Back to Verisign Labs Tools
Domain Name: Detail: more(+) / less(-) Time: 2024-10-04 11:20:02 UTC

Analyzing DNSSEC problems for mail.gov

.
Found 3 DNSKEY records for .
DS=20326/SHA-256 verifies DNSKEY=20326/SEP
Found 1 RRSIGs over DNSKEY RRset
RRSIG=20326 and DNSKEY=20326/SEP verifies the DNSKEY RRset
gov
Found 1 DS records for gov in the . zone
DS=2536/SHA-256 has algorithm ECDSAP256SHA256
Found 1 RRSIGs over DS RRset
RRSIG=61050 and DNSKEY=61050 verifies the DS RRset
Found 2 DNSKEY records for gov
DS=2536/SHA-256 verifies DNSKEY=2536/SEP
Found 1 RRSIGs over DNSKEY RRset
RRSIG=2536 and DNSKEY=2536/SEP verifies the DNSKEY RRset
mail.gov
Found 2 DS records for mail.gov in the gov zone
DS=23373/SHA-256 has algorithm RSASHA1-NSEC3-SHA1
DS=47754/SHA-256 has algorithm RSASHA1-NSEC3-SHA1
Found 1 RRSIGs over DS RRset
RRSIG=35496 and DNSKEY=35496 verifies the DS RRset
Found 2 DNSKEY records for mail.gov
DS=47754/SHA-256 verifies DNSKEY=47754/SEP
Found 2 RRSIGs over DNSKEY RRset
RRSIG=47754 and DNSKEY=47754/SEP verifies the DNSKEY RRset
dns141.usps.com is authoritative for mail.gov
Found 1 RRSIGs over SOA RRset
RRSIG=61583 and DNSKEY=61583 verifies the SOA RRset
mail.gov
dns082.usps.com is authoritative for mail.gov
Found 1 RRSIGs over SOA RRset
RRSIG=61583 and DNSKEY=61583 verifies the SOA RRset

Move your mouse over any or symbols for remediation hints.

Want a second opinion? Test mail.gov at dnsviz.net.

DNSSEC Debugger

↓ Advanced options