How to test and validate DNSSEC using dig command line

How do I test and validate DNSSEC using thedig commandline under Linux, macOS, *BSD, and Unix-like systems? Learn how to test and validateDNSSEC using dig command line:

The DNSSEC is an acronym for Domain Name System Security Extensions. It is a suite of Internet Engineering Task Force (IETF) specifications for securing certain kinds of information provided by the Domain Name System (DNS). Dig is a DNS lookup tool to query dns servers for DNS records. For instance, dig can tell you the IP address of the mail server or website using a DNS resolver. One can use DNSSEC to mitigate security risk and helps prevent malicious motions like cache poisoning, pharming, and man-in-the-middle attacks. With DNSSEC, one can verify and authentication of DNS data and DNS integrity. This page explains how to test and validate DNSSEC issues that affect DNS resolution using thedig command.

The link for this article located at nixCraft is no longer available.