Debug page seems contradictory

I’m using a stub resolver to connect to over TLS. Checking the DNS debug page seems to get contradictory results: it says that I’m not connected to, but the reported AS is Cloudflare. Based on my configuration, the error is that I am connected to (and the report that I’m not is wrong), rather than the AS being wrong.

Disable DNSSEC. The test displays false negatives when your client is validating DNSSEC.

1 Like

That’d explain it. Is there an explanation for the explanation?

Explained here: * is not a valid DNSSEC zone