DNS Security
Documentation for this is incomplete. Contributions are happily considered! See this for potential alternatives.
DNSSEC Test Command
Copy or share this direct link!
Click = Copy
Copied to clipboard!
Click below ↴ = Copy to Clipboard
Click = Copy
Copied to clipboard!
Copy as Wikitext
Click = Copy
Copied to clipboard!
for Discourse, reddit, GitHub
Click = Copy
Copied to clipboard!
Copy as Markdown
Click = Copy
Copied to clipboard!
Copy as phpBB
We don't use embedded scripts
This share button is completely self-hosted by this webserver. No scripts from any of the social networks are embedded on this webserver. See also
Social Share Button.
Click = Copy Copied to clipboard!
Expected output using DNSSEC unaware resolver
Copy or share this direct link!
Click = Copy
Copied to clipboard!
Click below ↴ = Copy to Clipboard
Click = Copy
Copied to clipboard!
Copy as Wikitext
Click = Copy
Copied to clipboard!
for Discourse, reddit, GitHub
Click = Copy
Copied to clipboard!
Copy as Markdown
Click = Copy
Copied to clipboard!
Copy as phpBB
We don't use embedded scripts
This share button is completely self-hosted by this webserver. No scripts from any of the social networks are embedded on this webserver. See also
Social Share Button.
; <<>> DiG 9.11.5-P4-5.1-Debian <<>> +multiline . DNSKEY ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOTIMP, id: 42982 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 ;; WARNING: EDNS query returned status NOTIMP - retry with '+noedns' ;; QUESTION SECTION: ;. IN DNSKEY ;; Query time: 0 msec ;; SERVER: 10.139.1.1#53(10.139.1.1) ;; WHEN: Wed Jul 17 17:41:33 UTC 2019 ;; MSG SIZE rcvd: 17
Expected output using DNSSEC aware resolver
Copy or share this direct link!
Click = Copy
Copied to clipboard!
Click below ↴ = Copy to Clipboard
Click = Copy
Copied to clipboard!
Copy as Wikitext
Click = Copy
Copied to clipboard!
for Discourse, reddit, GitHub
Click = Copy
Copied to clipboard!
Copy as Markdown
Click = Copy
Copied to clipboard!
Copy as phpBB
We don't use embedded scripts
This share button is completely self-hosted by this webserver. No scripts from any of the social networks are embedded on this webserver. See also
Social Share Button.
; <<>> DiG 9.11.5-P4-5.1-Debian <<>> +multiline . DNSKEY ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63055 ;; flags: qr rd ra ad; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1252 ;; QUESTION SECTION: ;. IN DNSKEY ;; ANSWER SECTION: . 8461 IN DNSKEY 256 3 8 ( AwEAAcTQyaIe6nt3xSPOG2L/YfwBkOVTJN6mlnZ249O5 Rtt3ZSRQHxQSW61AODYw6bvgxrrGq8eeOuenFjcSYgNA McBYoEYYmKDW6e9EryW4ZaT/MCq+8Am06oR40xAA3fCl OM6QjRcT85tP41Go946AicBGP8XOP/Aj1aI/oPRGzRnb oUPUok/AzTNnW5npBU69+BuiIwYE7mQOiNBFePyvjQBd oiuYbmuD3Py0IyjlBxzZUXbqLsRL9gYFkCqeTY29Ik7u suzMTa+JRSLz6KGS5RSJ7CTSMjZg8aNaUbN2dvGhakJP h92HnLvMA3TefFgbKJphFNPA3BWSKLZ02cRWXqM= ) ; ZSK; alg = RSASHA256 ; key id = 59944 . 8461 IN DNSKEY 257 3 8 ( AwEAAaz/tAm8yTn4Mfeh5eyI96WSVexTBAvkMgJzkKTO iW1vkIbzxeF3+/4RgWOq7HrxRixHlFlExOLAJr5emLvN 7SWXgnLh4+B5xQlNVz8Og8kvArMtNROxVQuCaSnIDdD5 LKyWbRd2n9WGe2R8PzgCmr3EgVLrjyBxWezF0jLHwVN8 efS3rCj/EWgvIWgb9tarpVUDK/b58Da+sqqls3eNbuv7 pr+eoZG+SrDK6nWeL3c6H5Apxz7LjVc1uTIdsIXxuOLY A4/ilBmSVIzuDWfdRUfhHdY6+cn8HFRm+2hM8AnXGXws 9555KrUB5qihylGa8subX2Nn6UwNR1AkUTV74bU= ) ; KSK; alg = RSASHA256 ; key id = 20326 ;; Query time: 0 msec ;; SERVER: 127.0.2.1#53(127.0.2.1) ;; WHEN: Wed Jul 17 17:43:09 UTC 2019 ;; MSG SIZE rcvd: 578