15:32 < nagios-scl3> Wed 15:32:38 PDT  ns1a.dmz.scl3.mozilla.com:DNS SOA - mozilla.org is CRITICAL: CRITICAL: Serials for zone mozilla.org differ. Dig shows: 2013051402. Local file shows 2013051500. (http://m.allizom.org/DNS+SOA+-+mozilla.org) This is true. Running the update named script by hand doesn't return any errors. I reloaded rndc but no change. limed and atoll were notified and looking at this.
The SOA mismatch for mozilla.org occurred when the DNSSEC signing process refused to sign the zone. We traced that to an expired ZSK ("zone signing key"), which has been renewed. DNSSEC signing has resumed, and today's mozilla.org updates are now published as expected.
Bug 872832 was the root cause of the SOA issue, and is now resolved.