From: Lukáš Ježek <lukas.jezek@nic.cz>
Date: Tue, 25 Aug 2020 10:03:10 +0000 (+0200)
Subject: modules/ta_update: warn if there are differences between statically configured keys... 
X-Git-Tag: v5.2.0~14^2~3
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ada83c482056e28b4eea4edd3f1fea727c0af57e;p=thirdparty%2Fknot-resolver.git

modules/ta_update: warn if there are differences between statically configured keys and upstream
---

diff --git a/NEWS b/NEWS
index bd0ffa293..b7db0b88d 100644
--- a/NEWS
+++ b/NEWS
@@ -6,6 +6,8 @@ Improvements
 - net: split the EDNS buffer size into upstream and downstream (!1026)
 - lua-http doh: answer to /dns-query endpoint as well as /doh (!1069)
 - improve resiliency against UDP fragmentation attacks (disable PMTUD) (!1061)
+- ta_update: warn if there are differences between statically configured
+  keys and upstream (#251, !1051)
 
 Bugfixes
 --------
diff --git a/daemon/lua/trust_anchors.lua.in b/daemon/lua/trust_anchors.lua.in
index 30d170394..af4421e7f 100644
--- a/daemon/lua/trust_anchors.lua.in
+++ b/daemon/lua/trust_anchors.lua.in
@@ -311,11 +311,10 @@ end
 
 local function add_file(path, unmanaged)
 	local managed = not unmanaged
+	if not ta_update then
+		modules.load('ta_update')
+	end
 	if managed then
-		if not ta_update then
-			panic('[ ta ] automatic update for ' .. path .. ' requested, '
-				.. 'but required module ta_update is not loaded')
-		end
 		if not io.open(path .. '.lock', 'w') then
 			error("[ ta ] ERROR: write access needed to keyfile dir '"..path.."'")
 		end
@@ -367,9 +366,7 @@ local function add_file(path, unmanaged)
 	end
 	-- TODO: if failed and for root, try to rebootstrap?
 
-	if managed then
-		ta_update.start(owner)
-	end
+	ta_update.start(owner, managed)
 end
 
 local function remove(zname)
diff --git a/modules/meson.build b/modules/meson.build
index 472c29513..c7b62b906 100644
--- a/modules/meson.build
+++ b/modules/meson.build
@@ -15,7 +15,6 @@ lua_mod_src = [  # add lua modules without separate meson.build
   files('serve_stale/serve_stale.lua'),
   files('ta_sentinel/ta_sentinel.lua'),
   files('ta_signal_query/ta_signal_query.lua'),
-  files('ta_update/ta_update.lua'),
   files('watchdog/watchdog.lua'),
   files('workarounds/workarounds.lua'),
 ]
@@ -24,7 +23,6 @@ lua_mod_src = [  # add lua modules without separate meson.build
 config_tests += [
   ['predict', files('predict/predict.test.lua')],
   ['dns64', files('dns64/dns64.test.lua')],
-  ['ta_update', files('ta_update/ta_update.test.lua'), ['snowflake']],
   ['prefill', files('prefill/prefill.test/prefill.test.lua')],
 ]
 
@@ -33,7 +31,6 @@ integr_tests += [
   ['serve_stale', join_paths(meson.current_source_dir(), 'serve_stale', 'test.integr')],
   # NOTE: ta_update may pass in cases when it should fail due to race conditions
   # To ensure reliability, deckard should introduce a time wait
-  ['ta_update', join_paths(meson.current_source_dir(), 'ta_update', 'ta_update.test.integr')],
 ]
 
 
@@ -50,6 +47,7 @@ subdir('nsid')
 subdir('policy')
 subdir('refuse_nord')
 subdir('stats')
+subdir('ta_update')
 subdir('view')
 
 # install lua modules
diff --git a/modules/ta_update/meson.build b/modules/ta_update/meson.build
new file mode 100644
index 000000000..07ade0e07
--- /dev/null
+++ b/modules/ta_update/meson.build
@@ -0,0 +1,19 @@
+# LUA module: ta_update
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+config_tests += [
+  ['ta_update', files('ta_update.test.lua'), ['snowflake']],
+]
+
+integr_tests += [
+  ['ta_update', join_paths(meson.current_source_dir(), 'ta_update.test.integr')],
+  ['ta_update.unmanagedkey', join_paths(meson.current_source_dir(), 'ta_update.unmanagedkey.test.integr')],
+]
+
+lua_mod_src += [
+  files('ta_update.lua'),
+]
+
+install_data(
+  install_dir: join_paths(modules_dir, 'ta_update'),
+)
diff --git a/modules/ta_update/ta_update.lua b/modules/ta_update/ta_update.lua
index 496db8511..84f7a4a87 100644
--- a/modules/ta_update/ta_update.lua
+++ b/modules/ta_update/ta_update.lua
@@ -200,8 +200,56 @@ local function update(keyset, new_keys)
 	return true
 end
 
+local function unmanagedkey_change()
+	warn('[ta_update] you need to update package with trust anchors before it breaks')
+end
+
+local function check_upstream(keyset, new_keys)
+	local process_keys = {}
+
+	for _, rr in ipairs(new_keys) do
+		local key_revoked = (rr.type == kres.type.DNSKEY) and C.kr_dnssec_key_revoked(rr.rdata)
+		local ta = ta_find(keyset, rr)
+		table.insert(process_keys, ta)
+
+		if rr.type == kres.type.DNSKEY and not C.kr_dnssec_key_ksk(rr.rdata) then
+			goto continue -- Ignore
+		end
+
+		if not ta and not key_revoked then
+			-- I see new key
+			ta_update.cb_unmanagedkey_change()
+		end
+
+		if ta and key_revoked then
+			-- I see revoked key
+			ta_update.cb_unmanagedkey_change()
+		end
+
+		::continue::
+	end
+
+	for _, rr in ipairs(keyset) do
+		local missing_rr = true
+		for _, rr_old in ipairs(process_keys) do
+			if (rr.owner == rr_old.owner) and (rr.type == rr_old.type) and (rr.type == kres.type.DNSKEY) then
+				if C.kr_dnssec_key_match(rr.rdata, #rr.rdata, rr_old.rdata, #rr_old.rdata) == 0 then
+					missing_rr = false
+					break
+				end
+			end
+		end
+
+		if missing_rr then
+			-- This key is missing in the new keyset
+			ta_update.cb_unmanagedkey_change()
+		end
+	end
+
+end
+
 -- Refresh the DNSKEYs from the packet, and return time to the next check.
-local function active_refresh(keyset, pkt)
+local function active_refresh(keyset, pkt, managed)
 	local retry = true
 	if pkt:rcode() == kres.rcode.NOERROR then
 		local records = pkt:section(kres.section.ANSWER)
@@ -211,7 +259,12 @@ local function active_refresh(keyset, pkt)
 				table.insert(new_keys, rr)
 			end
 		end
-		update(keyset, new_keys)
+
+		if managed then
+			update(keyset, new_keys)
+		else
+			check_upstream(keyset, new_keys)
+		end
 		retry = false
 	else
 		warn('[ta_update] active refresh failed for ' .. kres.dname2str(keyset.owner)
@@ -226,7 +279,7 @@ local function active_refresh(keyset, pkt)
 end
 
 -- Plan an event for refreshing DNSKEYs and re-scheduling itself
-local function refresh_plan(keyset, delay)
+local function refresh_plan(keyset, delay, managed)
 	local owner = keyset.owner
 	local owner_str = kres.dname2str(keyset.owner)
 	if not tracked_tas[owner] then
@@ -241,11 +294,11 @@ local function refresh_plan(keyset, delay)
 		resolve(owner_str, kres.type.DNSKEY, kres.class.IN, 'NO_CACHE',
 		function (pkt)
 			-- Schedule itself with updated timeout
-			local delay_new = active_refresh(keyset, pkt)
+			local delay_new = active_refresh(keyset, pkt, managed)
 			delay_new = keyset.refresh_time or ta_update.refresh_time or delay_new
 			log('[ta_update] next refresh for ' .. owner_str .. ' in '
 				.. delay_new/hour .. ' hours')
-			refresh_plan(keyset, delay_new)
+			refresh_plan(keyset, delay_new, managed)
 		end)
 	end)
 end
@@ -257,20 +310,17 @@ ta_update = {
 	refresh_time = nil,
 	keep_removed = 0,
 	tracked = tracked_tas, -- debug and visibility, should not be changed by hand
+	cb_unmanagedkey_change = unmanagedkey_change,
 }
 
 -- start tracking (already loaded) TA with given zone name in wire format
 -- do first refresh immediatelly
-function ta_update.start(zname)
+function ta_update.start(zname, managed)
 	local keyset = trust_anchors.keysets[zname]
 	if not keyset then
 		panic('[ta_update] TA must be configured first before tracking it')
 	end
-	if not keyset.managed then
-		panic('[ta_update] TA is configured as unmanaged; remove it and '
-			.. 'add it again as managed using trust_anchors.add_file()')
-	end
-	refresh_plan(keyset, 0)
+	refresh_plan(keyset, 0, managed)
 end
 
 function ta_update.stop(zname)
diff --git a/modules/ta_update/ta_update.test.integr/rfc5011/README b/modules/ta_update/ta_update.test.integr/rfc5011/README
index f7629564c..9b719878f 100644
--- a/modules/ta_update/ta_update.test.integr/rfc5011/README
+++ b/modules/ta_update/ta_update.test.integr/rfc5011/README
@@ -1,5 +1,13 @@
-Start with `genkeyszones.sh` and generate DNSSEC keys + signed versions of `unsigned.db`.
+Start with `genkeyszones.sh` and generate DNSSEC keys + signed versions of `unsigned_*.db`.
 Then use `dns2rpl.py` to run Knot DNS server with signed zone
 and to generate RPL file from server's answers.
 
+Generate RFC5011 test:
+`dns2rpl.py`.
+`./genkeyszones.sh`
+
+Generate unmanaged keys tests:
+`./genkeyszones.sh <--unmanaged_key-presens|--unmanagedkey-missing|--unmanagedkey-revoke>`
+`VARIANT="unmanaged_key" ./dns2rpl.py`
+
 See comments in script headers to further details.
diff --git a/modules/ta_update/ta_update.test.integr/rfc5011/dns2rpl.py b/modules/ta_update/ta_update.test.integr/rfc5011/dns2rpl.py
index 84f611765..c196d61dc 100755
--- a/modules/ta_update/ta_update.test.integr/rfc5011/dns2rpl.py
+++ b/modules/ta_update/ta_update.test.integr/rfc5011/dns2rpl.py
@@ -18,6 +18,10 @@ import dns.resolver
 
 import pydnstest.scenario
 
+try:
+    VARIANT = os.environ["VARIANT"]
+except KeyError:
+    VARIANT = ""
 
 def store_answer(qname, qtype, template):
     answ = dns.resolver.query(qname, qtype, raise_on_no_answer=False)
@@ -114,6 +118,31 @@ test. IN TXT "it works"
 ENTRY_END
 '''.format(id_prefix)
 
+def generate_step_nocheck(id_prefix):
+    return '''STEP {0}000001 CHECK_ANSWER
+ENTRY_BEGIN
+REPLY QR RD RA AD
+MATCH opcode qname question
+SECTION QUESTION
+test. IN TXT
+SECTION ANSWER
+test. IN TXT "it works"
+ENTRY_END
+'''.format(id_prefix)
+
+def generate_step_finish_msg(id_prefix):
+    return '''STEP {0}000001 CHECK_ANSWER
+ENTRY_BEGIN
+REPLY QR RD RA AA NXDOMAIN
+MATCH opcode rcode flags question answer
+SECTION QUESTION
+test. IN TXT
+SECTION AUTHORITY
+test. 10800 IN SOA test. nobody.invalid. 1 3600 1200 604800 10800
+SECTION ADDITIONAL
+explanation.invalid. 10800 IN TXT "check last answer"
+ENTRY_END
+'''.format(id_prefix)
 
 def generate_step_elapse(tstep, id_prefix):
     out = '; move time by {0}\n'.format(tstep)
@@ -126,6 +155,7 @@ def main():
     resolver_init()
     rng_templ, entry_templ = get_templates()
     ranges = []
+    check_last_msg = False
 
     # transform data in zones files into RANGEs
     files = os.listdir()
@@ -143,28 +173,38 @@ def main():
     # steps
     steps = []
     tstart = datetime.datetime(year=2017, month=7, day=1)
-    tend = datetime.datetime(year=2017, month=12, day=31, hour=23, minute=59, second=59)
+    if VARIANT == "unmanaged_key":
+        tend = datetime.datetime(year=2017, month=7, day=21, hour=23, minute=59, second=59)
+        check_last_msg = True
+    else:
+        tend = datetime.datetime(year=2017, month=12, day=31, hour=23, minute=59, second=59)
     tstep = datetime.timedelta(days=1)
     tcurr = tstart
     while tcurr < tend:
         id_prefix = tcurr.strftime('%Y%m%d')
         steps.append(generate_step_query(tcurr, id_prefix))
-        steps.append(generate_step_check(id_prefix))
+        if (check_last_msg is True and tcurr + tstep > tend):
+            steps.append(generate_step_finish_msg(id_prefix))
+        elif VARIANT == "unmanaged_key":
+            steps.append(generate_step_nocheck(id_prefix))
+        else:
+            steps.append(generate_step_check(id_prefix))
         steps.append(generate_step_elapse(tstep, id_prefix))
         tcurr += tstep
 
     # generate output
     with open('keys/ds') as dsfile:
-        ta = dsfile.read().strip()
+        tas = dsfile.read().strip()
 
     # constant RPL file header
-    print("""stub-addr: 2001:503:ba3e::2:30
-    trust-anchor: {ta}
-    val-override-date: 20170701000000
-    query-minimization: off
-    CONFIG_END
-
-    SCENARIO_BEGIN Simulation of successfull RFC 5011 KSK roll-over during 2017
+    print("stub-addr: 2001:503:ba3e::2:30")
+    for ta in tas.split('\n'):
+        print ("trust-anchor: " + ta)
+    print("""val-override-date: 20170701000000
+query-minimization: off
+CONFIG_END
+
+SCENARIO_BEGIN Simulation of successfull RFC 5011 KSK roll-over during 2017
     """.format(ta=ta))
     for rng in ranges:
         print(rng)
@@ -174,7 +214,7 @@ def main():
 
     # constant RPL file footer
     print('''
-    SCENARIO_END
+SCENARIO_END
     ''')
 
 
diff --git a/modules/ta_update/ta_update.test.integr/rfc5011/genkeyszones.sh b/modules/ta_update/ta_update.test.integr/rfc5011/genkeyszones.sh
index bc778865e..4a654695b 100755
--- a/modules/ta_update/ta_update.test.integr/rfc5011/genkeyszones.sh
+++ b/modules/ta_update/ta_update.test.integr/rfc5011/genkeyszones.sh
@@ -12,7 +12,17 @@ set -o nounset -o errexit -o xtrace
 
 GEN="dnssec-keygen 	-K keys/ -a RSASHA256 -b 2048 	-L 21d"
 
-function sign {
+function usage {
+	echo -e "Usage: $0 <option>\n\n\
+Option:\n\
+\t--help\t\t\tShow this help.
+\t--rollover\t\tGenerate files for rollover test.\n\
+\t--unmanagedkey-present\tGenerate files for present new unmanaged key.\n\
+\t--unmanagedkey-missing\tGenerate files for missing unmanaged key.\n\
+\t--unmanagedkey-revoke\tGenerate files for revoked unmanaged key."
+}
+
+function sign () {
 	OUTFILE="$(echo "$1" | sed 's/[- :]//g').db"
 	TZ=UTC \
 	LD_PRELOAD="/usr/lib64/faketime/libfaketimeMT.so.1" \
@@ -27,63 +37,138 @@ function sign {
 	-X +21d \
 	-O full \
 	-f "${OUTFILE}" \
-	unsigned.db
+	"$2"
 
 	# DS for the very first KSK
 	test ! -f keys/ds && dnssec-dsfromkey -2 -f "${OUTFILE}" . > keys/ds || : initial DS RR already exists
 }
 
+function test_rollover {
+	# old KSK
+	${GEN} -f KSK -P 20100715000000 -A 20100715000000 -I 20171011000000 -R 20180111000000 -D 20180322000000 .
+	# new KSK
+	${GEN} -f KSK -P 20170711000000 -A 20171011000000 .
+
+	# ZSK before roll-over: 2017-Q2
+	${GEN} -P 20170320000000 -A 20170401000000 -I 20170701000000 -D 20170711000000 .
+	# ZSK-q1: 2017-Q3
+	${GEN} -P 20170621000000 -A 20170701000000 -I 20171001000000 -D 20171011000000 .
+	# ZSK-q2: 2017-Q4
+	${GEN} -P 20170919000000 -A 20171001000000 -I 20180101000000 -D 20180111000000 .
+	# ZSK-q3: 2018-Q1
+	${GEN} -P 20171220000000 -A 20180101000000 -I 20180401000000 -D 20180411000000 .
+	# ZSK: 2018-Q2
+	${GEN} -P 20180322000000 -A 20180401000000 .
+
+
+	# hopefully slots according to
+	# https://www.icann.org/en/system/files/files/ksk-rollover-operational-implementation-plan-22jul16-en.pdf
+	# https://data.iana.org/ksk-ceremony/29/KC29_Script_Annotated.pdf
+	sign "2017-07-01 00:00:00"  # 2017 Q3 slot 1
+	sign "2017-07-11 00:00:00"  # 2017 Q3 slot 2
+	sign "2017-07-21 00:00:00"  # 2017 Q3 slot 3
+	sign "2017-07-31 00:00:00"  # 2017 Q3 slot 4
+	sign "2017-08-10 00:00:00"  # 2017 Q3 slot 5
+	sign "2017-08-20 00:00:00"  # 2017 Q3 slot 6
+	sign "2017-08-30 00:00:00"  # 2017 Q3 slot 7
+	sign "2017-09-09 00:00:00"  # 2017 Q3 slot 8
+	sign "2017-09-19 00:00:00"  # 2017 Q3 slot 9
+
+	sign "2017-10-01 00:00:00"  # 2017 Q4 slot 1
+	sign "2017-10-11 00:00:00"  # 2017 Q4 slot 2
+	sign "2017-10-21 00:00:00"  # 2017 Q4 slot 3
+	sign "2017-10-31 00:00:00"  # 2017 Q4 slot 4
+	sign "2017-11-10 00:00:00"  # 2017 Q4 slot 5
+	sign "2017-11-20 00:00:00"  # 2017 Q4 slot 6
+	sign "2017-11-30 00:00:00"  # 2017 Q4 slot 7
+	sign "2017-12-10 00:00:00"  # 2017 Q4 slot 8
+	sign "2017-12-20 00:00:00"  # 2017 Q4 slot 9
+
+	# 2018-01-01 00:00:00  # 2018 Q1 slot 1
+	# 2018-01-11 00:00:00  # 2018 Q1 slot 2
+	# 2018-01-21 00:00:00  # 2018 Q1 slot 3
+	# 2018-01-31 00:00:00  # 2018 Q1 slot 4
+	# 2018-02-10 00:00:00  # 2018 Q1 slot 5
+	# 2018-02-20 00:00:00  # 2018 Q1 slot 6
+	# 2018-03-02 00:00:00  # 2018 Q1 slot 7
+	# 2018-03-12 00:00:00  # 2018 Q1 slot 8
+	# 2018-03-22 00:00:00  # 2018 Q1 slot 9
+}
+
+function test_unmanagedkey_present {
+	# old KSK
+	${GEN} -f KSK -P 20100715000000 -A 20100715000000 -I 20171011000000 -R 20180111000000 -D 20180322000000 .
+	# new KSK
+	${GEN} -f KSK -P 20170711000000 -A 20171011000000 .
+
+	# ZSKs
+	${GEN} -P 20170621000000 -A 20170701000000 -I 20171001000000 -D 20171011000000 .
+	${GEN} -P 20170919000000 -A 20171001000000 -I 20180101000000 -D 20180111000000 .
+
+	sign "2017-07-01 00:00:00" unsigned_ok.db
+	sign "2017-07-11 00:00:00" unsigned_ok.db # present key is seen 10 days
+	sign "2017-07-21 00:00:00" unsigned_check.db # last edited message for check result from deckard
+}
+
+function test_unmanagedkey_revoke {
+	# old KSK
+	${GEN} -f KSK -P 20100715000000 -A 20100715000000 -I 20171011000000 -R 20180111000000 -D 20180322000000 .
+	# revoked KSK
+	${GEN} -f KSK -P 20100715000000 -A 20100715000000 -I 20171011000000 -R 20170710000000 -D 20180322000000 .
+
+	# ZSKs
+	${GEN} -P 20170621000000 -A 20170701000000 -I 20171001000000 -D 20171011000000 .
+	${GEN} -P 20170919000000 -A 20171001000000 -I 20180101000000 -D 20180111000000 .
+
+	sign "2017-07-01 00:00:00" unsigned_ok.db
+	sign "2017-07-11 00:00:00" unsigned_ok.db # revoke key is seen 10 days
+	sign "2017-07-21 00:00:00" unsigned_check.db # last edited message for check result from deckard
+}
+
+function test_unmanagedkey_missing {
+	# old KSK
+	${GEN} -f KSK -P 20100715000000 -A 20100715000000 -I 20171011000000 -R 20180111000000 -D 20180322000000 .
+	# missing KSK
+	${GEN} -f KSK -P 20100715000000 -A 20100715000000 -I 20171011000000 -R 20180111000000 -D 20170710000000 .
+
+	# ZSKs
+	${GEN} -P 20170621000000 -A 20170701000000 -I 20171001000000 -D 20171011000000 .
+	${GEN} -P 20170919000000 -A 20171001000000 -I 20180101000000 -D 20180111000000 .
+
+	sign "2017-07-01 00:00:00" unsigned_ok.db
+	sign "2017-07-11 00:00:00" unsigned_ok.db # missing key is seen 10 days
+	sign "2017-07-21 00:00:00" unsigned_check.db # last edited message for check result from deckard
+}
+
+if [ $# -ne 1 ]; then
+	usage
+	exit 0
+fi
+
 rm -f 20*.db
 rm -f keys/K*
 rm -f keys/ds
 mkdir -p keys/
 
-# old KSK
-${GEN} -f KSK -P 20100715000000 -A 20100715000000 -I 20171011000000 -R 20180111000000 -D 20180322000000 .
-# new KSK
-${GEN} -f KSK -P 20170711000000 -A 20171011000000 .
-
-# ZSK before roll-over: 2017-Q2
-${GEN} -P 20170320000000 -A 20170401000000 -I 20170701000000 -D 20170711000000 .
-# ZSK-q1: 2017-Q3
-${GEN} -P 20170621000000 -A 20170701000000 -I 20171001000000 -D 20171011000000 .
-# ZSK-q2: 2017-Q4
-${GEN} -P 20170919000000 -A 20171001000000 -I 20180101000000 -D 20180111000000 .
-# ZSK-q3: 2018-Q1
-${GEN} -P 20171220000000 -A 20180101000000 -I 20180401000000 -D 20180411000000 .
-# ZSK: 2018-Q2
-${GEN} -P 20180322000000 -A 20180401000000 .
-
-
-# hopefully slots according to
-# https://www.icann.org/en/system/files/files/ksk-rollover-operational-implementation-plan-22jul16-en.pdf
-# https://data.iana.org/ksk-ceremony/29/KC29_Script_Annotated.pdf
-sign "2017-07-01 00:00:00"  # 2017 Q3 slot 1
-sign "2017-07-11 00:00:00"  # 2017 Q3 slot 2
-sign "2017-07-21 00:00:00"  # 2017 Q3 slot 3
-sign "2017-07-31 00:00:00"  # 2017 Q3 slot 4
-sign "2017-08-10 00:00:00"  # 2017 Q3 slot 5
-sign "2017-08-20 00:00:00"  # 2017 Q3 slot 6
-sign "2017-08-30 00:00:00"  # 2017 Q3 slot 7
-sign "2017-09-09 00:00:00"  # 2017 Q3 slot 8
-sign "2017-09-19 00:00:00"  # 2017 Q3 slot 9
-
-sign "2017-10-01 00:00:00"  # 2017 Q4 slot 1
-sign "2017-10-11 00:00:00"  # 2017 Q4 slot 2
-sign "2017-10-21 00:00:00"  # 2017 Q4 slot 3
-sign "2017-10-31 00:00:00"  # 2017 Q4 slot 4
-sign "2017-11-10 00:00:00"  # 2017 Q4 slot 5
-sign "2017-11-20 00:00:00"  # 2017 Q4 slot 6
-sign "2017-11-30 00:00:00"  # 2017 Q4 slot 7
-sign "2017-12-10 00:00:00"  # 2017 Q4 slot 8
-sign "2017-12-20 00:00:00"  # 2017 Q4 slot 9
-
-# 2018-01-01 00:00:00  # 2018 Q1 slot 1
-# 2018-01-11 00:00:00  # 2018 Q1 slot 2
-# 2018-01-21 00:00:00  # 2018 Q1 slot 3
-# 2018-01-31 00:00:00  # 2018 Q1 slot 4
-# 2018-02-10 00:00:00  # 2018 Q1 slot 5
-# 2018-02-20 00:00:00  # 2018 Q1 slot 6
-# 2018-03-02 00:00:00  # 2018 Q1 slot 7
-# 2018-03-12 00:00:00  # 2018 Q1 slot 8
-# 2018-03-22 00:00:00  # 2018 Q1 slot 9
+case $1 in
+	--rollover)
+		test_rollover
+		;;
+	--unmanagedkey-present)
+		test_unmanagedkey_present
+		#test_rollover
+		;;
+	--unmanagedkey-revoke)
+		test_unmanagedkey_revoke
+		;;
+	--unmanagedkey-missing)
+		test_unmanagedkey_missing
+		;;
+	--help|-h)
+		usage
+		;;
+	*)
+		echo -e "Unknown option !\n\n"
+		usage
+		;;
+esac
diff --git a/modules/ta_update/ta_update.test.integr/rfc5011/pydnstest b/modules/ta_update/ta_update.test.integr/rfc5011/pydnstest
new file mode 120000
index 000000000..331fa7303
--- /dev/null
+++ b/modules/ta_update/ta_update.test.integr/rfc5011/pydnstest
@@ -0,0 +1 @@
+../../../../tests/integration/deckard/pydnstest
\ No newline at end of file
diff --git a/modules/ta_update/ta_update.test.integr/rfc5011/unsigned_check.db b/modules/ta_update/ta_update.test.integr/rfc5011/unsigned_check.db
new file mode 100644
index 000000000..cf03621f7
--- /dev/null
+++ b/modules/ta_update/ta_update.test.integr/rfc5011/unsigned_check.db
@@ -0,0 +1,8 @@
+.			86400	IN	SOA	rootns. you.test. 2017071100 1800 900 604800 86400
+
+.			518400	IN	NS	rootns.
+
+rootns.	518400	IN	A	198.41.0.4
+rootns.	518400	IN	AAAA	2001:503:ba3e::2:30
+
+test.	1	IN	TXT	"check and change answer"
diff --git a/modules/ta_update/ta_update.test.integr/rfc5011/unsigned_ok.db b/modules/ta_update/ta_update.test.integr/rfc5011/unsigned_ok.db
new file mode 100644
index 000000000..b837acd52
--- /dev/null
+++ b/modules/ta_update/ta_update.test.integr/rfc5011/unsigned_ok.db
@@ -0,0 +1,8 @@
+.			86400	IN	SOA	rootns. you.test. 2017071100 1800 900 604800 86400
+
+.			518400	IN	NS	rootns.
+
+rootns.	518400	IN	A	198.41.0.4
+rootns.	518400	IN	AAAA	2001:503:ba3e::2:30
+
+test.	1	IN	TXT	"it works"
diff --git a/modules/ta_update/ta_update.test.lua b/modules/ta_update/ta_update.test.lua
index 0ce6ad2b0..1828c4921 100644
--- a/modules/ta_update/ta_update.test.lua
+++ b/modules/ta_update/ta_update.test.lua
@@ -48,12 +48,14 @@ local function test_ta_update_vs_trust_anchors_dependency()
 end
 
 local function test_unloaded()
-	boom(trust_anchors.add_file, {'root.keys', false}, 'managed TA cannot be added without ta_update module')
+	same(ta_update, nil, 'ta_update module is nil')
+	same(trust_anchors.add_file('root.keys', false), nil, 'managed TA can be added with unloaded ta_update module')
+	ok(ta_update ~= nil, 'ta_update module automatically loaded')
+	ok(modules.unload('ta_update'), 'ta_update module can be unloaded')
+	same(ta_update, nil, 'ta_update module is nil')
 
-	counter = 0
-	same(trust_anchors.add_file('root.keys', true), nil, 'unmanaged TA can be added without ta_update module')
-	worker.sleep(sleep_time)
-	ok(counter == 0, 'TA is actually unmanaged')
+	same(trust_anchors.add_file('root.keys', true), nil, 'unmanaged TA can be added with unloaded ta_update module')
+	ok(ta_update ~= nil, 'ta_update module automatically loaded')
 
 	ok(trust_anchors.remove('.'), 'unmanaged root TA can be removed')
 	same(trust_anchors.keysets['\0'], nil, 'TA removal works')
diff --git a/modules/ta_update/ta_update.unmanagedkey.test.integr/deckard.yaml b/modules/ta_update/ta_update.unmanagedkey.test.integr/deckard.yaml
new file mode 100644
index 000000000..4d0a0fed8
--- /dev/null
+++ b/modules/ta_update/ta_update.unmanagedkey.test.integr/deckard.yaml
@@ -0,0 +1,13 @@
+# SPDX-License-Identifier: GPL-3.0-or-later
+programs:
+- name: kresd
+  binary: kresd
+  additional:
+    - -f
+    - "1"
+  templates:
+    - modules/ta_update/ta_update.unmanagedkey.test.integr/kresd_config.j2
+    - tests/integration/hints_zone.j2
+  configs:
+    - config
+    - hints
diff --git a/modules/ta_update/ta_update.unmanagedkey.test.integr/kresd_config.j2 b/modules/ta_update/ta_update.unmanagedkey.test.integr/kresd_config.j2
new file mode 100644
index 000000000..d0d72611b
--- /dev/null
+++ b/modules/ta_update/ta_update.unmanagedkey.test.integr/kresd_config.j2
@@ -0,0 +1,71 @@
+-- SPDX-License-Identifier: GPL-3.0-or-later
+
+{% for TAF in TRUST_ANCHOR_FILES %}
+trust_anchors.add_file('{{TAF}}', true)
+{% endfor %}
+
+{% raw %}
+
+local cb_counter = 0
+function inc_cb()
+	cb_counter = cb_counter + 1
+end
+
+function check_status(state, query)
+	local answer = query.request.answer
+	-- status was present for 10 days
+	if cb_counter > 0 then
+		return policy.DENY_MSG('check last answer')
+	end
+end
+ta_update.refresh_time = 12 * hour
+ta_update.cb_unmanagedkey_change = inc_cb
+policy.add(check_status, true)
+
+-- Disable RFC8145 signaling, scenario doesn't provide expected answers
+if ta_signal_query then
+        modules.unload('ta_signal_query')
+end
+
+-- Disable RFC8109 priming, scenario doesn't provide expected answers
+if priming then
+        modules.unload('priming')
+end
+
+-- Disable this module because it make one priming query
+if detect_time_skew then
+        modules.unload('detect_time_skew')
+end
+
+policy.add(policy.suffix(policy.PASS, {todname('test.')}))
+_hint_root_file('hints')
+cache.size = 2*MB
+verbose(true)
+{% endraw %}
+
+net = { '{{SELF_ADDR}}' }
+
+
+{% if QMIN == "false" %}
+option('NO_MINIMIZE', true)
+{% else %}
+option('NO_MINIMIZE', false)
+{% endif %}
+
+
+-- Self-checks on globals
+assert(help() ~= nil)
+assert(worker.id ~= nil)
+-- Self-checks on facilities
+assert(cache.count() == 0)
+assert(cache.stats() ~= nil)
+assert(cache.backends() ~= nil)
+assert(worker.stats() ~= nil)
+assert(net.interfaces() ~= nil)
+-- Self-checks on loaded stuff
+assert(net.list()[1].transport.ip == '{{SELF_ADDR}}')
+assert(#modules.list() > 0)
+-- Self-check timers
+ev = event.recurrent(1 * sec, function (ev) return 1 end)
+event.cancel(ev)
+ev = event.after(0, function (ev) return 1 end)
diff --git a/modules/ta_update/ta_update.unmanagedkey.test.integr/rfc5011 b/modules/ta_update/ta_update.unmanagedkey.test.integr/rfc5011
new file mode 120000
index 000000000..b467cd69a
--- /dev/null
+++ b/modules/ta_update/ta_update.unmanagedkey.test.integr/rfc5011
@@ -0,0 +1 @@
+../ta_update.test.integr/rfc5011
\ No newline at end of file
diff --git a/modules/ta_update/ta_update.unmanagedkey.test.integr/unmanagedkey-missing-monotonictime.rpl b/modules/ta_update/ta_update.unmanagedkey.test.integr/unmanagedkey-missing-monotonictime.rpl
new file mode 100644
index 000000000..c26b017da
--- /dev/null
+++ b/modules/ta_update/ta_update.unmanagedkey.test.integr/unmanagedkey-missing-monotonictime.rpl
@@ -0,0 +1,757 @@
+stub-addr: 2001:503:ba3e::2:30
+trust-anchor: . IN DS 15116 8 2 6743F544CF087FE23094D4FC1305F6B9C4EEFA2025B4FC348A622CE202F5DD4B
+trust-anchor: . IN DS 45050 8 2 DB11ECB4E98390817B2D4BBBE73D7FDFE7ECC418E006EEF6EA05044E565A3733
+val-override-date: 20170701000000
+query-minimization: off
+CONFIG_END
+
+SCENARIO_BEGIN Simulation of successfull RFC 5011 KSK roll-over during 2017
+    
+
+RANGE_BEGIN 20170701000000 20170710999999
+        ADDRESS 198.41.0.4
+        ADDRESS 2001:503:ba3e::2:30
+
+ENTRY_BEGIN
+MATCH opcode question
+ADJUST copy_id
+REPLY NOERROR QR AA DO
+SECTION QUESTION
+. IN SOA
+SECTION ANSWER
+. 86400 IN SOA rootns. you.test. 2017071100 1800 900 604800 86400
+. 86400 IN RRSIG SOA 8 0 86400 20170715000000 20170701000000 31500 . dPoTEA/PKBUCWNsGLH27WXLRSoQBpgw4 R0cAGdXZHVlYTZzfaHAmfgvoZOeoT0pt 11584nVWOTJDH3p0bDgJBTLsCbs3IeTx SnrZQxWP6/WvyK3NwAxI9q8amEIf8Rin JQCiTOvxdVnb5lrDZt3bzgCTvWm0EqVy 4WjewqhhduiWYq5sRjqDMSKbbP9zGE4l 9gaCgIJA4zPvcedYpqQpmDnITM1SlpLH /JtpPVVstLTV1MmfmvY1ay3FMYRMr0FU 7FKHtKmY+RSaRWzno3ghWPi3PZrc9J5Z dyS8EfD+dpFibv+auFp43NnVL+mISQ+/ nfKLf8PYT8DDBog7OlaCsQ==
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode question
+ADJUST copy_id
+REPLY NOERROR QR AA DO
+SECTION QUESTION
+. IN DNSKEY
+SECTION ANSWER
+. 1814400 IN DNSKEY 256 3 8 AwEAAecpzqv0lz4aTPxYhm+LlvNVtLCq LhWvBuUdPoOxVO99j/KDXEdslHRfRLlf ZHi5KBfGLBwW13VeO9bzv+/62PycepCH WyE4I+IHSgVau1vkCtfRtX5wp8EMPyqU MtHPvuForHdp3ZWepuZh8i8TUgEGn3F+ ISS6yyy10gR8fPTSmXui6ZWPk+yarFNC /BosJPw0Y5gkPIltk9oHeWcTTwd1XpqP b2Pm4FdRN8rpJGvx5livyVdrEAXMnlV9 PqCtJVLBq4HN7LJmXde+ODLmzVP1JgaO qC9vlu2vKL2AlKW5BCCL9gt0+XeFU3KH qrs5GgnX2xVKoIzA9Sraepg+3i0=
+. 1814400 IN DNSKEY 257 3 8 AwEAAa4D+Q6MqSfx9vyCCGlOHYAbbxo9 buybBLpq2Q08j+cUDc1/pSVSmYfJ3Xup QcFc7Ney7BUrPqRfzQyL/NHEtupWyLJ/ gstz55oiEXw8RCsYZH+nay4nPthtQ+nt FSAZpw32ED0CHH87ENxxxfkB1hkT78ru RG5pYT+qGeSDXGrkYSHGNSfS7YB7RX9h Q1/RM8ef/QyKqLkFli6OPvLa6u0eCAI1 IHvHbQvieoVioWaJ7jmKxMwIONQfMbYH 8Hs2JeBgNhaH4qHDJdLJePJNuht6NZ2K 0vfcDpkDbj/6r9XpJiEEjB7iFIfhc/ya Tkyu7tIUwXs7tTDALi7gpOk3kL0=
+. 1814400 IN DNSKEY 257 3 8 AwEAAcfEF/AXBm9m/eLNdnsq4O5otNVD zNmdViy4pC1paInyq7tgy8blsivvpy7X Hh/xnFPCX6XRMUxxpe7Afuc9BITwepap rIdM/j4QOIeuQbLSxhzay1jdsCWMHFQ3 hMQeXZ8X05oxnIKihnfISyhqyaNdlY2k 4ApVHDF6ugDd1+Zu4T/5M9DIhxCTHpVo hctCzkgFP9tRocAlIwptcoZLdR3LxdXk OJ9tfSOuqHnQ4Zh8Aj407rVtz6CWQGyg qO+fb+Y98DI3V7IYisnW18r7QorMUycA OuDnnlZSvkrcWgtpuyylTsqhs/3+73iK kb0QUKscoTeSLgeoocFN+r8ZfaM=
+. 1814400 IN RRSIG DNSKEY 8 0 1814400 20170722000000 20170701000000 15116 . mkcwXhObb+tZcwBexTnJQU9xFXI4DYLH P3J80/mYHj3r/6542Wd4+IscpVIFhtxf WsFQhvzS7IZevSbOojRYPjLIKpaa+WnU zYOi4n5vNq5PWzXd1Y5tHqDCxF6fQB4H SfI2GB/a37s3GnaEWA+ECzIZiC0xxASt obIkWkYoqLaI6aMILOSjXHJxKbY1wNPm SGm+RohpjYmgLzFAD3NJNqleYexcarrK +pfbeBoQFmAq3wJqCRnPYfAfivFA2mDN 2PMI+K6hx1Wf/NmmPM2a+UoPREashEe6 exbC7XZbs10aP8gCgHkGmGWgSlbLqFpx 9f2GBjotJsEbJCumiT6hpA==
+. 1814400 IN RRSIG DNSKEY 8 0 1814400 20170722000000 20170701000000 31500 . DOjVyLlWPX1DpvYhWHoh/LHXqTJK2SIG yp7iLXnmkb3SCFslOcVwYm2m0xfRplZo dA/HhFdT+cJ1wlXZSXBm17QgDK9hNhnm kmstpbv+xj/Pf31TJkHRS2Mn7FtQTRKE zJGMJvnfgY2PMpAwVyDMc2psA5AJbx47 uS5+JJgDcnnfM8OoTkT3RkHKV942nWTo lhpyBnj1Ymzvlc1DxVW1DIJjnQjoU9PZ sJT4NESMJyF/cskELuSqyqvrUC7WAnNU hhE0rcTBhxJpA9iaCW+Jn/CGTxR5Hrmq Vlyf4ctduNwuOl+puA9RNj7+JnBX6EN+ KM1NqxpSI+gcHSEj9MXejA==
+. 1814400 IN RRSIG DNSKEY 8 0 1814400 20170722000000 20170701000000 45050 . mi9PqTNCsum4+302sDVzJW4RJsW3Gtec 3+Z/5CKa5cP0l+w/5g6mWV1eBeT3ZeF7 kkleUP7chgtHmh1d/q24OE7R+R+iZrf7 OP1SJRN4cxeliM1mJFGz67YFkWzqzwiU +WbuAg/HBgGmtSO/6QlwRtBEbx8LwZx5 6OIHEUVCYEPdk96iU6wAcgc9RkkBVrJz M8UEbSFI5WNbWKJMfT6BqgFPd84AslqN lxZm0WNGP2xdsdVR9TSx2dTUiXdTymi/ x61AFQKn6hlf5cY6LZPOR5JquqXtAgV2 xf3XtOjnFaH81IECqXA/cRrR7Y3Oxl01 Fl3A9C0BBpOH2ngQwHyhiw==
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode question
+ADJUST copy_id
+REPLY NOERROR QR AA DO
+SECTION QUESTION
+. IN NS
+SECTION ANSWER
+. 518400 IN NS rootns.
+. 518400 IN RRSIG NS 8 0 518400 20170715000000 20170701000000 31500 . fWSlKWRwiYLYHxZi7z/0lFEhGd7uJrnJ BCe5cY0MVWuhNKx/k331hulrolI6NBrJ Tek6rMtkHpg4fF4x8yTFYS0lNhMI/dJk AZP+7w16T4YCtEwQdqfaPLV+Q0xxSGyI f1tqkQ7iLzrjBHc91IdSKysY0N/z3A0H VwpELudEq6P840ocrolQpxHLD0TgvrXe PO4+Wrg9G122fpvB7WGvufiKRyU2qVGZ hUa++t+JKe8sdCPXe8fe+njD6iOBOBUx WMXxJ92zV92KfxdyvwEaFyPVUAEmHFyc zUQHMmPPAoR2Uy7b4etXlBN5pgYwYk/O tmAuyKNJg38Frdz/TK7F3A==
+SECTION ADDITIONAL
+rootns. 518400 IN A 198.41.0.4
+rootns. 518400 IN AAAA 2001:503:ba3e::2:30
+rootns. 518400 IN RRSIG A 8 1 518400 20170715000000 20170701000000 31500 . mA/R6+XmbyI0ljRHtTaDpu1fgm7/XGvE UMwmNqieJ/z7RbJ38yvGnfKDERhKBhQr 7EPdCSldpwg8LXx70Luu/kklvvxn20Aj my8hWGW4Hsl+C2qVZ10qzHxbx0lDgnK6 JKYBLdCnDXHS8KfXkrFIeWFdZWGXpcOt mPppEG4sp8OhpVohgiU/WGZQWs3TjeO0 k85iq4g5QLOeQnRKlCaX2S6wlNOTfcvi j8iuUjcMstx0z5MWMn9RuFvKYXM0aWwT d+QMLBEt16LBCF52mxKy9RD7Wi5zIo1T SfxAxvXofrsnw48UZ4PpnE0K6bCzW//M rJMycfKaqjPDN2nabZHIqQ==
+rootns. 518400 IN RRSIG AAAA 8 1 518400 20170715000000 20170701000000 31500 . xLCTTIMJwqN9qDMm4tggaqUtf5pq7V5/ 0n6YT6Be9lstyIVL32ra94lJtjeF8gUA Ys1ugC9y9j88pYLcD+/IWSHvQ6FhZU73 XZA5wm6da2NQnyOXZSEofz/E7Arlmy7y Dojb9zmzgaUEEqnvQ4koqhpENbq4oTSp aJ7/UpsRrXUwrwJdxPnu2EW2hCgyFQ2i uAra/Bmzl046hAOTGzjUbbNgJt3JaLu4 qYKNcs/yUqGoZdcU/OOYfxFoAI1I+K/s FqCoVYV4yjQ6sB0s3isjoJT0fN1/QGMR 6a+ebQJ/B0B3Ch+VcC4abpMkWafTrOY/ J2KTNzvbXD9X2as1y6pa+w==
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode question
+ADJUST copy_id
+REPLY NOERROR QR AA DO
+SECTION QUESTION
+rootns. IN NS
+SECTION AUTHORITY
+. 86400 IN SOA rootns. you.test. 2017071100 1800 900 604800 86400
+rootns. 86400 IN NSEC test. A AAAA RRSIG NSEC
+. 86400 IN RRSIG SOA 8 0 86400 20170715000000 20170701000000 31500 . dPoTEA/PKBUCWNsGLH27WXLRSoQBpgw4 R0cAGdXZHVlYTZzfaHAmfgvoZOeoT0pt 11584nVWOTJDH3p0bDgJBTLsCbs3IeTx SnrZQxWP6/WvyK3NwAxI9q8amEIf8Rin JQCiTOvxdVnb5lrDZt3bzgCTvWm0EqVy 4WjewqhhduiWYq5sRjqDMSKbbP9zGE4l 9gaCgIJA4zPvcedYpqQpmDnITM1SlpLH /JtpPVVstLTV1MmfmvY1ay3FMYRMr0FU 7FKHtKmY+RSaRWzno3ghWPi3PZrc9J5Z dyS8EfD+dpFibv+auFp43NnVL+mISQ+/ nfKLf8PYT8DDBog7OlaCsQ==
+rootns. 86400 IN RRSIG NSEC 8 1 86400 20170715000000 20170701000000 31500 . czXWsvkZgPgtICpYspe8ny5sloUCCQ01 S4CwdGKFkyoOh0jvnL/iGa9X4TtTeTry 2gtT8+Azuvaq/rXXG4hrSmvQloCyDMtD Qy86So9w8nMxGBnXW/fHqt0mgYBoYmw4 PYM6vrOwMOxh/db8qMdHz/MdHPUWxUNG t+2LJ55RwUlb4YFtLzcNUe3CPf7nydSY y8lDbDz6GzbwGz65mUN8/rjeEOaRaQON rb+1ETXGKX7aFga/0t0GBTEjkwAKbaV/ 7nBk9CYR4IpeIIMuHPQiSEenzhXEjDMx Z6pue7+DrFuw/yFfvNeArQ4XLPglMzM+ YigxHXt8Z1d8CJzeImCWmA==
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode question
+ADJUST copy_id
+REPLY NOERROR QR AA DO
+SECTION QUESTION
+rootns. IN A
+SECTION ANSWER
+rootns. 518400 IN A 198.41.0.4
+rootns. 518400 IN RRSIG A 8 1 518400 20170715000000 20170701000000 31500 . mA/R6+XmbyI0ljRHtTaDpu1fgm7/XGvE UMwmNqieJ/z7RbJ38yvGnfKDERhKBhQr 7EPdCSldpwg8LXx70Luu/kklvvxn20Aj my8hWGW4Hsl+C2qVZ10qzHxbx0lDgnK6 JKYBLdCnDXHS8KfXkrFIeWFdZWGXpcOt mPppEG4sp8OhpVohgiU/WGZQWs3TjeO0 k85iq4g5QLOeQnRKlCaX2S6wlNOTfcvi j8iuUjcMstx0z5MWMn9RuFvKYXM0aWwT d+QMLBEt16LBCF52mxKy9RD7Wi5zIo1T SfxAxvXofrsnw48UZ4PpnE0K6bCzW//M rJMycfKaqjPDN2nabZHIqQ==
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode question
+ADJUST copy_id
+REPLY NOERROR QR AA DO
+SECTION QUESTION
+rootns. IN AAAA
+SECTION ANSWER
+rootns. 518400 IN AAAA 2001:503:ba3e::2:30
+rootns. 518400 IN RRSIG AAAA 8 1 518400 20170715000000 20170701000000 31500 . xLCTTIMJwqN9qDMm4tggaqUtf5pq7V5/ 0n6YT6Be9lstyIVL32ra94lJtjeF8gUA Ys1ugC9y9j88pYLcD+/IWSHvQ6FhZU73 XZA5wm6da2NQnyOXZSEofz/E7Arlmy7y Dojb9zmzgaUEEqnvQ4koqhpENbq4oTSp aJ7/UpsRrXUwrwJdxPnu2EW2hCgyFQ2i uAra/Bmzl046hAOTGzjUbbNgJt3JaLu4 qYKNcs/yUqGoZdcU/OOYfxFoAI1I+K/s FqCoVYV4yjQ6sB0s3isjoJT0fN1/QGMR 6a+ebQJ/B0B3Ch+VcC4abpMkWafTrOY/ J2KTNzvbXD9X2as1y6pa+w==
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode question
+ADJUST copy_id
+REPLY NOERROR QR AA DO
+SECTION QUESTION
+test. IN TXT
+SECTION ANSWER
+test. 1 IN TXT "it works"
+test. 1 IN RRSIG TXT 8 1 1 20170715000000 20170701000000 31500 . mVYjV/8KTVvel7+USquoejpj3GYlnLmm 4AUifG/JHOOHsxak7JpRmoGx720oYBLm mLYuxIU4RB1GmZSb8lQH8Nv/vG6yOtKc 7sajnu3M6edPSM0+6Tsh+01G4s5rhqUe 8K5vc6s/HmWziHKpcWTGU6mq5OrYpcZD WmMdu7S75rcZDqX5ZbjrB8liBT528V/z 3nWNTKevL+vGYkwXfxiEYqTfbO8rlLZS Gqj/gAPFrojtu1qdmeJ78YE5ZiQwnAqz 5jAdsyQCFaX/tn4UMwmxyIBYdb9OrU9S Ec8TbRS24s9aaPFEmPJNHX0HYD84hMNY IF+0igXM6HFeTxVO0F6TSA==
+ENTRY_END
+RANGE_END
+
+
+
+RANGE_BEGIN 20170711000000 20170720999999
+        ADDRESS 198.41.0.4
+        ADDRESS 2001:503:ba3e::2:30
+
+ENTRY_BEGIN
+MATCH opcode question
+ADJUST copy_id
+REPLY NOERROR QR AA DO
+SECTION QUESTION
+. IN SOA
+SECTION ANSWER
+. 86400 IN SOA rootns. you.test. 2017071100 1800 900 604800 86400
+. 86400 IN RRSIG SOA 8 0 86400 20170725000000 20170711000000 31500 . fna14VuFmwBxUnBYNILk3jMd25fjhUm/ hkbF4bJxDnJk+qV6pSCMPAkINYbZb+UF UqtaIqOy0W3gSAxKPObFOjX+KExtyjRq AQPKTBRTDuYWndgEfVMNe9x9DkEqv6Gg fygyGD1kRAc2Rum5iOF5G/kLrGEIuSiq AJ/LKqF+hlPxC7E1HttlSVPCeEnW+Rrm pbiniH0hFqYQhOlPzHZ6aX8A2oERn1IS 4+XwNBQzLjqxcOHyf2EhlwCK2tYhMjAU NkzK4kcHK2r8jHVh+VBNF6kgP55qKwWz +fE13zkkkVP4f1JZtzfrC0TUIRQAztJ4 0vWR3XEatn8cNlobKfiGPw==
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode question
+ADJUST copy_id
+REPLY NOERROR QR AA DO
+SECTION QUESTION
+. IN DNSKEY
+SECTION ANSWER
+. 1814400 IN DNSKEY 256 3 8 AwEAAecpzqv0lz4aTPxYhm+LlvNVtLCq LhWvBuUdPoOxVO99j/KDXEdslHRfRLlf ZHi5KBfGLBwW13VeO9bzv+/62PycepCH WyE4I+IHSgVau1vkCtfRtX5wp8EMPyqU MtHPvuForHdp3ZWepuZh8i8TUgEGn3F+ ISS6yyy10gR8fPTSmXui6ZWPk+yarFNC /BosJPw0Y5gkPIltk9oHeWcTTwd1XpqP b2Pm4FdRN8rpJGvx5livyVdrEAXMnlV9 PqCtJVLBq4HN7LJmXde+ODLmzVP1JgaO qC9vlu2vKL2AlKW5BCCL9gt0+XeFU3KH qrs5GgnX2xVKoIzA9Sraepg+3i0=
+. 1814400 IN DNSKEY 257 3 8 AwEAAcfEF/AXBm9m/eLNdnsq4O5otNVD zNmdViy4pC1paInyq7tgy8blsivvpy7X Hh/xnFPCX6XRMUxxpe7Afuc9BITwepap rIdM/j4QOIeuQbLSxhzay1jdsCWMHFQ3 hMQeXZ8X05oxnIKihnfISyhqyaNdlY2k 4ApVHDF6ugDd1+Zu4T/5M9DIhxCTHpVo hctCzkgFP9tRocAlIwptcoZLdR3LxdXk OJ9tfSOuqHnQ4Zh8Aj407rVtz6CWQGyg qO+fb+Y98DI3V7IYisnW18r7QorMUycA OuDnnlZSvkrcWgtpuyylTsqhs/3+73iK kb0QUKscoTeSLgeoocFN+r8ZfaM=
+. 1814400 IN RRSIG DNSKEY 8 0 1814400 20170801000000 20170711000000 31500 . IGL5Fg08GJae04Y+aAy7xWGb+0pnXPnB XlFr16x6V2X40G7QdVEwATK+FO8T93m8 lgD+ixOX+6Wz67tlEOlCjdTl8BJUwlSk HB3+s+GZnotwkXnyTeWFrupOPNdkSTT4 wDMZLsNVKWCsrdBV5o4kwQedjFbeEQKC KVaDbSAZ6Pjr8F+uCkaGGmKYq3tvU5j4 Gd8JXLWASqj1AT5lJjNiVgACbSLpReVV bpxRHvdoKPgog/5INATqZS/lR5SXMEik DyEOv4CGl4pi+7yB73i6r7V5SWCMp8Jl 8RVLUFlMMqKg+SScybWkVSMJJyfnW1/j EpIO+3LzTKoZcdwhAJi1+A==
+. 1814400 IN RRSIG DNSKEY 8 0 1814400 20170801000000 20170711000000 45050 . pujHutwLhvT+8bki6jnCpW5UtK8xbruO /Wyg25ABJE+V0Qjqss3UbmqtRjaCT+b5 ZORlk8N7ZmuRdxQM++qT34UlmLtT3D43 DRRMYdCCnnBKqZhpOjZMm+ry1xNj3qUb izl74tPaGhibxzlaLdld2FlaBOKlJXeC y2d05I2nXICzsjb04cFDMskLeHMq4P3M AMf6RYqAlAPoLeeaW6Q2m+D8qIa3epIs eHJL6GhQYwpg6hT/fACOYX8YqPQTvhmC 7PVmRghYYeUb6am2kywJaMZg+zzyemVf R9HOYSEquyRvjj/1IbbanpdEZh6bO/et pIOK9bTqQpvg6pkZ8x708Q==
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode question
+ADJUST copy_id
+REPLY NOERROR QR AA DO
+SECTION QUESTION
+. IN NS
+SECTION ANSWER
+. 518400 IN NS rootns.
+. 518400 IN RRSIG NS 8 0 518400 20170725000000 20170711000000 31500 . zcWreQ7KQq9QK20WvzbNjfGrVEO15RaV YJv1QkgPj8JlgNedGg4pHvD72c9pVgqY DBuXQNfV0m1l+5LTtLAoX5s7t8PzhljQ S0t0RNkZXpQji/FtQQO7/jXt8bPTRDi6 wcn3uhu2fLuXEpXYVdFCC1s/8//9vPUU BeGY1vpdRZV+wd8HgnkqAoTyOKl7csSI cOYyhMpfwfiXohFz3AxG67Qjwj7wzot3 RsS9CDpBgwoWBTmi5dnPD++wbn0EXgmo w+tDGtk+PQBC9FPxxmVmaqHlnRM1QGqi ivS1MGGUzXXkZdzWNsdc/ZXQmJt5F3jX 3oZDR9pyAAky4tdebyuRlA==
+SECTION ADDITIONAL
+rootns. 518400 IN A 198.41.0.4
+rootns. 518400 IN AAAA 2001:503:ba3e::2:30
+rootns. 518400 IN RRSIG A 8 1 518400 20170725000000 20170711000000 31500 . AcVAjovwI9gcS/v+36yqoC4myF2iCLp0 65URXF3OEnpG9PRoQYCHhY9NuC9MaX02 gR/FfUJcHQT+NKKLL3WXZJ5llWKuNQa7 aPJV4ygrOjQ7ypehEYRVBygvDPfFAGNj 8Dxd0rvjpWtaMz5A5DXBLa2W84iDrOhZ RbnDNREItVEZGG9BN26T8me0YJoYOwx9 BUOC6FfAoupZJd/cbPcsp3kzIJCCP3Vy H8DFkYeno8yaWhoEuKwleto74nrsl8Fl ihBXEqqUResGkjMyJedgvnPtv/5kXmXN tvuNBw71Y85FkRgbCQKPJdaMb/Gq+K8a 9aVGNH+/XHqPDNZ0oJF4TA==
+rootns. 518400 IN RRSIG AAAA 8 1 518400 20170725000000 20170711000000 31500 . 1oeKgUeMR97GMVAZL8pgbBcgw6Kf4iu6 9nNjKtrHntavlQpBavUM2JX/nDyeBpcI C1oo0+GuqA5y5MfK2nmy5gQgXyN4S0Ag aXgrHZx6vgvFp5RXB7BY8leSTt0Pl8QC ugb179QYbzIxnHxZ+GJMQdA8Jb8FpBRH yVXhrTwypjW1Wdyoeo6TdxAikuF/esGp oZCg8V9WG2VHDmtU04uIpocN2t8mk8jA TBHKW3z0Vak0/4j/cvj2Yi+4dFivs88+ asgCsfzExN9r++BLm0uif+29pFgqh+yx pVjQZ9dUgQdkhnnJRmgwezpHei/c4/ZW 9HAKvp3qdPoPvIo1/dQClQ==
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode question
+ADJUST copy_id
+REPLY NOERROR QR AA DO
+SECTION QUESTION
+rootns. IN NS
+SECTION AUTHORITY
+. 86400 IN SOA rootns. you.test. 2017071100 1800 900 604800 86400
+rootns. 86400 IN NSEC test. A AAAA RRSIG NSEC
+. 86400 IN RRSIG SOA 8 0 86400 20170725000000 20170711000000 31500 . fna14VuFmwBxUnBYNILk3jMd25fjhUm/ hkbF4bJxDnJk+qV6pSCMPAkINYbZb+UF UqtaIqOy0W3gSAxKPObFOjX+KExtyjRq AQPKTBRTDuYWndgEfVMNe9x9DkEqv6Gg fygyGD1kRAc2Rum5iOF5G/kLrGEIuSiq AJ/LKqF+hlPxC7E1HttlSVPCeEnW+Rrm pbiniH0hFqYQhOlPzHZ6aX8A2oERn1IS 4+XwNBQzLjqxcOHyf2EhlwCK2tYhMjAU NkzK4kcHK2r8jHVh+VBNF6kgP55qKwWz +fE13zkkkVP4f1JZtzfrC0TUIRQAztJ4 0vWR3XEatn8cNlobKfiGPw==
+rootns. 86400 IN RRSIG NSEC 8 1 86400 20170725000000 20170711000000 31500 . kMVZp4DiHSXYRBgio4X+4nK32ITxnk7B uUwJHT9UIeQuyc0ag5T4sgNo73dcWAZF Jy+oXiv/5RkTA1DuFE7xLkgu51DwUo+E QmIFYPiVB8WYijF/c1aawx3mawEnERpS MvvX8e9rvtW1wNpNWDYjOOvR9S8HnQk/ MbSC96Non8LDX9chdITYlM33qVDDFCyh nd5PDe79UN8HvKXhhtin6h5LyAwVQolz 14/fEGimtHbEYCni88j3vWRKjt/vs6S6 Fl+OJ3NoSVr52BbbnaI7A06iXKGTyLSg HE1G6K6ENMfrhz3HIE5ze+CRZN5/WNtS 6A8+j3QqphFIouHqAPqw0Q==
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode question
+ADJUST copy_id
+REPLY NOERROR QR AA DO
+SECTION QUESTION
+rootns. IN A
+SECTION ANSWER
+rootns. 518400 IN A 198.41.0.4
+rootns. 518400 IN RRSIG A 8 1 518400 20170725000000 20170711000000 31500 . AcVAjovwI9gcS/v+36yqoC4myF2iCLp0 65URXF3OEnpG9PRoQYCHhY9NuC9MaX02 gR/FfUJcHQT+NKKLL3WXZJ5llWKuNQa7 aPJV4ygrOjQ7ypehEYRVBygvDPfFAGNj 8Dxd0rvjpWtaMz5A5DXBLa2W84iDrOhZ RbnDNREItVEZGG9BN26T8me0YJoYOwx9 BUOC6FfAoupZJd/cbPcsp3kzIJCCP3Vy H8DFkYeno8yaWhoEuKwleto74nrsl8Fl ihBXEqqUResGkjMyJedgvnPtv/5kXmXN tvuNBw71Y85FkRgbCQKPJdaMb/Gq+K8a 9aVGNH+/XHqPDNZ0oJF4TA==
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode question
+ADJUST copy_id
+REPLY NOERROR QR AA DO
+SECTION QUESTION
+rootns. IN AAAA
+SECTION ANSWER
+rootns. 518400 IN AAAA 2001:503:ba3e::2:30
+rootns. 518400 IN RRSIG AAAA 8 1 518400 20170725000000 20170711000000 31500 . 1oeKgUeMR97GMVAZL8pgbBcgw6Kf4iu6 9nNjKtrHntavlQpBavUM2JX/nDyeBpcI C1oo0+GuqA5y5MfK2nmy5gQgXyN4S0Ag aXgrHZx6vgvFp5RXB7BY8leSTt0Pl8QC ugb179QYbzIxnHxZ+GJMQdA8Jb8FpBRH yVXhrTwypjW1Wdyoeo6TdxAikuF/esGp oZCg8V9WG2VHDmtU04uIpocN2t8mk8jA TBHKW3z0Vak0/4j/cvj2Yi+4dFivs88+ asgCsfzExN9r++BLm0uif+29pFgqh+yx pVjQZ9dUgQdkhnnJRmgwezpHei/c4/ZW 9HAKvp3qdPoPvIo1/dQClQ==
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode question
+ADJUST copy_id
+REPLY NOERROR QR AA DO
+SECTION QUESTION
+test. IN TXT
+SECTION ANSWER
+test. 1 IN TXT "it works"
+test. 1 IN RRSIG TXT 8 1 1 20170725000000 20170711000000 31500 . IflrU7TCMFd6L9qaQEgwSobKiGUfj2YZ 16MFrgiTl7mqZSjjS/Jf/dMXRJv/btan /XDT1yoItIcQgio3htKf/7Lo95kbUelU jSc6GvFEPoiceid8QigIAuSpKKH4eCh3 G/KW14UC1yHuLT3uwO8YLR3GNeO61sGB gafeCa4ePFSXszOcfq8ZfMKHTs8H8l1N 39rrN1rrcdsp2bVUA37BpJ2TI8eCf/K4 r50BXWE8db4PiXi3PHE1o8KEdhMKo5ku DyfXEuC7pgR0r01jB3nozb+rNRfF/VFd b3Zv7Fb+b1k79uUNtuTY24xTkxSeLSWy tesX5w7ReAEO+L9Mkh6N+Q==
+ENTRY_END
+RANGE_END
+
+
+
+RANGE_BEGIN 20170721000000 99999999999999
+        ADDRESS 198.41.0.4
+        ADDRESS 2001:503:ba3e::2:30
+
+ENTRY_BEGIN
+MATCH opcode question
+ADJUST copy_id
+REPLY NOERROR QR AA DO
+SECTION QUESTION
+. IN SOA
+SECTION ANSWER
+. 86400 IN SOA rootns. you.test. 2017071100 1800 900 604800 86400
+. 86400 IN RRSIG SOA 8 0 86400 20170804000000 20170721000000 31500 . lPXV8zPAsFCStPWYakYlvnOjRpqJm4RX 0tlJQAyDiQ7WwuuVqAYQefZx0fhveIHw Ntn2W69QGU+qZKUujrmSWg7KgK0+sOQ6 eLqTi+F0rg4qg92Q2Fh4DpHFOn6CzSp7 y/Ndyepli+B/xnRuvJsZiR0bpNdzpDSP uN9boISWMqoOD6EgL+2N1qJ4Bw9J9STe Ay7ZZz3gJYX0Pq0m+ndEChNbpDayB3Gz FeaicTl2Owqjj4XUUPlAUD5udlen688g vGqj/MS3rSs9Fv5QrvmP/fOKEw5wO1/7 UMS86BU+v4vnZ3EamXCnvfWTQeYfqy2Y wnzpucnMFI/11O723xtjTA==
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode question
+ADJUST copy_id
+REPLY NOERROR QR AA DO
+SECTION QUESTION
+. IN DNSKEY
+SECTION ANSWER
+. 1814400 IN DNSKEY 256 3 8 AwEAAecpzqv0lz4aTPxYhm+LlvNVtLCq LhWvBuUdPoOxVO99j/KDXEdslHRfRLlf ZHi5KBfGLBwW13VeO9bzv+/62PycepCH WyE4I+IHSgVau1vkCtfRtX5wp8EMPyqU MtHPvuForHdp3ZWepuZh8i8TUgEGn3F+ ISS6yyy10gR8fPTSmXui6ZWPk+yarFNC /BosJPw0Y5gkPIltk9oHeWcTTwd1XpqP b2Pm4FdRN8rpJGvx5livyVdrEAXMnlV9 PqCtJVLBq4HN7LJmXde+ODLmzVP1JgaO qC9vlu2vKL2AlKW5BCCL9gt0+XeFU3KH qrs5GgnX2xVKoIzA9Sraepg+3i0=
+. 1814400 IN DNSKEY 257 3 8 AwEAAcfEF/AXBm9m/eLNdnsq4O5otNVD zNmdViy4pC1paInyq7tgy8blsivvpy7X Hh/xnFPCX6XRMUxxpe7Afuc9BITwepap rIdM/j4QOIeuQbLSxhzay1jdsCWMHFQ3 hMQeXZ8X05oxnIKihnfISyhqyaNdlY2k 4ApVHDF6ugDd1+Zu4T/5M9DIhxCTHpVo hctCzkgFP9tRocAlIwptcoZLdR3LxdXk OJ9tfSOuqHnQ4Zh8Aj407rVtz6CWQGyg qO+fb+Y98DI3V7IYisnW18r7QorMUycA OuDnnlZSvkrcWgtpuyylTsqhs/3+73iK kb0QUKscoTeSLgeoocFN+r8ZfaM=
+. 1814400 IN RRSIG DNSKEY 8 0 1814400 20170811000000 20170721000000 31500 . taRMDz94VQ0lr4fUz9RcksuoEmSJ2dba BtEzOdj1GQHLUvIeY9n5kGqSvWA/ijSQ i8U3gs3KBWUGFZYVLNFRWzLEOumNx28a i+M2cXSo1z5lfh/kJVPrsV7lfNdilk1X yIDYDSKLrdEhfPly0Sm1SeF1AFdUZ5Br acniNZ67nO1z3qNQOoHnt/ZXNAkfUQoJ Iu5w87qxDVXT4ju5bDH2ozscPrbO0cbs Oq5S8H17O8d/njPdxAcYAW/aIjRcKOaD S1WDweTES96JURAo9I52JzkzPcnv2RW5 BiVIzI3o6gOVDTpzIeQAonGpT5QljdUC bUCYXkV+c6dIzA/aIVEwtg==
+. 1814400 IN RRSIG DNSKEY 8 0 1814400 20170811000000 20170721000000 45050 . QFDngPrnZLHICu5Sga7Hzmw4e4I2IL8O ED3u/F04CycjN7QgwcQyNr4tHrk94W7p 16fvkeORpG8BuLbHCium23u/7V5TJOOD MeyhO6V0wBzpmf7xrYfPPmHStTk1hgIE gkevsV7MMT4Kpc1VAGAHEIODtXwlQg71 YOITOz4tGgovIVej2qqLjYcYq6HfEMx+ Oytp87hu1+bGOjlbo+mfiEv/vRNejqVj rgq6ixkw3DAsI+Pnr49oolDApN6/wofd qh3OudgyCQVmxArXREBFrmcHL7lWy3A9 /NTaFtsCwAZHWqO3BeoU0qWfpo8TsEow tsW56HdwhYV5CW9js+VwcQ==
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode question
+ADJUST copy_id
+REPLY NOERROR QR AA DO
+SECTION QUESTION
+. IN NS
+SECTION ANSWER
+. 518400 IN NS rootns.
+. 518400 IN RRSIG NS 8 0 518400 20170804000000 20170721000000 31500 . JVme/rkfApeeE/Op6KYQuRGj5UgCl1L7 sMsCOCgXvQp4Ch4T2t2Fou+aC0/QKtGz nVxZhT9euD11cdsCGl+MVhRfbqfKeaSk LczLWw3CcJJHNa3OkKnbTlVMjB/6m08c Vv3tUsySIrGU3Hu06n7UBc7X88jbJ9hy EVWmIQ+B7goans7PWCuifMIqD/ELPFPd uCrSPn4GOdsTdnHmrXfRSBG4keUuGu7J ZZ5sWUmffa09uJUTWxC+0idzuCR0t9KF 07PPwcdst6z87Vc0ScTdDBt3Dim4+fim azBJTnEriTNyXBCIo+/O7xpMvPCTnIsR L/5/gfcKJppAjmwc86eOKQ==
+SECTION ADDITIONAL
+rootns. 518400 IN A 198.41.0.4
+rootns. 518400 IN AAAA 2001:503:ba3e::2:30
+rootns. 518400 IN RRSIG A 8 1 518400 20170804000000 20170721000000 31500 . fSxz+ikGl01EsGT/yLc4BgPWf+KePqx0 TfWiXV1dZjiX2xajzeVp75fv3TsFkgWu zsAYmVTeOdcqWSaYrXarBi8p0tu3HWUs XB1qBLHcW31rfTYI28NsurIPSZDG8ZdD No7LQ32eO9YxzsZv6Wbe6XGkuYLmWevn Spy2sPobBe/UH585XyuZds1U3VLJ11Ys sOk1EUEF4bQswmVRjNX/Snr1PEH9pqDY BJAh29t1VNAyhlEibAztATVJqayLKxGK SCDVmzqIQoafupmcl6SruyhJJx8m6SEa HyknUxV5JC4vDSObwv2INc9nPH9vODF4 dhzHYbW8FA0zON79JuNUtg==
+rootns. 518400 IN RRSIG AAAA 8 1 518400 20170804000000 20170721000000 31500 . 2z1lZl81ufBgiUsfgVnn3524CNxoFA5T 8Wfv8Up/484yxitiEFXCR/AohncE2kRH pWN/9UmuzUALJk10SYcD185lBoqhB5iI NPllRyYNYcnuS4Oq7sp+52tJRxqkMIWX V8v09rjhQzTx24UNNB5uZncOmZA0e9P3 KoeR1wG/Eh0dUESrjiwOHvzfmOffAhy/ ymY4XE5KZEwSxKaUfoUT8VgiKLxnNqwB UiCN15xSCAQBpHCxV1owQFtqYfKzNiML jL/ZjznEQfcvdGvfVAM15nLg6VNEYL8G LxP2CgH5NZpakCFRLD3Bos8F3w6WBuME 3CXUo/gqNlV+EQ4R823SxQ==
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode question
+ADJUST copy_id
+REPLY NOERROR QR AA DO
+SECTION QUESTION
+rootns. IN NS
+SECTION AUTHORITY
+. 86400 IN SOA rootns. you.test. 2017071100 1800 900 604800 86400
+rootns. 86400 IN NSEC test. A AAAA RRSIG NSEC
+. 86400 IN RRSIG SOA 8 0 86400 20170804000000 20170721000000 31500 . lPXV8zPAsFCStPWYakYlvnOjRpqJm4RX 0tlJQAyDiQ7WwuuVqAYQefZx0fhveIHw Ntn2W69QGU+qZKUujrmSWg7KgK0+sOQ6 eLqTi+F0rg4qg92Q2Fh4DpHFOn6CzSp7 y/Ndyepli+B/xnRuvJsZiR0bpNdzpDSP uN9boISWMqoOD6EgL+2N1qJ4Bw9J9STe Ay7ZZz3gJYX0Pq0m+ndEChNbpDayB3Gz FeaicTl2Owqjj4XUUPlAUD5udlen688g vGqj/MS3rSs9Fv5QrvmP/fOKEw5wO1/7 UMS86BU+v4vnZ3EamXCnvfWTQeYfqy2Y wnzpucnMFI/11O723xtjTA==
+rootns. 86400 IN RRSIG NSEC 8 1 86400 20170804000000 20170721000000 31500 . 3P8Vf4KjZRcPyoAJpHAUr2HEx2t75e3K kcc4BnzOgSubeSOrDm33ncnUhBx8tKSD G4oth7beyxmVy9yCWtiHyk+LjfOnyMhP FPlX+/Eflz3Ehri+8qdR6RTnRpp6NVpm aVeocIeONo1NKye8J3PLRZxyxNxxoTSM WRHtWfGA+I3IoDe/fY9Bu5k+HU5pqHgf iSHMo21B/jLHgbPXerOUfIUFUr8UExBt faQC743Dc56zR2IO20VrBAJQueWGqFdE ZUDwYks1PZulj6oGNSd5+PNqB2cVUznW evt3wkQyol11uXNjEv8TwoCjTbks/tmt wUZ1kZm+8PJc1QbooX29qg==
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode question
+ADJUST copy_id
+REPLY NOERROR QR AA DO
+SECTION QUESTION
+rootns. IN A
+SECTION ANSWER
+rootns. 518400 IN A 198.41.0.4
+rootns. 518400 IN RRSIG A 8 1 518400 20170804000000 20170721000000 31500 . fSxz+ikGl01EsGT/yLc4BgPWf+KePqx0 TfWiXV1dZjiX2xajzeVp75fv3TsFkgWu zsAYmVTeOdcqWSaYrXarBi8p0tu3HWUs XB1qBLHcW31rfTYI28NsurIPSZDG8ZdD No7LQ32eO9YxzsZv6Wbe6XGkuYLmWevn Spy2sPobBe/UH585XyuZds1U3VLJ11Ys sOk1EUEF4bQswmVRjNX/Snr1PEH9pqDY BJAh29t1VNAyhlEibAztATVJqayLKxGK SCDVmzqIQoafupmcl6SruyhJJx8m6SEa HyknUxV5JC4vDSObwv2INc9nPH9vODF4 dhzHYbW8FA0zON79JuNUtg==
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode question
+ADJUST copy_id
+REPLY NOERROR QR AA DO
+SECTION QUESTION
+rootns. IN AAAA
+SECTION ANSWER
+rootns. 518400 IN AAAA 2001:503:ba3e::2:30
+rootns. 518400 IN RRSIG AAAA 8 1 518400 20170804000000 20170721000000 31500 . 2z1lZl81ufBgiUsfgVnn3524CNxoFA5T 8Wfv8Up/484yxitiEFXCR/AohncE2kRH pWN/9UmuzUALJk10SYcD185lBoqhB5iI NPllRyYNYcnuS4Oq7sp+52tJRxqkMIWX V8v09rjhQzTx24UNNB5uZncOmZA0e9P3 KoeR1wG/Eh0dUESrjiwOHvzfmOffAhy/ ymY4XE5KZEwSxKaUfoUT8VgiKLxnNqwB UiCN15xSCAQBpHCxV1owQFtqYfKzNiML jL/ZjznEQfcvdGvfVAM15nLg6VNEYL8G LxP2CgH5NZpakCFRLD3Bos8F3w6WBuME 3CXUo/gqNlV+EQ4R823SxQ==
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode question
+ADJUST copy_id
+REPLY NOERROR QR AA DO
+SECTION QUESTION
+test. IN TXT
+SECTION ANSWER
+test. 1 IN TXT "check and change answer"
+test. 1 IN RRSIG TXT 8 1 1 20170804000000 20170721000000 31500 . dnGQw6mSrNv3mhxWLQ+jFwHQea3PtL2t TOAGEVfyal5Kjpb8aVRWfCcBEdz5JVgh iXHXrZ59dbQA4sQbBrtCZLQl9eSjD/xr sOvMl+/gXMQVMnKBtjmN/kXFliuibTvC +1o9ZplEvWIQUDYZLk1SEZZQNNEnUIBt B/8N8EYrMfGRMkZkyD28PhbrFL65SEJg qyjJlwYsb7wBrElXQp8WoiPe44oBAL/0 3Xs/FkDh/52nHZ/79SW/d8iwHD12my1d 0cEYphlyk0nFs2zI6AnsbGODoVDb3snb 9VV4XJLkYdeo+iTalF5v/0Ept9PAMw8n bz81f7Ww1yDZ5KLcSaQzmg==
+ENTRY_END
+RANGE_END
+
+
+; 2017-07-01T00:00:00
+STEP 20170701000000 QUERY
+ENTRY_BEGIN
+REPLY RD AD
+SECTION QUESTION
+test. IN TXT
+ENTRY_END
+
+STEP 20170701000001 CHECK_ANSWER
+ENTRY_BEGIN
+REPLY QR RD RA AD
+MATCH opcode qname question
+SECTION QUESTION
+test. IN TXT
+SECTION ANSWER
+test. IN TXT "it works"
+ENTRY_END
+
+; move time by 1 day, 0:00:00
+STEP 20170701000099 TIME_PASSES ELAPSE 86400
+
+
+; 2017-07-02T00:00:00
+STEP 20170702000000 QUERY
+ENTRY_BEGIN
+REPLY RD AD
+SECTION QUESTION
+test. IN TXT
+ENTRY_END
+
+STEP 20170702000001 CHECK_ANSWER
+ENTRY_BEGIN
+REPLY QR RD RA AD
+MATCH opcode qname question
+SECTION QUESTION
+test. IN TXT
+SECTION ANSWER
+test. IN TXT "it works"
+ENTRY_END
+
+; move time by 1 day, 0:00:00
+STEP 20170702000099 TIME_PASSES ELAPSE 86400
+
+
+; 2017-07-03T00:00:00
+STEP 20170703000000 QUERY
+ENTRY_BEGIN
+REPLY RD AD
+SECTION QUESTION
+test. IN TXT
+ENTRY_END
+
+STEP 20170703000001 CHECK_ANSWER
+ENTRY_BEGIN
+REPLY QR RD RA AD
+MATCH opcode qname question
+SECTION QUESTION
+test. IN TXT
+SECTION ANSWER
+test. IN TXT "it works"
+ENTRY_END
+
+; move time by 1 day, 0:00:00
+STEP 20170703000099 TIME_PASSES ELAPSE 86400
+
+
+; 2017-07-04T00:00:00
+STEP 20170704000000 QUERY
+ENTRY_BEGIN
+REPLY RD AD
+SECTION QUESTION
+test. IN TXT
+ENTRY_END
+
+STEP 20170704000001 CHECK_ANSWER
+ENTRY_BEGIN
+REPLY QR RD RA AD
+MATCH opcode qname question
+SECTION QUESTION
+test. IN TXT
+SECTION ANSWER
+test. IN TXT "it works"
+ENTRY_END
+
+; move time by 1 day, 0:00:00
+STEP 20170704000099 TIME_PASSES ELAPSE 86400
+
+
+; 2017-07-05T00:00:00
+STEP 20170705000000 QUERY
+ENTRY_BEGIN
+REPLY RD AD
+SECTION QUESTION
+test. IN TXT
+ENTRY_END
+
+STEP 20170705000001 CHECK_ANSWER
+ENTRY_BEGIN
+REPLY QR RD RA AD
+MATCH opcode qname question
+SECTION QUESTION
+test. IN TXT
+SECTION ANSWER
+test. IN TXT "it works"
+ENTRY_END
+
+; move time by 1 day, 0:00:00
+STEP 20170705000099 TIME_PASSES ELAPSE 86400
+
+
+; 2017-07-06T00:00:00
+STEP 20170706000000 QUERY
+ENTRY_BEGIN
+REPLY RD AD
+SECTION QUESTION
+test. IN TXT
+ENTRY_END
+
+STEP 20170706000001 CHECK_ANSWER
+ENTRY_BEGIN
+REPLY QR RD RA AD
+MATCH opcode qname question
+SECTION QUESTION
+test. IN TXT
+SECTION ANSWER
+test. IN TXT "it works"
+ENTRY_END
+
+; move time by 1 day, 0:00:00
+STEP 20170706000099 TIME_PASSES ELAPSE 86400
+
+
+; 2017-07-07T00:00:00
+STEP 20170707000000 QUERY
+ENTRY_BEGIN
+REPLY RD AD
+SECTION QUESTION
+test. IN TXT
+ENTRY_END
+
+STEP 20170707000001 CHECK_ANSWER
+ENTRY_BEGIN
+REPLY QR RD RA AD
+MATCH opcode qname question
+SECTION QUESTION
+test. IN TXT
+SECTION ANSWER
+test. IN TXT "it works"
+ENTRY_END
+
+; move time by 1 day, 0:00:00
+STEP 20170707000099 TIME_PASSES ELAPSE 86400
+
+
+; 2017-07-08T00:00:00
+STEP 20170708000000 QUERY
+ENTRY_BEGIN
+REPLY RD AD
+SECTION QUESTION
+test. IN TXT
+ENTRY_END
+
+STEP 20170708000001 CHECK_ANSWER
+ENTRY_BEGIN
+REPLY QR RD RA AD
+MATCH opcode qname question
+SECTION QUESTION
+test. IN TXT
+SECTION ANSWER
+test. IN TXT "it works"
+ENTRY_END
+
+; move time by 1 day, 0:00:00
+STEP 20170708000099 TIME_PASSES ELAPSE 86400
+
+
+; 2017-07-09T00:00:00
+STEP 20170709000000 QUERY
+ENTRY_BEGIN
+REPLY RD AD
+SECTION QUESTION
+test. IN TXT
+ENTRY_END
+
+STEP 20170709000001 CHECK_ANSWER
+ENTRY_BEGIN
+REPLY QR RD RA AD
+MATCH opcode qname question
+SECTION QUESTION
+test. IN TXT
+SECTION ANSWER
+test. IN TXT "it works"
+ENTRY_END
+
+; move time by 1 day, 0:00:00
+STEP 20170709000099 TIME_PASSES ELAPSE 86400
+
+
+; 2017-07-10T00:00:00
+STEP 20170710000000 QUERY
+ENTRY_BEGIN
+REPLY RD AD
+SECTION QUESTION
+test. IN TXT
+ENTRY_END
+
+STEP 20170710000001 CHECK_ANSWER
+ENTRY_BEGIN
+REPLY QR RD RA AD
+MATCH opcode qname question
+SECTION QUESTION
+test. IN TXT
+SECTION ANSWER
+test. IN TXT "it works"
+ENTRY_END
+
+; move time by 1 day, 0:00:00
+STEP 20170710000099 TIME_PASSES ELAPSE 86400
+
+
+; 2017-07-11T00:00:00
+STEP 20170711000000 QUERY
+ENTRY_BEGIN
+REPLY RD AD
+SECTION QUESTION
+test. IN TXT
+ENTRY_END
+
+STEP 20170711000001 CHECK_ANSWER
+ENTRY_BEGIN
+REPLY QR RD RA AD
+MATCH opcode qname question
+SECTION QUESTION
+test. IN TXT
+SECTION ANSWER
+test. IN TXT "it works"
+ENTRY_END
+
+; move time by 1 day, 0:00:00
+STEP 20170711000099 TIME_PASSES ELAPSE 86400
+
+
+; 2017-07-12T00:00:00
+STEP 20170712000000 QUERY
+ENTRY_BEGIN
+REPLY RD AD
+SECTION QUESTION
+test. IN TXT
+ENTRY_END
+
+STEP 20170712000001 CHECK_ANSWER
+ENTRY_BEGIN
+REPLY QR RD RA AD
+MATCH opcode qname question
+SECTION QUESTION
+test. IN TXT
+SECTION ANSWER
+test. IN TXT "it works"
+ENTRY_END
+
+; move time by 1 day, 0:00:00
+STEP 20170712000099 TIME_PASSES ELAPSE 86400
+
+
+; 2017-07-13T00:00:00
+STEP 20170713000000 QUERY
+ENTRY_BEGIN
+REPLY RD AD
+SECTION QUESTION
+test. IN TXT
+ENTRY_END
+
+STEP 20170713000001 CHECK_ANSWER
+ENTRY_BEGIN
+REPLY QR RD RA AD
+MATCH opcode qname question
+SECTION QUESTION
+test. IN TXT
+SECTION ANSWER
+test. IN TXT "it works"
+ENTRY_END
+
+; move time by 1 day, 0:00:00
+STEP 20170713000099 TIME_PASSES ELAPSE 86400
+
+
+; 2017-07-14T00:00:00
+STEP 20170714000000 QUERY
+ENTRY_BEGIN
+REPLY RD AD
+SECTION QUESTION
+test. IN TXT
+ENTRY_END
+
+STEP 20170714000001 CHECK_ANSWER
+ENTRY_BEGIN
+REPLY QR RD RA AD
+MATCH opcode qname question
+SECTION QUESTION
+test. IN TXT
+SECTION ANSWER
+test. IN TXT "it works"
+ENTRY_END
+
+; move time by 1 day, 0:00:00
+STEP 20170714000099 TIME_PASSES ELAPSE 86400
+
+
+; 2017-07-15T00:00:00
+STEP 20170715000000 QUERY
+ENTRY_BEGIN
+REPLY RD AD
+SECTION QUESTION
+test. IN TXT
+ENTRY_END
+
+STEP 20170715000001 CHECK_ANSWER
+ENTRY_BEGIN
+REPLY QR RD RA AD
+MATCH opcode qname question
+SECTION QUESTION
+test. IN TXT
+SECTION ANSWER
+test. IN TXT "it works"
+ENTRY_END
+
+; move time by 1 day, 0:00:00
+STEP 20170715000099 TIME_PASSES ELAPSE 86400
+
+
+; 2017-07-16T00:00:00
+STEP 20170716000000 QUERY
+ENTRY_BEGIN
+REPLY RD AD
+SECTION QUESTION
+test. IN TXT
+ENTRY_END
+
+STEP 20170716000001 CHECK_ANSWER
+ENTRY_BEGIN
+REPLY QR RD RA AD
+MATCH opcode qname question
+SECTION QUESTION
+test. IN TXT
+SECTION ANSWER
+test. IN TXT "it works"
+ENTRY_END
+
+; move time by 1 day, 0:00:00
+STEP 20170716000099 TIME_PASSES ELAPSE 86400
+
+
+; 2017-07-17T00:00:00
+STEP 20170717000000 QUERY
+ENTRY_BEGIN
+REPLY RD AD
+SECTION QUESTION
+test. IN TXT
+ENTRY_END
+
+STEP 20170717000001 CHECK_ANSWER
+ENTRY_BEGIN
+REPLY QR RD RA AD
+MATCH opcode qname question
+SECTION QUESTION
+test. IN TXT
+SECTION ANSWER
+test. IN TXT "it works"
+ENTRY_END
+
+; move time by 1 day, 0:00:00
+STEP 20170717000099 TIME_PASSES ELAPSE 86400
+
+
+; 2017-07-18T00:00:00
+STEP 20170718000000 QUERY
+ENTRY_BEGIN
+REPLY RD AD
+SECTION QUESTION
+test. IN TXT
+ENTRY_END
+
+STEP 20170718000001 CHECK_ANSWER
+ENTRY_BEGIN
+REPLY QR RD RA AD
+MATCH opcode qname question
+SECTION QUESTION
+test. IN TXT
+SECTION ANSWER
+test. IN TXT "it works"
+ENTRY_END
+
+; move time by 1 day, 0:00:00
+STEP 20170718000099 TIME_PASSES ELAPSE 86400
+
+
+; 2017-07-19T00:00:00
+STEP 20170719000000 QUERY
+ENTRY_BEGIN
+REPLY RD AD
+SECTION QUESTION
+test. IN TXT
+ENTRY_END
+
+STEP 20170719000001 CHECK_ANSWER
+ENTRY_BEGIN
+REPLY QR RD RA AD
+MATCH opcode qname question
+SECTION QUESTION
+test. IN TXT
+SECTION ANSWER
+test. IN TXT "it works"
+ENTRY_END
+
+; move time by 1 day, 0:00:00
+STEP 20170719000099 TIME_PASSES ELAPSE 86400
+
+
+; 2017-07-20T00:00:00
+STEP 20170720000000 QUERY
+ENTRY_BEGIN
+REPLY RD AD
+SECTION QUESTION
+test. IN TXT
+ENTRY_END
+
+STEP 20170720000001 CHECK_ANSWER
+ENTRY_BEGIN
+REPLY QR RD RA AD
+MATCH opcode qname question
+SECTION QUESTION
+test. IN TXT
+SECTION ANSWER
+test. IN TXT "it works"
+ENTRY_END
+
+; move time by 1 day, 0:00:00
+STEP 20170720000099 TIME_PASSES ELAPSE 86400
+
+
+; 2017-07-21T00:00:00
+STEP 20170721000000 QUERY
+ENTRY_BEGIN
+REPLY RD AD
+SECTION QUESTION
+test. IN TXT
+ENTRY_END
+
+STEP 20170721000001 CHECK_ANSWER
+ENTRY_BEGIN
+REPLY QR RD RA AA NXDOMAIN
+MATCH opcode rcode flags question answer
+SECTION QUESTION
+test. IN TXT
+SECTION AUTHORITY
+test. 10800 IN SOA test. nobody.invalid. 1 3600 1200 604800 10800
+SECTION ADDITIONAL
+explanation.invalid. 10800 IN TXT "check last answer"
+ENTRY_END
+
+; move time by 1 day, 0:00:00
+STEP 20170721000099 TIME_PASSES ELAPSE 86400
+
+
+
+SCENARIO_END
+    
diff --git a/modules/ta_update/ta_update.unmanagedkey.test.integr/unmanagedkey-present-monotonictime.rpl b/modules/ta_update/ta_update.unmanagedkey.test.integr/unmanagedkey-present-monotonictime.rpl
new file mode 100644
index 000000000..2b0b91785
--- /dev/null
+++ b/modules/ta_update/ta_update.unmanagedkey.test.integr/unmanagedkey-present-monotonictime.rpl
@@ -0,0 +1,756 @@
+stub-addr: 2001:503:ba3e::2:30
+trust-anchor: . IN DS 63640 8 2 00EBC5520847A812819359F554C1701C9BDA488A6111BBC4ACC47A32980C1FB8
+val-override-date: 20170701000000
+query-minimization: off
+CONFIG_END
+
+SCENARIO_BEGIN Simulation of successfull RFC 5011 KSK roll-over during 2017
+    
+
+RANGE_BEGIN 20170701000000 20170710999999
+        ADDRESS 2001:503:ba3e::2:30
+        ADDRESS 198.41.0.4
+
+ENTRY_BEGIN
+MATCH opcode question
+ADJUST copy_id
+REPLY NOERROR QR AA DO
+SECTION QUESTION
+. IN SOA
+SECTION ANSWER
+. 86400 IN SOA rootns. you.test. 2017071100 1800 900 604800 86400
+. 86400 IN RRSIG SOA 8 0 86400 20170715000000 20170701000000 28969 . nzThS2g1c+WqXeYIM3Lkkd8s54Giigvd K+Cmb45GTsybSEDPweCbrX3sIKIRLTee h6PqpL1OO0MJRe5RQRonrnRwUsL4zV2Z Ql6+htnV3o5KkS773Z/nanRKabq3ubIF Ct7JCmMBJ383pcYdFYUJXviDwI6Bp/oW qoYNPiky7OkQ/dcE6SKCIokuQtd3yaIr QZPbry9mhAEIfw3a3VRdB27cSAdpTsXe gkZv/HV0/u153F82hlJgB3rHgmV3IKuL rz721IyKst1JF+nGpg4eg7zBK4ivw0E7 wEt3+3eTznkKSa06Nu86CgK3Xg1SVQcx P1vTzS+e9qKZhrsgqfA0Jg==
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode question
+ADJUST copy_id
+REPLY NOERROR QR AA DO
+SECTION QUESTION
+. IN DNSKEY
+SECTION ANSWER
+. 1814400 IN DNSKEY 256 3 8 AwEAAaJ74lYmnNx+UIkPCTsfndfoXZ6S MprUoVw6UgEOgBC81w6szA82TssdOAFM iNk5lIZ8uRl6u1KO5sY3JMi/yau4ND4u 30H2IyyIIdIu8ad8dCbxoYXwh3ErrODc 2xXWG/x0mHR27/HEPOXs6U4iweuBivJD 5yWhxDWafrM9MjNvKGefic6B8/qqSdtI nr2WCxafZKHZ0xBBioFi3x5IHxpKj6aw JrXJisNzhNlxCJI90qEw7eUfg9eqPhx2 dTsOE3OghNYncDi6t74f319q0mWaEKAn cip5W8fCZQdVKry9QjDSM8tsqDkjrlkO CAbbrJjlwOzbM5y9EcpvwJTtA7E=
+. 1814400 IN DNSKEY 257 3 8 AwEAAbE+Bu1LTy+xuBMo55R2EJASOaWy KCCJYhVRsx3p6CqCiMWonDOKG91FnOSY jwhao5e8wuzNNHArIxhvsTLkUS5k1Oaq mt2E2Fw8Dkr6Y+H23SpcaNATIwcr8wnS 6oSFYYR+IfB/tynu3HVZ6rFPNiKGr1Q1 Z+HK2hKWSqDigtwi08UVf/Vpq2jrocGg K89G4RSC1gK7MNjc7mDe21mzSjOtQqRC Vl3kKdMbRIPX7y51W7b7k7MBfq5/MpwO 1Pq5nDpClBi2823yPEZQHTV3SlOZkY0B WzJ8ahEOwmr0d+SsoKFSfXDAGhubr5gV S9YTHjun8oocjRDNxEcM0itRCSc=
+. 1814400 IN RRSIG DNSKEY 8 0 1814400 20170722000000 20170701000000 28969 . WBUz87YLXQOj/cC+6+8qzpBJz/GhSng+ b6TzA0RQRgh4EsgXKnuCiAnU3fAtDvGr 2pQEF2ySgHNB7Ef210y2IMoR00W8zSAh oTOy/Dbb1Xf/PYznEbnBmTdD7wjDXNwd p/rb6xySvWEGC6a154KEuFzMWYB2bSsA ylmhnqmDeC1Z25xcxJCWzphfaMSirpT1 w7KwcNrHraSYY154wbpTD+5X/kmRNTTi wllR0lymoyintdWrA6ofRxQRg0Qwq1kN ANJ03mskJ2/wpE19byde5EQxMbuYxF9c ++HvmtO4+l3qkGRjxOj6BcFol0jL2fDw e2/7whVZpR30Vad8ir3LXg==
+. 1814400 IN RRSIG DNSKEY 8 0 1814400 20170722000000 20170701000000 63640 . e6NxhVRd+UaOb9A+HTuXr+d/5shed+Qd GLHlVlAmXd04ktEGFy+34tbGt/AfE49i tjVXV8gjxxI1CBNprzrOJFEvdmonRih9 uU3aIb7nIx+EZHLawJz+533ZnpezLKA8 YjqJo4PECsehejXMvqjqSwcmgF/9sVX+ O+RyKRecn92NldNogvTuDgll9XF5kLRu 7/gMvzhpfpbTPz9JeblDrJoMGON+5fGo zYL48k8p4pLoy+Qe5FiP0aLNyTvRCvFM ioXqpehA9sh0PBIMWEatI7sji0Z/4yGa Grni32o+STvVC8Kct4IeNxxfHXhPSam5 hvHqB4P7lELbKj0VZDcBFA==
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode question
+ADJUST copy_id
+REPLY NOERROR QR AA DO
+SECTION QUESTION
+. IN NS
+SECTION ANSWER
+. 518400 IN NS rootns.
+. 518400 IN RRSIG NS 8 0 518400 20170715000000 20170701000000 28969 . bsiTkZ+Qbpg53ZIOX2LpeZfoXSgUqqo1 0eK3pxh0G9irczolgFUGaWIf6KDlm8dA Sr9oR86U5IMgjRnghX2XlGBFqS0InYOS TGAV1ZRgiB7/u3YFHPw3qbw3xX/NHBpc qHr8/qnoJUnQrwrhzawpSu+EybhCsHfx 518MRPMxdQuxkC+rHE69PWQgjM7BE55S lQvJd8iASQlWMdcnC8As9VRxki3aUykL llDOTQeQvRRc9abPRFK43SbiUhO7JOpc pF5CTHy+barj1KVyju1TeERrYVe7pR0L pulbvwWCDgmwhuHaPJmy/A53e+SkQTkj buoCA8biSmFwIB89psFZ0Q==
+SECTION ADDITIONAL
+rootns. 518400 IN A 198.41.0.4
+rootns. 518400 IN AAAA 2001:503:ba3e::2:30
+rootns. 518400 IN RRSIG A 8 1 518400 20170715000000 20170701000000 28969 . YNPFwsjeDerMI+ONb0ksp5oZ9V7zuMts e1sTb5RxffdK8z4MqF1YBw0vfhJ03AYK U2OyS9p1m+41T1IS3+9Unk1grgyUCajP Pek9eAK0FMFZyuQMrQQMmOcbboKwa6G0 x6UJTIIy+evnMrLnbfK4EHzzbmdmmcrH r2sD29RjbH03U7E5Ie6gohgfaV1cvirz dyue4YIcUeQ95P6yqihMK3zJyeBZpcq9 fBm8TKg4+chtkjT/Xp+GuVH53gCoGMQF Muf5CpWnd6CTJ14CHDcoTR1WvZx0ISUM uVCjdnCq99q173yeXYzptgbESXcHgVh6 5wQbuemJi7yqMdk4742eMg==
+rootns. 518400 IN RRSIG AAAA 8 1 518400 20170715000000 20170701000000 28969 . V4mHW8mz6d1wD7CXTLW1Np4xUrFJ5F3k MeVbke0Jyl9ciSthVZc6Qj02YbESegVI p7WZfi8I5w646MjS6d04CC2XPLv8nyAU SLwUvKgYCdwE6swEcb4QgpRX1Lv0WxTB 5taQWrJDwQ/G0ifnOEWt3iQPbXAn2UTg 0pnde9arz9RU4V430mdMiWc84xNtRvP6 Ncgu4GnT65us1QGKWetKEOoJPU4RQztE OkJu/Abw8CPLpfirckMEdDprNqO8NELF nj34L/dxS4yEb6vYp6sPjL6y9k0xdMLG 1g0RDWzXeCSKPb847WeiBj4D7I6i3XAC Dkj/SiWQ+IVjiDHD66rl0Q==
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode question
+ADJUST copy_id
+REPLY NOERROR QR AA DO
+SECTION QUESTION
+rootns. IN NS
+SECTION AUTHORITY
+. 86400 IN SOA rootns. you.test. 2017071100 1800 900 604800 86400
+rootns. 86400 IN NSEC test. A AAAA RRSIG NSEC
+. 86400 IN RRSIG SOA 8 0 86400 20170715000000 20170701000000 28969 . nzThS2g1c+WqXeYIM3Lkkd8s54Giigvd K+Cmb45GTsybSEDPweCbrX3sIKIRLTee h6PqpL1OO0MJRe5RQRonrnRwUsL4zV2Z Ql6+htnV3o5KkS773Z/nanRKabq3ubIF Ct7JCmMBJ383pcYdFYUJXviDwI6Bp/oW qoYNPiky7OkQ/dcE6SKCIokuQtd3yaIr QZPbry9mhAEIfw3a3VRdB27cSAdpTsXe gkZv/HV0/u153F82hlJgB3rHgmV3IKuL rz721IyKst1JF+nGpg4eg7zBK4ivw0E7 wEt3+3eTznkKSa06Nu86CgK3Xg1SVQcx P1vTzS+e9qKZhrsgqfA0Jg==
+rootns. 86400 IN RRSIG NSEC 8 1 86400 20170715000000 20170701000000 28969 . flD/0sHGiEdO31gKLXt9gt0HNSXXza0q 4i39YuCkJ0nKhcToFVPk6lo6XKLe34QW CqdR5rLlOjlul3tUrEde7flEhCyLf1du 6cF/AxBrZ1qRNrUOG2seSjFmBNxFD9p4 pTG/4lwRzr6p/TbaW1YyXWm65qi+3TGx 8DlD/HkcIU/Nc8zhqORcN+AhAl5Zp0hN GVTAFAMzHBPkJ+Nuy7iUYQPw5S2KWm9C ozbH7skiFb1eQgJq6oV150sGIqcrQhxI xvHKjlQLaLU8V+QcmNhLVz1KXdPiLe37 LgM4/5GuvoywISknr4lucrBxFJym6bA6 3zbaTiqBbKLo8fAuXG06kQ==
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode question
+ADJUST copy_id
+REPLY NOERROR QR AA DO
+SECTION QUESTION
+rootns. IN A
+SECTION ANSWER
+rootns. 518400 IN A 198.41.0.4
+rootns. 518400 IN RRSIG A 8 1 518400 20170715000000 20170701000000 28969 . YNPFwsjeDerMI+ONb0ksp5oZ9V7zuMts e1sTb5RxffdK8z4MqF1YBw0vfhJ03AYK U2OyS9p1m+41T1IS3+9Unk1grgyUCajP Pek9eAK0FMFZyuQMrQQMmOcbboKwa6G0 x6UJTIIy+evnMrLnbfK4EHzzbmdmmcrH r2sD29RjbH03U7E5Ie6gohgfaV1cvirz dyue4YIcUeQ95P6yqihMK3zJyeBZpcq9 fBm8TKg4+chtkjT/Xp+GuVH53gCoGMQF Muf5CpWnd6CTJ14CHDcoTR1WvZx0ISUM uVCjdnCq99q173yeXYzptgbESXcHgVh6 5wQbuemJi7yqMdk4742eMg==
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode question
+ADJUST copy_id
+REPLY NOERROR QR AA DO
+SECTION QUESTION
+rootns. IN AAAA
+SECTION ANSWER
+rootns. 518400 IN AAAA 2001:503:ba3e::2:30
+rootns. 518400 IN RRSIG AAAA 8 1 518400 20170715000000 20170701000000 28969 . V4mHW8mz6d1wD7CXTLW1Np4xUrFJ5F3k MeVbke0Jyl9ciSthVZc6Qj02YbESegVI p7WZfi8I5w646MjS6d04CC2XPLv8nyAU SLwUvKgYCdwE6swEcb4QgpRX1Lv0WxTB 5taQWrJDwQ/G0ifnOEWt3iQPbXAn2UTg 0pnde9arz9RU4V430mdMiWc84xNtRvP6 Ncgu4GnT65us1QGKWetKEOoJPU4RQztE OkJu/Abw8CPLpfirckMEdDprNqO8NELF nj34L/dxS4yEb6vYp6sPjL6y9k0xdMLG 1g0RDWzXeCSKPb847WeiBj4D7I6i3XAC Dkj/SiWQ+IVjiDHD66rl0Q==
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode question
+ADJUST copy_id
+REPLY NOERROR QR AA DO
+SECTION QUESTION
+test. IN TXT
+SECTION ANSWER
+test. 1 IN TXT "it works"
+test. 1 IN RRSIG TXT 8 1 1 20170715000000 20170701000000 28969 . dp1L09l+y0OTOTFCnypmZ5taInflPNAU Iuh4bVn8zQoKC4O4LBoXhE5Udt+y9ul/ pyMP1JHtcJKD8AWjABQKz7FQdnOzEap+ ioUA+qZicnnW+MUaYbtN9jgKqnOfanxM PXSSjzLDfFEEZip9Ii08XKkc6zsmCJ6N Gbmq3fOhOXy01cQFoKYC3WxW853yB2s+ vLhirvAusQxfnpHW9ghN0Q4Qbb+OMccE PVltuWzVypRXXUj92EJzCQ8CCyshvgGM gxfpI+T+K5h9xAn8PGFBmhanqnSI3FKI LzAqQvxfZC7vsEQq3/6sSO1BKVLZjXFJ G4C1BaIdtyvd15UIfykePw==
+ENTRY_END
+RANGE_END
+
+
+
+RANGE_BEGIN 20170711000000 20170720999999
+        ADDRESS 2001:503:ba3e::2:30
+        ADDRESS 198.41.0.4
+
+ENTRY_BEGIN
+MATCH opcode question
+ADJUST copy_id
+REPLY NOERROR QR AA DO
+SECTION QUESTION
+. IN SOA
+SECTION ANSWER
+. 86400 IN SOA rootns. you.test. 2017071100 1800 900 604800 86400
+. 86400 IN RRSIG SOA 8 0 86400 20170725000000 20170711000000 28969 . fiv9MSFJla1quIPpZIp+qWqzS1VylSH2 FkF0swo2rbdpidqHPfJnZWJR25+XMch8 i6URA5mRS0Ce7imMxNJVDFyDV3ahusSa LwI6mPnfzgBURkv3MjW38/9LnAVfaun/ NU7WOypPskk4QXfoyJC0Po96LoaU5Nbh iN8IFnipmLQ6LV3nPx3hItGBxL70M2uN FvwD31BInnjG2R+jXDvSzLEeFmoqT6af QXWxNrcKYrJUNrS9x4Sop2XbrYgCvUe1 +UXb5Z0BFgeDeBFFxSSeUogW8SEjCJtS DeUl4RSVQyIqbaeDQ06YPCwY40Oe2buV wSCvZoWeU8p8yOkzwRoR6A==
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode question
+ADJUST copy_id
+REPLY NOERROR QR AA DO
+SECTION QUESTION
+. IN DNSKEY
+SECTION ANSWER
+. 1814400 IN DNSKEY 256 3 8 AwEAAaJ74lYmnNx+UIkPCTsfndfoXZ6S MprUoVw6UgEOgBC81w6szA82TssdOAFM iNk5lIZ8uRl6u1KO5sY3JMi/yau4ND4u 30H2IyyIIdIu8ad8dCbxoYXwh3ErrODc 2xXWG/x0mHR27/HEPOXs6U4iweuBivJD 5yWhxDWafrM9MjNvKGefic6B8/qqSdtI nr2WCxafZKHZ0xBBioFi3x5IHxpKj6aw JrXJisNzhNlxCJI90qEw7eUfg9eqPhx2 dTsOE3OghNYncDi6t74f319q0mWaEKAn cip5W8fCZQdVKry9QjDSM8tsqDkjrlkO CAbbrJjlwOzbM5y9EcpvwJTtA7E=
+. 1814400 IN DNSKEY 257 3 8 AwEAAbE+Bu1LTy+xuBMo55R2EJASOaWy KCCJYhVRsx3p6CqCiMWonDOKG91FnOSY jwhao5e8wuzNNHArIxhvsTLkUS5k1Oaq mt2E2Fw8Dkr6Y+H23SpcaNATIwcr8wnS 6oSFYYR+IfB/tynu3HVZ6rFPNiKGr1Q1 Z+HK2hKWSqDigtwi08UVf/Vpq2jrocGg K89G4RSC1gK7MNjc7mDe21mzSjOtQqRC Vl3kKdMbRIPX7y51W7b7k7MBfq5/MpwO 1Pq5nDpClBi2823yPEZQHTV3SlOZkY0B WzJ8ahEOwmr0d+SsoKFSfXDAGhubr5gV S9YTHjun8oocjRDNxEcM0itRCSc=
+. 1814400 IN DNSKEY 257 3 8 AwEAAduG/aGjlqV4zHxSHn/VNbEp+ns+ KEHgGj/4/MLCcaTiMXqQuZFhsYbRGB2K fDduGNxcf1ETC4iuU0Mj8++3ofhALnAz irQsKOxWpWCvwWJC6qlp80U0GYIkjZA8 7XEzSAx6jZUPh/9xMxrmogIxwJ2KP7KH X0aF2jh76+HA5GmEBG+7dq1Z0v1l22aY gvyK/uUntu1vaVyQqyD8IhaAkl+mI2kr 2N0Cp4UcKutuRbaveUP/LdTpJoHmN9CR wc3LkvbBYB5F7VL8hgnhKFIcbQHhYoTQ YCQzgBA5OxcfWFWBfQGtpaSmv3V+aQjI JhEbWLDmN2o2kwl89AN3DGtEtsE=
+. 1814400 IN RRSIG DNSKEY 8 0 1814400 20170801000000 20170711000000 28969 . g/ODtn/IzUHbBK2B8dS5D3Q+Ee/8msx6 4ONLHXf2SolIxfiTm9Pl2Kqnm3SRPsid rwL2LGkdMMMkE7faX2cE0PW8/b9y4VhP 4V+piqiMJByUM9qU4ZdMZ2BvMlLhfmTC 0QI36vnIfIwDddBJ86xo/ee3PX5je9Vw xardvEpvpLDe5oWf4ThoT8NW1nJ/P5fg /cff0U8qtLXcZkHZfTNWvx86t0bOg1qv uWOc4aiMne1FePp9QCmVs7D2s0gvuK8T P6tbx++Tz+0setDOdapSo0oe8PFvPySg GxRQ9L2CtVPv8YmKheojXoyKJ50KzQPY yWXl5FAXLfx1PKfPgq+X/A==
+. 1814400 IN RRSIG DNSKEY 8 0 1814400 20170801000000 20170711000000 63640 . jVqcr43tfrNMVgoentuUlqxZ9lr2SDzo xEgZtnMtNkK7dr2MjI4OhZvzSkepIAI2 GppyU5auUqJwrKXwk9VOfQy2a2yBzoqQ XC4h3BRuWlmw00zg5gLgys3M41um9sx/ QSZ51ScaZxVw3cy4Zf04LYx5RARcp3fM iRVVVLPWYVtd5ATbUcp59aCUa8EvQE7Q t0bkzBDd5dBOnrANPFnhHYhPPZICuKqd ll7hTN1eQNqGmlKNb5fYeAZiD5+qg2vf JMo1XpY656HLNowVsAS5TQ+kP3+genb7 AOM1iIZEkCbiByrjeXdJfPARlkCODJ5h PcBkN9bd6JB5EhzOSIK/wQ==
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode question
+ADJUST copy_id
+REPLY NOERROR QR AA DO
+SECTION QUESTION
+. IN NS
+SECTION ANSWER
+. 518400 IN NS rootns.
+. 518400 IN RRSIG NS 8 0 518400 20170725000000 20170711000000 28969 . aVcR90IFl5ogQYSg60KeNHRviuSC76UZ DsLKDuZCljZIEI5S/qu5hAVohsW2uHJ2 1hMJHQKuOyWJO+3GtzLzqSWxZSKxV0/N aKWhQEbB7+gEm50ZLM8Mw6875vkpOUwF 3K2tzFH4MVBiJowL6whqeOadpmDvDbgy VFcFHw+2+MLVEOG0vruj5jQD1wTelT7k GE3CdwLt6m5TkLt89sJkojRpbK2Jt3zw X+/j0vzJbwQJSbWWxftSdKY+vmHJCwpn 0hT6Ax4jx2e2w6/vkMI8izaglsOIaCBE d1rzXR4DdEhqaCPpLqYLZaYBrNhdZg4c hvpyn5sdugZcDd2vp55iJw==
+SECTION ADDITIONAL
+rootns. 518400 IN A 198.41.0.4
+rootns. 518400 IN AAAA 2001:503:ba3e::2:30
+rootns. 518400 IN RRSIG A 8 1 518400 20170725000000 20170711000000 28969 . e/85gZqEaHv+Zn+I2FJaUkZHHDzhnzuk iOAfP2EiiTuzPR9B18PWpIJxzFp38+tX Z7Ny86yj68Zrk3aBBDMOgynIMdNd/Xf7 lsYQzAutq/BFRlxtPmPoIpKSSSd+F6ka MVTVxISjaLWADjYlKYYLMjcX7UYFYdXS 4laxdjtYPLCSKDHBBYFyaOxfV6TfVR+K t0JQUrPcJTTRVAORkQQgXkd1Qsah+abc RN0AedeMG3jQEaSqJL5SSHRqjrqHWx1R czveXdjs+2wZMwq0S8mkTQXTm9H9Zi+c GR2841N26fnEI0qCSHUru2AngM+k0HJs Qz2wrV/VENnRJjxJv/VGhw==
+rootns. 518400 IN RRSIG AAAA 8 1 518400 20170725000000 20170711000000 28969 . N0Lwwyu99CFaAtoj5SVsT4k5I/DW/qd9 WDzeYx9dXL9Ra15jGCkoyvEl8+mdd1EE Knj7Ri8m4L13mI4B/8BKsssMUGRu4k3c B9ZcIkVWs+xIOu2YLnrzz/s4JQbUxzDk 5Bu5Rhi7sF1xIfbl1T6pvw5exGkPYjMW MYVXlq/vfRWqgoaYdQ5MIukT52a7OhUn CGtoqzZoSnYkmKAwAv9rlSDkTnkLXWtt VTNfwZxAgWsEJa6GacsauPWEpNElXIvh hG9SX/s8YPDhcLg/tTi9ZCZm5VDkXzAl zsGHHEQ+HT/qezqCMMf5wEyqnhDPv+XK YOO6EERSCTpOaHvOo2Z8wQ==
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode question
+ADJUST copy_id
+REPLY NOERROR QR AA DO
+SECTION QUESTION
+rootns. IN NS
+SECTION AUTHORITY
+. 86400 IN SOA rootns. you.test. 2017071100 1800 900 604800 86400
+rootns. 86400 IN NSEC test. A AAAA RRSIG NSEC
+. 86400 IN RRSIG SOA 8 0 86400 20170725000000 20170711000000 28969 . fiv9MSFJla1quIPpZIp+qWqzS1VylSH2 FkF0swo2rbdpidqHPfJnZWJR25+XMch8 i6URA5mRS0Ce7imMxNJVDFyDV3ahusSa LwI6mPnfzgBURkv3MjW38/9LnAVfaun/ NU7WOypPskk4QXfoyJC0Po96LoaU5Nbh iN8IFnipmLQ6LV3nPx3hItGBxL70M2uN FvwD31BInnjG2R+jXDvSzLEeFmoqT6af QXWxNrcKYrJUNrS9x4Sop2XbrYgCvUe1 +UXb5Z0BFgeDeBFFxSSeUogW8SEjCJtS DeUl4RSVQyIqbaeDQ06YPCwY40Oe2buV wSCvZoWeU8p8yOkzwRoR6A==
+rootns. 86400 IN RRSIG NSEC 8 1 86400 20170725000000 20170711000000 28969 . hJ4FfZ1c4tXEx3MhS0iz/Ypu6Qincctu Dzc9PHqhMUCAKumNBTpbiQpqjnZEhi3m a9iEx11ysLFUp+5REWgSCDdSHkL1reVX MoE0/Uvivz04VBbj9YM1RIa24hsmO9BH b1j7rnRZGLz5kGllKPuD2V360cV8MPc/ HGV7xgB/j/T9MBk555Hhu8oqiaj/YXzC 4MT4UM5TObPd7+NstwocO5x0WdpbqhM4 D1eXxq7TRS42EKGRZ3uFjn+szrtkcQ1l fcxkAs+VcCyGBeZ51cvFZmNwQwjgcIZt CP5OwGvWdJRi9JPb5jdTImNVFe6xOV6H h8I4MQl+yBEw+62LKWz4YQ==
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode question
+ADJUST copy_id
+REPLY NOERROR QR AA DO
+SECTION QUESTION
+rootns. IN A
+SECTION ANSWER
+rootns. 518400 IN A 198.41.0.4
+rootns. 518400 IN RRSIG A 8 1 518400 20170725000000 20170711000000 28969 . e/85gZqEaHv+Zn+I2FJaUkZHHDzhnzuk iOAfP2EiiTuzPR9B18PWpIJxzFp38+tX Z7Ny86yj68Zrk3aBBDMOgynIMdNd/Xf7 lsYQzAutq/BFRlxtPmPoIpKSSSd+F6ka MVTVxISjaLWADjYlKYYLMjcX7UYFYdXS 4laxdjtYPLCSKDHBBYFyaOxfV6TfVR+K t0JQUrPcJTTRVAORkQQgXkd1Qsah+abc RN0AedeMG3jQEaSqJL5SSHRqjrqHWx1R czveXdjs+2wZMwq0S8mkTQXTm9H9Zi+c GR2841N26fnEI0qCSHUru2AngM+k0HJs Qz2wrV/VENnRJjxJv/VGhw==
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode question
+ADJUST copy_id
+REPLY NOERROR QR AA DO
+SECTION QUESTION
+rootns. IN AAAA
+SECTION ANSWER
+rootns. 518400 IN AAAA 2001:503:ba3e::2:30
+rootns. 518400 IN RRSIG AAAA 8 1 518400 20170725000000 20170711000000 28969 . N0Lwwyu99CFaAtoj5SVsT4k5I/DW/qd9 WDzeYx9dXL9Ra15jGCkoyvEl8+mdd1EE Knj7Ri8m4L13mI4B/8BKsssMUGRu4k3c B9ZcIkVWs+xIOu2YLnrzz/s4JQbUxzDk 5Bu5Rhi7sF1xIfbl1T6pvw5exGkPYjMW MYVXlq/vfRWqgoaYdQ5MIukT52a7OhUn CGtoqzZoSnYkmKAwAv9rlSDkTnkLXWtt VTNfwZxAgWsEJa6GacsauPWEpNElXIvh hG9SX/s8YPDhcLg/tTi9ZCZm5VDkXzAl zsGHHEQ+HT/qezqCMMf5wEyqnhDPv+XK YOO6EERSCTpOaHvOo2Z8wQ==
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode question
+ADJUST copy_id
+REPLY NOERROR QR AA DO
+SECTION QUESTION
+test. IN TXT
+SECTION ANSWER
+test. 1 IN TXT "it works"
+test. 1 IN RRSIG TXT 8 1 1 20170725000000 20170711000000 28969 . Kt5QnrqvSHi9bp16JY+zInP+jvKrqCks 7TrTskXzZftyHL5bnYVTXTJekoBE3S0j cQaU24/xbDfXZ+vbnaNbfL5lQtMV7cyC Hq5ydrkfmDUDK83J++RR3zGbSEg0vhiv Mign05MHxpwIAaQLOfABc8TVHNC/uTar el66xI3MPAm1dovqV8rvKXhsZn+c+2ec izJ06J3OnwYB7Qtvv79J7uPKp9VeuY2c gXrPIR73laEHlV0pwGZjWk1Pj6T9w2KX tzcALzFsGPlvf7WwQlOMfu0PVvp1mg09 LLyosDdjDVuMdFZdoie9FAXDia3LNDVk VcWhf53KK2kDA+2MFw44ow==
+ENTRY_END
+RANGE_END
+
+
+
+RANGE_BEGIN 20170721000000 99999999999999
+        ADDRESS 2001:503:ba3e::2:30
+        ADDRESS 198.41.0.4
+
+ENTRY_BEGIN
+MATCH opcode question
+ADJUST copy_id
+REPLY NOERROR QR AA DO
+SECTION QUESTION
+. IN SOA
+SECTION ANSWER
+. 86400 IN SOA rootns. you.test. 2017071100 1800 900 604800 86400
+. 86400 IN RRSIG SOA 8 0 86400 20170804000000 20170721000000 28969 . RF31T45DXJHLnVI6wENwbT6Enc+9RZt2 ydueew94jnGTB55BJT9Mq2rWkzkP/ymR RzZjixoBsoRgCFlfs865Z+JJtR7nk23s Cl02erMw6lra4IaD8q4M/sH7vh7AAo/c /GVqKyxcCZiIwk/A3J1qpAAvbapE/jwT seg04WM7XEsqp58BuNluff6SavIaFB/Y 70sGNMm+jbBnk+W6HOJw6bB1GOyLE1Gd Ae+YMSbEA2H99WAZo7rlKO43CQY8sbzY 3pKCrY6kXNoBQSlpqWxjU7UIjYdU/8F6 RrBJzq1aIKBEjAh2zEqqpb1NyxfMoJku 2I6eERUs/J9MNc+gn3pwgw==
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode question
+ADJUST copy_id
+REPLY NOERROR QR AA DO
+SECTION QUESTION
+. IN DNSKEY
+SECTION ANSWER
+. 1814400 IN DNSKEY 256 3 8 AwEAAaJ74lYmnNx+UIkPCTsfndfoXZ6S MprUoVw6UgEOgBC81w6szA82TssdOAFM iNk5lIZ8uRl6u1KO5sY3JMi/yau4ND4u 30H2IyyIIdIu8ad8dCbxoYXwh3ErrODc 2xXWG/x0mHR27/HEPOXs6U4iweuBivJD 5yWhxDWafrM9MjNvKGefic6B8/qqSdtI nr2WCxafZKHZ0xBBioFi3x5IHxpKj6aw JrXJisNzhNlxCJI90qEw7eUfg9eqPhx2 dTsOE3OghNYncDi6t74f319q0mWaEKAn cip5W8fCZQdVKry9QjDSM8tsqDkjrlkO CAbbrJjlwOzbM5y9EcpvwJTtA7E=
+. 1814400 IN DNSKEY 257 3 8 AwEAAbE+Bu1LTy+xuBMo55R2EJASOaWy KCCJYhVRsx3p6CqCiMWonDOKG91FnOSY jwhao5e8wuzNNHArIxhvsTLkUS5k1Oaq mt2E2Fw8Dkr6Y+H23SpcaNATIwcr8wnS 6oSFYYR+IfB/tynu3HVZ6rFPNiKGr1Q1 Z+HK2hKWSqDigtwi08UVf/Vpq2jrocGg K89G4RSC1gK7MNjc7mDe21mzSjOtQqRC Vl3kKdMbRIPX7y51W7b7k7MBfq5/MpwO 1Pq5nDpClBi2823yPEZQHTV3SlOZkY0B WzJ8ahEOwmr0d+SsoKFSfXDAGhubr5gV S9YTHjun8oocjRDNxEcM0itRCSc=
+. 1814400 IN DNSKEY 257 3 8 AwEAAduG/aGjlqV4zHxSHn/VNbEp+ns+ KEHgGj/4/MLCcaTiMXqQuZFhsYbRGB2K fDduGNxcf1ETC4iuU0Mj8++3ofhALnAz irQsKOxWpWCvwWJC6qlp80U0GYIkjZA8 7XEzSAx6jZUPh/9xMxrmogIxwJ2KP7KH X0aF2jh76+HA5GmEBG+7dq1Z0v1l22aY gvyK/uUntu1vaVyQqyD8IhaAkl+mI2kr 2N0Cp4UcKutuRbaveUP/LdTpJoHmN9CR wc3LkvbBYB5F7VL8hgnhKFIcbQHhYoTQ YCQzgBA5OxcfWFWBfQGtpaSmv3V+aQjI JhEbWLDmN2o2kwl89AN3DGtEtsE=
+. 1814400 IN RRSIG DNSKEY 8 0 1814400 20170811000000 20170721000000 28969 . XWhkgZWb58eV5z5eoGWQwq65HbwA5ozF b9BPTQEwph8IAgvjoK+5+fW8Krf8rxqG nZDu7qFHN/T0s4wux+8+ey2HSfRUXj8Q 4xNACKWavLaIGundNiYleVjzmeOkbv5S vOcINlbhuLsm3J0AmXCe4/QMfs8yJ6+k VCHCAgUwykq9CoOQlJW3A/C7Ky5Ztx5W ujuc+7Ou91SwT880xBfIBD17U4PXF3zE Xmdd0/D+vaEBSmT526Ons+fEXP8W1TK0 1xBJGaGT/N2pqaOQOnj7N6Y8gjfmnJso 4J5wZ91B7f5Flc7Qzd4FxAlHkbKroSl8 yS6eaYJzRGZc5+zHActPxQ==
+. 1814400 IN RRSIG DNSKEY 8 0 1814400 20170811000000 20170721000000 63640 . fuaYzy7riEOS0vwe0ZaR5hPMD8S5oGeH PaZZ2jCnWVDuiFvPObYVuuB9RfWhyyLB +LOQ0xkoV5LRm8mmbqoZWniy4HS/4+oc 3TeIenMJLdP9FqLdgz8Pk3aO4O0o2FgT 4P8jlQ41R1TUct3vBtcjqzzKQXqOqA9+ y+iSPspWs3r305u49YyknOin8OAE3Zoh J2l+m/fVvW3pQ0jKCkD0CMg5k0nbORs5 aK1T5UAuKPUTwZoL9i+Bov89rQWWUp0B POzdBFHCM6nMlo1Wtu4RQHSL0GmLDsSS 1SZoOdbCsrX1DWCpq2mg9yCy/mnsM5sE +oSy/iFy4F02Ggk11R4gXQ==
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode question
+ADJUST copy_id
+REPLY NOERROR QR AA DO
+SECTION QUESTION
+. IN NS
+SECTION ANSWER
+. 518400 IN NS rootns.
+. 518400 IN RRSIG NS 8 0 518400 20170804000000 20170721000000 28969 . A5hMjKgZIhBWemZZUirkziI/ObpsHmlT +2zotPOO3Xk+8niKkWNBo6d8JCa+ofyd bhQb+3486j8YgKgjzz2YyjJtGemRJrLm 1frRV6lxx3lRYZCmNyS3ZUnN8vJaIREV WXr8f8HtGov6Pu9lIXikLxIFo9g2dMK3 jUYXbA6HTJBh5Eki3xBW27yGFlq0hGDa E2fV2swD5C8vQmo1KK2yDzA92G87eCXt pxrz7b4BKPXi5kadBapudB7r9htkaI8S 5ORTgXpmAcYGDk4sVUg/f3hp/fyU/CMc 9KVZPdLjqGUL+FnlBee+L+wR0HSCc13L j4RK67DtfsGMpeR80LlcZw==
+SECTION ADDITIONAL
+rootns. 518400 IN A 198.41.0.4
+rootns. 518400 IN AAAA 2001:503:ba3e::2:30
+rootns. 518400 IN RRSIG A 8 1 518400 20170804000000 20170721000000 28969 . QZhev/bmwYaANmOIgiKUZbhb4+6cf0pK AYWChRC+oFv2KSlI2qkWjdu9D36Cxwph 4q0UeKsz1BgB+bk6iA+qCdZdv550ssvw LALjZ59bhnD0ts5hfKttpSVRrRLocL8L VOKsh89+vcFggOtNBNxR0uvQZaDwHAqB 5qle9YjqICpo66kXaHtDVB0rptYwnRoP je5CtgGVKrTgxFnNvuQhqq+Jex1DetFU CQcvlObPV57LxGIaWVsHspO0y1u+U5EU rkICR/j3kCX+ugdTfRYhGJ+MiDdhqj1v KaXmVuAUliybx9ElQA9AjjLy9SdmJriq rr86biqSr3tpfAB4B4RfNg==
+rootns. 518400 IN RRSIG AAAA 8 1 518400 20170804000000 20170721000000 28969 . ceLKW/BKyqC5qryqZWXFaFVMRJOu7Lrh dKqcqh7zHevV5ZGF+RzGtGX0XeOahzoo 3W+tM4r7oP7yduPetBGQnnVb8WiuEs2B YUx7LwFdR+I9hSIHVAmB9rIPVm9QHAx0 KCYEIu5Trv7sxWGgetxdXQwMeAY+xHhG YdXZQ1vgxM7bG4w6Ei9+pKi3iw6oH7pX 91uldh9Xgi4ajFcYQ+/N7azjddzv6jKB cTro1PQTiX80vUnAZQxTRQAMvKfWkWZM 8mjna00RSnvs2T7EPS1wrL7sK4os9dU6 1B5SoQhTrJRmzF/Bc1kB1lXhTW8TrPnV UMeoJAN9VFEfRC6fqOq4iQ==
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode question
+ADJUST copy_id
+REPLY NOERROR QR AA DO
+SECTION QUESTION
+rootns. IN NS
+SECTION AUTHORITY
+. 86400 IN SOA rootns. you.test. 2017071100 1800 900 604800 86400
+rootns. 86400 IN NSEC test. A AAAA RRSIG NSEC
+. 86400 IN RRSIG SOA 8 0 86400 20170804000000 20170721000000 28969 . RF31T45DXJHLnVI6wENwbT6Enc+9RZt2 ydueew94jnGTB55BJT9Mq2rWkzkP/ymR RzZjixoBsoRgCFlfs865Z+JJtR7nk23s Cl02erMw6lra4IaD8q4M/sH7vh7AAo/c /GVqKyxcCZiIwk/A3J1qpAAvbapE/jwT seg04WM7XEsqp58BuNluff6SavIaFB/Y 70sGNMm+jbBnk+W6HOJw6bB1GOyLE1Gd Ae+YMSbEA2H99WAZo7rlKO43CQY8sbzY 3pKCrY6kXNoBQSlpqWxjU7UIjYdU/8F6 RrBJzq1aIKBEjAh2zEqqpb1NyxfMoJku 2I6eERUs/J9MNc+gn3pwgw==
+rootns. 86400 IN RRSIG NSEC 8 1 86400 20170804000000 20170721000000 28969 . ErIpaMwf+buKKDCcMvwoqji0YvvSacdL M4zSZKjiLPhGhaDmcWTLECes4En511Pt m8ft/F+ghQPobhH55VbBFFPLpFqVXg7/ JO/EoUYXDKSmjOxSLre5UVzCeeyKq2wf GmTLZUyhRJQbuQnzv29IIhr5pGUcFebU d/B4blebChkwSH+/Pb8LIfBRiMEoFXiV sHu75Pl9pKgAe76fUUdstB/7vT4SGXHa hHvduxGk3qSBqfi8h+/mnQzfk1H5UiUs U3Uvgq9JuWVBioSIHh4pF2RUMkk4aXCl 02H9iBZdIU3PjQu0O+CJmjFCoFslxUrK /6IQMZc9Ram1zUd/HfKbUw==
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode question
+ADJUST copy_id
+REPLY NOERROR QR AA DO
+SECTION QUESTION
+rootns. IN A
+SECTION ANSWER
+rootns. 518400 IN A 198.41.0.4
+rootns. 518400 IN RRSIG A 8 1 518400 20170804000000 20170721000000 28969 . QZhev/bmwYaANmOIgiKUZbhb4+6cf0pK AYWChRC+oFv2KSlI2qkWjdu9D36Cxwph 4q0UeKsz1BgB+bk6iA+qCdZdv550ssvw LALjZ59bhnD0ts5hfKttpSVRrRLocL8L VOKsh89+vcFggOtNBNxR0uvQZaDwHAqB 5qle9YjqICpo66kXaHtDVB0rptYwnRoP je5CtgGVKrTgxFnNvuQhqq+Jex1DetFU CQcvlObPV57LxGIaWVsHspO0y1u+U5EU rkICR/j3kCX+ugdTfRYhGJ+MiDdhqj1v KaXmVuAUliybx9ElQA9AjjLy9SdmJriq rr86biqSr3tpfAB4B4RfNg==
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode question
+ADJUST copy_id
+REPLY NOERROR QR AA DO
+SECTION QUESTION
+rootns. IN AAAA
+SECTION ANSWER
+rootns. 518400 IN AAAA 2001:503:ba3e::2:30
+rootns. 518400 IN RRSIG AAAA 8 1 518400 20170804000000 20170721000000 28969 . ceLKW/BKyqC5qryqZWXFaFVMRJOu7Lrh dKqcqh7zHevV5ZGF+RzGtGX0XeOahzoo 3W+tM4r7oP7yduPetBGQnnVb8WiuEs2B YUx7LwFdR+I9hSIHVAmB9rIPVm9QHAx0 KCYEIu5Trv7sxWGgetxdXQwMeAY+xHhG YdXZQ1vgxM7bG4w6Ei9+pKi3iw6oH7pX 91uldh9Xgi4ajFcYQ+/N7azjddzv6jKB cTro1PQTiX80vUnAZQxTRQAMvKfWkWZM 8mjna00RSnvs2T7EPS1wrL7sK4os9dU6 1B5SoQhTrJRmzF/Bc1kB1lXhTW8TrPnV UMeoJAN9VFEfRC6fqOq4iQ==
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode question
+ADJUST copy_id
+REPLY NOERROR QR AA DO
+SECTION QUESTION
+test. IN TXT
+SECTION ANSWER
+test. 1 IN TXT "check and change answer"
+test. 1 IN RRSIG TXT 8 1 1 20170804000000 20170721000000 28969 . BKc79/iitLm4EWqaIpRy49O0VosanODV w4YR0tVoCQLNKePEVnzBQdPxsBpRV4nk 38TRSqp7XwZJd8gPskXtrfrkO5Pz28M1 8cA6B/uExOBQYCFVGjv7avo07p0EaxGD CjX0yoNbA0Z3SQHhgsUYC4eMiPsOcfos UtnNkZHipA6/QKUD1fqo13Y69gcl8glr Cb/rQn+IYo7GqrRrESUkQEFcwlWd2sii Z06ZchNxTspNL2irm2mqpsmMK/osEkyv LG9dauX83ZO6WaQlZmDspaHEFbS9HhlI OVTPG7mUTlTROQFG1zTVuGW2gu6kY6ms LFwpurPHw0bVeRJ2JLFifQ==
+ENTRY_END
+RANGE_END
+
+
+; 2017-07-01T00:00:00
+STEP 20170701000000 QUERY
+ENTRY_BEGIN
+REPLY RD AD
+SECTION QUESTION
+test. IN TXT
+ENTRY_END
+
+STEP 20170701000001 CHECK_ANSWER
+ENTRY_BEGIN
+REPLY QR RD RA AD
+MATCH opcode qname question
+SECTION QUESTION
+test. IN TXT
+SECTION ANSWER
+test. IN TXT "it works"
+ENTRY_END
+
+; move time by 1 day, 0:00:00
+STEP 20170701000099 TIME_PASSES ELAPSE 86400
+
+
+; 2017-07-02T00:00:00
+STEP 20170702000000 QUERY
+ENTRY_BEGIN
+REPLY RD AD
+SECTION QUESTION
+test. IN TXT
+ENTRY_END
+
+STEP 20170702000001 CHECK_ANSWER
+ENTRY_BEGIN
+REPLY QR RD RA AD
+MATCH opcode qname question
+SECTION QUESTION
+test. IN TXT
+SECTION ANSWER
+test. IN TXT "it works"
+ENTRY_END
+
+; move time by 1 day, 0:00:00
+STEP 20170702000099 TIME_PASSES ELAPSE 86400
+
+
+; 2017-07-03T00:00:00
+STEP 20170703000000 QUERY
+ENTRY_BEGIN
+REPLY RD AD
+SECTION QUESTION
+test. IN TXT
+ENTRY_END
+
+STEP 20170703000001 CHECK_ANSWER
+ENTRY_BEGIN
+REPLY QR RD RA AD
+MATCH opcode qname question
+SECTION QUESTION
+test. IN TXT
+SECTION ANSWER
+test. IN TXT "it works"
+ENTRY_END
+
+; move time by 1 day, 0:00:00
+STEP 20170703000099 TIME_PASSES ELAPSE 86400
+
+
+; 2017-07-04T00:00:00
+STEP 20170704000000 QUERY
+ENTRY_BEGIN
+REPLY RD AD
+SECTION QUESTION
+test. IN TXT
+ENTRY_END
+
+STEP 20170704000001 CHECK_ANSWER
+ENTRY_BEGIN
+REPLY QR RD RA AD
+MATCH opcode qname question
+SECTION QUESTION
+test. IN TXT
+SECTION ANSWER
+test. IN TXT "it works"
+ENTRY_END
+
+; move time by 1 day, 0:00:00
+STEP 20170704000099 TIME_PASSES ELAPSE 86400
+
+
+; 2017-07-05T00:00:00
+STEP 20170705000000 QUERY
+ENTRY_BEGIN
+REPLY RD AD
+SECTION QUESTION
+test. IN TXT
+ENTRY_END
+
+STEP 20170705000001 CHECK_ANSWER
+ENTRY_BEGIN
+REPLY QR RD RA AD
+MATCH opcode qname question
+SECTION QUESTION
+test. IN TXT
+SECTION ANSWER
+test. IN TXT "it works"
+ENTRY_END
+
+; move time by 1 day, 0:00:00
+STEP 20170705000099 TIME_PASSES ELAPSE 86400
+
+
+; 2017-07-06T00:00:00
+STEP 20170706000000 QUERY
+ENTRY_BEGIN
+REPLY RD AD
+SECTION QUESTION
+test. IN TXT
+ENTRY_END
+
+STEP 20170706000001 CHECK_ANSWER
+ENTRY_BEGIN
+REPLY QR RD RA AD
+MATCH opcode qname question
+SECTION QUESTION
+test. IN TXT
+SECTION ANSWER
+test. IN TXT "it works"
+ENTRY_END
+
+; move time by 1 day, 0:00:00
+STEP 20170706000099 TIME_PASSES ELAPSE 86400
+
+
+; 2017-07-07T00:00:00
+STEP 20170707000000 QUERY
+ENTRY_BEGIN
+REPLY RD AD
+SECTION QUESTION
+test. IN TXT
+ENTRY_END
+
+STEP 20170707000001 CHECK_ANSWER
+ENTRY_BEGIN
+REPLY QR RD RA AD
+MATCH opcode qname question
+SECTION QUESTION
+test. IN TXT
+SECTION ANSWER
+test. IN TXT "it works"
+ENTRY_END
+
+; move time by 1 day, 0:00:00
+STEP 20170707000099 TIME_PASSES ELAPSE 86400
+
+
+; 2017-07-08T00:00:00
+STEP 20170708000000 QUERY
+ENTRY_BEGIN
+REPLY RD AD
+SECTION QUESTION
+test. IN TXT
+ENTRY_END
+
+STEP 20170708000001 CHECK_ANSWER
+ENTRY_BEGIN
+REPLY QR RD RA AD
+MATCH opcode qname question
+SECTION QUESTION
+test. IN TXT
+SECTION ANSWER
+test. IN TXT "it works"
+ENTRY_END
+
+; move time by 1 day, 0:00:00
+STEP 20170708000099 TIME_PASSES ELAPSE 86400
+
+
+; 2017-07-09T00:00:00
+STEP 20170709000000 QUERY
+ENTRY_BEGIN
+REPLY RD AD
+SECTION QUESTION
+test. IN TXT
+ENTRY_END
+
+STEP 20170709000001 CHECK_ANSWER
+ENTRY_BEGIN
+REPLY QR RD RA AD
+MATCH opcode qname question
+SECTION QUESTION
+test. IN TXT
+SECTION ANSWER
+test. IN TXT "it works"
+ENTRY_END
+
+; move time by 1 day, 0:00:00
+STEP 20170709000099 TIME_PASSES ELAPSE 86400
+
+
+; 2017-07-10T00:00:00
+STEP 20170710000000 QUERY
+ENTRY_BEGIN
+REPLY RD AD
+SECTION QUESTION
+test. IN TXT
+ENTRY_END
+
+STEP 20170710000001 CHECK_ANSWER
+ENTRY_BEGIN
+REPLY QR RD RA AD
+MATCH opcode qname question
+SECTION QUESTION
+test. IN TXT
+SECTION ANSWER
+test. IN TXT "it works"
+ENTRY_END
+
+; move time by 1 day, 0:00:00
+STEP 20170710000099 TIME_PASSES ELAPSE 86400
+
+
+; 2017-07-11T00:00:00
+STEP 20170711000000 QUERY
+ENTRY_BEGIN
+REPLY RD AD
+SECTION QUESTION
+test. IN TXT
+ENTRY_END
+
+STEP 20170711000001 CHECK_ANSWER
+ENTRY_BEGIN
+REPLY QR RD RA AD
+MATCH opcode qname question
+SECTION QUESTION
+test. IN TXT
+SECTION ANSWER
+test. IN TXT "it works"
+ENTRY_END
+
+; move time by 1 day, 0:00:00
+STEP 20170711000099 TIME_PASSES ELAPSE 86400
+
+
+; 2017-07-12T00:00:00
+STEP 20170712000000 QUERY
+ENTRY_BEGIN
+REPLY RD AD
+SECTION QUESTION
+test. IN TXT
+ENTRY_END
+
+STEP 20170712000001 CHECK_ANSWER
+ENTRY_BEGIN
+REPLY QR RD RA AD
+MATCH opcode qname question
+SECTION QUESTION
+test. IN TXT
+SECTION ANSWER
+test. IN TXT "it works"
+ENTRY_END
+
+; move time by 1 day, 0:00:00
+STEP 20170712000099 TIME_PASSES ELAPSE 86400
+
+
+; 2017-07-13T00:00:00
+STEP 20170713000000 QUERY
+ENTRY_BEGIN
+REPLY RD AD
+SECTION QUESTION
+test. IN TXT
+ENTRY_END
+
+STEP 20170713000001 CHECK_ANSWER
+ENTRY_BEGIN
+REPLY QR RD RA AD
+MATCH opcode qname question
+SECTION QUESTION
+test. IN TXT
+SECTION ANSWER
+test. IN TXT "it works"
+ENTRY_END
+
+; move time by 1 day, 0:00:00
+STEP 20170713000099 TIME_PASSES ELAPSE 86400
+
+
+; 2017-07-14T00:00:00
+STEP 20170714000000 QUERY
+ENTRY_BEGIN
+REPLY RD AD
+SECTION QUESTION
+test. IN TXT
+ENTRY_END
+
+STEP 20170714000001 CHECK_ANSWER
+ENTRY_BEGIN
+REPLY QR RD RA AD
+MATCH opcode qname question
+SECTION QUESTION
+test. IN TXT
+SECTION ANSWER
+test. IN TXT "it works"
+ENTRY_END
+
+; move time by 1 day, 0:00:00
+STEP 20170714000099 TIME_PASSES ELAPSE 86400
+
+
+; 2017-07-15T00:00:00
+STEP 20170715000000 QUERY
+ENTRY_BEGIN
+REPLY RD AD
+SECTION QUESTION
+test. IN TXT
+ENTRY_END
+
+STEP 20170715000001 CHECK_ANSWER
+ENTRY_BEGIN
+REPLY QR RD RA AD
+MATCH opcode qname question
+SECTION QUESTION
+test. IN TXT
+SECTION ANSWER
+test. IN TXT "it works"
+ENTRY_END
+
+; move time by 1 day, 0:00:00
+STEP 20170715000099 TIME_PASSES ELAPSE 86400
+
+
+; 2017-07-16T00:00:00
+STEP 20170716000000 QUERY
+ENTRY_BEGIN
+REPLY RD AD
+SECTION QUESTION
+test. IN TXT
+ENTRY_END
+
+STEP 20170716000001 CHECK_ANSWER
+ENTRY_BEGIN
+REPLY QR RD RA AD
+MATCH opcode qname question
+SECTION QUESTION
+test. IN TXT
+SECTION ANSWER
+test. IN TXT "it works"
+ENTRY_END
+
+; move time by 1 day, 0:00:00
+STEP 20170716000099 TIME_PASSES ELAPSE 86400
+
+
+; 2017-07-17T00:00:00
+STEP 20170717000000 QUERY
+ENTRY_BEGIN
+REPLY RD AD
+SECTION QUESTION
+test. IN TXT
+ENTRY_END
+
+STEP 20170717000001 CHECK_ANSWER
+ENTRY_BEGIN
+REPLY QR RD RA AD
+MATCH opcode qname question
+SECTION QUESTION
+test. IN TXT
+SECTION ANSWER
+test. IN TXT "it works"
+ENTRY_END
+
+; move time by 1 day, 0:00:00
+STEP 20170717000099 TIME_PASSES ELAPSE 86400
+
+
+; 2017-07-18T00:00:00
+STEP 20170718000000 QUERY
+ENTRY_BEGIN
+REPLY RD AD
+SECTION QUESTION
+test. IN TXT
+ENTRY_END
+
+STEP 20170718000001 CHECK_ANSWER
+ENTRY_BEGIN
+REPLY QR RD RA AD
+MATCH opcode qname question
+SECTION QUESTION
+test. IN TXT
+SECTION ANSWER
+test. IN TXT "it works"
+ENTRY_END
+
+; move time by 1 day, 0:00:00
+STEP 20170718000099 TIME_PASSES ELAPSE 86400
+
+
+; 2017-07-19T00:00:00
+STEP 20170719000000 QUERY
+ENTRY_BEGIN
+REPLY RD AD
+SECTION QUESTION
+test. IN TXT
+ENTRY_END
+
+STEP 20170719000001 CHECK_ANSWER
+ENTRY_BEGIN
+REPLY QR RD RA AD
+MATCH opcode qname question
+SECTION QUESTION
+test. IN TXT
+SECTION ANSWER
+test. IN TXT "it works"
+ENTRY_END
+
+; move time by 1 day, 0:00:00
+STEP 20170719000099 TIME_PASSES ELAPSE 86400
+
+
+; 2017-07-20T00:00:00
+STEP 20170720000000 QUERY
+ENTRY_BEGIN
+REPLY RD AD
+SECTION QUESTION
+test. IN TXT
+ENTRY_END
+
+STEP 20170720000001 CHECK_ANSWER
+ENTRY_BEGIN
+REPLY QR RD RA AD
+MATCH opcode qname question
+SECTION QUESTION
+test. IN TXT
+SECTION ANSWER
+test. IN TXT "it works"
+ENTRY_END
+
+; move time by 1 day, 0:00:00
+STEP 20170720000099 TIME_PASSES ELAPSE 86400
+
+
+; 2017-07-21T00:00:00
+STEP 20170721000000 QUERY
+ENTRY_BEGIN
+REPLY RD AD
+SECTION QUESTION
+test. IN TXT
+ENTRY_END
+
+STEP 20170721000001 CHECK_ANSWER
+ENTRY_BEGIN
+REPLY QR RD RA AA NXDOMAIN
+MATCH opcode rcode flags question answer
+SECTION QUESTION
+test. IN TXT
+SECTION AUTHORITY
+test. 10800 IN SOA test. nobody.invalid. 1 3600 1200 604800 10800
+SECTION ADDITIONAL
+explanation.invalid. 10800 IN TXT "check last answer"
+ENTRY_END
+
+; move time by 1 day, 0:00:00
+STEP 20170721000099 TIME_PASSES ELAPSE 86400
+
+
+
+SCENARIO_END
+    
diff --git a/modules/ta_update/ta_update.unmanagedkey.test.integr/unmanagedkey-revoke-monotonictime.rpl b/modules/ta_update/ta_update.unmanagedkey.test.integr/unmanagedkey-revoke-monotonictime.rpl
new file mode 100644
index 000000000..0cac490cb
--- /dev/null
+++ b/modules/ta_update/ta_update.unmanagedkey.test.integr/unmanagedkey-revoke-monotonictime.rpl
@@ -0,0 +1,761 @@
+stub-addr: 2001:503:ba3e::2:30
+trust-anchor: . IN DS 5191 8 2 78DE555142AECCBFE1F4F24A9053F7A3C8BAAB2891DBB80D0CDD29534A44C3AA
+trust-anchor: . IN DS 24784 8 2 5448342C83F1CCB31F966A835897DF1484B12074AB535B2CB84CFD8E2E792B28
+val-override-date: 20170701000000
+query-minimization: off
+CONFIG_END
+
+SCENARIO_BEGIN Simulation of successfull RFC 5011 KSK roll-over during 2017
+    
+
+RANGE_BEGIN 20170701000000 20170710999999
+        ADDRESS 198.41.0.4
+        ADDRESS 2001:503:ba3e::2:30
+
+ENTRY_BEGIN
+MATCH opcode question
+ADJUST copy_id
+REPLY NOERROR QR AA DO
+SECTION QUESTION
+. IN SOA
+SECTION ANSWER
+. 86400 IN SOA rootns. you.test. 2017071100 1800 900 604800 86400
+. 86400 IN RRSIG SOA 8 0 86400 20170715000000 20170701000000 50124 . mlDK2ln5t2Ql7/neef2Pzz1URLXCV5ml 0QYXbt2kzrgeKqoHRXMGc6nxqYv5Ttpn TtY82BhNlYuTzubWrrg+SS7z+vSAwUM2 mXG16Y0Z3PoKc/25dmYElwcaG1h10elI unPy1GKGoEkUlEtT/6nHQdkhvyUL5QcX AwjljLIxsY7BnzhmQEsz0ywMrTmg85vX H0BOK0IFBKxLBncx10wvJGApaVzaxdWc 0H/+fnF1r/rg2NvRFuIXlz4vrl9ExNMa ZmXR4PLlZTHO3FaH9yF18IHPCY/bi8L9 NjfW9pj+Fg4LR2kPj5WCkrCR9RKhdUAO xJKLSBuSi0CL1OyLWg9QMA==
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode question
+ADJUST copy_id
+REPLY NOERROR QR AA DO
+SECTION QUESTION
+. IN DNSKEY
+SECTION ANSWER
+. 1814400 IN DNSKEY 256 3 8 AwEAAcHrmeeZUfVAS5KzAL2mHyjpdS3y 5Du2ScdXa1nunnaA35ARZR6BbwuQdIik CC1LH8D7d/AlDW7SlkHWeWBK7eMxO0Ps E2u9jlN2yy+9OQwo1kybg4cBDwbgHmu8 ppX7U3S5SpP9XZIJhYRYqNube/zkoDSa uLaeghU13CCuIwdbJrPNOC6Zvn0op3WL ryTVMnMUzgld6WsiTWZDlaMy5IJdhg5R X2wa0UCJjr1M3kguTHftYExgUKbQytx2 +i1mq+vSKqcS9Bxo1vFTWMtFV2FFpV8T Fv4dL1aC1Aq8e9CiAIEfCVVy8Dw+vYpO VDrd+1qkNorMNetwEly9EgkWgB0=
+. 1814400 IN DNSKEY 257 3 8 AwEAAZxJIBnv0pOId/Ukgr0pwVLXjiBR RyV0kc76BssLTIFPWnEWNLv7+3JRvcAm tpHzDvpCoX92taEYVP3pgF3WUNA/LOJR iYIE8taQ0j0TpbdiizFtgFCc+zE5TZ6z /Ru1Eq6VXgdpHzpPtTep0+gB1Qz6HQNT Wd0v2/XQmKWkh3KnJuDSrBjQy50ax9zX 1Sj8Syv+oA0iREf886Bb3e1nBaWrw9RE xovh2F68eE5hxwBcipwNyf7iEN8Um8Tj KCXWeEnTM+Giip0F+JgbapEKr8Dk5YYv nRBLwPZiekL35AbGA9/8PfCwtAIBAj3A CVHhgmlPbLzPGRyawTtIe9D/6uc=
+. 1814400 IN DNSKEY 257 3 8 AwEAAa7l/x0mKre1XGN10bhnsSuo+Lc7 wFv6ksfiDz/kLgbR1TQY37ntCm3akRr/ hp3CE1YUnAGlk9B5lZYEeT0hoD2BkD7E P9DpOxUqKtQeYhe34pO/ygT+dFYSaMy/ 0OStoYLphzbIfElrpg+gvv+CkFKQzO5W rAL1tWu037erXbhSjko7AokpjfEWyT8H o7qGHiW1vWgzWGtWIgXOdydUJYqQNaOY cddJNV23fod6+KrKE245JRv+KabqnLJv 3+D6g7NDh+D5uLiX4vcTsLoB3LiAruQA r+ickjYFsVvfJlJ3m9O0/st9UsXu+v0e 6Esl5DmWWYo63T31sgmSEOjUSBE=
+. 1814400 IN RRSIG DNSKEY 8 0 1814400 20170722000000 20170701000000 5191 . aIPJnGM1RKAVdVGU1I+3cgs7eSa+mYMG iIzrG9sD98id0zCZ+ekUOYjw6UfWYlBI YT7ebhDIdr0bXwCuiTcvuNZ5ps3EzreW bh6udtTBumshkcxEVFFbzgdUw08L9xoq 9aXDDz5+wS9qbxizaoLYb3DxdDKALKzN VQ3ToLe+V51obIULXYAJbhvUSNRqsATW Rj+Au9j+wiKWgnHl3el+/iwmomNmYvNE USi4+2uHIMA3g47E4VeAGskVgDAskgNH rSeVLoNS43r77UCmpD6WT3P7Kc5BNWY5 RNUX1a17GCnLFamcJlmEnfvxKUC+qTkg cXPe+bGH8W29f9vJFheicw==
+. 1814400 IN RRSIG DNSKEY 8 0 1814400 20170722000000 20170701000000 24784 . GI/kjTcDyKgcLW98ySEPrNk0kRHR+F4u HyNmPGUq19xUdr3uBKrBUCsnSxb93QRo wb9z7b73FwloyQiXOR9Q9M2MiO58+RDG eEC+G/+67abfItVkBf/ZglcPu+LTyg9F 2y0YzcQ5zH1JkmG/I7d7NGN7Wq4rEWWJ FHAOrIruOl1mNkGnRXDY/vytR4ntiWDk NNpEof6Qfzg8fXP5JegezNwUatwbrFwO xqsM2pITtIS3Kl/H4L7iajyxeQZCqX+R iCZ/O9FIn3Y+OX6JkvvMXGB+0DatTGPJ iE0AHWWPFa1V4SeJz8WKPB1UorvOqM61 LR1GlPWlQGutZhbTlUFLyA==
+. 1814400 IN RRSIG DNSKEY 8 0 1814400 20170722000000 20170701000000 50124 . tQqe8/mF2f7HIXlXe77EdgRoKu7KqdjD PR/ELk9i/le8GLy/eDI6nlwAfiWKcgqN nFey9UzT/kWk3L8umb3c8aazpuQYJAwi dsZNWlx+yc1dEw6lS+6WqTSiEEzXhQh3 wvOPA58rWflatBYuaAx2scQ/OhPtf0me 64G4O/LIpZO5yLPs3RwBnjzSq2907Bfz pD2xfa4fvqI1yxfQzMx46QF6zYy2zam2 XBEbSKNxSamW8VN60oItbozLbQ4pVwyX Ni1k/WKZHrJ+ppKSDtQhqN4CvxvyybL7 5ovtJpAKYEGsmvoZqoz33FcU2HxleIun 8sKzXaNJ8+tXlrKoicZI6A==
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode question
+ADJUST copy_id
+REPLY NOERROR QR AA DO
+SECTION QUESTION
+. IN NS
+SECTION ANSWER
+. 518400 IN NS rootns.
+. 518400 IN RRSIG NS 8 0 518400 20170715000000 20170701000000 50124 . JziSSYhqZP9eOAenLKp28LqcrAe1gs3K eWhGpOxX/u+hCnQFhuJZm2bZHomTh8Il IwQ9eKZizGQjG2BVIWhMJEWCUaPuUul1 Iq7hW9sSilivZNjef69I0xbA2Mk9MyrX 3rRUl1c5y37u5olOU7aNUAdlS3A9Kvvv dOuCWoOiVjjequaZi9JKEwHagk9il2fF HGT8/XMfIyNl4w2AvzHJ9G5oNA+HaH5E npbr8opWSxsxu8W00ne1PcDtMnmGtrPH Is1hIs/JfYQFP+0lsXU5L8gs5nfZVXgj CdluHHCnynlfp9omhbF657Mh6RMqZE/Q r+eKi0Tti/Z5W3xX2SMbWg==
+SECTION ADDITIONAL
+rootns. 518400 IN A 198.41.0.4
+rootns. 518400 IN AAAA 2001:503:ba3e::2:30
+rootns. 518400 IN RRSIG A 8 1 518400 20170715000000 20170701000000 50124 . g9NhvW/Ka1w9I9JPTktcJsmeDJAxAJ4i A+Eot8m7I4HTRQFHLD7DJHFB2pxesbJs WgdY+y38RJ4SDi4NodmEB60FSyNptQxO gsVYRaPclfZSjv/YhYOztns8aeZP6Qrt 4ETFI/A6ABwDjL/1ATk8zsgdhgP2u/dO d0s8pz7reNfUAf7/BsLER3pF8y23yYbp afZaVgZ1N5xj4EorGdDYhsOIN71dzAjK xaqdmj/mW/AcoAj8F+cRjVNt8vJvH7tj KiMU42hLne6RNHTCod6xn2wpZzwUB2OO kv73wEP+sJuWW4gMLpUfuGBltq5QlYH5 JAVl1V93KKNgz5szeIEpAw==
+rootns. 518400 IN RRSIG AAAA 8 1 518400 20170715000000 20170701000000 50124 . tNv9R7ZphTo6s/yHsQKEZkoCK47KCPL8 p5nlc5Y0gHST42zu17SuRLKz4UQOSGjV RzFpSE7NxtERLeMhIqtEX/z+yQJ9EVJr exx/7/Ihlq4cRFzwu+7wfte+iGXXy9ZK B7kNce4ft/xgAXP9X1afruFlClb+gqar M6PETTuluNkdjTQRsOD8F62H6CXnLQQI QEMTQ4ZfAdxzrXcuIH+QHW3daMm8HfXz x9+15bVGWofeQsnZASTrK+UmcMPwu8Em z73me3YF+eKW4mMoYcQphI73wa+MltaW 5LO27IThIo0VVrtuQ2dgYg/d4J6zPUo1 k9vUS6eWFHSE5yNTu1YDyg==
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode question
+ADJUST copy_id
+REPLY NOERROR QR AA DO
+SECTION QUESTION
+rootns. IN NS
+SECTION AUTHORITY
+. 86400 IN SOA rootns. you.test. 2017071100 1800 900 604800 86400
+rootns. 86400 IN NSEC test. A AAAA RRSIG NSEC
+. 86400 IN RRSIG SOA 8 0 86400 20170715000000 20170701000000 50124 . mlDK2ln5t2Ql7/neef2Pzz1URLXCV5ml 0QYXbt2kzrgeKqoHRXMGc6nxqYv5Ttpn TtY82BhNlYuTzubWrrg+SS7z+vSAwUM2 mXG16Y0Z3PoKc/25dmYElwcaG1h10elI unPy1GKGoEkUlEtT/6nHQdkhvyUL5QcX AwjljLIxsY7BnzhmQEsz0ywMrTmg85vX H0BOK0IFBKxLBncx10wvJGApaVzaxdWc 0H/+fnF1r/rg2NvRFuIXlz4vrl9ExNMa ZmXR4PLlZTHO3FaH9yF18IHPCY/bi8L9 NjfW9pj+Fg4LR2kPj5WCkrCR9RKhdUAO xJKLSBuSi0CL1OyLWg9QMA==
+rootns. 86400 IN RRSIG NSEC 8 1 86400 20170715000000 20170701000000 50124 . gHVrjgFrTN3p4a/4C7yyqNQKYxsIGRKH l85pqif1AoXjWQfRpVpX7JvjQ0TMJwFK GRyKpcuy6wofSg9HglcaJ6xd2BSv0Qx5 OTz1DD0x8/Vf7BDyR8S0X7CUKkkmxKt4 VjMzh1vZxktVh32d562hOCaIXaL8obuB 0+oYABZTT+6qc6a7dBAhtzg6e0qtH9vg o1v/0JXudTY3L1Gv92hBI+51/nfPZwaB Tea3VbwYdG9YzqAYenVakaAvtVvadcMD 8vV8Gjx58CaPxvIDoA0z7EYGvY3VSaV8 hL+KIV9x8bV8MVa++ykwDcgcXInp3Sg1 zUhrGGoTGRnY/dC+cUpjoQ==
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode question
+ADJUST copy_id
+REPLY NOERROR QR AA DO
+SECTION QUESTION
+rootns. IN A
+SECTION ANSWER
+rootns. 518400 IN A 198.41.0.4
+rootns. 518400 IN RRSIG A 8 1 518400 20170715000000 20170701000000 50124 . g9NhvW/Ka1w9I9JPTktcJsmeDJAxAJ4i A+Eot8m7I4HTRQFHLD7DJHFB2pxesbJs WgdY+y38RJ4SDi4NodmEB60FSyNptQxO gsVYRaPclfZSjv/YhYOztns8aeZP6Qrt 4ETFI/A6ABwDjL/1ATk8zsgdhgP2u/dO d0s8pz7reNfUAf7/BsLER3pF8y23yYbp afZaVgZ1N5xj4EorGdDYhsOIN71dzAjK xaqdmj/mW/AcoAj8F+cRjVNt8vJvH7tj KiMU42hLne6RNHTCod6xn2wpZzwUB2OO kv73wEP+sJuWW4gMLpUfuGBltq5QlYH5 JAVl1V93KKNgz5szeIEpAw==
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode question
+ADJUST copy_id
+REPLY NOERROR QR AA DO
+SECTION QUESTION
+rootns. IN AAAA
+SECTION ANSWER
+rootns. 518400 IN AAAA 2001:503:ba3e::2:30
+rootns. 518400 IN RRSIG AAAA 8 1 518400 20170715000000 20170701000000 50124 . tNv9R7ZphTo6s/yHsQKEZkoCK47KCPL8 p5nlc5Y0gHST42zu17SuRLKz4UQOSGjV RzFpSE7NxtERLeMhIqtEX/z+yQJ9EVJr exx/7/Ihlq4cRFzwu+7wfte+iGXXy9ZK B7kNce4ft/xgAXP9X1afruFlClb+gqar M6PETTuluNkdjTQRsOD8F62H6CXnLQQI QEMTQ4ZfAdxzrXcuIH+QHW3daMm8HfXz x9+15bVGWofeQsnZASTrK+UmcMPwu8Em z73me3YF+eKW4mMoYcQphI73wa+MltaW 5LO27IThIo0VVrtuQ2dgYg/d4J6zPUo1 k9vUS6eWFHSE5yNTu1YDyg==
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode question
+ADJUST copy_id
+REPLY NOERROR QR AA DO
+SECTION QUESTION
+test. IN TXT
+SECTION ANSWER
+test. 1 IN TXT "it works"
+test. 1 IN RRSIG TXT 8 1 1 20170715000000 20170701000000 50124 . MMOSQjU/uKwroJnNJgwb9ddyp/P5VUBr S9F4RMcPYvjqVEczfkwTMZCZvHU6S+kV AoYuMJsWhqja/YLAL9l6h1c3DJM2apVE 59ro3u1k6NeKBghVNcRscbpYeI0jaZMD 6c5r2dBtB3sE0zUPV2feCfsyV1wBPxtr 8XWBOVYu30LYXCath13F+DqXEkTNudzQ oCHixJQ9y71QXJniXgDaRxq9l5iqA4Q4 nt4zhIWntHClUJRwpQlJVU34eLiDrO6n 1s2oVPXKLwa2/mG71afpAgsOiCvJDLeH Oa2AqjAvQ9yUDIjNoaOvLv0mrp4csBSj ZC0HIMMDWqHES4UoinY4tw==
+ENTRY_END
+RANGE_END
+
+
+
+RANGE_BEGIN 20170711000000 20170720999999
+        ADDRESS 198.41.0.4
+        ADDRESS 2001:503:ba3e::2:30
+
+ENTRY_BEGIN
+MATCH opcode question
+ADJUST copy_id
+REPLY NOERROR QR AA DO
+SECTION QUESTION
+. IN SOA
+SECTION ANSWER
+. 86400 IN SOA rootns. you.test. 2017071100 1800 900 604800 86400
+. 86400 IN RRSIG SOA 8 0 86400 20170725000000 20170711000000 50124 . Ioju8kIHgI70wBcbEyZZLbb61G42MnKd wGLxNNhBctq03x74tpqlR6HeCMJf4PW/ UHO4QqubeGK7m6TAfWvx76NKa4bYNYAj S4w+Izv5V57GL3u6BtawIdBLJfHGMLyA Aifn9xc8BnWv1Fw0k09mzXb99EC2Mc77 n99imV/I8B5sX1qi3z7bBj0pFGwvyILV FDBqFIU+kq3S78XEXpTFYInoPnDGhqAj 4g6H1QXAdW89GqkCATBKA642xI7jZ8pA 1AMlHo/YhkYr1rPQx27kGLKQJgJVpPa7 +Dh4+hy+DBRYZUUldqV4Ee+TyTT/nh36 VylsuIjbQYN801N5eFw4Qw==
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode question
+ADJUST copy_id
+REPLY NOERROR QR AA DO
+SECTION QUESTION
+. IN DNSKEY
+SECTION ANSWER
+. 1814400 IN DNSKEY 256 3 8 AwEAAcHrmeeZUfVAS5KzAL2mHyjpdS3y 5Du2ScdXa1nunnaA35ARZR6BbwuQdIik CC1LH8D7d/AlDW7SlkHWeWBK7eMxO0Ps E2u9jlN2yy+9OQwo1kybg4cBDwbgHmu8 ppX7U3S5SpP9XZIJhYRYqNube/zkoDSa uLaeghU13CCuIwdbJrPNOC6Zvn0op3WL ryTVMnMUzgld6WsiTWZDlaMy5IJdhg5R X2wa0UCJjr1M3kguTHftYExgUKbQytx2 +i1mq+vSKqcS9Bxo1vFTWMtFV2FFpV8T Fv4dL1aC1Aq8e9CiAIEfCVVy8Dw+vYpO VDrd+1qkNorMNetwEly9EgkWgB0=
+. 1814400 IN DNSKEY 257 3 8 AwEAAa7l/x0mKre1XGN10bhnsSuo+Lc7 wFv6ksfiDz/kLgbR1TQY37ntCm3akRr/ hp3CE1YUnAGlk9B5lZYEeT0hoD2BkD7E P9DpOxUqKtQeYhe34pO/ygT+dFYSaMy/ 0OStoYLphzbIfElrpg+gvv+CkFKQzO5W rAL1tWu037erXbhSjko7AokpjfEWyT8H o7qGHiW1vWgzWGtWIgXOdydUJYqQNaOY cddJNV23fod6+KrKE245JRv+KabqnLJv 3+D6g7NDh+D5uLiX4vcTsLoB3LiAruQA r+ickjYFsVvfJlJ3m9O0/st9UsXu+v0e 6Esl5DmWWYo63T31sgmSEOjUSBE=
+. 1814400 IN DNSKEY 385 3 8 AwEAAZxJIBnv0pOId/Ukgr0pwVLXjiBR RyV0kc76BssLTIFPWnEWNLv7+3JRvcAm tpHzDvpCoX92taEYVP3pgF3WUNA/LOJR iYIE8taQ0j0TpbdiizFtgFCc+zE5TZ6z /Ru1Eq6VXgdpHzpPtTep0+gB1Qz6HQNT Wd0v2/XQmKWkh3KnJuDSrBjQy50ax9zX 1Sj8Syv+oA0iREf886Bb3e1nBaWrw9RE xovh2F68eE5hxwBcipwNyf7iEN8Um8Tj KCXWeEnTM+Giip0F+JgbapEKr8Dk5YYv nRBLwPZiekL35AbGA9/8PfCwtAIBAj3A CVHhgmlPbLzPGRyawTtIe9D/6uc=
+. 1814400 IN RRSIG DNSKEY 8 0 1814400 20170801000000 20170711000000 5319 . CznzeEi6yFncw3D4NCZhUJTGf6yB9Gli tODI6UUbpntDKgdRXAWPaP13gfDUcUfb 1rhNeVJdAgxgcosDaXc3QIU1hOe85jra Z76D2hVP8/jRnEaJVaClvD7qtWaIP7bV z0JvH/4fDysSAVUySZGju+YwZfKtw8Xa exFhMJ/cqHmKV8KKTwvFddmWYSdiPGCY YokbxblHQClFMoO5FtNbVbNlRXyi8LcW 6YXNpyAyuDlYHxTc/6ilCC+fE3VzAIb+ 7b2r3NZzVkorSLurJBSHGI5vvqeOtoZX LiVpim9RASXbbP6XHf4ycsmWg9t5Eyud 7boxwvlRUlhe+he/li2ucw==
+. 1814400 IN RRSIG DNSKEY 8 0 1814400 20170801000000 20170711000000 24784 . UUk7x64kvHURXPoiFHokjEta03vK89s6 xPC3dclk0TkVg+wSIMdI7eGuaZd+YYzJ 5iUYQBbLak4zZAbfq/wFl+sIoxt4Zmh/ Ja/T0LEhRqFru3/F0WcXmN39gPlmRqoH hogy7cxuAlj+L/MZf0JQAdUeb+RO0e55 ELpZ5kErYhQNG5/c2rdIg/PVV5DK638g APJ6Z0xDxqkmlBeuiMM1jrCytnmBPNHl HdR80VKFIeNL0ss5nsZzeDl4xLyqhleM K9wfmXwfySLu/ZZdfNQl5/qZMCKuDcTz 8HJ5dFmRl3nu3M8urLzYHj1lxdWfO+c4 lcjkT4S6bsozH84z6HymaA==
+. 1814400 IN RRSIG DNSKEY 8 0 1814400 20170801000000 20170711000000 50124 . scFytgOyp7j+yR1QC5dSQEqzbUEeq99b aNoz8KoS1u49CM4IkxnmMiWQ4Ocs7Lc1 X0P9i6WgYEVIlo7OoRwFMGoxtsrG4rSs Crg3cCopCLtinGugO5pdj4zQi/SWIjy7 Ydq00Qrq9W25QAr4Z6BlvF85RYb7LSUi 9e3wbL2cFprG4OGP4cyMM2sByPPt/H0S dOsNEppsInTA61EYD2siRfbt9vEXOY+C ikcJ7LACBJ+ga5D+7Wsr8/tmEHb5Zd/5 8Zl6RlL1F8Zj/MvZT6a9GEM+vSkUWWln HsPGwhvoWcl/z9vdQag4E2Vaw6MUY7zj p4Mls23OJv03FbCvpWogtg==
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode question
+ADJUST copy_id
+REPLY NOERROR QR AA DO
+SECTION QUESTION
+. IN NS
+SECTION ANSWER
+. 518400 IN NS rootns.
+. 518400 IN RRSIG NS 8 0 518400 20170725000000 20170711000000 50124 . sL/q7IdMSJir2sAkL53PcYcmec33LeGk j3V+GmlvwrK71usBnz4Hp/xZ+hlyqjnX +y9qmNRMLngfW44Kmp/U3A3db3CSHJ4t XRYDjMbuR0UI2Y6zX5I3/v5VYoDEnV4R Amij1UtEQDdqQRe5BHoikUZHyN+In14I sRNTqjWgKd7W4jxJtmRVz1VTc86O9UmX PmreNjP/w6OJsfE/uozxxdOXk5Pnf5Ln 2rr4NO1kkhrFVf0VV0UNOBijkJIHEoRu 94/NMaAC3asuOW/rXbScnW+s6iX3kTIb 3LjiAks44uudRgTXcpgwnSrPhPkW/7Ct O+sXGZr4bY3C0r+rjkkirg==
+SECTION ADDITIONAL
+rootns. 518400 IN A 198.41.0.4
+rootns. 518400 IN AAAA 2001:503:ba3e::2:30
+rootns. 518400 IN RRSIG A 8 1 518400 20170725000000 20170711000000 50124 . roCz+GbpvVzD1RHy0RU0ji4iHBL36x0D bcWhC2PGj14AzX2j6OPlpDG1dRf9X4qz Es73u3IZjYRb3ZdQE0V/lBXpqbCb+Usp SGdj0huP7j0aNRawNmSKTimx3eSzhI1t CCmsYiavH1GpFUKQdLDP0vBq3OHxJHBM GP1ff6scTG9tBKzZtr7ZCdFK8hH9Z6Yr bOkXmRMM11rKMRjB9A0qBcVknWclDcY+ KajxfhUsjvAuGsEqQf58ekU6PPYXNmy9 lK8LRTf4UDNt86qjY8MRflhWN83cRc8g GCNKSGqXZ4yqZnQF2gbACVH7LY3YOLKe 7Rfl+CYGJACMLfzUJ7B6Kg==
+rootns. 518400 IN RRSIG AAAA 8 1 518400 20170725000000 20170711000000 50124 . oR5QQvmd3XU4E/njBMZq1Px+iHgKla9/ /PRteMz2c2gqvQBX7gMk6+6ybgQ10IhA cAE4xflPtOdLS7Wvb3OP2LA5Sdi/vxwZ R+2bHHwPAtkbP8AO/70mcWIW5MIBqPD3 bQkRmTDnBylNRU3j+DPu6xew+f6DzUPt cSRrm+8j54y44yNB4lV9yppoXYEibX/q xIIqkauYEVETVtmzTmB4PjWDTriA0b9z 0eZetan+z2x0GqnBaQT/3a+cn6xyZA4X JwDJ0n7dL/VVJbJwb2/ZziMRO2ng4M5F RMWlD6aKZkBKn3CLDtzVOhG+HO243ivO vzTg72aTIVkUQOj2k0sjbw==
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode question
+ADJUST copy_id
+REPLY NOERROR QR AA DO
+SECTION QUESTION
+rootns. IN NS
+SECTION AUTHORITY
+. 86400 IN SOA rootns. you.test. 2017071100 1800 900 604800 86400
+rootns. 86400 IN NSEC test. A AAAA RRSIG NSEC
+. 86400 IN RRSIG SOA 8 0 86400 20170725000000 20170711000000 50124 . Ioju8kIHgI70wBcbEyZZLbb61G42MnKd wGLxNNhBctq03x74tpqlR6HeCMJf4PW/ UHO4QqubeGK7m6TAfWvx76NKa4bYNYAj S4w+Izv5V57GL3u6BtawIdBLJfHGMLyA Aifn9xc8BnWv1Fw0k09mzXb99EC2Mc77 n99imV/I8B5sX1qi3z7bBj0pFGwvyILV FDBqFIU+kq3S78XEXpTFYInoPnDGhqAj 4g6H1QXAdW89GqkCATBKA642xI7jZ8pA 1AMlHo/YhkYr1rPQx27kGLKQJgJVpPa7 +Dh4+hy+DBRYZUUldqV4Ee+TyTT/nh36 VylsuIjbQYN801N5eFw4Qw==
+rootns. 86400 IN RRSIG NSEC 8 1 86400 20170725000000 20170711000000 50124 . hvFKqAWhl5GNl1r8yPMgCGDiskPKPBCx xzWWfoeZZIzhAXgeZGdCsd/5tS3fifaX Y7Wn6rMi0BstLa/+63xaY4iIvX36Zb+n eLxaKrtjr06Pnappg6EHDvF2qjEHf+ip pIif7yiX6UZemLK30E/mUhkL1HFtc9eW 9ZGdTI4VUyJvhax2qW4fcoYNgPeLeB+i LrdjyfKXB3tnrcZbmVqKa7OQX+JNL9yN s5YHbftvraZt9p0Ye+A8wwsvKE1eOlyd msdylrtlDz3JdKBsAdQm9ek5Ltpuvbht xYyvhh72c8RpO9aUUP1ehT9rtH6NeA3U dBooOLGimGRzJJ3BNYuBig==
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode question
+ADJUST copy_id
+REPLY NOERROR QR AA DO
+SECTION QUESTION
+rootns. IN A
+SECTION ANSWER
+rootns. 518400 IN A 198.41.0.4
+rootns. 518400 IN RRSIG A 8 1 518400 20170725000000 20170711000000 50124 . roCz+GbpvVzD1RHy0RU0ji4iHBL36x0D bcWhC2PGj14AzX2j6OPlpDG1dRf9X4qz Es73u3IZjYRb3ZdQE0V/lBXpqbCb+Usp SGdj0huP7j0aNRawNmSKTimx3eSzhI1t CCmsYiavH1GpFUKQdLDP0vBq3OHxJHBM GP1ff6scTG9tBKzZtr7ZCdFK8hH9Z6Yr bOkXmRMM11rKMRjB9A0qBcVknWclDcY+ KajxfhUsjvAuGsEqQf58ekU6PPYXNmy9 lK8LRTf4UDNt86qjY8MRflhWN83cRc8g GCNKSGqXZ4yqZnQF2gbACVH7LY3YOLKe 7Rfl+CYGJACMLfzUJ7B6Kg==
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode question
+ADJUST copy_id
+REPLY NOERROR QR AA DO
+SECTION QUESTION
+rootns. IN AAAA
+SECTION ANSWER
+rootns. 518400 IN AAAA 2001:503:ba3e::2:30
+rootns. 518400 IN RRSIG AAAA 8 1 518400 20170725000000 20170711000000 50124 . oR5QQvmd3XU4E/njBMZq1Px+iHgKla9/ /PRteMz2c2gqvQBX7gMk6+6ybgQ10IhA cAE4xflPtOdLS7Wvb3OP2LA5Sdi/vxwZ R+2bHHwPAtkbP8AO/70mcWIW5MIBqPD3 bQkRmTDnBylNRU3j+DPu6xew+f6DzUPt cSRrm+8j54y44yNB4lV9yppoXYEibX/q xIIqkauYEVETVtmzTmB4PjWDTriA0b9z 0eZetan+z2x0GqnBaQT/3a+cn6xyZA4X JwDJ0n7dL/VVJbJwb2/ZziMRO2ng4M5F RMWlD6aKZkBKn3CLDtzVOhG+HO243ivO vzTg72aTIVkUQOj2k0sjbw==
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode question
+ADJUST copy_id
+REPLY NOERROR QR AA DO
+SECTION QUESTION
+test. IN TXT
+SECTION ANSWER
+test. 1 IN TXT "it works"
+test. 1 IN RRSIG TXT 8 1 1 20170725000000 20170711000000 50124 . UFS44wefPpNwYGd5AtJL2LgjnL2HJs19 po0R+h6WBuxSoSLnMjg0gYHaiN26LNQT Wgs9A3DsW9I5mJJZeh4ZPNzzxWH0MSGL nvyRVwSPj/WGhzhwHTDReJ5cAKzOUD3H qxr9nYEyd3PWbRHY4SgfAfbR+qv3uInN MGcnX4+/8HPYcmcyuS2E7XdEv8teFBXr +evmJzQiJAqrpQ4maUlz6hKeJjOWBvKW Ta8neWaO6rqnmSQjO6h0SGSdhfeXUnqA 6LwmkV3Gqy1Dt7kAAzLVQhYvN5w+nqj7 26NHTZUQ1yXb1fCrdLpVa6a14bgDJQsf leRh4tR0P5H9MPjPi9M6ew==
+ENTRY_END
+RANGE_END
+
+
+
+RANGE_BEGIN 20170721000000 99999999999999
+        ADDRESS 198.41.0.4
+        ADDRESS 2001:503:ba3e::2:30
+
+ENTRY_BEGIN
+MATCH opcode question
+ADJUST copy_id
+REPLY NOERROR QR AA DO
+SECTION QUESTION
+. IN SOA
+SECTION ANSWER
+. 86400 IN SOA rootns. you.test. 2017071100 1800 900 604800 86400
+. 86400 IN RRSIG SOA 8 0 86400 20170804000000 20170721000000 50124 . dRkNimO+IbMX99xfiauuzh2Z+fpuvVis EUvJMqJLTvomlofQhQVJbjNvnjNP2FcL MKEumKdDY9sLR7xAPc9h3lmp3NC7L0Q2 kY0uoxitDD5NCZJY82HAn1A4LPvZaFYs 3fIgA1wpz/GipIVDsZ7LXN8fqdpvmxNK l8HgU+t4Gp8X/uDGjFW6TrY+AlN1LYmd rN8dMXuA2iajQob9WyBDQkmDrbRZ7iJ+ a2JCQqJfIaBFEY7gc9JphxS7ehlaLlqK MMlLH3Nugh+gNLToDdeUXYUqBvefP0/U CGw8dhAIgqC3x0wn2fgYxSsJBdmLsRGt Lv+mISIfw6Ay21Kmi65Ytg==
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode question
+ADJUST copy_id
+REPLY NOERROR QR AA DO
+SECTION QUESTION
+. IN DNSKEY
+SECTION ANSWER
+. 1814400 IN DNSKEY 256 3 8 AwEAAcHrmeeZUfVAS5KzAL2mHyjpdS3y 5Du2ScdXa1nunnaA35ARZR6BbwuQdIik CC1LH8D7d/AlDW7SlkHWeWBK7eMxO0Ps E2u9jlN2yy+9OQwo1kybg4cBDwbgHmu8 ppX7U3S5SpP9XZIJhYRYqNube/zkoDSa uLaeghU13CCuIwdbJrPNOC6Zvn0op3WL ryTVMnMUzgld6WsiTWZDlaMy5IJdhg5R X2wa0UCJjr1M3kguTHftYExgUKbQytx2 +i1mq+vSKqcS9Bxo1vFTWMtFV2FFpV8T Fv4dL1aC1Aq8e9CiAIEfCVVy8Dw+vYpO VDrd+1qkNorMNetwEly9EgkWgB0=
+. 1814400 IN DNSKEY 257 3 8 AwEAAa7l/x0mKre1XGN10bhnsSuo+Lc7 wFv6ksfiDz/kLgbR1TQY37ntCm3akRr/ hp3CE1YUnAGlk9B5lZYEeT0hoD2BkD7E P9DpOxUqKtQeYhe34pO/ygT+dFYSaMy/ 0OStoYLphzbIfElrpg+gvv+CkFKQzO5W rAL1tWu037erXbhSjko7AokpjfEWyT8H o7qGHiW1vWgzWGtWIgXOdydUJYqQNaOY cddJNV23fod6+KrKE245JRv+KabqnLJv 3+D6g7NDh+D5uLiX4vcTsLoB3LiAruQA r+ickjYFsVvfJlJ3m9O0/st9UsXu+v0e 6Esl5DmWWYo63T31sgmSEOjUSBE=
+. 1814400 IN DNSKEY 385 3 8 AwEAAZxJIBnv0pOId/Ukgr0pwVLXjiBR RyV0kc76BssLTIFPWnEWNLv7+3JRvcAm tpHzDvpCoX92taEYVP3pgF3WUNA/LOJR iYIE8taQ0j0TpbdiizFtgFCc+zE5TZ6z /Ru1Eq6VXgdpHzpPtTep0+gB1Qz6HQNT Wd0v2/XQmKWkh3KnJuDSrBjQy50ax9zX 1Sj8Syv+oA0iREf886Bb3e1nBaWrw9RE xovh2F68eE5hxwBcipwNyf7iEN8Um8Tj KCXWeEnTM+Giip0F+JgbapEKr8Dk5YYv nRBLwPZiekL35AbGA9/8PfCwtAIBAj3A CVHhgmlPbLzPGRyawTtIe9D/6uc=
+. 1814400 IN RRSIG DNSKEY 8 0 1814400 20170811000000 20170721000000 5319 . j9HlRZ3AkCZDpje5AQCXS4N21LfKzqFf c871WzN/OgHF2CO6xDQ3fMznWttRprz4 rpFBUDtXWWyCaLtjzNSrv7XFw6ui3Y05 jdAfAqhYkFQ1NeH6MG/tpZyWGDocJhiq 1hwcgJ9E+IZsOleyziYD3/vrFGKel3Ou qMd7n+T+zLzNjBnDymtSu+sUzWn3A6wG rgHbxO650aLvD4uIQYVEKqLJUddEUwOv 1Yy/Td5RDGbxHLc6L0uTyYkIFc9u4zzf bMpd3zJFSgcSsOkwkd9K+GKNPx2LXisH 01VwpermkzR3bVyl2NTglCy1CjB503gS ePdb1YNZAFUfaNzK0j5mUA==
+. 1814400 IN RRSIG DNSKEY 8 0 1814400 20170811000000 20170721000000 24784 . JWuXNkU74/Y8FqZ9EaQr6czGQDGUhcnw PiwIi3JV77zy34KE0jwWj7AXXdOARk9L 2IfKG+ykFDej7ft85L/z4uViWBICcRrN E9RVKuLkNmzvCtQD5rp4rGdtnNP80qD/ 7Iql62/Vl1atftBzO3uUTY+1DL3O8IQD ry1hGmWRt4RLCFOl1VTUFa8TTf3p0QgK aoD+usTf7x5/Tiy228A36exmsEAG+Xfo g2QbYnN8sxe2w2Jce5ete30eA1QGxxGr cF1vN5v8wbrFYBCSmKLKqtJtUhCZyVX8 vcZofvXa7ufaSdfGURoi/hYT3OCFoeiM tOjEYUttSgdjJycDB3P3Ag==
+. 1814400 IN RRSIG DNSKEY 8 0 1814400 20170811000000 20170721000000 50124 . qOnGDMrqd2LZ1+TkpaGopSBXmabYt82D JvhEtUZIVayOGAvAVt0rK5VsE2YffIFy pewgkBVs7aGds4X7SX1x7EEI/ovrgQlR A2fIS7BvknDFsE4mZ2QEmR8C1N2WA1Gu ddot0cjx0kgLL8VS9Kycy+QoTrROFa5Z 3JHiGfzS1lTQuCby29Ne2GKT0edjr9RD 1QuXugwEmZvgbW0+6EcZCeYoEo/o+0MG It9Bf6mJqKG8ni3xLtQORglhn1rWutkh kzhpC6rm0mXcv7VgwXiFj+smHE5+rnDf CSR7ke830+2cSr6Kd5dSOI0ohRLYH+5p H5Oc4A0eFoD0grg5CZ/8vw==
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode question
+ADJUST copy_id
+REPLY NOERROR QR AA DO
+SECTION QUESTION
+. IN NS
+SECTION ANSWER
+. 518400 IN NS rootns.
+. 518400 IN RRSIG NS 8 0 518400 20170804000000 20170721000000 50124 . qYBWDglfJ252SaOEo6+wHhXd9xo743sq rbF2csOGAvEmd+TAHQ0T+I6acH2AdOmf 088pBeQFkKodIBeBcdq7HPXK9v4A5ld+ OVWYmXxiNdLreOHsn/lw4hybbYu5iiwy hathQKOolfg7sS9evVB+YUGD6GLMTyDt vIkbbB5750khnO27rF1Ud6wWeayDOwUv rhriU7cjCPN4G7yo2FiZYDA0ZhOafTOo TgESBEREPRGZaOVjLIV16g8EGr1rche3 AfMfam0bAfYdkdU2scSCXDfB78MprnCN otAd2ze4VtbjZdxWq4Ji4XfleIQ7ICXQ 2Ao7vchX9IpME5vdNLvAig==
+SECTION ADDITIONAL
+rootns. 518400 IN A 198.41.0.4
+rootns. 518400 IN AAAA 2001:503:ba3e::2:30
+rootns. 518400 IN RRSIG A 8 1 518400 20170804000000 20170721000000 50124 . m2MZgby1HEHD9nRhRvprWdBMQtXBjPQU vpom5LA2iF5CIect6fF1pHG38ckRz7s2 hsWb8QLic3CtAqB8nxkHPiS8rfTdlN7N +3DEXEaurAB4RCZFmpukK9aqwasW1BLI Ul7eYgvihgo6aErN01IP5Thqqrd8b/SS 6RcCtk2Cfdyf7jMwSAR8D1RJxuRqoyOe Gofk2yYMm6wuBStVRtLvJwaAk3rsyWRT jmx4tlKijIYZvjZ2Iusnr6+rptQmNMqd xtNSrREbB94m6WZbsviy4rdvx7rq18LA mq+eB+7ROz2/tSpUkrXL7nFF09+Fkztx Tz2JRKV/Ee7LKpvw7v91Hw==
+rootns. 518400 IN RRSIG AAAA 8 1 518400 20170804000000 20170721000000 50124 . mz2zvQhPZsyQ2YS5GuRVTYwXl5daG9uY 259B2cJbfNRIsiWtpugPnnITtKMABZUY aHP7IaR9j+LsIhNL2z3u/e0H+bmMS0Mb +w3qEhrx6L6h1h4mZAeHN31iUP1kilbH TlBHTJkPeh6xM9+BX/LH7LPozqFl3Nai 4iqv7oG+niQ5rb758bAG8AM5jQ5WyPev ZmkAqhkQiQrkpYRsVtUkNNoTTGrTytUM LVwFUC8KRAmJzavUlHXeucUXWLkzZFYw 07lNug5/8ZdCPlpv1+bdBKa1Bth8f5Bn 269xi1PZX7OV22luv2dnoU1/+xqQ0su2 NRHeLG39gD7JnOE2BC5Tlw==
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode question
+ADJUST copy_id
+REPLY NOERROR QR AA DO
+SECTION QUESTION
+rootns. IN NS
+SECTION AUTHORITY
+. 86400 IN SOA rootns. you.test. 2017071100 1800 900 604800 86400
+rootns. 86400 IN NSEC test. A AAAA RRSIG NSEC
+. 86400 IN RRSIG SOA 8 0 86400 20170804000000 20170721000000 50124 . dRkNimO+IbMX99xfiauuzh2Z+fpuvVis EUvJMqJLTvomlofQhQVJbjNvnjNP2FcL MKEumKdDY9sLR7xAPc9h3lmp3NC7L0Q2 kY0uoxitDD5NCZJY82HAn1A4LPvZaFYs 3fIgA1wpz/GipIVDsZ7LXN8fqdpvmxNK l8HgU+t4Gp8X/uDGjFW6TrY+AlN1LYmd rN8dMXuA2iajQob9WyBDQkmDrbRZ7iJ+ a2JCQqJfIaBFEY7gc9JphxS7ehlaLlqK MMlLH3Nugh+gNLToDdeUXYUqBvefP0/U CGw8dhAIgqC3x0wn2fgYxSsJBdmLsRGt Lv+mISIfw6Ay21Kmi65Ytg==
+rootns. 86400 IN RRSIG NSEC 8 1 86400 20170804000000 20170721000000 50124 . En0/8voZSHLFgopg9yKSKo+IVbyZVVEC kHPBNEDqen7oRAt7pUqYDYFKNURQ9gii BD68xxSgQltFxzY5u5ml2QA1J/I59AuM gUgm6FznTzD0Td5sA5mMNKs6l1Kn4IvR PIJbsgth/RqkTFtyJ44aHqxFCYAVbv46 PiX0aEMRNx+exvHhCjLwpNDuHJ0msX7m rHWRwOr2kVOv+KXLFsInfutUQah8Ujpc 4urpFJ0qF4QbkioVhl+5jD3UanvY1UqL gD2g0p23GJSIJXyuPAEsJOeq4PrvTcqk b48TWOlsmpKwy+Nd9p/eUdpqr+b0XFw0 mm7JBJnz7fsqMapcvipwVw==
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode question
+ADJUST copy_id
+REPLY NOERROR QR AA DO
+SECTION QUESTION
+rootns. IN A
+SECTION ANSWER
+rootns. 518400 IN A 198.41.0.4
+rootns. 518400 IN RRSIG A 8 1 518400 20170804000000 20170721000000 50124 . m2MZgby1HEHD9nRhRvprWdBMQtXBjPQU vpom5LA2iF5CIect6fF1pHG38ckRz7s2 hsWb8QLic3CtAqB8nxkHPiS8rfTdlN7N +3DEXEaurAB4RCZFmpukK9aqwasW1BLI Ul7eYgvihgo6aErN01IP5Thqqrd8b/SS 6RcCtk2Cfdyf7jMwSAR8D1RJxuRqoyOe Gofk2yYMm6wuBStVRtLvJwaAk3rsyWRT jmx4tlKijIYZvjZ2Iusnr6+rptQmNMqd xtNSrREbB94m6WZbsviy4rdvx7rq18LA mq+eB+7ROz2/tSpUkrXL7nFF09+Fkztx Tz2JRKV/Ee7LKpvw7v91Hw==
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode question
+ADJUST copy_id
+REPLY NOERROR QR AA DO
+SECTION QUESTION
+rootns. IN AAAA
+SECTION ANSWER
+rootns. 518400 IN AAAA 2001:503:ba3e::2:30
+rootns. 518400 IN RRSIG AAAA 8 1 518400 20170804000000 20170721000000 50124 . mz2zvQhPZsyQ2YS5GuRVTYwXl5daG9uY 259B2cJbfNRIsiWtpugPnnITtKMABZUY aHP7IaR9j+LsIhNL2z3u/e0H+bmMS0Mb +w3qEhrx6L6h1h4mZAeHN31iUP1kilbH TlBHTJkPeh6xM9+BX/LH7LPozqFl3Nai 4iqv7oG+niQ5rb758bAG8AM5jQ5WyPev ZmkAqhkQiQrkpYRsVtUkNNoTTGrTytUM LVwFUC8KRAmJzavUlHXeucUXWLkzZFYw 07lNug5/8ZdCPlpv1+bdBKa1Bth8f5Bn 269xi1PZX7OV22luv2dnoU1/+xqQ0su2 NRHeLG39gD7JnOE2BC5Tlw==
+ENTRY_END
+
+ENTRY_BEGIN
+MATCH opcode question
+ADJUST copy_id
+REPLY NOERROR QR AA DO
+SECTION QUESTION
+test. IN TXT
+SECTION ANSWER
+test. 1 IN TXT "check and change answer"
+test. 1 IN RRSIG TXT 8 1 1 20170804000000 20170721000000 50124 . MrLc+GLJYf5OB/rXAtNUzB5vXAvDVIv0 uVzq5QtWij6/GVPja0gsgB0+ZeDusszf RNwFrcJi8wxxBwSAoQWr1wnwvSCODZUG i+8bsVAlP/BysUnajLZdhSUO6LsLhAl/ qCh6wTSbCHa9jp7wODEnRCanXNAl4G2J Q6arffoRd0oWG4vGFvGKzcQSijaIlByI cTxSWyclJRYCyPofPzMq+dKyB0l+kCCr sCy9ke/dXhl8wv6xw7u1UquqwoMp4xjF zNeXdwXdUdZisl9eQIKxFqWpfAKQCRgh 2ZNCHb2Q8ljAxR2Uyj7A06A5pMjTFJlQ sH7FEAlJ2LGNK/nRf8wXGg==
+ENTRY_END
+RANGE_END
+
+
+; 2017-07-01T00:00:00
+STEP 20170701000000 QUERY
+ENTRY_BEGIN
+REPLY RD AD
+SECTION QUESTION
+test. IN TXT
+ENTRY_END
+
+STEP 20170701000001 CHECK_ANSWER
+ENTRY_BEGIN
+REPLY QR RD RA AD
+MATCH opcode qname question
+SECTION QUESTION
+test. IN TXT
+SECTION ANSWER
+test. IN TXT "it works"
+ENTRY_END
+
+; move time by 1 day, 0:00:00
+STEP 20170701000099 TIME_PASSES ELAPSE 86400
+
+
+; 2017-07-02T00:00:00
+STEP 20170702000000 QUERY
+ENTRY_BEGIN
+REPLY RD AD
+SECTION QUESTION
+test. IN TXT
+ENTRY_END
+
+STEP 20170702000001 CHECK_ANSWER
+ENTRY_BEGIN
+REPLY QR RD RA AD
+MATCH opcode qname question
+SECTION QUESTION
+test. IN TXT
+SECTION ANSWER
+test. IN TXT "it works"
+ENTRY_END
+
+; move time by 1 day, 0:00:00
+STEP 20170702000099 TIME_PASSES ELAPSE 86400
+
+
+; 2017-07-03T00:00:00
+STEP 20170703000000 QUERY
+ENTRY_BEGIN
+REPLY RD AD
+SECTION QUESTION
+test. IN TXT
+ENTRY_END
+
+STEP 20170703000001 CHECK_ANSWER
+ENTRY_BEGIN
+REPLY QR RD RA AD
+MATCH opcode qname question
+SECTION QUESTION
+test. IN TXT
+SECTION ANSWER
+test. IN TXT "it works"
+ENTRY_END
+
+; move time by 1 day, 0:00:00
+STEP 20170703000099 TIME_PASSES ELAPSE 86400
+
+
+; 2017-07-04T00:00:00
+STEP 20170704000000 QUERY
+ENTRY_BEGIN
+REPLY RD AD
+SECTION QUESTION
+test. IN TXT
+ENTRY_END
+
+STEP 20170704000001 CHECK_ANSWER
+ENTRY_BEGIN
+REPLY QR RD RA AD
+MATCH opcode qname question
+SECTION QUESTION
+test. IN TXT
+SECTION ANSWER
+test. IN TXT "it works"
+ENTRY_END
+
+; move time by 1 day, 0:00:00
+STEP 20170704000099 TIME_PASSES ELAPSE 86400
+
+
+; 2017-07-05T00:00:00
+STEP 20170705000000 QUERY
+ENTRY_BEGIN
+REPLY RD AD
+SECTION QUESTION
+test. IN TXT
+ENTRY_END
+
+STEP 20170705000001 CHECK_ANSWER
+ENTRY_BEGIN
+REPLY QR RD RA AD
+MATCH opcode qname question
+SECTION QUESTION
+test. IN TXT
+SECTION ANSWER
+test. IN TXT "it works"
+ENTRY_END
+
+; move time by 1 day, 0:00:00
+STEP 20170705000099 TIME_PASSES ELAPSE 86400
+
+
+; 2017-07-06T00:00:00
+STEP 20170706000000 QUERY
+ENTRY_BEGIN
+REPLY RD AD
+SECTION QUESTION
+test. IN TXT
+ENTRY_END
+
+STEP 20170706000001 CHECK_ANSWER
+ENTRY_BEGIN
+REPLY QR RD RA AD
+MATCH opcode qname question
+SECTION QUESTION
+test. IN TXT
+SECTION ANSWER
+test. IN TXT "it works"
+ENTRY_END
+
+; move time by 1 day, 0:00:00
+STEP 20170706000099 TIME_PASSES ELAPSE 86400
+
+
+; 2017-07-07T00:00:00
+STEP 20170707000000 QUERY
+ENTRY_BEGIN
+REPLY RD AD
+SECTION QUESTION
+test. IN TXT
+ENTRY_END
+
+STEP 20170707000001 CHECK_ANSWER
+ENTRY_BEGIN
+REPLY QR RD RA AD
+MATCH opcode qname question
+SECTION QUESTION
+test. IN TXT
+SECTION ANSWER
+test. IN TXT "it works"
+ENTRY_END
+
+; move time by 1 day, 0:00:00
+STEP 20170707000099 TIME_PASSES ELAPSE 86400
+
+
+; 2017-07-08T00:00:00
+STEP 20170708000000 QUERY
+ENTRY_BEGIN
+REPLY RD AD
+SECTION QUESTION
+test. IN TXT
+ENTRY_END
+
+STEP 20170708000001 CHECK_ANSWER
+ENTRY_BEGIN
+REPLY QR RD RA AD
+MATCH opcode qname question
+SECTION QUESTION
+test. IN TXT
+SECTION ANSWER
+test. IN TXT "it works"
+ENTRY_END
+
+; move time by 1 day, 0:00:00
+STEP 20170708000099 TIME_PASSES ELAPSE 86400
+
+
+; 2017-07-09T00:00:00
+STEP 20170709000000 QUERY
+ENTRY_BEGIN
+REPLY RD AD
+SECTION QUESTION
+test. IN TXT
+ENTRY_END
+
+STEP 20170709000001 CHECK_ANSWER
+ENTRY_BEGIN
+REPLY QR RD RA AD
+MATCH opcode qname question
+SECTION QUESTION
+test. IN TXT
+SECTION ANSWER
+test. IN TXT "it works"
+ENTRY_END
+
+; move time by 1 day, 0:00:00
+STEP 20170709000099 TIME_PASSES ELAPSE 86400
+
+
+; 2017-07-10T00:00:00
+STEP 20170710000000 QUERY
+ENTRY_BEGIN
+REPLY RD AD
+SECTION QUESTION
+test. IN TXT
+ENTRY_END
+
+STEP 20170710000001 CHECK_ANSWER
+ENTRY_BEGIN
+REPLY QR RD RA AD
+MATCH opcode qname question
+SECTION QUESTION
+test. IN TXT
+SECTION ANSWER
+test. IN TXT "it works"
+ENTRY_END
+
+; move time by 1 day, 0:00:00
+STEP 20170710000099 TIME_PASSES ELAPSE 86400
+
+
+; 2017-07-11T00:00:00
+STEP 20170711000000 QUERY
+ENTRY_BEGIN
+REPLY RD AD
+SECTION QUESTION
+test. IN TXT
+ENTRY_END
+
+STEP 20170711000001 CHECK_ANSWER
+ENTRY_BEGIN
+REPLY QR RD RA AD
+MATCH opcode qname question
+SECTION QUESTION
+test. IN TXT
+SECTION ANSWER
+test. IN TXT "it works"
+ENTRY_END
+
+; move time by 1 day, 0:00:00
+STEP 20170711000099 TIME_PASSES ELAPSE 86400
+
+
+; 2017-07-12T00:00:00
+STEP 20170712000000 QUERY
+ENTRY_BEGIN
+REPLY RD AD
+SECTION QUESTION
+test. IN TXT
+ENTRY_END
+
+STEP 20170712000001 CHECK_ANSWER
+ENTRY_BEGIN
+REPLY QR RD RA AD
+MATCH opcode qname question
+SECTION QUESTION
+test. IN TXT
+SECTION ANSWER
+test. IN TXT "it works"
+ENTRY_END
+
+; move time by 1 day, 0:00:00
+STEP 20170712000099 TIME_PASSES ELAPSE 86400
+
+
+; 2017-07-13T00:00:00
+STEP 20170713000000 QUERY
+ENTRY_BEGIN
+REPLY RD AD
+SECTION QUESTION
+test. IN TXT
+ENTRY_END
+
+STEP 20170713000001 CHECK_ANSWER
+ENTRY_BEGIN
+REPLY QR RD RA AD
+MATCH opcode qname question
+SECTION QUESTION
+test. IN TXT
+SECTION ANSWER
+test. IN TXT "it works"
+ENTRY_END
+
+; move time by 1 day, 0:00:00
+STEP 20170713000099 TIME_PASSES ELAPSE 86400
+
+
+; 2017-07-14T00:00:00
+STEP 20170714000000 QUERY
+ENTRY_BEGIN
+REPLY RD AD
+SECTION QUESTION
+test. IN TXT
+ENTRY_END
+
+STEP 20170714000001 CHECK_ANSWER
+ENTRY_BEGIN
+REPLY QR RD RA AD
+MATCH opcode qname question
+SECTION QUESTION
+test. IN TXT
+SECTION ANSWER
+test. IN TXT "it works"
+ENTRY_END
+
+; move time by 1 day, 0:00:00
+STEP 20170714000099 TIME_PASSES ELAPSE 86400
+
+
+; 2017-07-15T00:00:00
+STEP 20170715000000 QUERY
+ENTRY_BEGIN
+REPLY RD AD
+SECTION QUESTION
+test. IN TXT
+ENTRY_END
+
+STEP 20170715000001 CHECK_ANSWER
+ENTRY_BEGIN
+REPLY QR RD RA AD
+MATCH opcode qname question
+SECTION QUESTION
+test. IN TXT
+SECTION ANSWER
+test. IN TXT "it works"
+ENTRY_END
+
+; move time by 1 day, 0:00:00
+STEP 20170715000099 TIME_PASSES ELAPSE 86400
+
+
+; 2017-07-16T00:00:00
+STEP 20170716000000 QUERY
+ENTRY_BEGIN
+REPLY RD AD
+SECTION QUESTION
+test. IN TXT
+ENTRY_END
+
+STEP 20170716000001 CHECK_ANSWER
+ENTRY_BEGIN
+REPLY QR RD RA AD
+MATCH opcode qname question
+SECTION QUESTION
+test. IN TXT
+SECTION ANSWER
+test. IN TXT "it works"
+ENTRY_END
+
+; move time by 1 day, 0:00:00
+STEP 20170716000099 TIME_PASSES ELAPSE 86400
+
+
+; 2017-07-17T00:00:00
+STEP 20170717000000 QUERY
+ENTRY_BEGIN
+REPLY RD AD
+SECTION QUESTION
+test. IN TXT
+ENTRY_END
+
+STEP 20170717000001 CHECK_ANSWER
+ENTRY_BEGIN
+REPLY QR RD RA AD
+MATCH opcode qname question
+SECTION QUESTION
+test. IN TXT
+SECTION ANSWER
+test. IN TXT "it works"
+ENTRY_END
+
+; move time by 1 day, 0:00:00
+STEP 20170717000099 TIME_PASSES ELAPSE 86400
+
+
+; 2017-07-18T00:00:00
+STEP 20170718000000 QUERY
+ENTRY_BEGIN
+REPLY RD AD
+SECTION QUESTION
+test. IN TXT
+ENTRY_END
+
+STEP 20170718000001 CHECK_ANSWER
+ENTRY_BEGIN
+REPLY QR RD RA AD
+MATCH opcode qname question
+SECTION QUESTION
+test. IN TXT
+SECTION ANSWER
+test. IN TXT "it works"
+ENTRY_END
+
+; move time by 1 day, 0:00:00
+STEP 20170718000099 TIME_PASSES ELAPSE 86400
+
+
+; 2017-07-19T00:00:00
+STEP 20170719000000 QUERY
+ENTRY_BEGIN
+REPLY RD AD
+SECTION QUESTION
+test. IN TXT
+ENTRY_END
+
+STEP 20170719000001 CHECK_ANSWER
+ENTRY_BEGIN
+REPLY QR RD RA AD
+MATCH opcode qname question
+SECTION QUESTION
+test. IN TXT
+SECTION ANSWER
+test. IN TXT "it works"
+ENTRY_END
+
+; move time by 1 day, 0:00:00
+STEP 20170719000099 TIME_PASSES ELAPSE 86400
+
+
+; 2017-07-20T00:00:00
+STEP 20170720000000 QUERY
+ENTRY_BEGIN
+REPLY RD AD
+SECTION QUESTION
+test. IN TXT
+ENTRY_END
+
+STEP 20170720000001 CHECK_ANSWER
+ENTRY_BEGIN
+REPLY QR RD RA AD
+MATCH opcode qname question
+SECTION QUESTION
+test. IN TXT
+SECTION ANSWER
+test. IN TXT "it works"
+ENTRY_END
+
+; move time by 1 day, 0:00:00
+STEP 20170720000099 TIME_PASSES ELAPSE 86400
+
+
+; 2017-07-21T00:00:00
+STEP 20170721000000 QUERY
+ENTRY_BEGIN
+REPLY RD AD
+SECTION QUESTION
+test. IN TXT
+ENTRY_END
+
+STEP 20170721000001 CHECK_ANSWER
+ENTRY_BEGIN
+REPLY QR RD RA AA NXDOMAIN
+MATCH opcode rcode flags question answer
+SECTION QUESTION
+test. IN TXT
+SECTION AUTHORITY
+test. 10800 IN SOA test. nobody.invalid. 1 3600 1200 604800 10800
+SECTION ADDITIONAL
+explanation.invalid. 10800 IN TXT "check last answer"
+ENTRY_END
+
+; move time by 1 day, 0:00:00
+STEP 20170721000099 TIME_PASSES ELAPSE 86400
+
+
+
+SCENARIO_END
+