Skip to content

Verify the authenticity of DNS records with DNSSEC resolver delv



DNS Security Extensions (DNSSEC) is a security protocol created to mitigate this problem. DNSSEC protects against attacks by digitally signing data to help ensure its validity. In order to ensure a secure lookup, the signing must happen at every level in the DNS lookup process.

  • DNSKEY record - The DNS Key Record contains a public key used to verify Domain Name System Security Extension (DNSSEC) signatures.

How to verify


delv @dns-server-name domain-name-here


delv @
delv @

Validated answer

; fully validated         300     IN      A         300     IN      A         300     IN      RRSIG   A 13 2 300 20230504045136 20230502025136 34505 oh/bCApFIy3DKwHGJFGJnTPQ2UDjKx2Ei3tJAeVDax+WMh1pj6LArIc0 CPyezZDsEy2cyh39saUykyzw5/MLOA==

Unsigned answer

; unsigned answer             300     IN      A             300     IN      A             300     IN      A             300     IN      A             300     IN      A             300     IN      A



  • Welcome to visit the knowledge base of SRE and DevOps!
  • License under CC BY-NC 4.0
  • Made with Material for MkDocs and improve writing by generative AI tools
  • Copyright issue feedback, replace # with @