@Menel @xmpp @singpolyma ok perhaps it's caching more agressively than SOA TTL, I just set tlsa and checked - it was saying i should set tlsa, waited for ttl time, rechecked - still said I need to set tlsa. But today it's ok, shows green.