dig +dnssec cnn.com @1.0.0.1
; <<>> DiG 9.11.5-P4-5.1-Raspbian <<>> +dnssec cnn.com @1.0.0.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 31994
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;cnn.com. IN A;; ANSWER SECTION:
cnn.com. 59 IN A 151.101.129.67
cnn.com. 59 IN A 151.101.193.67
cnn.com. 59 IN A 151.101.1.67
cnn.com. 59 IN A 151.101.65.67;; Query time: 119 msec
;; SERVER: 1.0.0.1#53(1.0.0.1)
;; WHEN: Fri Jul 05 08:10:18 CDT 2019
;; MSG SIZE rcvd: 100
As one can see from the date, the output looks similar.
How can I tell if the dnssec is valid?