CAA lookup

CAA records can be configured by the owner of a domain name. They are used to store information in the DNS, which can be looked up by anyone. Each record type has a different purpose.

CAA records are configured in DNS. But how can you look up these CAA records? That depends on the operating system you are using. Windows, Linux and Mac all have a different way of finding CAA records. The sections below contain instructions for each operating system.

How to lookup CAA records on Windows

The CAA record type cannot be looked up in Windows. Neither nslookup, nor Powershell's Resolve-DnsName has support for it. You can either install WSL and follow the Linux instructions below, or use an online CAA lookup tool like the one on the top of this page.

How to lookup CAA records on Mac OS

To check the CAA records for a certain domain name on a Mac, follow these steps:

1. Open a terminal by entering [command] + [space] → 'terminal.app' → [enter].
2. Type dig example.com caa and hit [enter] to get the CAA records for example.com.
3. The CAA records are listed below the ANSWER SECTION heading.

How to lookup CAA records on Linux

To check the CAA records for a certain domain name on Linux, follow these steps:

1. Open a terminal by entering [Super] → 'terminal' → [enter].
2. Type dig example.com caa and hit [enter] to get the CAA records for example.com.
3. The CAA records are listed below the ANSWER SECTION heading.

How to find CAA records

To check the CAA records of a domain, follow these steps:

1. Open the CAA lookup tool.
2. Enter the domain name and hit [enter].
3. The tool will query the CAA records and shown them at the top of the page.

How to lookup other record types

There are other types of DNS records then just CAA. The most commonly used DNS record types are A, AAAA, CNAME, NS, TXT, MX and SOA. If you'd like to look up all records of these record types, you can do so with nslookup. Click any of the record types below to find DNS records for that specific record type.

• A lookup — IPv4 address
• AAAA lookup — IPv6 address
• AFSDB lookup — AFS database location
• APL lookup — Address prefix list
• AXFR lookup — Authoritative zone transfer
• CDNSKEY lookup — Child copy of a DNSKEY
• CDS lookup — Child copy of DS
• CERT lookup — Cryptographic certificate
• CNAME lookup — Canonical name
• CSYNC lookup — Child-to-parent synchronization
• DHCID lookup — DHCP identifier
• DLV lookup — DNSSEC lookaside validation
• DNAME lookup — Delegation name
• DNSKEY lookup — Cryptographic key for DNSSEC
• DS lookup — Delegation signer
• EUI48 lookup — MAC address (EUI-48)
• EUI64 lookup — Mac address (EUI-64)
• HINFO lookup — Host information
• HIP lookup — Host identification protocol
• HTTPS lookup — HTTPS binding
• IPSECKEY lookup — Cryptographic key for IPsec
• IXFR lookup — Incremental zone transfer
• KEY lookup — Cryptographic key for DNSSEC (obsoleted by DNSKEY)
• KX lookup — Key exchange
• LOC lookup — Geographical location
• MX lookup — Mail exchange
• NAPTR lookup — Naming authority pointer
• NS lookup — Name server
• NSEC3 lookup — Next secure (version 3)
• NSEC3PARAM lookup — Parameter for NSEC3
• NSEC lookup — Next secure (obsoleted by NSEC3)
• NXT lookup — DNSSEC key (obsoleted by NSEC)
• OPENPGPKEY lookup — Public key for OpenPGP
• OPT lookup — EDNS option
• PTR lookup — Canonical name pointer
• RP lookup — Responsible person
• RRSIG lookup — Resource record signature for DNSSEC
• SIG lookup — Resource record signature for DNSSEC (obsoleted by RRSIG)
• SMIMEA lookup — S/MIME association
• SOA lookup — Start of authority
• SPF lookup — Sender Policy Framework
• SSHFP lookup — Public key fingerprint for SSH
• SVCB lookup — Service binding
• SRV lookup — Service locator
• TA lookup — Trust authority for DNSSEC
• TKEY lookup — Transaction key
• TLSA lookup — Certificate association for TLS
• TSIG lookup — Transaction signature
• TXT lookup — Human-readable text
• URI lookup — Uniform resource identifier
• ZONEMD lookup — Message digest for DNS zones