DNSSEC validation fails on Google DNS

[jos...@gmail.com]

Google DNS gives me de following result when I resolve one of my domains.

Resolving does not work while DNSSEC validation fails.

The domain was checked using dnsviz.net and the verisign dnssec-debugger. Both report that the domain signing is correct.

A traffic capture on our DNS-server show proper responses when DNSKEY records are requested by the Google DNS-servers.

Any idea what is causing this problem?

Result for www.motivlab.nl/A with DNSSEC validation:

{
  "Status": 2,
  "TC": false,
  "RD": true,
  "RA": true,
  "AD": false,
  "CD": false,
  "Question": [
    {
      "name": "www.motivlab.nl.",
      "type": 1
    }
  ],
  "Comment": "DNSSEC validation failure. Could not get DNSKEY or DS records needed for validation. Check http://dnsviz.net/d/www.motivlab.nl/dnssec/ and http://dnssec-debugger.verisignlabs.com/www.motivlab.nl for errors"
}

[Puneet Sood]

i can confirm this is still happening.