nsa.gov/CDS has errors; select the "Denial of existence" DNSSEC option to see them.
nsa.gov/AAAA has errors; select the "Denial of existence" DNSSEC option to see them.
g1lx7.bjlqh.nsa.gov/A has errors; select the "Denial of existence" DNSSEC option to see them.
nsa.gov/CNAME has errors; select the "Denial of existence" DNSSEC option to see them.
nsa.gov/CDNSKEY has errors; select the "Denial of existence" DNSSEC option to see them.
Warnings (29)
RRSIG nsa.gov/A alg 7, id 37919: DNSSEC implementers are recommended against implementing signing with DNSSEC algorithm 7 (RSASHA1NSEC3SHA1). See RFC 8624, Sec. 3.1.
RRSIG nsa.gov/A alg 7, id 37919: DNSSEC implementers are recommended against implementing signing with DNSSEC algorithm 7 (RSASHA1NSEC3SHA1). See RFC 8624, Sec. 3.1.
RRSIG nsa.gov/A alg 7, id 37919: DNSSEC implementers are recommended against implementing signing with DNSSEC algorithm 7 (RSASHA1NSEC3SHA1). See RFC 8624, Sec. 3.1.
RRSIG nsa.gov/A alg 7, id 37919: DNSSEC implementers are recommended against implementing signing with DNSSEC algorithm 7 (RSASHA1NSEC3SHA1). See RFC 8624, Sec. 3.1.
RRSIG nsa.gov/A alg 7, id 37919: DNSSEC implementers are recommended against implementing signing with DNSSEC algorithm 7 (RSASHA1NSEC3SHA1). See RFC 8624, Sec. 3.1.
RRSIG nsa.gov/A alg 7, id 37919: DNSSEC implementers are recommended against implementing signing with DNSSEC algorithm 7 (RSASHA1NSEC3SHA1). See RFC 8624, Sec. 3.1.
RRSIG nsa.gov/DNSKEY alg 7, id 29356: DNSSEC implementers are recommended against implementing signing with DNSSEC algorithm 7 (RSASHA1NSEC3SHA1). See RFC 8624, Sec. 3.1.
RRSIG nsa.gov/DNSKEY alg 7, id 29356: DNSSEC implementers are recommended against implementing signing with DNSSEC algorithm 7 (RSASHA1NSEC3SHA1). See RFC 8624, Sec. 3.1.
RRSIG nsa.gov/DNSKEY alg 7, id 29356: DNSSEC implementers are recommended against implementing signing with DNSSEC algorithm 7 (RSASHA1NSEC3SHA1). See RFC 8624, Sec. 3.1.
RRSIG nsa.gov/DNSKEY alg 7, id 29356: DNSSEC implementers are recommended against implementing signing with DNSSEC algorithm 7 (RSASHA1NSEC3SHA1). See RFC 8624, Sec. 3.1.
RRSIG nsa.gov/DNSKEY alg 7, id 62806: DNSSEC implementers are recommended against implementing signing with DNSSEC algorithm 7 (RSASHA1NSEC3SHA1). See RFC 8624, Sec. 3.1.
RRSIG nsa.gov/DNSKEY alg 7, id 62806: DNSSEC implementers are recommended against implementing signing with DNSSEC algorithm 7 (RSASHA1NSEC3SHA1). See RFC 8624, Sec. 3.1.
RRSIG nsa.gov/DNSKEY alg 7, id 62806: DNSSEC implementers are recommended against implementing signing with DNSSEC algorithm 7 (RSASHA1NSEC3SHA1). See RFC 8624, Sec. 3.1.
RRSIG nsa.gov/DNSKEY alg 7, id 62806: DNSSEC implementers are recommended against implementing signing with DNSSEC algorithm 7 (RSASHA1NSEC3SHA1). See RFC 8624, Sec. 3.1.
RRSIG nsa.gov/MX alg 7, id 37919: DNSSEC implementers are recommended against implementing signing with DNSSEC algorithm 7 (RSASHA1NSEC3SHA1). See RFC 8624, Sec. 3.1.
RRSIG nsa.gov/NS alg 7, id 37919: DNSSEC implementers are recommended against implementing signing with DNSSEC algorithm 7 (RSASHA1NSEC3SHA1). See RFC 8624, Sec. 3.1.
RRSIG nsa.gov/NSEC3PARAM alg 7, id 37919: DNSSEC implementers are recommended against implementing signing with DNSSEC algorithm 7 (RSASHA1NSEC3SHA1). See RFC 8624, Sec. 3.1.
RRSIG nsa.gov/SOA alg 7, id 37919: DNSSEC implementers are recommended against implementing signing with DNSSEC algorithm 7 (RSASHA1NSEC3SHA1). See RFC 8624, Sec. 3.1.
RRSIG nsa.gov/TXT alg 7, id 37919: DNSSEC implementers are recommended against implementing signing with DNSSEC algorithm 7 (RSASHA1NSEC3SHA1). See RFC 8624, Sec. 3.1.
nsa.gov/DNSKEY (alg 7, id 29356): No response was received until the UDP payload size was decreased, indicating that the server might be attempting to send a payload that exceeds the path maximum transmission unit (PMTU) size. See RFC 6891, Sec. 6.2.6. (2600:1480:f000::43, UDP_-_EDNS0_4096_D_KN)
nsa.gov/DNSKEY (alg 7, id 37919): No response was received until the UDP payload size was decreased, indicating that the server might be attempting to send a payload that exceeds the path maximum transmission unit (PMTU) size. See RFC 6891, Sec. 6.2.6. (2600:1480:f000::43, UDP_-_EDNS0_4096_D_KN)
nsa.gov/DNSKEY (alg 7, id 61907): No response was received until the UDP payload size was decreased, indicating that the server might be attempting to send a payload that exceeds the path maximum transmission unit (PMTU) size. See RFC 6891, Sec. 6.2.6. (2600:1480:f000::43, UDP_-_EDNS0_4096_D_KN)
nsa.gov/DNSKEY (alg 7, id 62806): No response was received until the UDP payload size was decreased, indicating that the server might be attempting to send a payload that exceeds the path maximum transmission unit (PMTU) size. See RFC 6891, Sec. 6.2.6. (2600:1480:f000::43, UDP_-_EDNS0_4096_D_KN)
nsa.gov/CDS has warnings; select the "Denial of existence" DNSSEC option to see them.
nsa.gov/CNAME has warnings; select the "Denial of existence" DNSSEC option to see them.
nsa.gov/CDNSKEY has warnings; select the "Denial of existence" DNSSEC option to see them.
nsa.gov/AAAA has warnings; select the "Denial of existence" DNSSEC option to see them.
nsa.gov/DNSKEY has warnings; select the "Denial of existence" DNSSEC option to see them.
g1lx7.bjlqh.nsa.gov/A has warnings; select the "Denial of existence" DNSSEC option to see them.