norad.mil/A has errors; select the "Denial of existence" DNSSEC option to see them.
norad.mil/MX has errors; select the "Denial of existence" DNSSEC option to see them.
norad.mil/AAAA has errors; select the "Denial of existence" DNSSEC option to see them.
norad.mil/TXT has errors; select the "Denial of existence" DNSSEC option to see them.
norad.mil/CNAME has errors; select the "Denial of existence" DNSSEC option to see them.
byonat9he0.norad.mil/A has errors; select the "Denial of existence" DNSSEC option to see them.
Warnings (19)
. to mil: Authoritative AAAA records exist for con1.nipr.mil, but there are no corresponding AAAA glue records. See RFC 1034, Sec. 4.2.2.
. to mil: Authoritative AAAA records exist for con2.nipr.mil, but there are no corresponding AAAA glue records. See RFC 1034, Sec. 4.2.2.
. to mil: Authoritative AAAA records exist for eur1.nipr.mil, but there are no corresponding AAAA glue records. See RFC 1034, Sec. 4.2.2.
. to mil: Authoritative AAAA records exist for eur2.nipr.mil, but there are no corresponding AAAA glue records. See RFC 1034, Sec. 4.2.2.
. to mil: Authoritative AAAA records exist for pac1.nipr.mil, but there are no corresponding AAAA glue records. See RFC 1034, Sec. 4.2.2.
. to mil: Authoritative AAAA records exist for pac2.nipr.mil, but there are no corresponding AAAA glue records. See RFC 1034, Sec. 4.2.2.
RRSIG norad.mil/NSEC3PARAM alg 8, id 21444: The value of the Signature Inception field of the RRSIG RR (2022-02-10 14:31:25+00:00) is within possible clock skew range (2 seconds) of the current time (2022-02-10 14:31:27+00:00). See RFC 4035, Sec. 5.3.1.
RRSIG norad.mil/NSEC3PARAM alg 8, id 21444: The value of the Signature Inception field of the RRSIG RR (2022-02-10 14:31:25+00:00) is within possible clock skew range (2 seconds) of the current time (2022-02-10 14:31:27+00:00). See RFC 4035, Sec. 5.3.1.
RRSIG norad.mil/SOA alg 8, id 21444: The value of the Signature Inception field of the RRSIG RR (2022-02-10 14:31:25+00:00) is within possible clock skew range (2 seconds) of the current time (2022-02-10 14:31:27+00:00). See RFC 4035, Sec. 5.3.1.
norad.mil/DS (alg 8, id 55852): DNSSEC implementers are prohibited from implementing signing with DS algorithm 1 (SHA-1). See RFC 8624, Sec. 3.2.
norad.mil/DS (alg 8, id 55852): DNSSEC implementers are prohibited from implementing signing with DS algorithm 1 (SHA-1). See RFC 8624, Sec. 3.2.
norad.mil/DS (alg 8, id 55852): DS records with digest type 1 (SHA-1) are ignored when DS records with digest type 2 (SHA-256) exist in the same RRset. See RFC 4509, Sec. 3.
norad.mil/DS (alg 8, id 55852): DS records with digest type 1 (SHA-1) are ignored when DS records with digest type 2 (SHA-256) exist in the same RRset. See RFC 4509, Sec. 3.
norad.mil/A has warnings; select the "Denial of existence" DNSSEC option to see them.
norad.mil/MX has warnings; select the "Denial of existence" DNSSEC option to see them.
norad.mil/AAAA has warnings; select the "Denial of existence" DNSSEC option to see them.
norad.mil/TXT has warnings; select the "Denial of existence" DNSSEC option to see them.
norad.mil/CNAME has warnings; select the "Denial of existence" DNSSEC option to see them.
byonat9he0.norad.mil/A has warnings; select the "Denial of existence" DNSSEC option to see them.