DNS CAA Catalog

DNS CAA Catalog

Welcome to the DNS CAA Catalog! This project monitors Certification Authority Authorization (CAA) DNS records for the top 10,000 domains as ranked by Cloudflare Radar and used under the CC BY-NC 4.0 license. The DNS records are periodically crawled and used to generate the data and statistics shown on this page. The goal is to help understand how CAA is configured and used by popular websites across the web. Select a domain from the list to explore its CAA records and gain insights into real-world CAA deployment.

CAA Statistics Summary

10000
Total Domains
1738
With CAA Records
17.4%
1606 ✅
With 'issue' Records
16.1%
628 ✳️
With 'issuewild' Record
6.3%
511 📬
With 'iodef' Records
5.1%

'issue' Record Values

Certificate Authority Count %
letsencrypt.org 916 9.2
digicert.com 859 8.6
pki.goog 760 7.6
amazon.com 428 4.3
globalsign.com 303 3.0
comodoca.com 281 2.8
sectigo.com 268 2.7
ssl.com 203 2.0
amazonaws.com 160 1.6
amazontrust.com 129 1.3
awstrust.com 112 1.1
godaddy.com 89 0.9
microsoft.com 69 0.7
entrust.net 55 0.6
certainly.com 35 0.3
symantec.com 27 0.3
pki.apple.com 25 0.2
thawte.com 14 0.1
telesec.de 12 0.1
geotrust.com 12 0.1
identrust.com 11 0.1
quovadisglobal.com 11 0.1
comodo.com 10 0.1
trust-provider.com 10 0.1
certum.pl 8 0.1
usertrust.com 7 0.1
www.digicert.com 7 0.1
d-trust.net 6 0.1
harica.gr 6 0.1
swisssign.com 5 0.1
rapidssl.com 5 0.1
cloudflare.com 5 0.1
twca.com.tw 4 0.0
visa.com 4 0.0
starfieldtech.com 3 0.0
buypass.no 3 0.0
cybertrust.ne.jp 2 0.0
dtrust.de 2 0.0
certificados.serpro.gov.br 2 0.0
affirmtrust.com 2 0.0
kpn.com 2 0.0
secomtrust.net 2 0.0
jprs.jp 1 0.0
cloudfront.net 1 0.0
amazonzonaws.com 1 0.0
gandi.net 1 0.0
docusign.fr 1 0.0
trustwave.com 1 0.0
zerossl.com 1 0.0
akamai.net 1 0.0
chemexper.com 1 0.0
pki.dfn.de 1 0.0
e-szigno.hu 1 0.0
emsign.com 1 0.0
amazonaws.cn 1 0.0
netnod.se 1 0.0
letsencrypt.com 1 0.0
starfieldtech.org 1 0.0
yandex.ru 1 0.0
certum.eu 1 0.0
letsencrypt 1 0.0
cloudflaressl.com 1 0.0
ica.cz 1 0.0
certsign.ro 1 0.0
zscaler.com 1 0.0
serpro.gov.br 1 0.0
pik.goog 1 0.0
aws.amazon.com 1 0.0

'issuewild' Record Values

Certificate Authority Count %
digicert.com 382 3.8
letsencrypt.org 347 3.5
pki.goog 252 2.5
comodoca.com 214 2.1
ssl.com 189 1.9
amazon.com 135 1.4
sectigo.com 111 1.1
globalsign.com 95 0.9
amazonaws.com 42 0.4
amazontrust.com 31 0.3
godaddy.com 29 0.3
awstrust.com 27 0.3
pki.apple.com 26 0.3
telesec.de 10 0.1
certainly.com 8 0.1
certum.pl 6 0.1
geotrust.com 5 0.1
entrust.net 5 0.1
microsoft.com 4 0.0
identrust.com 4 0.0
usertrust.com 4 0.0
trust-provider.com 4 0.0
comodo.com 3 0.0
rapidssl.com 3 0.0
harica.gr 2 0.0
quovadisglobal.com 2 0.0
www.digicert.com 2 0.0
thawte.com 2 0.0
cloudflare.com 2 0.0
swisssign.com 2 0.0
d-trust.net 2 0.0
secomtrust.net 1 0.0
wordpress.com 1 0.0
yandex.ru 1 0.0
certsign.ro 1 0.0
letsencrypt.com 1 0.0
symantec.com 1 0.0
cloudfront.net 1 0.0
certum.eu 1 0.0
pixfuture.com 1 0.0
emsign.com 1 0.0
gandi.net 1 0.0
chemexper.com 1 0.0
amazonaws.cn 1 0.0
entrust.com 1 0.0
jprs.jp 1 0.0
twca.com.tw 1 0.0
affirmtrust.com 1 0.0
akamai.net 1 0.0