No CAA records found for awsdns-23.net.
id 30604, opcode QUERY, rcode NOERROR, flags QR RD RA ;QUESTION awsdns-23.net. IN CAA ;ANSWER ;AUTHORITY awsdns-23.net. 900 IN SOA g-ns-1367.awsdns-23.net. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400 ;ADDITIONAL
whatsmydns.net CAA Record Lookup tool lets you query DNS servers and get instant results.
Certification Authority Authorization or CAA lookups are used to determine the CAA records associated with a domain.
Looking for easier to understand results? Use the Global DNS Checker tool.
CAA records, or Certificate Authority Authorization records are used to specify which Certificate Authorities (CA's) are allowed to issue certificates for a domain
An example CAA record may look like the following:
| Domain | Type | Flag | Tag | Value | TTL | 
|---|---|---|---|---|---|
| example.com | CAA | 0 | issue | "certificateauthority.com" | 3600 | 
example.com represents domain that the record is for.
CAA is the record type.
0 is the record flag. Currently the only supported value for the flag is 0, but is defined to allow for future expansion.
issue is the record tag. Available tags for CAA records are: issue, issuewild and iodef
"certificateauthority.com" is the value of the record. This defines that only this certificate authority is allowed to issue certificates for this domain name.
3600 is the TTL (time to live) of the record in seconds, this example represents 1 hour. This means that when a record has had updates made to it, then it will take 1 hour to update.