edu to lsu.edu: No valid RRSIGs made by a key corresponding to a DS RR were found covering the DNSKEY RRset, resulting in no secure entry point (SEP) into the zone. See RFC 4035, Sec. 2.2, RFC 6840, Sec. 5.11. (96.125.1.250, 192.16.176.87, 192.16.176.89, 192.16.176.90, 2620:105:b050:1550::87, 2620:105:b050:1550::89, UDP_-_EDNS0_4096_D_KN)
edu to lsu.edu: The DS RRset for the zone included algorithm 5 (RSASHA1), but no DS RR matched a DNSKEY with algorithm 5 that signs the zone's DNSKEY RRset. See RFC 4035, Sec. 2.2, RFC 6840, Sec. 5.11. (96.125.1.250, 192.16.176.87, 192.16.176.89, 192.16.176.90, 2620:105:b050:1550::87, 2620:105:b050:1550::89, UDP_-_EDNS0_4096_D_KN)
lsu.edu zone: The server(s) were not responsive to queries over UDP. See RFC 1035, Sec. 4.2. (2620:105:b050:1550::90)
lsu.edu/A: No response was received from the server over UDP (tried 12 times). See RFC 1035, Sec. 4.2. (2620:105:b050:1550::90, UDP_-_NOEDNS_)
lsu.edu/DS (alg 5, id 23638): DNSSEC specification prohibits signing with DS records that use digest algorithm 1 (SHA-1). See RFC 8624, Sec. 3.2.
lsu.edu/DS (alg 5, id 23638): DNSSEC specification prohibits signing with DS records that use digest algorithm 1 (SHA-1). See RFC 8624, Sec. 3.2.
lsu.edu/NS: No response was received from the server over UDP (tried 12 times). See RFC 1035, Sec. 4.2. (2620:105:b050:1550::90, UDP_-_NOEDNS_)
Warnings (16)
RRSIG lsu.edu/A alg 5, id 13300: DNSSEC specification recommends not signing with DNSSEC algorithm 5 (RSASHA1). See RFC 8624, Sec. 3.1.
RRSIG lsu.edu/DNSKEY alg 5, id 13300: DNSSEC specification recommends not signing with DNSSEC algorithm 5 (RSASHA1). See RFC 8624, Sec. 3.1.
RRSIG lsu.edu/DNSKEY alg 5, id 13300: DNSSEC specification recommends not signing with DNSSEC algorithm 5 (RSASHA1). See RFC 8624, Sec. 3.1.
RRSIG lsu.edu/DNSKEY alg 5, id 13300: DNSSEC specification recommends not signing with DNSSEC algorithm 5 (RSASHA1). See RFC 8624, Sec. 3.1.
RRSIG lsu.edu/DNSKEY alg 5, id 44341: DNSSEC specification recommends not signing with DNSSEC algorithm 5 (RSASHA1). See RFC 8624, Sec. 3.1.
RRSIG lsu.edu/DNSKEY alg 5, id 44341: DNSSEC specification recommends not signing with DNSSEC algorithm 5 (RSASHA1). See RFC 8624, Sec. 3.1.
RRSIG lsu.edu/DNSKEY alg 5, id 44341: DNSSEC specification recommends not signing with DNSSEC algorithm 5 (RSASHA1). See RFC 8624, Sec. 3.1.
RRSIG lsu.edu/MX alg 5, id 13300: DNSSEC specification recommends not signing with DNSSEC algorithm 5 (RSASHA1). See RFC 8624, Sec. 3.1.
RRSIG lsu.edu/NS alg 5, id 13300: DNSSEC specification recommends not signing with DNSSEC algorithm 5 (RSASHA1). See RFC 8624, Sec. 3.1.
RRSIG lsu.edu/SOA alg 5, id 13300: DNSSEC specification recommends not signing with DNSSEC algorithm 5 (RSASHA1). See RFC 8624, Sec. 3.1.
RRSIG lsu.edu/TXT alg 5, id 13300: DNSSEC specification recommends not signing with DNSSEC algorithm 5 (RSASHA1). See RFC 8624, Sec. 3.1.
edu to lsu.edu: The following NS name(s) were found in the delegation NS RRset (i.e., in the edu zone), but not in the authoritative NS RRset: lsu-bdds1.lsu.edu See RFC 1034, Sec. 4.2.2.
lsu.edu/DNSKEY has warnings; select the "Denial of existence" DNSSEC option to see them.
lsu.edu/CNAME has warnings; select the "Denial of existence" DNSSEC option to see them.
lsu.edu/AAAA has warnings; select the "Denial of existence" DNSSEC option to see them.
h9yazd2ewn.lsu.edu/A has warnings; select the "Denial of existence" DNSSEC option to see them.