DNSSEC Analyzer - capitolgiftshop.gov

Domain Name:

Time: 2023-10-02 22:21:37 UTC, NTP stratum 4

Analyzing DNSSEC problems for capitolgiftshop.gov

DS=20326/SHA-256 is now in the chain-of-trust

	Checking DS between Trust Anchor and .
	`. IN DS ( 20326 8 2 e06d44b80b8f1d39a95c0b0d7c65d08458e880409bbc683457104237c7f8ec8d )`
	Query to a.root-servers.net for ./DNSKEY
	Received 1139 bytes from 198.41.0.4
	;; Response received from 198.41.0.4 (1139 octets) ;; HEADER SECTION ;; id = 24312 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; qdcount = 1 ancount = 4 nscount = 0 arcount = 1 ;; do = 1 ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option: ;; QUESTION SECTION (1 record) ;; . IN DNSKEY ;; ANSWER SECTION (4 records) . 172800 IN DNSKEY ( 256 3 8 AwEAAddS95RV5uUtkUCN7vyvpb0kDZgmtXwN5Sj/d08+X7ND2sgWBabKnFhftrOsSx9DUhKR3gpM PIxac84Nou8Wzkiu2A/sTzP1F6KpCL8epgemdlZVd1ATHEjpB0KHIQmDjSEO/frGgi8ijQ2vDF3A MSrUwH7qntL1E5ufPHGKRM+agGghcAYfJHJN1dw7Ki3Fo22RDB3VZBxU9yJ3vl/T4hngeL7zK84v gl62tlJJw1rK5S/3U4p/bZarjtMFOHDfh0DEj1ywtRpkpPnge03gmINoa2tz+Kff67kbQb0NhHJY zPRpViaMEWZI9pgGH9ZyuFdNrNRx68XSiO7sya7/i+c= ) ; Key ID = 46780 . 172800 IN DNSKEY ( 256 3 8 AwEAAcEtWatIO3exfN3A+WnZl7AVEBA3crRrrwKTfnmcdLt79C3DCOF1JX5zb4s84v0OxwlOVg+T R8VpkuYynMp3PQXLomLxe7j7PlxqEBo1LQaWfqyymCuF7rKebTLB5yZcr8/QUPwk/weLyguX6iVN DjIZOmeMqPkGJtDFp+EUfKgOa8AulKPLtsUL1W+1FT8sqroSxKXVXnhkEZN1O1zBxTG/z9xjwiPc d3//LSPUpEC9+rU2XIuCJq8nwAwJ7W6Rc49RxUT0Svc57HKqHjNuapvG0PCYh3bXCQzb7mb2pNwu erMFTzP5iEzXWZD7izLg9j3wEJ2Ia/WIEts/Tp9GIQM= ) ; Key ID = 11019 . 172800 IN DNSKEY ( 257 3 8 AwEAAaz/tAm8yTn4Mfeh5eyI96WSVexTBAvkMgJzkKTOiW1vkIbzxeF3+/4RgWOq7HrxRixHlFlE xOLAJr5emLvN7SWXgnLh4+B5xQlNVz8Og8kvArMtNROxVQuCaSnIDdD5LKyWbRd2n9WGe2R8PzgC mr3EgVLrjyBxWezF0jLHwVN8efS3rCj/EWgvIWgb9tarpVUDK/b58Da+sqqls3eNbuv7pr+eoZG+ SrDK6nWeL3c6H5Apxz7LjVc1uTIdsIXxuOLYA4/ilBmSVIzuDWfdRUfhHdY6+cn8HFRm+2hM8AnX GXws9555KrUB5qihylGa8subX2Nn6UwNR1AkUTV74bU= ) ; Key ID = 20326 . 172800 IN RRSIG ( DNSKEY 8 0 172800 20231022000000 20231001000000 20326 . WQ+tzT8gKOYmaX8NLjusFmLz4zLVeeY3hAmZUKxl7/6LxY3lJh6qRIgLNBN7EkAhyTbjVVryUhEY ExIX/luU4fGmUCyxhYZwF+2bCv3uT4DaI8ssk3USVFFOR9wTkggzVYrtr2UH1PFmQ5hE//aiPfsy NEAisEXMZX3nUT/aCd5oZ6LlH53Nz9CZOa0vNHTu6erIg+mhAOzshcG9/BIfCrYJ1H5D5serTV1x t3Tvw2+KX6w3dG1Nb6vVNpe9Yj7Eb0B85FiqzoAM5jcwHiY+rovSbdVpmD3mIHXZ65wCiBGa6vQS nJQXwchjWQPnSDFLGuZh3dt89C65erw9grHteQ== ) ;; AUTHORITY SECTION (0 records) ;; ADDITIONAL SECTION (1 record) ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option:
	Found 3 DNSKEY records for .
	`. 172800 IN DNSKEY ( 256 3 8 AwEAAddS95RV5uUtkUCN7vyvpb0kDZgmtXwN5Sj/d08+X7ND2sgWBabKnFhftrOsSx9DUhKR3gpM PIxac84Nou8Wzkiu2A/sTzP1F6KpCL8epgemdlZVd1ATHEjpB0KHIQmDjSEO/frGgi8ijQ2vDF3A MSrUwH7qntL1E5ufPHGKRM+agGghcAYfJHJN1dw7Ki3Fo22RDB3VZBxU9yJ3vl/T4hngeL7zK84v gl62tlJJw1rK5S/3U4p/bZarjtMFOHDfh0DEj1ywtRpkpPnge03gmINoa2tz+Kff67kbQb0NhHJY zPRpViaMEWZI9pgGH9ZyuFdNrNRx68XSiO7sya7/i+c= ) ; Key ID = 46780`
	`. 172800 IN DNSKEY ( 256 3 8 AwEAAcEtWatIO3exfN3A+WnZl7AVEBA3crRrrwKTfnmcdLt79C3DCOF1JX5zb4s84v0OxwlOVg+T R8VpkuYynMp3PQXLomLxe7j7PlxqEBo1LQaWfqyymCuF7rKebTLB5yZcr8/QUPwk/weLyguX6iVN DjIZOmeMqPkGJtDFp+EUfKgOa8AulKPLtsUL1W+1FT8sqroSxKXVXnhkEZN1O1zBxTG/z9xjwiPc d3//LSPUpEC9+rU2XIuCJq8nwAwJ7W6Rc49RxUT0Svc57HKqHjNuapvG0PCYh3bXCQzb7mb2pNwu erMFTzP5iEzXWZD7izLg9j3wEJ2Ia/WIEts/Tp9GIQM= ) ; Key ID = 11019`
	`. 172800 IN DNSKEY ( 257 3 8 AwEAAaz/tAm8yTn4Mfeh5eyI96WSVexTBAvkMgJzkKTOiW1vkIbzxeF3+/4RgWOq7HrxRixHlFlE xOLAJr5emLvN7SWXgnLh4+B5xQlNVz8Og8kvArMtNROxVQuCaSnIDdD5LKyWbRd2n9WGe2R8PzgC mr3EgVLrjyBxWezF0jLHwVN8efS3rCj/EWgvIWgb9tarpVUDK/b58Da+sqqls3eNbuv7pr+eoZG+ SrDK6nWeL3c6H5Apxz7LjVc1uTIdsIXxuOLYA4/ilBmSVIzuDWfdRUfhHdY6+cn8HFRm+2hM8AnX GXws9555KrUB5qihylGa8subX2Nn6UwNR1AkUTV74bU= ) ; Key ID = 20326`
	DNSKEY=20326/SEP is now in the chain-of-trust
	DS=20326/SHA-256 verifies DNSKEY=20326/SEP
	Found 1 RRSIGs over DNSKEY RRset
	`. 172800 IN RRSIG ( DNSKEY 8 0 172800 20231022000000 20231001000000 20326 . WQ+tzT8gKOYmaX8NLjusFmLz4zLVeeY3hAmZUKxl7/6LxY3lJh6qRIgLNBN7EkAhyTbjVVryUhEY ExIX/luU4fGmUCyxhYZwF+2bCv3uT4DaI8ssk3USVFFOR9wTkggzVYrtr2UH1PFmQ5hE//aiPfsy NEAisEXMZX3nUT/aCd5oZ6LlH53Nz9CZOa0vNHTu6erIg+mhAOzshcG9/BIfCrYJ1H5D5serTV1x t3Tvw2+KX6w3dG1Nb6vVNpe9Yj7Eb0B85FiqzoAM5jcwHiY+rovSbdVpmD3mIHXZ65wCiBGa6vQS nJQXwchjWQPnSDFLGuZh3dt89C65erw9grHteQ== )`
	RRSIG=20326 and DNSKEY=20326/SEP verifies the DNSKEY RRset
	DNSKEY=46780 is now in the chain-of-trust
	DNSKEY=11019 is now in the chain-of-trust
	Query to f.root-servers.net for capitolgiftshop.gov/A
	Received 686 bytes from 192.5.5.241
	;; Response received from 192.5.5.241 (686 octets) ;; HEADER SECTION ;; id = 27896 ;; qr = 1 aa = 0 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; qdcount = 1 ancount = 0 nscount = 7 arcount = 9 ;; do = 1 ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 1472 ;; option: ;; QUESTION SECTION (1 record) ;; capitolgiftshop.gov. IN A ;; ANSWER SECTION (0 records) ;; AUTHORITY SECTION (7 records) gov. 172800 IN NS a.gov-servers.net. gov. 172800 IN NS b.gov-servers.net. gov. 172800 IN NS c.gov-servers.net. gov. 172800 IN NS d.gov-servers.net. gov. 86400 IN DS ( 7698 8 2 6bc949e638442ead0bdaf0935763c8d003760384ff15ebbd5ce86bb5559561f0 ) gov. 86400 IN DS ( 64280 8 2 d66cdda12234c22c5e6fd1c894dbd682fe7967e111793485a281972bfb164377 ) gov. 86400 IN RRSIG ( DS 8 1 86400 20231015200000 20231002190000 46780 . yqBg+LUXu0n2FcVGM5kocuhZ+IKMBnoTCFhFYSy8ntJ/RpRad3Rv0a8XPpC8SD69ca8ux6DNfUnu ilX5aAHIjQ0uhqcEs+aZOWSfQRJly6tWXiUdnPUEDVk+7JKUP2vCHiu7DaNLpzIAT+IWrP+uvyLE CCJTA+KkrrjR9cdvFhBIb+zMjy1LXtMVcikvR1hG7XxawkFBqfvpQ3xqodmE6JfjqbHg2A/R0z8v p0DPdItUVtSDhKZwdfP+IsVcZ6QuBLtI7Xy/66c/VCw6cIORCyKDVFNJ4pKvgH6yjwa5wKlFQE3S VJQnFngQNGWsU81wwwNlRvVAUHSn77FozkrBmQ== ) ;; ADDITIONAL SECTION (9 records) a.gov-servers.net. 172800 IN A 69.36.157.30 a.gov-servers.net. 172800 IN AAAA 2001:500:4431::2:30 b.gov-servers.net. 172800 IN A 209.112.123.30 b.gov-servers.net. 172800 IN AAAA 2620:74:27::2:30 c.gov-servers.net. 172800 IN A 69.36.153.30 c.gov-servers.net. 172800 IN AAAA 2620:74:28::2:30 d.gov-servers.net. 172800 IN A 81.19.194.30 d.gov-servers.net. 172800 IN AAAA 2620:74:29::2:30 ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 1472 ;; option:
	Query to f.root-servers.net for gov/DNSKEY
	Received 670 bytes from 192.5.5.241
	;; Response received from 192.5.5.241 (670 octets) ;; HEADER SECTION ;; id = 51468 ;; qr = 1 aa = 0 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; qdcount = 1 ancount = 0 nscount = 7 arcount = 9 ;; do = 1 ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 1472 ;; option: ;; QUESTION SECTION (1 record) ;; gov. IN DNSKEY ;; ANSWER SECTION (0 records) ;; AUTHORITY SECTION (7 records) gov. 172800 IN NS a.gov-servers.net. gov. 172800 IN NS b.gov-servers.net. gov. 172800 IN NS c.gov-servers.net. gov. 172800 IN NS d.gov-servers.net. gov. 86400 IN DS ( 7698 8 2 6bc949e638442ead0bdaf0935763c8d003760384ff15ebbd5ce86bb5559561f0 ) gov. 86400 IN DS ( 64280 8 2 d66cdda12234c22c5e6fd1c894dbd682fe7967e111793485a281972bfb164377 ) gov. 86400 IN RRSIG ( DS 8 1 86400 20231015200000 20231002190000 46780 . yqBg+LUXu0n2FcVGM5kocuhZ+IKMBnoTCFhFYSy8ntJ/RpRad3Rv0a8XPpC8SD69ca8ux6DNfUnu ilX5aAHIjQ0uhqcEs+aZOWSfQRJly6tWXiUdnPUEDVk+7JKUP2vCHiu7DaNLpzIAT+IWrP+uvyLE CCJTA+KkrrjR9cdvFhBIb+zMjy1LXtMVcikvR1hG7XxawkFBqfvpQ3xqodmE6JfjqbHg2A/R0z8v p0DPdItUVtSDhKZwdfP+IsVcZ6QuBLtI7Xy/66c/VCw6cIORCyKDVFNJ4pKvgH6yjwa5wKlFQE3S VJQnFngQNGWsU81wwwNlRvVAUHSn77FozkrBmQ== ) ;; ADDITIONAL SECTION (9 records) a.gov-servers.net. 172800 IN A 69.36.157.30 a.gov-servers.net. 172800 IN AAAA 2001:500:4431::2:30 b.gov-servers.net. 172800 IN A 209.112.123.30 b.gov-servers.net. 172800 IN AAAA 2620:74:27::2:30 c.gov-servers.net. 172800 IN A 69.36.153.30 c.gov-servers.net. 172800 IN AAAA 2620:74:28::2:30 d.gov-servers.net. 172800 IN A 81.19.194.30 d.gov-servers.net. 172800 IN AAAA 2620:74:29::2:30 ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 1472 ;; option:
	Found child zone gov

gov

	Checking DS between . and gov
	Query to e.root-servers.net for gov/DS
	Received 415 bytes from 192.203.230.10
	;; Response received from 192.203.230.10 (415 octets) ;; HEADER SECTION ;; id = 33263 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; qdcount = 1 ancount = 3 nscount = 0 arcount = 1 ;; do = 1 ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 1472 ;; option: ;; QUESTION SECTION (1 record) ;; gov. IN DS ;; ANSWER SECTION (3 records) gov. 86400 IN DS ( 7698 8 2 6bc949e638442ead0bdaf0935763c8d003760384ff15ebbd5ce86bb5559561f0 ) gov. 86400 IN DS ( 64280 8 2 d66cdda12234c22c5e6fd1c894dbd682fe7967e111793485a281972bfb164377 ) gov. 86400 IN RRSIG ( DS 8 1 86400 20231015200000 20231002190000 46780 . yqBg+LUXu0n2FcVGM5kocuhZ+IKMBnoTCFhFYSy8ntJ/RpRad3Rv0a8XPpC8SD69ca8ux6DNfUnu ilX5aAHIjQ0uhqcEs+aZOWSfQRJly6tWXiUdnPUEDVk+7JKUP2vCHiu7DaNLpzIAT+IWrP+uvyLE CCJTA+KkrrjR9cdvFhBIb+zMjy1LXtMVcikvR1hG7XxawkFBqfvpQ3xqodmE6JfjqbHg2A/R0z8v p0DPdItUVtSDhKZwdfP+IsVcZ6QuBLtI7Xy/66c/VCw6cIORCyKDVFNJ4pKvgH6yjwa5wKlFQE3S VJQnFngQNGWsU81wwwNlRvVAUHSn77FozkrBmQ== ) ;; AUTHORITY SECTION (0 records) ;; ADDITIONAL SECTION (1 record) ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 1472 ;; option:
	Found 2 DS records for gov in the . zone
	DS=7698/SHA-256 has algorithm RSASHA256
	DS=64280/SHA-256 has algorithm RSASHA256
	Found 1 RRSIGs over DS RRset
	`gov. 86400 IN RRSIG ( DS 8 1 86400 20231015200000 20231002190000 46780 . yqBg+LUXu0n2FcVGM5kocuhZ+IKMBnoTCFhFYSy8ntJ/RpRad3Rv0a8XPpC8SD69ca8ux6DNfUnu ilX5aAHIjQ0uhqcEs+aZOWSfQRJly6tWXiUdnPUEDVk+7JKUP2vCHiu7DaNLpzIAT+IWrP+uvyLE CCJTA+KkrrjR9cdvFhBIb+zMjy1LXtMVcikvR1hG7XxawkFBqfvpQ3xqodmE6JfjqbHg2A/R0z8v p0DPdItUVtSDhKZwdfP+IsVcZ6QuBLtI7Xy/66c/VCw6cIORCyKDVFNJ4pKvgH6yjwa5wKlFQE3S VJQnFngQNGWsU81wwwNlRvVAUHSn77FozkrBmQ== )`
	RRSIG=46780 and DNSKEY=46780 verifies the DS RRset
	DS=7698/SHA-256 is now in the chain-of-trust
	DS=64280/SHA-256 is now in the chain-of-trust
	`gov. 86400 IN DS ( 7698 8 2 6bc949e638442ead0bdaf0935763c8d003760384ff15ebbd5ce86bb5559561f0 )`
	`gov. 86400 IN DS ( 64280 8 2 d66cdda12234c22c5e6fd1c894dbd682fe7967e111793485a281972bfb164377 )`
	Query to a.gov-servers.net for gov/DNSKEY
	Received 1233 bytes from 69.36.157.30
	;; Response received from 69.36.157.30 (1233 octets) ;; HEADER SECTION ;; id = 9759 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; qdcount = 1 ancount = 5 nscount = 0 arcount = 1 ;; do = 1 ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option: ;; QUESTION SECTION (1 record) ;; gov. IN DNSKEY ;; ANSWER SECTION (5 records) gov. 86400 IN DNSKEY ( 256 3 8 AwEAAcvA+2gDUzQ8CrZNef0l31+89Y1gUM8rPtvpC9E3HNsYoOxe3r0NVuWjafg5zXzkRnHhw0L9 nBIQH8cqEeFKg3bJx2i8dj4N9YXmmhkLHuE0JJ9+JrZQpWRY9AQPsG3l2RLnL6Vato0IIweFWF+7 oWVM0xMoB6wjI0XTB+tO1x3a/wuGs7cTPBM4RzvKqsY36/bICi+QNVIesASaGNrFqs0= ) ; Key ID = 40921 gov. 86400 IN DNSKEY ( 257 3 8 AwEAAZp0vliR0TOBCJXmdagY36BI5ZveSPE3OSrcXKDs8IZa86x1+gwbheJcfLB6Fw6cWYUXaNgA mFcbxqIqWc5VJSyPS9yCPdEOLEIiegwCmcWnNsEyc0snKTyypXnvJ5JNhoznpFILDqlksAqP/aiq 1/l0w8TMkRbRrViLrJ1ayaScZ0nn/ge5wNpX09T9RI+gF1OIMJDdgH1vi0a+t6smSy4pUrerFTsu y8JAL+PP85MZiOssT9yoERfWSjFKde6PrQX5vj090AxT+hztb+q2EFXnF1a2L73/3UarB19k5NR3 MT1uM7ddag64Q0lg3aTy3MglDCzP7/StUxdeyL5qIX8= ) ; Key ID = 64280 gov. 86400 IN DNSKEY ( 256 3 8 AwEAAcbYvlY667qXEzHsDTkft9cgKy5F0S9CAP+aFK9+sJumGqvpMaOyOzsilJ+OSVFhopJ1aRFp CUpLVIcVJ3E3YATGpzB45M0D5c4oJ0RjEIUakBwcPghmSW8K1GPqj/eUs4fbVPytXwtwvUll9Lxf gUvi5DA6xD6d2ckwDyRxfcMhXYydr2hIsgfrBLmRDMi4BkxMvA23eShPd/tPvnR0gJk= ) ; Key ID = 10104 gov. 86400 IN DNSKEY ( 257 3 8 AQO8daaz7B+yshOfL60rytKd9aOSujgponEw3fwBMEC3/+e9XzHw2k+VKnbJTZ+QaVtpfUd1q9HK ZIv/ck83Gl5TjYKE5jtUZ2kpEDZfVNGv6yx0smtWAXv1nCJS9ohnyOTd397eMojGDHqkEC+uojES cZheEkMxzgCZwDAs+/CSU7mSuHtCRZn19xlZUd5Gv7yDQ3mbOUwuy30oSk0z1Q5UUPpoihOugIZH FX6Jk7NLiW2wlqfq9qhV4zj7TiBiJY0mCc4zHN8/aq2VKDHp2Na7mWzvKyTy+SYQkBQ/08LbPwj9 YMc+uCzKL6sU/ObHv17EFhD8aPDftTHZvV9L+OZr ) ; Key ID = 7698 gov. 86400 IN RRSIG ( DNSKEY 8 1 86400 20231008040000 20230923035500 7698 gov. ZwUS8pkBdeVIiXrdTNAFO7hm3WBpzd5rmcMSg3ewi7Z7Gb6jjyqePCEVUOzrTZzY+CRSknDVQQc7 QAHTkqPG6pvFDWxDkEgBMAU33rSxxussGS6IROb6Pz/REaEHbxsdYmIdfk/HhDNj9v2XQlK4/O7g iIVqwiTlwTBRyryqKZYVBgXCvIWd5wWVPAz5ncDjgrelVa3WlsKK9R9wdMrIWpBO8hkZl8b/nUiO P66iKOJ/u08cZ3hJFvyGNMBBG8hdydVlTcebkU20eeEfI4ajEuzPUKhV7sEOvD4CXSbQaChutrFP ZaCgmk85dtnzdxBQqyeLstU7LY0KOFw/Iwz2fw== ) ;; AUTHORITY SECTION (0 records) ;; ADDITIONAL SECTION (1 record) ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option:
	Found 4 DNSKEY records for gov
	`gov. 86400 IN DNSKEY ( 256 3 8 AwEAAcvA+2gDUzQ8CrZNef0l31+89Y1gUM8rPtvpC9E3HNsYoOxe3r0NVuWjafg5zXzkRnHhw0L9 nBIQH8cqEeFKg3bJx2i8dj4N9YXmmhkLHuE0JJ9+JrZQpWRY9AQPsG3l2RLnL6Vato0IIweFWF+7 oWVM0xMoB6wjI0XTB+tO1x3a/wuGs7cTPBM4RzvKqsY36/bICi+QNVIesASaGNrFqs0= ) ; Key ID = 40921`
	`gov. 86400 IN DNSKEY ( 257 3 8 AwEAAZp0vliR0TOBCJXmdagY36BI5ZveSPE3OSrcXKDs8IZa86x1+gwbheJcfLB6Fw6cWYUXaNgA mFcbxqIqWc5VJSyPS9yCPdEOLEIiegwCmcWnNsEyc0snKTyypXnvJ5JNhoznpFILDqlksAqP/aiq 1/l0w8TMkRbRrViLrJ1ayaScZ0nn/ge5wNpX09T9RI+gF1OIMJDdgH1vi0a+t6smSy4pUrerFTsu y8JAL+PP85MZiOssT9yoERfWSjFKde6PrQX5vj090AxT+hztb+q2EFXnF1a2L73/3UarB19k5NR3 MT1uM7ddag64Q0lg3aTy3MglDCzP7/StUxdeyL5qIX8= ) ; Key ID = 64280`
	`gov. 86400 IN DNSKEY ( 256 3 8 AwEAAcbYvlY667qXEzHsDTkft9cgKy5F0S9CAP+aFK9+sJumGqvpMaOyOzsilJ+OSVFhopJ1aRFp CUpLVIcVJ3E3YATGpzB45M0D5c4oJ0RjEIUakBwcPghmSW8K1GPqj/eUs4fbVPytXwtwvUll9Lxf gUvi5DA6xD6d2ckwDyRxfcMhXYydr2hIsgfrBLmRDMi4BkxMvA23eShPd/tPvnR0gJk= ) ; Key ID = 10104`
	`gov. 86400 IN DNSKEY ( 257 3 8 AQO8daaz7B+yshOfL60rytKd9aOSujgponEw3fwBMEC3/+e9XzHw2k+VKnbJTZ+QaVtpfUd1q9HK ZIv/ck83Gl5TjYKE5jtUZ2kpEDZfVNGv6yx0smtWAXv1nCJS9ohnyOTd397eMojGDHqkEC+uojES cZheEkMxzgCZwDAs+/CSU7mSuHtCRZn19xlZUd5Gv7yDQ3mbOUwuy30oSk0z1Q5UUPpoihOugIZH FX6Jk7NLiW2wlqfq9qhV4zj7TiBiJY0mCc4zHN8/aq2VKDHp2Na7mWzvKyTy+SYQkBQ/08LbPwj9 YMc+uCzKL6sU/ObHv17EFhD8aPDftTHZvV9L+OZr ) ; Key ID = 7698`
	DNSKEY=64280/SEP is now in the chain-of-trust
	DS=64280/SHA-256 verifies DNSKEY=64280/SEP
	DNSKEY=7698/SEP is now in the chain-of-trust
	DS=7698/SHA-256 verifies DNSKEY=7698/SEP
	Found 1 RRSIGs over DNSKEY RRset
	`gov. 86400 IN RRSIG ( DNSKEY 8 1 86400 20231008040000 20230923035500 7698 gov. ZwUS8pkBdeVIiXrdTNAFO7hm3WBpzd5rmcMSg3ewi7Z7Gb6jjyqePCEVUOzrTZzY+CRSknDVQQc7 QAHTkqPG6pvFDWxDkEgBMAU33rSxxussGS6IROb6Pz/REaEHbxsdYmIdfk/HhDNj9v2XQlK4/O7g iIVqwiTlwTBRyryqKZYVBgXCvIWd5wWVPAz5ncDjgrelVa3WlsKK9R9wdMrIWpBO8hkZl8b/nUiO P66iKOJ/u08cZ3hJFvyGNMBBG8hdydVlTcebkU20eeEfI4ajEuzPUKhV7sEOvD4CXSbQaChutrFP ZaCgmk85dtnzdxBQqyeLstU7LY0KOFw/Iwz2fw== )`
	RRSIG=7698 and DNSKEY=7698/SEP verifies the DNSKEY RRset
	DNSKEY=40921 is now in the chain-of-trust
	DNSKEY=10104 is now in the chain-of-trust
	Query to b.gov-servers.net for capitolgiftshop.gov/A
	Received 510 bytes from 209.112.123.30
	;; Response received from 209.112.123.30 (510 octets) ;; HEADER SECTION ;; id = 12441 ;; qr = 1 aa = 0 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; qdcount = 1 ancount = 0 nscount = 9 arcount = 3 ;; do = 1 ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option: ;; QUESTION SECTION (1 record) ;; capitolgiftshop.gov. IN A ;; ANSWER SECTION (0 records) ;; AUTHORITY SECTION (9 records) capitolgiftshop.gov. 86400 IN NS ns3.comcastbusiness.net. capitolgiftshop.gov. 86400 IN NS ns2.comcastbusiness.net. capitolgiftshop.gov. 86400 IN NS ns2.aoc.gov. capitolgiftshop.gov. 86400 IN NS ns1.aoc.gov. capitolgiftshop.gov. 86400 IN NS authns2.centurylink.net. capitolgiftshop.gov. 86400 IN NS authns1.centurylink.net. capitolgiftshop.gov. 3600 IN DS ( 62962 8 1 3f7f8b3cb2780b121fc6309a25d049442b9ba787 ) capitolgiftshop.gov. 3600 IN DS ( 62962 8 2 34339d7a15abb95707a92014f72c021d4433c6c4a9c7d6dfe237361c3197ad1c ) capitolgiftshop.gov. 3600 IN RRSIG ( DS 8 2 3600 20231009094136 20231002094136 40921 gov. BQz4CsCnrD6eKzEWCTcxKuvyGcqJvxjEfIkaiX4217ZkXDoHy+chBZ8U0k7TtMpnD7NLdZydZYFq uS9qDX5B980Rkeeu6hRhh9TPnIz8Ojx9IRCaqycLmAjt69ZXspa7bWzRsAymO7a+DLuX6U2DsDIo rfpbeq0TgdEKUAXYRs8LfErwWOub4HaAEPv9iePE5gXMQpGzQ9H77BMt3RD+Ug== ) ;; ADDITIONAL SECTION (3 records) ns1.aoc.gov. 86400 IN A 161.197.102.14 ns2.aoc.gov. 86400 IN A 161.197.100.14 ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option:
	Query to a.gov-servers.net for capitolgiftshop.gov/DNSKEY
	Received 510 bytes from 69.36.157.30
	;; Response received from 69.36.157.30 (510 octets) ;; HEADER SECTION ;; id = 40519 ;; qr = 1 aa = 0 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; qdcount = 1 ancount = 0 nscount = 9 arcount = 3 ;; do = 1 ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option: ;; QUESTION SECTION (1 record) ;; capitolgiftshop.gov. IN DNSKEY ;; ANSWER SECTION (0 records) ;; AUTHORITY SECTION (9 records) capitolgiftshop.gov. 86400 IN NS ns3.comcastbusiness.net. capitolgiftshop.gov. 86400 IN NS ns2.aoc.gov. capitolgiftshop.gov. 86400 IN NS authns2.centurylink.net. capitolgiftshop.gov. 86400 IN NS ns2.comcastbusiness.net. capitolgiftshop.gov. 86400 IN NS ns1.aoc.gov. capitolgiftshop.gov. 86400 IN NS authns1.centurylink.net. capitolgiftshop.gov. 3600 IN DS ( 62962 8 1 3f7f8b3cb2780b121fc6309a25d049442b9ba787 ) capitolgiftshop.gov. 3600 IN DS ( 62962 8 2 34339d7a15abb95707a92014f72c021d4433c6c4a9c7d6dfe237361c3197ad1c ) capitolgiftshop.gov. 3600 IN RRSIG ( DS 8 2 3600 20231009094136 20231002094136 40921 gov. BQz4CsCnrD6eKzEWCTcxKuvyGcqJvxjEfIkaiX4217ZkXDoHy+chBZ8U0k7TtMpnD7NLdZydZYFq uS9qDX5B980Rkeeu6hRhh9TPnIz8Ojx9IRCaqycLmAjt69ZXspa7bWzRsAymO7a+DLuX6U2DsDIo rfpbeq0TgdEKUAXYRs8LfErwWOub4HaAEPv9iePE5gXMQpGzQ9H77BMt3RD+Ug== ) ;; ADDITIONAL SECTION (3 records) ns1.aoc.gov. 86400 IN A 161.197.102.14 ns2.aoc.gov. 86400 IN A 161.197.100.14 ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option:
	Found child zone capitolgiftshop.gov

capitolgiftshop.gov

	Checking DS between gov and capitolgiftshop.gov
	Query to c.gov-servers.net for capitolgiftshop.gov/DS
	Received 327 bytes from 69.36.153.30
	;; Response received from 69.36.153.30 (327 octets) ;; HEADER SECTION ;; id = 14065 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; qdcount = 1 ancount = 3 nscount = 0 arcount = 1 ;; do = 1 ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option: ;; QUESTION SECTION (1 record) ;; capitolgiftshop.gov. IN DS ;; ANSWER SECTION (3 records) capitolgiftshop.gov. 3600 IN DS ( 62962 8 1 3f7f8b3cb2780b121fc6309a25d049442b9ba787 ) capitolgiftshop.gov. 3600 IN DS ( 62962 8 2 34339d7a15abb95707a92014f72c021d4433c6c4a9c7d6dfe237361c3197ad1c ) capitolgiftshop.gov. 3600 IN RRSIG ( DS 8 2 3600 20231009094136 20231002094136 40921 gov. BQz4CsCnrD6eKzEWCTcxKuvyGcqJvxjEfIkaiX4217ZkXDoHy+chBZ8U0k7TtMpnD7NLdZydZYFq uS9qDX5B980Rkeeu6hRhh9TPnIz8Ojx9IRCaqycLmAjt69ZXspa7bWzRsAymO7a+DLuX6U2DsDIo rfpbeq0TgdEKUAXYRs8LfErwWOub4HaAEPv9iePE5gXMQpGzQ9H77BMt3RD+Ug== ) ;; AUTHORITY SECTION (0 records) ;; ADDITIONAL SECTION (1 record) ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option:
	Found 2 DS records for capitolgiftshop.gov in the gov zone
	DS=62962/SHA-1 has algorithm RSASHA256
	DS=62962/SHA-256 has algorithm RSASHA256
	Found 1 RRSIGs over DS RRset
	`capitolgiftshop.gov. 3600 IN RRSIG ( DS 8 2 3600 20231009094136 20231002094136 40921 gov. BQz4CsCnrD6eKzEWCTcxKuvyGcqJvxjEfIkaiX4217ZkXDoHy+chBZ8U0k7TtMpnD7NLdZydZYFq uS9qDX5B980Rkeeu6hRhh9TPnIz8Ojx9IRCaqycLmAjt69ZXspa7bWzRsAymO7a+DLuX6U2DsDIo rfpbeq0TgdEKUAXYRs8LfErwWOub4HaAEPv9iePE5gXMQpGzQ9H77BMt3RD+Ug== )`
	RRSIG=40921 and DNSKEY=40921 verifies the DS RRset
	DS=62962/SHA-1 is now in the chain-of-trust
	`capitolgiftshop.gov. 3600 IN DS ( 62962 8 1 3f7f8b3cb2780b121fc6309a25d049442b9ba787 )`
	`capitolgiftshop.gov. 3600 IN DS ( 62962 8 2 34339d7a15abb95707a92014f72c021d4433c6c4a9c7d6dfe237361c3197ad1c )`
	Query to ns1.aoc.gov for capitolgiftshop.gov/DNSKEY
	Received 1837 bytes from 161.197.102.14
	;; Response received from 161.197.102.14 (1837 octets) ;; HEADER SECTION ;; id = 9625 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; qdcount = 1 ancount = 8 nscount = 0 arcount = 1 ;; do = 1 ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 1220 ;; option: ;; QUESTION SECTION (1 record) ;; capitolgiftshop.gov. IN DNSKEY ;; ANSWER SECTION (8 records) capitolgiftshop.gov. 172800 IN DNSKEY ( 257 3 8 AwEAAaq8ixuzePVVo/LR/7Z6gXRIu9XJ5j7ER6PSXR7E/SirFIsMsVRkGIvp1eDZuCiz1AeoFgP+ 4zE3vTTDIdJXjq/TDM98f5hrbWx98SOI32zjSt5RohxU8P4cFUCDxmRM/8yiJcokQMeSSoXqwfSL XvHTrxE7/4m7aUab/2pseIYxQKkps2f2/zDRA51RP9FQWrWVNl5nr9EK1VHqbXoWagRgv7RTAeXs MvFzWPD2BAL2jpqzScmE2h7iiICg5ZBEMfCBQttob8aGAOpf7tbxuvp5P+MbDu7Uf7rBo/k1TMgf a6KrMXDemH3nyU86CCSLsMVMxhYyp4dTg4GSGaVtTmE= ) ; Key ID = 62962 capitolgiftshop.gov. 172800 IN DNSKEY ( 256 3 8 AwEAAdU3732dbSYwUm4pc1jc/ho4NdaNncic+Bgl6peNtMrXNgyCCBldhYV5B6eAOU/IIal0z1VE p+q2tbR97fmz5MMu5q4kiP/0HLLBv4xmdfYYmZ4CjZwcw4Le0fvHH7IO6mJvQnO5N2FxGggWOWr5 lsLFwd04uqBf4EmGfuRoLf2T ) ; Key ID = 17773 capitolgiftshop.gov. 172800 IN DNSKEY ( 256 3 8 AwEAAbZ1OdXot+M1lGFblT6PYe/WLbiGqtRzG3QAJqMLjv10jTwUjXp+/DZm8PjJqKYWVF5cME7u RtKnJv/17S68OX2nI73vwRgBKyuSMWWMEnrFX7NFl1AMmlwE+ttzdEqDUTd2sTSSlI+nvBMPR3Yj 0rw2XhNFVmkTpr7bVPq4hNad ) ; Key ID = 6313 capitolgiftshop.gov. 172800 IN DNSKEY ( 257 3 8 AwEAAbmjK/kvxNBVsHQLEjtOmSJNrcPfI+VtKifuSJegoTBfW2bYXkD2IP7aw6J1wE4c51GIaFUq DPKL/xMsKQB5mCPmb6rh+zt/9lKJtBsWASWqLP0gRpmovvRK8oXat2RGAMYRVoWlaCezP1ZvE3W2 Jrl7QyZ7zgOqq2Ct5UBTf0U3xNiqHBLvQmGw/cxDUo+2MXZNN+VpcaHsg0p7YMVqfQCaQQ+tk76h NiGmSlgxmN9Grcb6pCCxjtjwy53GTy6CBd3eQqVZ6ZR81OPVNeC709lVfIQ6l3bHe7lWYMluD5BV u4QPCbePa+rS45e7596WOmxa602xEv4KwCPW1hdQ/pM= ) ; Key ID = 32116 capitolgiftshop.gov. 172800 IN DNSKEY ( 256 3 8 AwEAAbB4IIFdSpjoH/+jsAfecn69p0v5AevqTmMoMGluZiTuVldWN1ZtffJlMRik/mmBUbtvVVAF fkAtTctch5qaaoT1V+DuIaxZZoWfFYZM2b2YGHOoGTjeXfceXrZtGRgBhL+0e48UsIJH+NImzYk1 r1f5JAHbSUIIkvxJyXR4nZQz ) ; Key ID = 13545 capitolgiftshop.gov. 172800 IN RRSIG ( DNSKEY 8 2 172800 20231006054416 20231002053538 6313 capitolgiftshop.gov. keCovtB5OZ1K8g/RVPDIMEyhaNEcq0lwUhalG5Nb3qCfTjU3SmfXwbqj+qiGV6EWrR/wRP3H7A6D xUH5fJHeDyQ5fFV4JExFE6oiwyciulqpDdU4a68JO/8sXTvGqSU9PlUXtflop1ofsqb6HZy16jBZ 5Mh6Q2gpJqCxSDaFq6U= ) capitolgiftshop.gov. 172800 IN RRSIG ( DNSKEY 8 2 172800 20231006054416 20231002053538 32116 capitolgiftshop.gov. Gx3EWm5UNxJV4/I+db4LfQ9H7Fdff+KuL538XqCsXy0B+7xIv1n3BW1pSaVWgUk/uZuXGEvEj7rt ot8vDMM2VT8rUs8DtT0WKAs09Puqs9Cr/fOcLxTY7OmTLxVos3t02ulCVYHboM/L9nXOFEAJWKsk 6KyXUKic1UpBvCed+l41UhDSuVL/0TsdZB7XU3vK+5JaI2jocjuk4rQvI6ob0jvCdljaqyTMoIUC 25NgRmplubzpFSmmWG4Hak7Y57hEOwNJ5kcMR8XdoUsJHWsmHS/B8xUiM69W8nqgTQdiKWX8+VB4 ep5vyp6kd0VtDl+GDk7LumN/O9GuvubRLzBX7Q== ) capitolgiftshop.gov. 172800 IN RRSIG ( DNSKEY 8 2 172800 20231006054416 20231002053538 62962 capitolgiftshop.gov. PrjVDYsUnEwVFAFRMW/p9iOJLqOfcma7ifUJ4Ft3uwzUObvWf26BPjiMd+KjEO+4EHJ+ovDaG9v1 OSTtRpZKJOQdNrCAB6xG/6mqIaGoD9cu2ffK7mO586o0g5stqFdnqrmtZg5jJ5Nxva8JtlgaongN DjJ1r5vLZMk9flZN8faM6Vv5OoaSPP9jpo3zER86ox50W4ny05Rbd0Ryneuj3in1/p/8pE2YX034 wOSuu/muyxASLgeIUuNjb4q082Mfam/AW85bv0yg/+ItCGdvpGo5itiZXpIvom/PWwYBrwSLg52P 2jOVTrdS521euBil2j7F57bqPpxuyEwrmvNMig== ) ;; AUTHORITY SECTION (0 records) ;; ADDITIONAL SECTION (1 record) ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 1220 ;; option:
	Found 5 DNSKEY records for capitolgiftshop.gov
	`capitolgiftshop.gov. 172800 IN DNSKEY ( 257 3 8 AwEAAaq8ixuzePVVo/LR/7Z6gXRIu9XJ5j7ER6PSXR7E/SirFIsMsVRkGIvp1eDZuCiz1AeoFgP+ 4zE3vTTDIdJXjq/TDM98f5hrbWx98SOI32zjSt5RohxU8P4cFUCDxmRM/8yiJcokQMeSSoXqwfSL XvHTrxE7/4m7aUab/2pseIYxQKkps2f2/zDRA51RP9FQWrWVNl5nr9EK1VHqbXoWagRgv7RTAeXs MvFzWPD2BAL2jpqzScmE2h7iiICg5ZBEMfCBQttob8aGAOpf7tbxuvp5P+MbDu7Uf7rBo/k1TMgf a6KrMXDemH3nyU86CCSLsMVMxhYyp4dTg4GSGaVtTmE= ) ; Key ID = 62962`
	`capitolgiftshop.gov. 172800 IN DNSKEY ( 256 3 8 AwEAAdU3732dbSYwUm4pc1jc/ho4NdaNncic+Bgl6peNtMrXNgyCCBldhYV5B6eAOU/IIal0z1VE p+q2tbR97fmz5MMu5q4kiP/0HLLBv4xmdfYYmZ4CjZwcw4Le0fvHH7IO6mJvQnO5N2FxGggWOWr5 lsLFwd04uqBf4EmGfuRoLf2T ) ; Key ID = 17773`
	`capitolgiftshop.gov. 172800 IN DNSKEY ( 256 3 8 AwEAAbZ1OdXot+M1lGFblT6PYe/WLbiGqtRzG3QAJqMLjv10jTwUjXp+/DZm8PjJqKYWVF5cME7u RtKnJv/17S68OX2nI73vwRgBKyuSMWWMEnrFX7NFl1AMmlwE+ttzdEqDUTd2sTSSlI+nvBMPR3Yj 0rw2XhNFVmkTpr7bVPq4hNad ) ; Key ID = 6313`
	`capitolgiftshop.gov. 172800 IN DNSKEY ( 257 3 8 AwEAAbmjK/kvxNBVsHQLEjtOmSJNrcPfI+VtKifuSJegoTBfW2bYXkD2IP7aw6J1wE4c51GIaFUq DPKL/xMsKQB5mCPmb6rh+zt/9lKJtBsWASWqLP0gRpmovvRK8oXat2RGAMYRVoWlaCezP1ZvE3W2 Jrl7QyZ7zgOqq2Ct5UBTf0U3xNiqHBLvQmGw/cxDUo+2MXZNN+VpcaHsg0p7YMVqfQCaQQ+tk76h NiGmSlgxmN9Grcb6pCCxjtjwy53GTy6CBd3eQqVZ6ZR81OPVNeC709lVfIQ6l3bHe7lWYMluD5BV u4QPCbePa+rS45e7596WOmxa602xEv4KwCPW1hdQ/pM= ) ; Key ID = 32116`
	`capitolgiftshop.gov. 172800 IN DNSKEY ( 256 3 8 AwEAAbB4IIFdSpjoH/+jsAfecn69p0v5AevqTmMoMGluZiTuVldWN1ZtffJlMRik/mmBUbtvVVAF fkAtTctch5qaaoT1V+DuIaxZZoWfFYZM2b2YGHOoGTjeXfceXrZtGRgBhL+0e48UsIJH+NImzYk1 r1f5JAHbSUIIkvxJyXR4nZQz ) ; Key ID = 13545`
	DNSKEY=62962/SEP is now in the chain-of-trust
	DS=62962/SHA-1 verifies DNSKEY=62962/SEP
	DS=62962/SHA-256 verifies DNSKEY=62962/SEP
	Found 3 RRSIGs over DNSKEY RRset
	`capitolgiftshop.gov. 172800 IN RRSIG ( DNSKEY 8 2 172800 20231006054416 20231002053538 6313 capitolgiftshop.gov. keCovtB5OZ1K8g/RVPDIMEyhaNEcq0lwUhalG5Nb3qCfTjU3SmfXwbqj+qiGV6EWrR/wRP3H7A6D xUH5fJHeDyQ5fFV4JExFE6oiwyciulqpDdU4a68JO/8sXTvGqSU9PlUXtflop1ofsqb6HZy16jBZ 5Mh6Q2gpJqCxSDaFq6U= )`
	`capitolgiftshop.gov. 172800 IN RRSIG ( DNSKEY 8 2 172800 20231006054416 20231002053538 32116 capitolgiftshop.gov. Gx3EWm5UNxJV4/I+db4LfQ9H7Fdff+KuL538XqCsXy0B+7xIv1n3BW1pSaVWgUk/uZuXGEvEj7rt ot8vDMM2VT8rUs8DtT0WKAs09Puqs9Cr/fOcLxTY7OmTLxVos3t02ulCVYHboM/L9nXOFEAJWKsk 6KyXUKic1UpBvCed+l41UhDSuVL/0TsdZB7XU3vK+5JaI2jocjuk4rQvI6ob0jvCdljaqyTMoIUC 25NgRmplubzpFSmmWG4Hak7Y57hEOwNJ5kcMR8XdoUsJHWsmHS/B8xUiM69W8nqgTQdiKWX8+VB4 ep5vyp6kd0VtDl+GDk7LumN/O9GuvubRLzBX7Q== )`
	`capitolgiftshop.gov. 172800 IN RRSIG ( DNSKEY 8 2 172800 20231006054416 20231002053538 62962 capitolgiftshop.gov. PrjVDYsUnEwVFAFRMW/p9iOJLqOfcma7ifUJ4Ft3uwzUObvWf26BPjiMd+KjEO+4EHJ+ovDaG9v1 OSTtRpZKJOQdNrCAB6xG/6mqIaGoD9cu2ffK7mO586o0g5stqFdnqrmtZg5jJ5Nxva8JtlgaongN DjJ1r5vLZMk9flZN8faM6Vv5OoaSPP9jpo3zER86ox50W4ny05Rbd0Ryneuj3in1/p/8pE2YX034 wOSuu/muyxASLgeIUuNjb4q082Mfam/AW85bv0yg/+ItCGdvpGo5itiZXpIvom/PWwYBrwSLg52P 2jOVTrdS521euBil2j7F57bqPpxuyEwrmvNMig== )`
	RRSIG=6313 and DNSKEY=6313 verifies the DNSKEY RRset
	RRSIG=32116 and DNSKEY=32116/SEP verifies the DNSKEY RRset
	RRSIG=62962 and DNSKEY=62962/SEP verifies the DNSKEY RRset
	DNSKEY=17773 is now in the chain-of-trust
	DNSKEY=6313 is now in the chain-of-trust
	DNSKEY=32116/SEP is now in the chain-of-trust
	DNSKEY=13545 is now in the chain-of-trust
	Query to ns2.aoc.gov for capitolgiftshop.gov/A
	Received 506 bytes from 161.197.100.14
	;; Response received from 161.197.100.14 (506 octets) ;; HEADER SECTION ;; id = 36461 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; qdcount = 1 ancount = 0 nscount = 4 arcount = 1 ;; do = 1 ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 1220 ;; option: ;; QUESTION SECTION (1 record) ;; capitolgiftshop.gov. IN A ;; ANSWER SECTION (0 records) ;; AUTHORITY SECTION (4 records) capitolgiftshop.gov. 900 IN SOA ( ns1.aoc.gov. hostmaster.aoc.gov. 2005 ;serial 10800 ;refresh 1080 ;retry 2419200 ;expire 900 ;minimum ) capitolgiftshop.gov. 900 IN RRSIG ( SOA 8 2 28800 20231006063538 20231002053538 6313 capitolgiftshop.gov. bd37ri1NCKt5HPkrMsREUJqt59oRHT/9vbJ0CikqT2x8ZkC4kc7/f3AZQSmxVwgANQq4klzDeina 8smFz9WaeMGciKHlVEITQidz8318qXtG1jvqR13RWzlMiVCx0vfzOPKdaHNno5+j39QTN5EDCz2I YSKmK9DzJSROicyZCoU= ) capitolgiftshop.gov. 900 IN NSEC ( capitolgiftshop.gov. NS SOA RRSIG NSEC DNSKEY ) capitolgiftshop.gov. 900 IN RRSIG ( NSEC 8 2 900 20231006054416 20231002053538 6313 capitolgiftshop.gov. KOQyBLVVsar6eJFQVBKhyEqvvmZ1qOrJ6h05YWmw9URHwybEzVqyGzm5oETeqMQHuphOqmsPuKvH MTHSm3cn9bapX7RUNKAApTGL2e+s6zttv0q2BOATrXn3dd4M1LpsrGtNa+2lpV6Ko1avZWHUeALj C8mNkzvNFk/dRCmTgSg= ) ;; ADDITIONAL SECTION (1 record) ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 1220 ;; option:
	ns2.aoc.gov is authoritative for capitolgiftshop.gov
	Found RRSIG signed by capitolgiftshop.gov zone
	Query to authns1.centurylink.net for capitolgiftshop.gov/SOA
	Received 1058 bytes from 63.150.72.4
	;; Response received from 63.150.72.4 (1058 octets) ;; HEADER SECTION ;; id = 43097 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; qdcount = 1 ancount = 2 nscount = 7 arcount = 9 ;; do = 1 ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option: ;; QUESTION SECTION (1 record) ;; capitolgiftshop.gov. IN SOA ;; ANSWER SECTION (2 records) capitolgiftshop.gov. 28800 IN SOA ( ns1.aoc.gov. hostmaster.aoc.gov. 2005 ;serial 10800 ;refresh 1080 ;retry 2419200 ;expire 900 ;minimum ) capitolgiftshop.gov. 28800 IN RRSIG ( SOA 8 2 28800 20231006063538 20231002053538 6313 capitolgiftshop.gov. bd37ri1NCKt5HPkrMsREUJqt59oRHT/9vbJ0CikqT2x8ZkC4kc7/f3AZQSmxVwgANQq4klzDeina 8smFz9WaeMGciKHlVEITQidz8318qXtG1jvqR13RWzlMiVCx0vfzOPKdaHNno5+j39QTN5EDCz2I YSKmK9DzJSROicyZCoU= ) ;; AUTHORITY SECTION (7 records) capitolgiftshop.gov. 28800 IN NS authns2.centurylink.net. capitolgiftshop.gov. 28800 IN NS authns1.centurylink.net. capitolgiftshop.gov. 28800 IN NS ns1.aoc.gov. capitolgiftshop.gov. 28800 IN NS ns2.aoc.gov. capitolgiftshop.gov. 28800 IN NS ns3.comcastbusiness.net. capitolgiftshop.gov. 28800 IN NS ns2.comcastbusiness.net. capitolgiftshop.gov. 28800 IN RRSIG ( NS 8 2 28800 20231006054416 20231002053538 6313 capitolgiftshop.gov. Y0JLrRrjrjcNoQ0YjSb8hf8MYtcB162vQ9NgjQuCABY26WpXSwsnLspv2g44dOyxMf7XXfxjelBp NBawsZGPHCLZCa/L5fIgYd3PrB67MZO/q3sW1ULDu6L7gfRehhEtf1UBMS9ngmSv+ghnpA1ZJQf7 x0+hIUgYiZhPnh9ZaLI= ) ;; ADDITIONAL SECTION (9 records) ns1.aoc.gov. 3600 IN A 161.197.102.14 ns2.aoc.gov. 3600 IN A 161.197.100.14 authns1.centurylink.net. 600 IN A 63.150.72.4 authns2.centurylink.net. 600 IN A 208.44.130.120 authns1.centurylink.net. 300 IN AAAA 2001:428::5 authns2.centurylink.net. 300 IN AAAA 2001:428::6 ns1.aoc.gov. 3600 IN RRSIG ( A 8 3 3600 20231006191344 20231002190429 29538 aoc.gov. stSZVtvduPu8qM+BSmuqGpva7e+q2GlkXmAEUWCpjuCxJMFcDXEiX+CsCymt2Sr0Viy4UST1aw+Z ox6CbhaZbqlCSXeZPX2dLbjrynQN3UoLzyWAJszjlpnt59DWr4kvm4PQfTXvzYgJmNtR86VAwfEg nPFkmS38lAL+sJ91D0Q= ) ns2.aoc.gov. 3600 IN RRSIG ( A 8 3 3600 20231006192438 20231002192116 29538 aoc.gov. LNd8WTdXxeaYw1K+ei1uGg20Ux6DbXBt3weQszdNAarpHj8l6rdJn5R+rzL03PbB//BZ+AsgqRvw tVzZzjWJ3R1CXMpe+rK5BUBxYm1eCeRqPPDy9gPZP1ap4HXEWVJslok+ftcYxx0qf8xH6kndpxzQ X4ZxQWf6RlZaSb+XfDw= ) ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option:
	Query to ns3.comcastbusiness.net for capitolgiftshop.gov/SOA
	Received 282 bytes from 68.87.76.228
	;; Response received from 68.87.76.228 (282 octets) ;; HEADER SECTION ;; id = 15391 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; qdcount = 1 ancount = 2 nscount = 0 arcount = 1 ;; do = 1 ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option: ;; QUESTION SECTION (1 record) ;; capitolgiftshop.gov. IN SOA ;; ANSWER SECTION (2 records) capitolgiftshop.gov. 28800 IN SOA ( ns1.aoc.gov. hostmaster.aoc.gov. 2005 ;serial 10800 ;refresh 1080 ;retry 2419200 ;expire 900 ;minimum ) capitolgiftshop.gov. 28800 IN RRSIG ( SOA 8 2 28800 20231006063538 20231002053538 6313 capitolgiftshop.gov. bd37ri1NCKt5HPkrMsREUJqt59oRHT/9vbJ0CikqT2x8ZkC4kc7/f3AZQSmxVwgANQq4klzDeina 8smFz9WaeMGciKHlVEITQidz8318qXtG1jvqR13RWzlMiVCx0vfzOPKdaHNno5+j39QTN5EDCz2I YSKmK9DzJSROicyZCoU= ) ;; AUTHORITY SECTION (0 records) ;; ADDITIONAL SECTION (1 record) ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option:
	Query to authns2.centurylink.net for capitolgiftshop.gov/SOA
	Received 1058 bytes from 208.44.130.120
	;; Response received from 208.44.130.120 (1058 octets) ;; HEADER SECTION ;; id = 60231 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; qdcount = 1 ancount = 2 nscount = 7 arcount = 9 ;; do = 1 ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option: ;; QUESTION SECTION (1 record) ;; capitolgiftshop.gov. IN SOA ;; ANSWER SECTION (2 records) capitolgiftshop.gov. 28800 IN SOA ( ns1.aoc.gov. hostmaster.aoc.gov. 2005 ;serial 10800 ;refresh 1080 ;retry 2419200 ;expire 900 ;minimum ) capitolgiftshop.gov. 28800 IN RRSIG ( SOA 8 2 28800 20231006063538 20231002053538 6313 capitolgiftshop.gov. bd37ri1NCKt5HPkrMsREUJqt59oRHT/9vbJ0CikqT2x8ZkC4kc7/f3AZQSmxVwgANQq4klzDeina 8smFz9WaeMGciKHlVEITQidz8318qXtG1jvqR13RWzlMiVCx0vfzOPKdaHNno5+j39QTN5EDCz2I YSKmK9DzJSROicyZCoU= ) ;; AUTHORITY SECTION (7 records) capitolgiftshop.gov. 28800 IN NS ns3.comcastbusiness.net. capitolgiftshop.gov. 28800 IN NS authns1.centurylink.net. capitolgiftshop.gov. 28800 IN NS authns2.centurylink.net. capitolgiftshop.gov. 28800 IN NS ns2.comcastbusiness.net. capitolgiftshop.gov. 28800 IN NS ns1.aoc.gov. capitolgiftshop.gov. 28800 IN NS ns2.aoc.gov. capitolgiftshop.gov. 28800 IN RRSIG ( NS 8 2 28800 20231006054416 20231002053538 6313 capitolgiftshop.gov. Y0JLrRrjrjcNoQ0YjSb8hf8MYtcB162vQ9NgjQuCABY26WpXSwsnLspv2g44dOyxMf7XXfxjelBp NBawsZGPHCLZCa/L5fIgYd3PrB67MZO/q3sW1ULDu6L7gfRehhEtf1UBMS9ngmSv+ghnpA1ZJQf7 x0+hIUgYiZhPnh9ZaLI= ) ;; ADDITIONAL SECTION (9 records) ns1.aoc.gov. 3600 IN A 161.197.102.14 ns2.aoc.gov. 3600 IN A 161.197.100.14 authns1.centurylink.net. 600 IN A 63.150.72.4 authns2.centurylink.net. 600 IN A 208.44.130.120 authns1.centurylink.net. 300 IN AAAA 2001:428::5 authns2.centurylink.net. 300 IN AAAA 2001:428::6 ns1.aoc.gov. 3600 IN RRSIG ( A 8 3 3600 20231006191344 20231002190429 29538 aoc.gov. stSZVtvduPu8qM+BSmuqGpva7e+q2GlkXmAEUWCpjuCxJMFcDXEiX+CsCymt2Sr0Viy4UST1aw+Z ox6CbhaZbqlCSXeZPX2dLbjrynQN3UoLzyWAJszjlpnt59DWr4kvm4PQfTXvzYgJmNtR86VAwfEg nPFkmS38lAL+sJ91D0Q= ) ns2.aoc.gov. 3600 IN RRSIG ( A 8 3 3600 20231006192438 20231002192116 29538 aoc.gov. LNd8WTdXxeaYw1K+ei1uGg20Ux6DbXBt3weQszdNAarpHj8l6rdJn5R+rzL03PbB//BZ+AsgqRvw tVzZzjWJ3R1CXMpe+rK5BUBxYm1eCeRqPPDy9gPZP1ap4HXEWVJslok+ftcYxx0qf8xH6kndpxzQ X4ZxQWf6RlZaSb+XfDw= ) ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option:
	Query to ns2.comcastbusiness.net for capitolgiftshop.gov/SOA
	Received 282 bytes from 68.87.85.132
	;; Response received from 68.87.85.132 (282 octets) ;; HEADER SECTION ;; id = 39449 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; qdcount = 1 ancount = 2 nscount = 0 arcount = 1 ;; do = 1 ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option: ;; QUESTION SECTION (1 record) ;; capitolgiftshop.gov. IN SOA ;; ANSWER SECTION (2 records) capitolgiftshop.gov. 28800 IN SOA ( ns1.aoc.gov. hostmaster.aoc.gov. 2005 ;serial 10800 ;refresh 1080 ;retry 2419200 ;expire 900 ;minimum ) capitolgiftshop.gov. 28800 IN RRSIG ( SOA 8 2 28800 20231006063538 20231002053538 6313 capitolgiftshop.gov. bd37ri1NCKt5HPkrMsREUJqt59oRHT/9vbJ0CikqT2x8ZkC4kc7/f3AZQSmxVwgANQq4klzDeina 8smFz9WaeMGciKHlVEITQidz8318qXtG1jvqR13RWzlMiVCx0vfzOPKdaHNno5+j39QTN5EDCz2I YSKmK9DzJSROicyZCoU= ) ;; AUTHORITY SECTION (0 records) ;; ADDITIONAL SECTION (1 record) ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option:
	Query to ns1.aoc.gov for capitolgiftshop.gov/SOA
	Received 285 bytes from 161.197.102.14
	;; Response received from 161.197.102.14 (285 octets) ;; HEADER SECTION ;; id = 33169 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; qdcount = 1 ancount = 2 nscount = 0 arcount = 1 ;; do = 1 ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 1220 ;; option: ;; QUESTION SECTION (1 record) ;; capitolgiftshop.gov. IN SOA ;; ANSWER SECTION (2 records) capitolgiftshop.gov. 28800 IN SOA ( ns1.aoc.gov. hostmaster.aoc.gov. 2005 ;serial 10800 ;refresh 1080 ;retry 2419200 ;expire 900 ;minimum ) capitolgiftshop.gov. 28800 IN RRSIG ( SOA 8 2 28800 20231006063538 20231002053538 6313 capitolgiftshop.gov. bd37ri1NCKt5HPkrMsREUJqt59oRHT/9vbJ0CikqT2x8ZkC4kc7/f3AZQSmxVwgANQq4klzDeina 8smFz9WaeMGciKHlVEITQidz8318qXtG1jvqR13RWzlMiVCx0vfzOPKdaHNno5+j39QTN5EDCz2I YSKmK9DzJSROicyZCoU= ) ;; AUTHORITY SECTION (0 records) ;; ADDITIONAL SECTION (1 record) ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 1220 ;; option:
	Query to ns2.aoc.gov for capitolgiftshop.gov/A
	Received 506 bytes from 161.197.100.14
	;; Response received from 161.197.100.14 (506 octets) ;; HEADER SECTION ;; id = 14851 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; qdcount = 1 ancount = 0 nscount = 4 arcount = 1 ;; do = 1 ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 1220 ;; option: ;; QUESTION SECTION (1 record) ;; capitolgiftshop.gov. IN A ;; ANSWER SECTION (0 records) ;; AUTHORITY SECTION (4 records) capitolgiftshop.gov. 900 IN SOA ( ns1.aoc.gov. hostmaster.aoc.gov. 2005 ;serial 10800 ;refresh 1080 ;retry 2419200 ;expire 900 ;minimum ) capitolgiftshop.gov. 900 IN RRSIG ( SOA 8 2 28800 20231006063538 20231002053538 6313 capitolgiftshop.gov. bd37ri1NCKt5HPkrMsREUJqt59oRHT/9vbJ0CikqT2x8ZkC4kc7/f3AZQSmxVwgANQq4klzDeina 8smFz9WaeMGciKHlVEITQidz8318qXtG1jvqR13RWzlMiVCx0vfzOPKdaHNno5+j39QTN5EDCz2I YSKmK9DzJSROicyZCoU= ) capitolgiftshop.gov. 900 IN NSEC ( capitolgiftshop.gov. NS SOA RRSIG NSEC DNSKEY ) capitolgiftshop.gov. 900 IN RRSIG ( NSEC 8 2 900 20231006054416 20231002053538 6313 capitolgiftshop.gov. KOQyBLVVsar6eJFQVBKhyEqvvmZ1qOrJ6h05YWmw9URHwybEzVqyGzm5oETeqMQHuphOqmsPuKvH MTHSm3cn9bapX7RUNKAApTGL2e+s6zttv0q2BOATrXn3dd4M1LpsrGtNa+2lpV6Ko1avZWHUeALj C8mNkzvNFk/dRCmTgSg= ) ;; ADDITIONAL SECTION (1 record) ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 1220 ;; option:
	Checking NSEC records for a NODATA response
	Found 1 RRSIGs over NSEC RRset
	`capitolgiftshop.gov. 900 IN RRSIG ( NSEC 8 2 900 20231006054416 20231002053538 6313 capitolgiftshop.gov. KOQyBLVVsar6eJFQVBKhyEqvvmZ1qOrJ6h05YWmw9URHwybEzVqyGzm5oETeqMQHuphOqmsPuKvH MTHSm3cn9bapX7RUNKAApTGL2e+s6zttv0q2BOATrXn3dd4M1LpsrGtNa+2lpV6Ko1avZWHUeALj C8mNkzvNFk/dRCmTgSg= )`
	RRSIG=6313 and DNSKEY=6313 verifies the NSEC RRset
	NSEC proves no records of type A exist for capitolgiftshop.gov
	Found 1 RRSIGs over SOA RRset
	`capitolgiftshop.gov. 900 IN RRSIG ( SOA 8 2 28800 20231006063538 20231002053538 6313 capitolgiftshop.gov. bd37ri1NCKt5HPkrMsREUJqt59oRHT/9vbJ0CikqT2x8ZkC4kc7/f3AZQSmxVwgANQq4klzDeina 8smFz9WaeMGciKHlVEITQidz8318qXtG1jvqR13RWzlMiVCx0vfzOPKdaHNno5+j39QTN5EDCz2I YSKmK9DzJSROicyZCoU= )`
	RRSIG=6313 and DNSKEY=6313 verifies the SOA RRset

capitolgiftshop.gov

	Query to ns2.comcastbusiness.net for capitolgiftshop.gov/A
	Received 503 bytes from 68.87.85.132
	;; Response received from 68.87.85.132 (503 octets) ;; HEADER SECTION ;; id = 11177 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; qdcount = 1 ancount = 0 nscount = 4 arcount = 1 ;; do = 1 ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option: ;; QUESTION SECTION (1 record) ;; capitolgiftshop.gov. IN A ;; ANSWER SECTION (0 records) ;; AUTHORITY SECTION (4 records) capitolgiftshop.gov. 900 IN SOA ( ns1.aoc.gov. hostmaster.aoc.gov. 2005 ;serial 10800 ;refresh 1080 ;retry 2419200 ;expire 900 ;minimum ) capitolgiftshop.gov. 28800 IN RRSIG ( SOA 8 2 28800 20231006063538 20231002053538 6313 capitolgiftshop.gov. bd37ri1NCKt5HPkrMsREUJqt59oRHT/9vbJ0CikqT2x8ZkC4kc7/f3AZQSmxVwgANQq4klzDeina 8smFz9WaeMGciKHlVEITQidz8318qXtG1jvqR13RWzlMiVCx0vfzOPKdaHNno5+j39QTN5EDCz2I YSKmK9DzJSROicyZCoU= ) capitolgiftshop.gov. 900 IN NSEC ( capitolgiftshop.gov. NS SOA RRSIG NSEC DNSKEY ) capitolgiftshop.gov. 900 IN RRSIG ( NSEC 8 2 900 20231006054416 20231002053538 6313 capitolgiftshop.gov. KOQyBLVVsar6eJFQVBKhyEqvvmZ1qOrJ6h05YWmw9URHwybEzVqyGzm5oETeqMQHuphOqmsPuKvH MTHSm3cn9bapX7RUNKAApTGL2e+s6zttv0q2BOATrXn3dd4M1LpsrGtNa+2lpV6Ko1avZWHUeALj C8mNkzvNFk/dRCmTgSg= ) ;; ADDITIONAL SECTION (1 record) ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option:
	ns2.comcastbusiness.net is authoritative for capitolgiftshop.gov
	Found RRSIG signed by capitolgiftshop.gov zone
	Query to ns2.comcastbusiness.net for capitolgiftshop.gov/A
	Received 503 bytes from 68.87.85.132
	;; Response received from 68.87.85.132 (503 octets) ;; HEADER SECTION ;; id = 10395 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; qdcount = 1 ancount = 0 nscount = 4 arcount = 1 ;; do = 1 ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option: ;; QUESTION SECTION (1 record) ;; capitolgiftshop.gov. IN A ;; ANSWER SECTION (0 records) ;; AUTHORITY SECTION (4 records) capitolgiftshop.gov. 900 IN SOA ( ns1.aoc.gov. hostmaster.aoc.gov. 2005 ;serial 10800 ;refresh 1080 ;retry 2419200 ;expire 900 ;minimum ) capitolgiftshop.gov. 28800 IN RRSIG ( SOA 8 2 28800 20231006063538 20231002053538 6313 capitolgiftshop.gov. bd37ri1NCKt5HPkrMsREUJqt59oRHT/9vbJ0CikqT2x8ZkC4kc7/f3AZQSmxVwgANQq4klzDeina 8smFz9WaeMGciKHlVEITQidz8318qXtG1jvqR13RWzlMiVCx0vfzOPKdaHNno5+j39QTN5EDCz2I YSKmK9DzJSROicyZCoU= ) capitolgiftshop.gov. 900 IN NSEC ( capitolgiftshop.gov. NS SOA RRSIG NSEC DNSKEY ) capitolgiftshop.gov. 900 IN RRSIG ( NSEC 8 2 900 20231006054416 20231002053538 6313 capitolgiftshop.gov. KOQyBLVVsar6eJFQVBKhyEqvvmZ1qOrJ6h05YWmw9URHwybEzVqyGzm5oETeqMQHuphOqmsPuKvH MTHSm3cn9bapX7RUNKAApTGL2e+s6zttv0q2BOATrXn3dd4M1LpsrGtNa+2lpV6Ko1avZWHUeALj C8mNkzvNFk/dRCmTgSg= ) ;; ADDITIONAL SECTION (1 record) ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option:
	Checking NSEC records for a NODATA response
	Found 1 RRSIGs over NSEC RRset
	`capitolgiftshop.gov. 900 IN RRSIG ( NSEC 8 2 900 20231006054416 20231002053538 6313 capitolgiftshop.gov. KOQyBLVVsar6eJFQVBKhyEqvvmZ1qOrJ6h05YWmw9URHwybEzVqyGzm5oETeqMQHuphOqmsPuKvH MTHSm3cn9bapX7RUNKAApTGL2e+s6zttv0q2BOATrXn3dd4M1LpsrGtNa+2lpV6Ko1avZWHUeALj C8mNkzvNFk/dRCmTgSg= )`
	RRSIG=6313 and DNSKEY=6313 verifies the NSEC RRset
	NSEC proves no records of type A exist for capitolgiftshop.gov
	Found 1 RRSIGs over SOA RRset
	`capitolgiftshop.gov. 28800 IN RRSIG ( SOA 8 2 28800 20231006063538 20231002053538 6313 capitolgiftshop.gov. bd37ri1NCKt5HPkrMsREUJqt59oRHT/9vbJ0CikqT2x8ZkC4kc7/f3AZQSmxVwgANQq4klzDeina 8smFz9WaeMGciKHlVEITQidz8318qXtG1jvqR13RWzlMiVCx0vfzOPKdaHNno5+j39QTN5EDCz2I YSKmK9DzJSROicyZCoU= )`
	RRSIG=6313 and DNSKEY=6313 verifies the SOA RRset

capitolgiftshop.gov

	Query to ns1.aoc.gov for capitolgiftshop.gov/A
	Received 506 bytes from 161.197.102.14
	;; Response received from 161.197.102.14 (506 octets) ;; HEADER SECTION ;; id = 54520 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; qdcount = 1 ancount = 0 nscount = 4 arcount = 1 ;; do = 1 ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 1220 ;; option: ;; QUESTION SECTION (1 record) ;; capitolgiftshop.gov. IN A ;; ANSWER SECTION (0 records) ;; AUTHORITY SECTION (4 records) capitolgiftshop.gov. 900 IN SOA ( ns1.aoc.gov. hostmaster.aoc.gov. 2005 ;serial 10800 ;refresh 1080 ;retry 2419200 ;expire 900 ;minimum ) capitolgiftshop.gov. 900 IN RRSIG ( SOA 8 2 28800 20231006063538 20231002053538 6313 capitolgiftshop.gov. bd37ri1NCKt5HPkrMsREUJqt59oRHT/9vbJ0CikqT2x8ZkC4kc7/f3AZQSmxVwgANQq4klzDeina 8smFz9WaeMGciKHlVEITQidz8318qXtG1jvqR13RWzlMiVCx0vfzOPKdaHNno5+j39QTN5EDCz2I YSKmK9DzJSROicyZCoU= ) capitolgiftshop.gov. 900 IN NSEC ( capitolgiftshop.gov. NS SOA RRSIG NSEC DNSKEY ) capitolgiftshop.gov. 900 IN RRSIG ( NSEC 8 2 900 20231006054416 20231002053538 6313 capitolgiftshop.gov. KOQyBLVVsar6eJFQVBKhyEqvvmZ1qOrJ6h05YWmw9URHwybEzVqyGzm5oETeqMQHuphOqmsPuKvH MTHSm3cn9bapX7RUNKAApTGL2e+s6zttv0q2BOATrXn3dd4M1LpsrGtNa+2lpV6Ko1avZWHUeALj C8mNkzvNFk/dRCmTgSg= ) ;; ADDITIONAL SECTION (1 record) ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 1220 ;; option:
	ns1.aoc.gov is authoritative for capitolgiftshop.gov
	Found RRSIG signed by capitolgiftshop.gov zone
	Query to ns1.aoc.gov for capitolgiftshop.gov/A
	Received 506 bytes from 161.197.102.14
	;; Response received from 161.197.102.14 (506 octets) ;; HEADER SECTION ;; id = 9559 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; qdcount = 1 ancount = 0 nscount = 4 arcount = 1 ;; do = 1 ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 1220 ;; option: ;; QUESTION SECTION (1 record) ;; capitolgiftshop.gov. IN A ;; ANSWER SECTION (0 records) ;; AUTHORITY SECTION (4 records) capitolgiftshop.gov. 900 IN SOA ( ns1.aoc.gov. hostmaster.aoc.gov. 2005 ;serial 10800 ;refresh 1080 ;retry 2419200 ;expire 900 ;minimum ) capitolgiftshop.gov. 900 IN RRSIG ( SOA 8 2 28800 20231006063538 20231002053538 6313 capitolgiftshop.gov. bd37ri1NCKt5HPkrMsREUJqt59oRHT/9vbJ0CikqT2x8ZkC4kc7/f3AZQSmxVwgANQq4klzDeina 8smFz9WaeMGciKHlVEITQidz8318qXtG1jvqR13RWzlMiVCx0vfzOPKdaHNno5+j39QTN5EDCz2I YSKmK9DzJSROicyZCoU= ) capitolgiftshop.gov. 900 IN NSEC ( capitolgiftshop.gov. NS SOA RRSIG NSEC DNSKEY ) capitolgiftshop.gov. 900 IN RRSIG ( NSEC 8 2 900 20231006054416 20231002053538 6313 capitolgiftshop.gov. KOQyBLVVsar6eJFQVBKhyEqvvmZ1qOrJ6h05YWmw9URHwybEzVqyGzm5oETeqMQHuphOqmsPuKvH MTHSm3cn9bapX7RUNKAApTGL2e+s6zttv0q2BOATrXn3dd4M1LpsrGtNa+2lpV6Ko1avZWHUeALj C8mNkzvNFk/dRCmTgSg= ) ;; ADDITIONAL SECTION (1 record) ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 1220 ;; option:
	Checking NSEC records for a NODATA response
	Found 1 RRSIGs over NSEC RRset
	`capitolgiftshop.gov. 900 IN RRSIG ( NSEC 8 2 900 20231006054416 20231002053538 6313 capitolgiftshop.gov. KOQyBLVVsar6eJFQVBKhyEqvvmZ1qOrJ6h05YWmw9URHwybEzVqyGzm5oETeqMQHuphOqmsPuKvH MTHSm3cn9bapX7RUNKAApTGL2e+s6zttv0q2BOATrXn3dd4M1LpsrGtNa+2lpV6Ko1avZWHUeALj C8mNkzvNFk/dRCmTgSg= )`
	RRSIG=6313 and DNSKEY=6313 verifies the NSEC RRset
	NSEC proves no records of type A exist for capitolgiftshop.gov
	Found 1 RRSIGs over SOA RRset
	`capitolgiftshop.gov. 900 IN RRSIG ( SOA 8 2 28800 20231006063538 20231002053538 6313 capitolgiftshop.gov. bd37ri1NCKt5HPkrMsREUJqt59oRHT/9vbJ0CikqT2x8ZkC4kc7/f3AZQSmxVwgANQq4klzDeina 8smFz9WaeMGciKHlVEITQidz8318qXtG1jvqR13RWzlMiVCx0vfzOPKdaHNno5+j39QTN5EDCz2I YSKmK9DzJSROicyZCoU= )`
	RRSIG=6313 and DNSKEY=6313 verifies the SOA RRset

capitolgiftshop.gov

	Query to authns1.centurylink.net for capitolgiftshop.gov/A
	Received 503 bytes from 63.150.72.4
	;; Response received from 63.150.72.4 (503 octets) ;; HEADER SECTION ;; id = 10615 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; qdcount = 1 ancount = 0 nscount = 4 arcount = 1 ;; do = 1 ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option: ;; QUESTION SECTION (1 record) ;; capitolgiftshop.gov. IN A ;; ANSWER SECTION (0 records) ;; AUTHORITY SECTION (4 records) capitolgiftshop.gov. 900 IN SOA ( ns1.aoc.gov. hostmaster.aoc.gov. 2005 ;serial 10800 ;refresh 1080 ;retry 2419200 ;expire 900 ;minimum ) capitolgiftshop.gov. 900 IN RRSIG ( SOA 8 2 28800 20231006063538 20231002053538 6313 capitolgiftshop.gov. bd37ri1NCKt5HPkrMsREUJqt59oRHT/9vbJ0CikqT2x8ZkC4kc7/f3AZQSmxVwgANQq4klzDeina 8smFz9WaeMGciKHlVEITQidz8318qXtG1jvqR13RWzlMiVCx0vfzOPKdaHNno5+j39QTN5EDCz2I YSKmK9DzJSROicyZCoU= ) capitolgiftshop.gov. 900 IN NSEC ( capitolgiftshop.gov. NS SOA RRSIG NSEC DNSKEY ) capitolgiftshop.gov. 900 IN RRSIG ( NSEC 8 2 900 20231006054416 20231002053538 6313 capitolgiftshop.gov. KOQyBLVVsar6eJFQVBKhyEqvvmZ1qOrJ6h05YWmw9URHwybEzVqyGzm5oETeqMQHuphOqmsPuKvH MTHSm3cn9bapX7RUNKAApTGL2e+s6zttv0q2BOATrXn3dd4M1LpsrGtNa+2lpV6Ko1avZWHUeALj C8mNkzvNFk/dRCmTgSg= ) ;; ADDITIONAL SECTION (1 record) ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option:
	authns1.centurylink.net is authoritative for capitolgiftshop.gov
	Found RRSIG signed by capitolgiftshop.gov zone
	Query to authns1.centurylink.net for capitolgiftshop.gov/A
	Received 503 bytes from 63.150.72.4
	;; Response received from 63.150.72.4 (503 octets) ;; HEADER SECTION ;; id = 63447 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; qdcount = 1 ancount = 0 nscount = 4 arcount = 1 ;; do = 1 ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option: ;; QUESTION SECTION (1 record) ;; capitolgiftshop.gov. IN A ;; ANSWER SECTION (0 records) ;; AUTHORITY SECTION (4 records) capitolgiftshop.gov. 900 IN SOA ( ns1.aoc.gov. hostmaster.aoc.gov. 2005 ;serial 10800 ;refresh 1080 ;retry 2419200 ;expire 900 ;minimum ) capitolgiftshop.gov. 900 IN RRSIG ( SOA 8 2 28800 20231006063538 20231002053538 6313 capitolgiftshop.gov. bd37ri1NCKt5HPkrMsREUJqt59oRHT/9vbJ0CikqT2x8ZkC4kc7/f3AZQSmxVwgANQq4klzDeina 8smFz9WaeMGciKHlVEITQidz8318qXtG1jvqR13RWzlMiVCx0vfzOPKdaHNno5+j39QTN5EDCz2I YSKmK9DzJSROicyZCoU= ) capitolgiftshop.gov. 900 IN NSEC ( capitolgiftshop.gov. NS SOA RRSIG NSEC DNSKEY ) capitolgiftshop.gov. 900 IN RRSIG ( NSEC 8 2 900 20231006054416 20231002053538 6313 capitolgiftshop.gov. KOQyBLVVsar6eJFQVBKhyEqvvmZ1qOrJ6h05YWmw9URHwybEzVqyGzm5oETeqMQHuphOqmsPuKvH MTHSm3cn9bapX7RUNKAApTGL2e+s6zttv0q2BOATrXn3dd4M1LpsrGtNa+2lpV6Ko1avZWHUeALj C8mNkzvNFk/dRCmTgSg= ) ;; ADDITIONAL SECTION (1 record) ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option:
	Checking NSEC records for a NODATA response
	Found 1 RRSIGs over NSEC RRset
	`capitolgiftshop.gov. 900 IN RRSIG ( NSEC 8 2 900 20231006054416 20231002053538 6313 capitolgiftshop.gov. KOQyBLVVsar6eJFQVBKhyEqvvmZ1qOrJ6h05YWmw9URHwybEzVqyGzm5oETeqMQHuphOqmsPuKvH MTHSm3cn9bapX7RUNKAApTGL2e+s6zttv0q2BOATrXn3dd4M1LpsrGtNa+2lpV6Ko1avZWHUeALj C8mNkzvNFk/dRCmTgSg= )`
	RRSIG=6313 and DNSKEY=6313 verifies the NSEC RRset
	NSEC proves no records of type A exist for capitolgiftshop.gov
	Found 1 RRSIGs over SOA RRset
	`capitolgiftshop.gov. 900 IN RRSIG ( SOA 8 2 28800 20231006063538 20231002053538 6313 capitolgiftshop.gov. bd37ri1NCKt5HPkrMsREUJqt59oRHT/9vbJ0CikqT2x8ZkC4kc7/f3AZQSmxVwgANQq4klzDeina 8smFz9WaeMGciKHlVEITQidz8318qXtG1jvqR13RWzlMiVCx0vfzOPKdaHNno5+j39QTN5EDCz2I YSKmK9DzJSROicyZCoU= )`
	RRSIG=6313 and DNSKEY=6313 verifies the SOA RRset

capitolgiftshop.gov

	Query to authns2.centurylink.net for capitolgiftshop.gov/A
	Received 503 bytes from 208.44.130.120
	;; Response received from 208.44.130.120 (503 octets) ;; HEADER SECTION ;; id = 50668 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; qdcount = 1 ancount = 0 nscount = 4 arcount = 1 ;; do = 1 ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option: ;; QUESTION SECTION (1 record) ;; capitolgiftshop.gov. IN A ;; ANSWER SECTION (0 records) ;; AUTHORITY SECTION (4 records) capitolgiftshop.gov. 900 IN SOA ( ns1.aoc.gov. hostmaster.aoc.gov. 2005 ;serial 10800 ;refresh 1080 ;retry 2419200 ;expire 900 ;minimum ) capitolgiftshop.gov. 900 IN RRSIG ( SOA 8 2 28800 20231006063538 20231002053538 6313 capitolgiftshop.gov. bd37ri1NCKt5HPkrMsREUJqt59oRHT/9vbJ0CikqT2x8ZkC4kc7/f3AZQSmxVwgANQq4klzDeina 8smFz9WaeMGciKHlVEITQidz8318qXtG1jvqR13RWzlMiVCx0vfzOPKdaHNno5+j39QTN5EDCz2I YSKmK9DzJSROicyZCoU= ) capitolgiftshop.gov. 900 IN NSEC ( capitolgiftshop.gov. NS SOA RRSIG NSEC DNSKEY ) capitolgiftshop.gov. 900 IN RRSIG ( NSEC 8 2 900 20231006054416 20231002053538 6313 capitolgiftshop.gov. KOQyBLVVsar6eJFQVBKhyEqvvmZ1qOrJ6h05YWmw9URHwybEzVqyGzm5oETeqMQHuphOqmsPuKvH MTHSm3cn9bapX7RUNKAApTGL2e+s6zttv0q2BOATrXn3dd4M1LpsrGtNa+2lpV6Ko1avZWHUeALj C8mNkzvNFk/dRCmTgSg= ) ;; ADDITIONAL SECTION (1 record) ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option:
	authns2.centurylink.net is authoritative for capitolgiftshop.gov
	Found RRSIG signed by capitolgiftshop.gov zone
	Query to authns2.centurylink.net for capitolgiftshop.gov/A
	Received 503 bytes from 208.44.130.120
	;; Response received from 208.44.130.120 (503 octets) ;; HEADER SECTION ;; id = 65072 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; qdcount = 1 ancount = 0 nscount = 4 arcount = 1 ;; do = 1 ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option: ;; QUESTION SECTION (1 record) ;; capitolgiftshop.gov. IN A ;; ANSWER SECTION (0 records) ;; AUTHORITY SECTION (4 records) capitolgiftshop.gov. 900 IN SOA ( ns1.aoc.gov. hostmaster.aoc.gov. 2005 ;serial 10800 ;refresh 1080 ;retry 2419200 ;expire 900 ;minimum ) capitolgiftshop.gov. 900 IN RRSIG ( SOA 8 2 28800 20231006063538 20231002053538 6313 capitolgiftshop.gov. bd37ri1NCKt5HPkrMsREUJqt59oRHT/9vbJ0CikqT2x8ZkC4kc7/f3AZQSmxVwgANQq4klzDeina 8smFz9WaeMGciKHlVEITQidz8318qXtG1jvqR13RWzlMiVCx0vfzOPKdaHNno5+j39QTN5EDCz2I YSKmK9DzJSROicyZCoU= ) capitolgiftshop.gov. 900 IN NSEC ( capitolgiftshop.gov. NS SOA RRSIG NSEC DNSKEY ) capitolgiftshop.gov. 900 IN RRSIG ( NSEC 8 2 900 20231006054416 20231002053538 6313 capitolgiftshop.gov. KOQyBLVVsar6eJFQVBKhyEqvvmZ1qOrJ6h05YWmw9URHwybEzVqyGzm5oETeqMQHuphOqmsPuKvH MTHSm3cn9bapX7RUNKAApTGL2e+s6zttv0q2BOATrXn3dd4M1LpsrGtNa+2lpV6Ko1avZWHUeALj C8mNkzvNFk/dRCmTgSg= ) ;; ADDITIONAL SECTION (1 record) ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option:
	Checking NSEC records for a NODATA response
	Found 1 RRSIGs over NSEC RRset
	`capitolgiftshop.gov. 900 IN RRSIG ( NSEC 8 2 900 20231006054416 20231002053538 6313 capitolgiftshop.gov. KOQyBLVVsar6eJFQVBKhyEqvvmZ1qOrJ6h05YWmw9URHwybEzVqyGzm5oETeqMQHuphOqmsPuKvH MTHSm3cn9bapX7RUNKAApTGL2e+s6zttv0q2BOATrXn3dd4M1LpsrGtNa+2lpV6Ko1avZWHUeALj C8mNkzvNFk/dRCmTgSg= )`
	RRSIG=6313 and DNSKEY=6313 verifies the NSEC RRset
	NSEC proves no records of type A exist for capitolgiftshop.gov
	Found 1 RRSIGs over SOA RRset
	`capitolgiftshop.gov. 900 IN RRSIG ( SOA 8 2 28800 20231006063538 20231002053538 6313 capitolgiftshop.gov. bd37ri1NCKt5HPkrMsREUJqt59oRHT/9vbJ0CikqT2x8ZkC4kc7/f3AZQSmxVwgANQq4klzDeina 8smFz9WaeMGciKHlVEITQidz8318qXtG1jvqR13RWzlMiVCx0vfzOPKdaHNno5+j39QTN5EDCz2I YSKmK9DzJSROicyZCoU= )`
	RRSIG=6313 and DNSKEY=6313 verifies the SOA RRset

capitolgiftshop.gov

	Query to ns3.comcastbusiness.net for capitolgiftshop.gov/A
	Received 503 bytes from 68.87.76.228
	;; Response received from 68.87.76.228 (503 octets) ;; HEADER SECTION ;; id = 58650 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; qdcount = 1 ancount = 0 nscount = 4 arcount = 1 ;; do = 1 ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option: ;; QUESTION SECTION (1 record) ;; capitolgiftshop.gov. IN A ;; ANSWER SECTION (0 records) ;; AUTHORITY SECTION (4 records) capitolgiftshop.gov. 900 IN SOA ( ns1.aoc.gov. hostmaster.aoc.gov. 2005 ;serial 10800 ;refresh 1080 ;retry 2419200 ;expire 900 ;minimum ) capitolgiftshop.gov. 28800 IN RRSIG ( SOA 8 2 28800 20231006063538 20231002053538 6313 capitolgiftshop.gov. bd37ri1NCKt5HPkrMsREUJqt59oRHT/9vbJ0CikqT2x8ZkC4kc7/f3AZQSmxVwgANQq4klzDeina 8smFz9WaeMGciKHlVEITQidz8318qXtG1jvqR13RWzlMiVCx0vfzOPKdaHNno5+j39QTN5EDCz2I YSKmK9DzJSROicyZCoU= ) capitolgiftshop.gov. 900 IN NSEC ( capitolgiftshop.gov. NS SOA RRSIG NSEC DNSKEY ) capitolgiftshop.gov. 900 IN RRSIG ( NSEC 8 2 900 20231006054416 20231002053538 6313 capitolgiftshop.gov. KOQyBLVVsar6eJFQVBKhyEqvvmZ1qOrJ6h05YWmw9URHwybEzVqyGzm5oETeqMQHuphOqmsPuKvH MTHSm3cn9bapX7RUNKAApTGL2e+s6zttv0q2BOATrXn3dd4M1LpsrGtNa+2lpV6Ko1avZWHUeALj C8mNkzvNFk/dRCmTgSg= ) ;; ADDITIONAL SECTION (1 record) ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option:
	ns3.comcastbusiness.net is authoritative for capitolgiftshop.gov
	Found RRSIG signed by capitolgiftshop.gov zone
	Query to ns3.comcastbusiness.net for capitolgiftshop.gov/A
	Received 503 bytes from 68.87.76.228
	;; Response received from 68.87.76.228 (503 octets) ;; HEADER SECTION ;; id = 31617 ;; qr = 1 aa = 1 tc = 0 rd = 0 opcode = QUERY ;; ra = 0 z = 0 ad = 0 cd = 0 rcode = NOERROR ;; qdcount = 1 ancount = 0 nscount = 4 arcount = 1 ;; do = 1 ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option: ;; QUESTION SECTION (1 record) ;; capitolgiftshop.gov. IN A ;; ANSWER SECTION (0 records) ;; AUTHORITY SECTION (4 records) capitolgiftshop.gov. 900 IN SOA ( ns1.aoc.gov. hostmaster.aoc.gov. 2005 ;serial 10800 ;refresh 1080 ;retry 2419200 ;expire 900 ;minimum ) capitolgiftshop.gov. 28800 IN RRSIG ( SOA 8 2 28800 20231006063538 20231002053538 6313 capitolgiftshop.gov. bd37ri1NCKt5HPkrMsREUJqt59oRHT/9vbJ0CikqT2x8ZkC4kc7/f3AZQSmxVwgANQq4klzDeina 8smFz9WaeMGciKHlVEITQidz8318qXtG1jvqR13RWzlMiVCx0vfzOPKdaHNno5+j39QTN5EDCz2I YSKmK9DzJSROicyZCoU= ) capitolgiftshop.gov. 900 IN NSEC ( capitolgiftshop.gov. NS SOA RRSIG NSEC DNSKEY ) capitolgiftshop.gov. 900 IN RRSIG ( NSEC 8 2 900 20231006054416 20231002053538 6313 capitolgiftshop.gov. KOQyBLVVsar6eJFQVBKhyEqvvmZ1qOrJ6h05YWmw9URHwybEzVqyGzm5oETeqMQHuphOqmsPuKvH MTHSm3cn9bapX7RUNKAApTGL2e+s6zttv0q2BOATrXn3dd4M1LpsrGtNa+2lpV6Ko1avZWHUeALj C8mNkzvNFk/dRCmTgSg= ) ;; ADDITIONAL SECTION (1 record) ;; EDNS version 0 ;; flags: 8000 ;; rcode: NOERROR ;; size: 4096 ;; option:
	Checking NSEC records for a NODATA response
	Found 1 RRSIGs over NSEC RRset
	`capitolgiftshop.gov. 900 IN RRSIG ( NSEC 8 2 900 20231006054416 20231002053538 6313 capitolgiftshop.gov. KOQyBLVVsar6eJFQVBKhyEqvvmZ1qOrJ6h05YWmw9URHwybEzVqyGzm5oETeqMQHuphOqmsPuKvH MTHSm3cn9bapX7RUNKAApTGL2e+s6zttv0q2BOATrXn3dd4M1LpsrGtNa+2lpV6Ko1avZWHUeALj C8mNkzvNFk/dRCmTgSg= )`
	RRSIG=6313 and DNSKEY=6313 verifies the NSEC RRset
	NSEC proves no records of type A exist for capitolgiftshop.gov
	Found 1 RRSIGs over SOA RRset
	`capitolgiftshop.gov. 28800 IN RRSIG ( SOA 8 2 28800 20231006063538 20231002053538 6313 capitolgiftshop.gov. bd37ri1NCKt5HPkrMsREUJqt59oRHT/9vbJ0CikqT2x8ZkC4kc7/f3AZQSmxVwgANQq4klzDeina 8smFz9WaeMGciKHlVEITQidz8318qXtG1jvqR13RWzlMiVCx0vfzOPKdaHNno5+j39QTN5EDCz2I YSKmK9DzJSROicyZCoU= )`
	RRSIG=6313 and DNSKEY=6313 verifies the SOA RRset

Move your mouse over any or symbols for remediation hints.

Want a second opinion? Test capitolgiftshop.gov at dnsviz.net.

DNSSEC Analyzer

↓ Advanced options ↑ Advanced options

Trust Anchor:
Name Servers: