I am trying to figure out why I get more CAA records then I actually entered (I have 2 entries and I see 10 in the test) and why am I not seeing DKIM records
yes the domain name server is Cloudflare
I also noticed I do not see some TXT or cname records but they are working for example cname: autodiscover txt records dmarc, BIMI
DKIM TXT records need a selector. For example, if you use Office 365 your selectors are selector1 and selector2. You can then query for those selectors using standard tools:
dig +short txt selector1._domainkey.microsoft.com
If you run your own email servers your own configuration will define the selector. Most third party email senders use well known selectors, such as Google (google), Mailchimp (k1), Zendesk (zendesk1 and zendesk2) etc.
Similarly, BIMI records need a selector. This is so that you can send emails for Black Friday with a customised image, or have brand specific logos, all on the same domain. BIMI also allows for a default selector, and that is what I used in the above example.
There is no way to query a zone and say “give me every TXT record for every subdomain”, you have to know the location within the zone.
DMARC records are always a TXT record at _dmarc.<example.com>, and the command I showed above will retrieve it.