DNSSEC validation succeeds even if the chain does not reach the trust anchor
https://www.next-gen.ro shows with green key icon. However, the .ro zone is not signed as shown here: http://dnssec-debugger.verisignlabs.com/www.next-gen.ro
Self sign-up has been disabled due to increased spam activity. If you want to get access, please send an email to a project owner (preferred) or at gitlab(at)nic(dot)cz. We apologize for the inconvenience.
https://www.next-gen.ro shows with green key icon. However, the .ro zone is not signed as shown here: http://dnssec-debugger.verisignlabs.com/www.next-gen.ro