 613 bytes from 202.12.27.33
	;; Response received from [202.12.27.33] 613 octets ;; HEADER SECTION ;; id = 18855 ;; qr = 1 aa = 0 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; qdcount = 1 ancount = 0 nscount = 6 arcount = 9 ;; do = 1 ;; { "EDNS-VERSION": 0, ;; "FLAGS": "8000", ;; "RCODE": 0, ;; "UDPSIZE": 1232, ;; "OPTIONS": [ ] ;; } ;; QUESTION SECTION (1 record) ;; gov. IN DNSKEY ;; ANSWER SECTION (0 records) ;; AUTHORITY SECTION (6 records) gov. 172800 IN NS b.ns.gov. gov. 172800 IN NS d.ns.gov. gov. 172800 IN NS a.ns.gov. gov. 172800 IN NS c.ns.gov. gov. 86400 IN DS ( 2536 13 2 0baf26b7bbf313a859046fd3b1ee49ddfba33934cfb3e717c21e2a2935c2f259 ) gov. 86400 IN RRSIG ( DS 8 1 86400 20240808170000 20240726160000 20038 . MkhK+ObGfAmfWylt1G+YckaU7tEEp0RHlsKq8Ht9QUBgHDl1a0F5AY5Ac0+yU+nvVs9ulbKAyUHQ 08q9/xB9+4ahH5t3zz6bRcZ+fQKZq4w6uuT7wLIQNrxv2fV3LwWNJmP9c7hbso9l4V5q9KRicgvC 4nOoOtjiFMrdS9lDi7oTgyhfqWOp9fTUvGZ6pylfJS/TESnPx5rOUdbObLy6XuzyBra2jXk57RyZ dcHOwiMib1i3kXQpRp3+UPxSiXqxZlM2Ptzyxho6R1hrxyqU8J2QZVfk6y2eN8QhUHzQPeVjzbsD OJSlzrqZY1Ql1GwjbEAj7POKZYrf/fAq57MriA== ) ;; ADDITIONAL SECTION (9 records) d.ns.gov. 172800 IN A 199.33.233.1 c.ns.gov. 172800 IN A 199.33.232.1 b.ns.gov. 172800 IN A 199.33.231.1 a.ns.gov. 172800 IN A 199.33.230.1 d.ns.gov. 172800 IN AAAA 2001:503:ff43::1 c.ns.gov. 172800 IN AAAA 2001:503:ff42::1 b.ns.gov. 172800 IN AAAA 2001:503:ff41::1 a.ns.gov. 172800 IN AAAA 2001:503:ff40::1 ;; { "EDNS-VERSION": 0 }
	Found child zone gov

gov

	Checking DS between . and gov
	Query to b.root-servers.net for gov/DS
	Received 367 bytes from 170.247.170.2
	;; Response received from [170.247.170.2] 367 octets ;; HEADER SECTION ;; id = 16368 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; qdcount = 1 ancount = 2 nscount = 0 arcount = 1 ;; do = 1 ;; { "EDNS-VERSION": 0, ;; "FLAGS": "8000", ;; "RCODE": 0, ;; "UDPSIZE": 1232, ;; "OPTIONS": [ ] ;; } ;; QUESTION SECTION (1 record) ;; gov. IN DS ;; ANSWER SECTION (2 records) gov. 86400 IN DS ( 2536 13 2 0baf26b7bbf313a859046fd3b1ee49ddfba33934cfb3e717c21e2a2935c2f259 ) gov. 86400 IN RRSIG ( DS 8 1 86400 20240808170000 20240726160000 20038 . MkhK+ObGfAmfWylt1G+YckaU7tEEp0RHlsKq8Ht9QUBgHDl1a0F5AY5Ac0+yU+nvVs9ulbKAyUHQ 08q9/xB9+4ahH5t3zz6bRcZ+fQKZq4w6uuT7wLIQNrxv2fV3LwWNJmP9c7hbso9l4V5q9KRicgvC 4nOoOtjiFMrdS9lDi7oTgyhfqWOp9fTUvGZ6pylfJS/TESnPx5rOUdbObLy6XuzyBra2jXk57RyZ dcHOwiMib1i3kXQpRp3+UPxSiXqxZlM2Ptzyxho6R1hrxyqU8J2QZVfk6y2eN8QhUHzQPeVjzbsD OJSlzrqZY1Ql1GwjbEAj7POKZYrf/fAq57MriA== ) ;; AUTHORITY SECTION (0 records) ;; ADDITIONAL SECTION (1 record) ;; { "EDNS-VERSION": 0 }
	Found 1 DS records for gov in the . zone
	DS=2536/SHA-256 has algorithm ECDSAP256SHA256
	Found 1 RRSIGs over DS RRset
	`gov. 86400 IN RRSIG ( DS 8 1 86400 20240808170000 20240726160000 20038 . MkhK+ObGfAmfWylt1G+YckaU7tEEp0RHlsKq8Ht9QUBgHDl1a0F5AY5Ac0+yU+nvVs9ulbKAyUHQ 08q9/xB9+4ahH5t3zz6bRcZ+fQKZq4w6uuT7wLIQNrxv2fV3LwWNJmP9c7hbso9l4V5q9KRicgvC 4nOoOtjiFMrdS9lDi7oTgyhfqWOp9fTUvGZ6pylfJS/TESnPx5rOUdbObLy6XuzyBra2jXk57RyZ dcHOwiMib1i3kXQpRp3+UPxSiXqxZlM2Ptzyxho6R1hrxyqU8J2QZVfk6y2eN8QhUHzQPeVjzbsD OJSlzrqZY1Ql1GwjbEAj7POKZYrf/fAq57MriA== )`
	RRSIG=20038 and DNSKEY=20038 verifies the DS RRset
	DS=2536/SHA-256 is now in the chain-of-trust
	`gov. 86400 IN DS ( 2536 13 2 0baf26b7bbf313a859046fd3b1ee49ddfba33934cfb3e717c21e2a2935c2f259 )`
	Query to c.ns.gov for gov/DNSKEY
	Received 291 bytes from 199.33.232.1
	;; Response received from [199.33.232.1] 291 octets ;; HEADER SECTION ;; id = 56241 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; qdcount = 1 ancount = 3 nscount = 0 arcount = 1 ;; do = 1 ;; { "EDNS-VERSION": 0, ;; "FLAGS": "8000", ;; "RCODE": 0, ;; "UDPSIZE": 1232, ;; "OPTIONS": [ ] ;; } ;; QUESTION SECTION (1 record) ;; gov. IN DNSKEY ;; ANSWER SECTION (3 records) gov. 3600 IN DNSKEY ( 257 3 13 D6ZhJTObQw3+kcewWf5iTHbzD3uTdbs5xf0kQfP/VXZcDovWJd0DUgHlp2VC002aLDCwhLoPPVN2 VfyoPnjCqg== ) ; Key ID = 2536 gov. 3600 IN DNSKEY ( 256 3 13 Of5kU9k4XfdcPwCK9k/zRJNu+Xspnw/BDd+1V6ZpDXRIpHe35BnHTZUBJN9gd6++HkiGXx2YnTji iO7/q+Yamg== ) ; Key ID = 35496 gov. 3600 IN RRSIG ( DNSKEY 13 1 3600 20240919110526 20240720110526 2536 gov. HdS8shIfEbsTrkW5QWcemVuIGkuI/xGvzvDYxBTf/LuRRNzN5FvUA1PbOTLXYLEfPZkeLTC07umN zFbL4Pqx9w== ) ;; AUTHORITY SECTION (0 records) ;; ADDITIONAL SECTION (1 record) ;; { "EDNS-VERSION": 0 }
	Found 2 DNSKEY records for gov
	`gov. 3600 IN DNSKEY ( 257 3 13 D6ZhJTObQw3+kcewWf5iTHbzD3uTdbs5xf0kQfP/VXZcDovWJd0DUgHlp2VC002aLDCwhLoPPVN2 VfyoPnjCqg== ) ; Key ID = 2536`
	`gov. 3600 IN DNSKEY ( 256 3 13 Of5kU9k4XfdcPwCK9k/zRJNu+Xspnw/BDd+1V6ZpDXRIpHe35BnHTZUBJN9gd6++HkiGXx2YnTji iO7/q+Yamg== ) ; Key ID = 35496`
	DNSKEY=2536/SEP is now in the chain-of-trust
	DS=2536/SHA-256 verifies DNSKEY=2536/SEP
	Found 1 RRSIGs over DNSKEY RRset
	`gov. 3600 IN RRSIG ( DNSKEY 13 1 3600 20240919110526 20240720110526 2536 gov. HdS8shIfEbsTrkW5QWcemVuIGkuI/xGvzvDYxBTf/LuRRNzN5FvUA1PbOTLXYLEfPZkeLTC07umN zFbL4Pqx9w== )`
	RRSIG=2536 and DNSKEY=2536/SEP verifies the DNSKEY RRset
	DNSKEY=35496 is now in the chain-of-trust
	Query to c.ns.gov for adf.gov/A
	Received 404 bytes from 199.33.232.1
	;; Response received from [199.33.232.1] 404 octets ;; HEADER SECTION ;; id = 54489 ;; qr = 1 aa = 0 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; qdcount = 1 ancount = 0 nscount = 8 arcount = 1 ;; do = 1 ;; { "EDNS-VERSION": 0, ;; "FLAGS": "8000", ;; "RCODE": 0, ;; "UDPSIZE": 1232, ;; "OPTIONS": [ ] ;; } ;; QUESTION SECTION (1 record) ;; adf.gov. IN A ;; ANSWER SECTION (0 records) ;; AUTHORITY SECTION (8 records) adf.gov. 10800 IN NS auth111.ns.uu.net. adf.gov. 10800 IN NS auth120.ns.uu.net. adf.gov. 3600 IN DS 16281 7 1 d8aac2d76adb8ba4ce046d1e9bcdf34c0ec8ec77 adf.gov. 3600 IN DS ( 16281 7 2 4d403c78e3ab4117f5612eb596f7c54c24246c761c9e589a7e2c1ecb8a2e4dcf ) adf.gov. 3600 IN DS 51142 5 1 38124e8084c86da57f70f23a07f651a1d0239d8a adf.gov. 3600 IN DS ( 51142 5 2 3bbc33bfa74d5f16989fdb0c287d98a1114799a4ffe92b3549d665d6d188c7dc ) adf.gov. 3600 IN DS ( 56043 7 2 7d976b23e807219e0ecde2b7a9b9221b8c9e44fe4d7456958c80ca9eb1c692ba ) adf.gov. 3600 IN RRSIG ( DS 13 2 3600 20240728040529 20240726020529 35496 gov. Re/KmwcUnHDxe6c7JKx1n6AoV+h8ak9w9cJQXKccvjqIiJ/Agftt1YsF1Pn3X+XfsOGiRlM5h0z7 8gdMCgygOA== ) ;; ADDITIONAL SECTION (1 record) ;; { "EDNS-VERSION": 0 }
	Query to d.ns.gov for adf.gov/DNSKEY
	Received 404 bytes from 199.33.233.1
	;; Response received from [199.33.233.1] 404 octets ;; HEADER SECTION ;; id = 16619 ;; qr = 1 aa = 0 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; qdcount = 1 ancount = 0 nscount = 8 arcount = 1 ;; do = 1 ;; { "EDNS-VERSION": 0, ;; "FLAGS": "8000", ;; "RCODE": 0, ;; "UDPSIZE": 1232, ;; "OPTIONS": [ ] ;; } ;; QUESTION SECTION (1 record) ;; adf.gov. IN DNSKEY ;; ANSWER SECTION (0 records) ;; AUTHORITY SECTION (8 records) adf.gov. 10800 IN NS auth111.ns.uu.net. adf.gov. 10800 IN NS auth120.ns.uu.net. adf.gov. 3600 IN DS 16281 7 1 d8aac2d76adb8ba4ce046d1e9bcdf34c0ec8ec77 adf.gov. 3600 IN DS ( 16281 7 2 4d403c78e3ab4117f5612eb596f7c54c24246c761c9e589a7e2c1ecb8a2e4dcf ) adf.gov. 3600 IN DS 51142 5 1 38124e8084c86da57f70f23a07f651a1d0239d8a adf.gov. 3600 IN DS ( 51142 5 2 3bbc33bfa74d5f16989fdb0c287d98a1114799a4ffe92b3549d665d6d188c7dc ) adf.gov. 3600 IN DS ( 56043 7 2 7d976b23e807219e0ecde2b7a9b9221b8c9e44fe4d7456958c80ca9eb1c692ba ) adf.gov. 3600 IN RRSIG ( DS 13 2 3600 20240728040529 20240726020529 35496 gov. xQPjua6odm7su8PU16GB8AAgApww6j7YlskQ/5pc2p/bzwgCKjopdeAmPu4GKbQ947tJISAwcpo2 rdPs2ETBTQ== ) ;; ADDITIONAL SECTION (1 record) ;; { "EDNS-VERSION": 0 }
	Found child zone adf.gov

adf.gov

	Checking DS between gov and adf.gov
	Query to d.ns.gov for adf.gov/DS
	Received 351 bytes from 199.33.233.1
	;; Response received from [199.33.233.1] 351 octets ;; HEADER SECTION ;; id = 38529 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; qdcount = 1 ancount = 6 nscount = 0 arcount = 1 ;; do = 1 ;; { "EDNS-VERSION": 0, ;; "FLAGS": "8000", ;; "RCODE": 0, ;; "UDPSIZE": 1232, ;; "OPTIONS": [ ] ;; } ;; QUESTION SECTION (1 record) ;; adf.gov. IN DS ;; ANSWER SECTION (6 records) adf.gov. 3600 IN DS 16281 7 1 d8aac2d76adb8ba4ce046d1e9bcdf34c0ec8ec77 adf.gov. 3600 IN DS ( 16281 7 2 4d403c78e3ab4117f5612eb596f7c54c24246c761c9e589a7e2c1ecb8a2e4dcf ) adf.gov. 3600 IN DS 51142 5 1 38124e8084c86da57f70f23a07f651a1d0239d8a adf.gov. 3600 IN DS ( 51142 5 2 3bbc33bfa74d5f16989fdb0c287d98a1114799a4ffe92b3549d665d6d188c7dc ) adf.gov. 3600 IN DS ( 56043 7 2 7d976b23e807219e0ecde2b7a9b9221b8c9e44fe4d7456958c80ca9eb1c692ba ) adf.gov. 3600 IN RRSIG ( DS 13 2 3600 20240728040529 20240726020529 35496 gov. 9RpjMPwOC5m8qa/92Hp2XoKRo8wTLnR55kH83cA/wPOXTNRZ68RcXShpgGcWJ1o8+1LSX2OpfxHl 6ekCyP0yeA== ) ;; AUTHORITY SECTION (0 records) ;; ADDITIONAL SECTION (1 record) ;; { "EDNS-VERSION": 0 }
	Found 5 DS records for adf.gov in the gov zone
	DS=16281/SHA-1 uses a deprecated digest algorithm
	DS=51142/SHA-1 uses a deprecated digest algorithm
	DS=16281/SHA-1 has algorithm RSASHA1-NSEC3-SHA1
	DS=16281/SHA-256 has algorithm RSASHA1-NSEC3-SHA1
	DS=51142/SHA-1 has algorithm RSASHA1
	DS=51142/SHA-256 has algorithm RSASHA1
	DS=56043/SHA-256 has algorithm RSASHA1-NSEC3-SHA1
	Found 1 RRSIGs over DS RRset
	`adf.gov. 3600 IN RRSIG ( DS 13 2 3600 20240728040529 20240726020529 35496 gov. 9RpjMPwOC5m8qa/92Hp2XoKRo8wTLnR55kH83cA/wPOXTNRZ68RcXShpgGcWJ1o8+1LSX2OpfxHl 6ekCyP0yeA== )`
	RRSIG=35496 and DNSKEY=35496 verifies the DS RRset
	DS=16281/SHA-1 is now in the chain-of-trust
	DS=51142/SHA-1 is now in the chain-of-trust
	DS=56043/SHA-256 is now in the chain-of-trust
	`adf.gov. 3600 IN DS 16281 7 1 d8aac2d76adb8ba4ce046d1e9bcdf34c0ec8ec77`
	`adf.gov. 3600 IN DS ( 16281 7 2 4d403c78e3ab4117f5612eb596f7c54c24246c761c9e589a7e2c1ecb8a2e4dcf )`
	`adf.gov. 3600 IN DS 51142 5 1 38124e8084c86da57f70f23a07f651a1d0239d8a`
	`adf.gov. 3600 IN DS ( 51142 5 2 3bbc33bfa74d5f16989fdb0c287d98a1114799a4ffe92b3549d665d6d188c7dc )`
	`adf.gov. 3600 IN DS ( 56043 7 2 7d976b23e807219e0ecde2b7a9b9221b8c9e44fe4d7456958c80ca9eb1c692ba )`
	Query to auth111.ns.uu.net for adf.gov/DNSKEY
	Received 1730 bytes from 198.6.1.115
	;; Response received from [198.6.1.115] 1730 octets ;; HEADER SECTION ;; id = 62070 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; qdcount = 1 ancount = 6 nscount = 0 arcount = 1 ;; do = 1 ;; { "EDNS-VERSION": 0, ;; "FLAGS": "8000", ;; "RCODE": 0, ;; "UDPSIZE": 1232, ;; "OPTIONS": [ ] ;; } ;; QUESTION SECTION (1 record) ;; adf.gov. IN DNSKEY ;; ANSWER SECTION (6 records) adf.gov. 3600 IN DNSKEY ( 256 3 7 AwEAAYy18bgL721qT3xGaanwGF2uE2yo9MsQvkv2i/VhvVG6z5D+0LTIrkkoVx9lkIwzavWwX938 lyIcIlAg5vnM0BHhZBMIeK/VhQ1XXyKdnfmzO8Quc/ExXUDsl5EeG0tzYbDsxGbbG3eEUwnsqE+O 5xfZWN+JeFeYI29ofw68CmdkkBhOKM0wJ1hOCWnPhq1GuZRQ2e5VZu3Y6EQbMkL6YIecjLRZodhB Lkzax2ktki/FRwOTukg8fftadTltQ3jW3pRnnQLpI/7Vi/quWXHYvfglEFxKSJkxf5AeK1k8K8cX FyJkN/+cqAA84rWFBEpjN+T54jV1tvO1Jt5M+kCvI1s= ) ; Key ID = 20102 adf.gov. 3600 IN DNSKEY ( 256 3 7 AwEAAYcPNrJSke+XuuRSkMRfhK+944R4eNwMxy1R6v3C6tvasaDSfdoN34b+QmoakpKwC+31qQKo mycWCdJrS3VsXmGpbr38Wd5sRe6eNEBoLI5trqPlLlz2UWpGBIqBunJYnU1CV2zaeS+GEmUrkHnI XjffjiuLOcTTQBIDxPhPkjzW0oVlT9vmddIYaonKrpWW9uM0JIMvMTm00eQBi++pTWRKV+ynaRIo e7bF3G5VKBM4LlhK4lSwmuRce5UIxoxAQx6wG+WG5XRDMio/2r4zztKIXbC4PYnFyxlp6Z/0lY+s WuT3RB7ZguNiAbg91pJtrDi3cFywNH8grqFChGoSijs= ) ; Key ID = 16955 adf.gov. 3600 IN DNSKEY ( 257 3 7 AwEAAYpjbpru9c2Hrr4kIcsS+AS6AjT3Z/RBaPKtV4TBLorgcOwfS8fxGKaCZFzICAhvnUMi7Ewm DKUxLdFQAQEBQHxAlpfatsNO/NQMskvMjtN1j27P0iYFwVlleYiyxikmfhcAmY+CcT0+yzvGD0QE 8TAFMre3YylCZx8vND38B59/gPek5XAxCBMvfsJsSpO7tAyxR8hvICGPOw2Qsc5LVyg8trWtIVMJ owr7JOr9sJIfj9LpEv1eOCkxUi3r39gs68rhOiGOKwYCXSVnxRJKnipPF5Z5RRtqNUR9bbrYkTA3 s2ztHkIe1BtskN9XE1yfKpmvWrpEO2R5lwf9pxJGdkc= ) ; Key ID = 58134 adf.gov. 3600 IN DNSKEY ( 257 3 7 AwEAAXjO3826Tl4YWyqfLU+RqBoglrqDwautetlnVaJxo1sgVPWMQ9vyfsPGbuzmT6BroUTgMvuQ YYVWT+kfT7AF2DA0fFkLQImcFP/kLhFAvxIwM402mV3zWiSENnLNIn+WEMynyk5WoxtnlERjxSMu w4GWM9+PUVhLBaIYI/E5Oc+zWIumd3DZT34igvgqZt1Tr7VxaQhP6WMTAwnLnVTZ+yJd8FZZFXEo 2wsEWw63f/Q0VXNGdZ1oi3IEbKBZ696X1zuODNuIAxQuICqTgAsNPuhUu7EWdH5BdGF7dDubaEcD IewKJULdZa4w4ztZdHe9OZhtPuN7w0h+KF0m0iztBI8= ) ; Key ID = 49294 adf.gov. 3600 IN RRSIG ( DNSKEY 7 2 3600 20240802030626 20240726020626 16955 adf.gov. VColdla5LzY/SIiOswRIOFMPxPIio7vpGtm6R3U3zPaaXk7e3+QqNOLyadyp2mcZ4hWzhMIk4tV2 wCRo2mxAUn/tgtHOHmtr8dZqzTHtUiq2EE18ddUSqR2iwjMuZlxadt+F3TjvOSnx+Zax7qIO6uT/ nxxpDW4ozrRtTtzSBw8NzDjdjajHyTEplujrxuSD3TH2GBBMOiDpwdrpeCvze8BG++m3xJKpVnGw 773FkNaUoHlNVtq2WCCMB1QpIBwGVcJreC7eS+b5w9HJzRNcMZwx8NsMTw+FFJ3auvDvhbUoa5I2 8LSjTSlce/vJZkufi1wdLORwC9wSCdK87qbszw== ) adf.gov. 3600 IN RRSIG ( DNSKEY 7 2 3600 20240802030626 20240726020626 58134 adf.gov. GqVCXB/nxoEVhIx3AJucn9yx1+dRhcceUxTl+XcruObFJ9OYoZLFsFCx56su6K7OFaoP5uuWc1B+ em3so4Zly1Z7bj3tafZdw7VPsPyUmCshh3JPXyvh19AoZ7bR0OcwY6HGk7ysPsAeL5fZ2pHecX/N doHtZkwh00lSuyNeriF8Ox+qdII+VJWTB8/Ru8/otCPh4kps+Jg7MRrFv1ZQ+geM5A1DaY4RdVsn P0+sjTOl6RrtGG8cNVeo5H2pdRCRuZg3P0irkJFaqGvlS4lAxHmnbQHDlzAhinsg1qFSorxnxV+e oVnwFi1ENuNBeDCFDWhY93sXa4OID7XBTNc7YA== ) ;; AUTHORITY SECTION (0 records) ;; ADDITIONAL SECTION (1 record) ;; { "EDNS-VERSION": 0 }
	Found 4 DNSKEY records for adf.gov
	`adf.gov. 3600 IN DNSKEY ( 256 3 7 AwEAAYy18bgL721qT3xGaanwGF2uE2yo9MsQvkv2i/VhvVG6z5D+0LTIrkkoVx9lkIwzavWwX938 lyIcIlAg5vnM0BHhZBMIeK/VhQ1XXyKdnfmzO8Quc/ExXUDsl5EeG0tzYbDsxGbbG3eEUwnsqE+O 5xfZWN+JeFeYI29ofw68CmdkkBhOKM0wJ1hOCWnPhq1GuZRQ2e5VZu3Y6EQbMkL6YIecjLRZodhB Lkzax2ktki/FRwOTukg8fftadTltQ3jW3pRnnQLpI/7Vi/quWXHYvfglEFxKSJkxf5AeK1k8K8cX FyJkN/+cqAA84rWFBEpjN+T54jV1tvO1Jt5M+kCvI1s= ) ; Key ID = 20102`
	`adf.gov. 3600 IN DNSKEY ( 256 3 7 AwEAAYcPNrJSke+XuuRSkMRfhK+944R4eNwMxy1R6v3C6tvasaDSfdoN34b+QmoakpKwC+31qQKo mycWCdJrS3VsXmGpbr38Wd5sRe6eNEBoLI5trqPlLlz2UWpGBIqBunJYnU1CV2zaeS+GEmUrkHnI XjffjiuLOcTTQBIDxPhPkjzW0oVlT9vmddIYaonKrpWW9uM0JIMvMTm00eQBi++pTWRKV+ynaRIo e7bF3G5VKBM4LlhK4lSwmuRce5UIxoxAQx6wG+WG5XRDMio/2r4zztKIXbC4PYnFyxlp6Z/0lY+s WuT3RB7ZguNiAbg91pJtrDi3cFywNH8grqFChGoSijs= ) ; Key ID = 16955`
	`adf.gov. 3600 IN DNSKEY ( 257 3 7 AwEAAYpjbpru9c2Hrr4kIcsS+AS6AjT3Z/RBaPKtV4TBLorgcOwfS8fxGKaCZFzICAhvnUMi7Ewm DKUxLdFQAQEBQHxAlpfatsNO/NQMskvMjtN1j27P0iYFwVlleYiyxikmfhcAmY+CcT0+yzvGD0QE 8TAFMre3YylCZx8vND38B59/gPek5XAxCBMvfsJsSpO7tAyxR8hvICGPOw2Qsc5LVyg8trWtIVMJ owr7JOr9sJIfj9LpEv1eOCkxUi3r39gs68rhOiGOKwYCXSVnxRJKnipPF5Z5RRtqNUR9bbrYkTA3 s2ztHkIe1BtskN9XE1yfKpmvWrpEO2R5lwf9pxJGdkc= ) ; Key ID = 58134`
	`adf.gov. 3600 IN DNSKEY ( 257 3 7 AwEAAXjO3826Tl4YWyqfLU+RqBoglrqDwautetlnVaJxo1sgVPWMQ9vyfsPGbuzmT6BroUTgMvuQ YYVWT+kfT7AF2DA0fFkLQImcFP/kLhFAvxIwM402mV3zWiSENnLNIn+WEMynyk5WoxtnlERjxSMu w4GWM9+PUVhLBaIYI/E5Oc+zWIumd3DZT34igvgqZt1Tr7VxaQhP6WMTAwnLnVTZ+yJd8FZZFXEo 2wsEWw63f/Q0VXNGdZ1oi3IEbKBZ696X1zuODNuIAxQuICqTgAsNPuhUu7EWdH5BdGF7dDubaEcD IewKJULdZa4w4ztZdHe9OZhtPuN7w0h+KF0m0iztBI8= ) ; Key ID = 49294`
	DS=16281/SHA-1 is published, but a corresponding DNSKEY is not
	DS=51142/SHA-1 is published, but a corresponding DNSKEY is not
	DS=56043/SHA-256 is published, but a corresponding DNSKEY is not
	None of the 4 DNSKEY records could be validated by any of the 5 DS records
	Found 2 RRSIGs over DNSKEY RRset
	`adf.gov. 3600 IN RRSIG ( DNSKEY 7 2 3600 20240802030626 20240726020626 16955 adf.gov. VColdla5LzY/SIiOswRIOFMPxPIio7vpGtm6R3U3zPaaXk7e3+QqNOLyadyp2mcZ4hWzhMIk4tV2 wCRo2mxAUn/tgtHOHmtr8dZqzTHtUiq2EE18ddUSqR2iwjMuZlxadt+F3TjvOSnx+Zax7qIO6uT/ nxxpDW4ozrRtTtzSBw8NzDjdjajHyTEplujrxuSD3TH2GBBMOiDpwdrpeCvze8BG++m3xJKpVnGw 773FkNaUoHlNVtq2WCCMB1QpIBwGVcJreC7eS+b5w9HJzRNcMZwx8NsMTw+FFJ3auvDvhbUoa5I2 8LSjTSlce/vJZkufi1wdLORwC9wSCdK87qbszw== )`
	`adf.gov. 3600 IN RRSIG ( DNSKEY 7 2 3600 20240802030626 20240726020626 58134 adf.gov. GqVCXB/nxoEVhIx3AJucn9yx1+dRhcceUxTl+XcruObFJ9OYoZLFsFCx56su6K7OFaoP5uuWc1B+ em3so4Zly1Z7bj3tafZdw7VPsPyUmCshh3JPXyvh19AoZ7bR0OcwY6HGk7ysPsAeL5fZ2pHecX/N doHtZkwh00lSuyNeriF8Ox+qdII+VJWTB8/Ru8/otCPh4kps+Jg7MRrFv1ZQ+geM5A1DaY4RdVsn P0+sjTOl6RrtGG8cNVeo5H2pdRCRuZg3P0irkJFaqGvlS4lAxHmnbQHDlzAhinsg1qFSorxnxV+e oVnwFi1ENuNBeDCFDWhY93sXa4OID7XBTNc7YA== )`
	RRSIG=16955 and DNSKEY=16955 verifies the DNSKEY RRset
	RRSIG=58134 and DNSKEY=58134/SEP verifies the DNSKEY RRset
	The DNSKEY RRset was not signed by any trusted keys
	Query to auth120.ns.uu.net for adf.gov/A
	Received 347 bytes from 198.6.1.154
	;; Response received from [198.6.1.154] 347 octets ;; HEADER SECTION ;; id = 43613 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; qdcount = 1 ancount = 2 nscount = 0 arcount = 1 ;; do = 1 ;; { "EDNS-VERSION": 0, ;; "FLAGS": "8000", ;; "RCODE": 0, ;; "UDPSIZE": 1232, ;; "OPTIONS": [ ] ;; } ;; QUESTION SECTION (1 record) ;; adf.gov. IN A ;; ANSWER SECTION (2 records) adf.gov. 3600 IN A 3.221.42.84 adf.gov. 3600 IN RRSIG ( A 7 2 3600 20240802030626 20240726020626 16955 adf.gov. XEUoCZM7GFOtv6YK8eDT+SqR3Rixy6FATd0xixHoWUtOGB4FHhQ1aLugaY4YdYwYTVON137k9XKd Yx1zSPLaQA3HhbfiSv61YYlWunRuQK0kLYh3q1teftEVl/bntV/HWuQ/wSyY0tip4nKXyJDKsPFd aWyNAbM91XSEYsaqduC+9K0WQuYy9770LXCou3Pt/8dDejxSthY8XhkVqvbh7R9n/g4RicD1vDdh LYaARWBWLqSI4JS9cCSMmsTeOryQ3p+LELc3e2MhQUMPIWQCkVodwIm1D/xcwkTrQO3JkRBLL85K 9XbtJBEn8eJq7Aig1f5uxz6gFLWxUMlnbwFDFw== ) ;; AUTHORITY SECTION (0 records) ;; ADDITIONAL SECTION (1 record) ;; { "EDNS-VERSION": 0 }
	auth120.ns.uu.net is authoritative for adf.gov
	Found RRSIG signed by adf.gov zone
	Query to auth111.ns.uu.net for adf.gov/SOA
	Received 401 bytes from 198.6.1.115
	;; Response received from [198.6.1.115] 401 octets ;; HEADER SECTION ;; id = 24811 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; qdcount = 1 ancount = 2 nscount = 0 arcount = 1 ;; do = 1 ;; { "EDNS-VERSION": 0, ;; "FLAGS": "8000", ;; "RCODE": 0, ;; "UDPSIZE": 1232, ;; "OPTIONS": [ ] ;; } ;; QUESTION SECTION (1 record) ;; adf.gov. IN SOA ;; ANSWER SECTION (2 records) adf.gov. 3600 IN SOA ( auth111.ns.uu.net. hostmaster.uu.net. 11907 ;serial 1800 ;refresh 600 ;retry 1728000 ;expire 3600 ;minimum ) adf.gov. 3600 IN RRSIG ( SOA 7 2 3600 20240802030626 20240726020626 16955 adf.gov. LbyIXGzigMBq5ScEXMpJARr/4GA3fU1ROMPM8PaUbPAgkr73ne7YbYmyBw/AWGMIb9+zIgY4S19A wzo3kHV0VjgVGsNdsMQEQ779SmFitZQNw7JldR/aN28RyDm4/vFRceBeR6kzB3cmg6ddj8gkS/xK 0QequcEFF0vsrDC3oCAbdABNjS/H+i7NdyHNV8OwewFf9dWoJn1BjQsXi2RPfPWe15jQMnAwTtat mBLVehYpQ86t7o4x/r8YvQv1KkF9+y8aHB4Vi5Lgu3aG2X7v92/ZctqcQ0nLuPETWatMqHYazYcf TtEbLiCip4JwamvIJesNfM3evWmKDDMDMjAFog== ) ;; AUTHORITY SECTION (0 records) ;; ADDITIONAL SECTION (1 record) ;; { "EDNS-VERSION": 0 }
	Query to auth120.ns.uu.net for adf.gov/A
	Received 347 bytes from 198.6.1.154
	;; Response received from [198.6.1.154] 347 octets ;; HEADER SECTION ;; id = 3278 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; qdcount = 1 ancount = 2 nscount = 0 arcount = 1 ;; do = 1 ;; { "EDNS-VERSION": 0, ;; "FLAGS": "8000", ;; "RCODE": 0, ;; "UDPSIZE": 1232, ;; "OPTIONS": [ ] ;; } ;; QUESTION SECTION (1 record) ;; adf.gov. IN A ;; ANSWER SECTION (2 records) adf.gov. 3600 IN A 3.221.42.84 adf.gov. 3600 IN RRSIG ( A 7 2 3600 20240802030626 20240726020626 16955 adf.gov. XEUoCZM7GFOtv6YK8eDT+SqR3Rixy6FATd0xixHoWUtOGB4FHhQ1aLugaY4YdYwYTVON137k9XKd Yx1zSPLaQA3HhbfiSv61YYlWunRuQK0kLYh3q1teftEVl/bntV/HWuQ/wSyY0tip4nKXyJDKsPFd aWyNAbM91XSEYsaqduC+9K0WQuYy9770LXCou3Pt/8dDejxSthY8XhkVqvbh7R9n/g4RicD1vDdh LYaARWBWLqSI4JS9cCSMmsTeOryQ3p+LELc3e2MhQUMPIWQCkVodwIm1D/xcwkTrQO3JkRBLL85K 9XbtJBEn8eJq7Aig1f5uxz6gFLWxUMlnbwFDFw== ) ;; AUTHORITY SECTION (0 records) ;; ADDITIONAL SECTION (1 record) ;; { "EDNS-VERSION": 0 }
	adf.gov A RR has value 3.221.42.84
	Found 1 RRSIGs over A RRset
	`adf.gov. 3600 IN RRSIG ( A 7 2 3600 20240802030626 20240726020626 16955 adf.gov. XEUoCZM7GFOtv6YK8eDT+SqR3Rixy6FATd0xixHoWUtOGB4FHhQ1aLugaY4YdYwYTVON137k9XKd Yx1zSPLaQA3HhbfiSv61YYlWunRuQK0kLYh3q1teftEVl/bntV/HWuQ/wSyY0tip4nKXyJDKsPFd aWyNAbM91XSEYsaqduC+9K0WQuYy9770LXCou3Pt/8dDejxSthY8XhkVqvbh7R9n/g4RicD1vDdh LYaARWBWLqSI4JS9cCSMmsTeOryQ3p+LELc3e2MhQUMPIWQCkVodwIm1D/xcwkTrQO3JkRBLL85K 9XbtJBEn8eJq7Aig1f5uxz6gFLWxUMlnbwFDFw== )`
	RRSIG=16955 and DNSKEY=16955 verifies the A RRset

adf.gov

	Query to auth111.ns.uu.net for adf.gov/A
	Received 347 bytes from 198.6.1.115
	;; Response received from [198.6.1.115] 347 octets ;; HEADER SECTION ;; id = 18890 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; qdcount = 1 ancount = 2 nscount = 0 arcount = 1 ;; do = 1 ;; { "EDNS-VERSION": 0, ;; "FLAGS": "8000", ;; "RCODE": 0, ;; "UDPSIZE": 1232, ;; "OPTIONS": [ ] ;; } ;; QUESTION SECTION (1 record) ;; adf.gov. IN A ;; ANSWER SECTION (2 records) adf.gov. 3600 IN A 3.221.42.84 adf.gov. 3600 IN RRSIG ( A 7 2 3600 20240802030626 20240726020626 16955 adf.gov. XEUoCZM7GFOtv6YK8eDT+SqR3Rixy6FATd0xixHoWUtOGB4FHhQ1aLugaY4YdYwYTVON137k9XKd Yx1zSPLaQA3HhbfiSv61YYlWunRuQK0kLYh3q1teftEVl/bntV/HWuQ/wSyY0tip4nKXyJDKsPFd aWyNAbM91XSEYsaqduC+9K0WQuYy9770LXCou3Pt/8dDejxSthY8XhkVqvbh7R9n/g4RicD1vDdh LYaARWBWLqSI4JS9cCSMmsTeOryQ3p+LELc3e2MhQUMPIWQCkVodwIm1D/xcwkTrQO3JkRBLL85K 9XbtJBEn8eJq7Aig1f5uxz6gFLWxUMlnbwFDFw== ) ;; AUTHORITY SECTION (0 records) ;; ADDITIONAL SECTION (1 record) ;; { "EDNS-VERSION": 0 }
	auth111.ns.uu.net is authoritative for adf.gov
	Found RRSIG signed by adf.gov zone
	Query to auth111.ns.uu.net for adf.gov/A
	Received 347 bytes from 198.6.1.115
	;; Response received from [198.6.1.115] 347 octets ;; HEADER SECTION ;; id = 48238 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; qdcount = 1 ancount = 2 nscount = 0 arcount = 1 ;; do = 1 ;; { "EDNS-VERSION": 0, ;; "FLAGS": "8000", ;; "RCODE": 0, ;; "UDPSIZE": 1232, ;; "OPTIONS": [ ] ;; } ;; QUESTION SECTION (1 record) ;; adf.gov. IN A ;; ANSWER SECTION (2 records) adf.gov. 3600 IN A 3.221.42.84 adf.gov. 3600 IN RRSIG ( A 7 2 3600 20240802030626 20240726020626 16955 adf.gov. XEUoCZM7GFOtv6YK8eDT+SqR3Rixy6FATd0xixHoWUtOGB4FHhQ1aLugaY4YdYwYTVON137k9XKd Yx1zSPLaQA3HhbfiSv61YYlWunRuQK0kLYh3q1teftEVl/bntV/HWuQ/wSyY0tip4nKXyJDKsPFd aWyNAbM91XSEYsaqduC+9K0WQuYy9770LXCou3Pt/8dDejxSthY8XhkVqvbh7R9n/g4RicD1vDdh LYaARWBWLqSI4JS9cCSMmsTeOryQ3p+LELc3e2MhQUMPIWQCkVodwIm1D/xcwkTrQO3JkRBLL85K 9XbtJBEn8eJq7Aig1f5uxz6gFLWxUMlnbwFDFw== ) ;; AUTHORITY SECTION (0 records) ;; ADDITIONAL SECTION (1 record) ;; { "EDNS-VERSION": 0 }
	adf.gov A RR has value 3.221.42.84
	Found 1 RRSIGs over A RRset
	`adf.gov. 3600 IN RRSIG ( A 7 2 3600 20240802030626 20240726020626 16955 adf.gov. XEUoCZM7GFOtv6YK8eDT+SqR3Rixy6FATd0xixHoWUtOGB4FHhQ1aLugaY4YdYwYTVON137k9XKd Yx1zSPLaQA3HhbfiSv61YYlWunRuQK0kLYh3q1teftEVl/bntV/HWuQ/wSyY0tip4nKXyJDKsPFd aWyNAbM91XSEYsaqduC+9K0WQuYy9770LXCou3Pt/8dDejxSthY8XhkVqvbh7R9n/g4RicD1vDdh LYaARWBWLqSI4JS9cCSMmsTeOryQ3p+LELc3e2MhQUMPIWQCkVodwIm1D/xcwkTrQO3JkRBLL85K 9XbtJBEn8eJq7Aig1f5uxz6gFLWxUMlnbwFDFw== )`
	RRSIG=16955 and DNSKEY=16955 verifies the A RRset

Move your mouse over any or symbols for remediation hints.

Want a second opinion? Test adf.gov at dnsviz.net.

DNSSEC Debugger

↓ Advanced options ↑ Advanced options

Trust Anchor:
Name Servers: