ldns-verify-zone: invalid option -- '-' verify-zone version 1.6.17 (ldns version 1.6.17)

ldns-verify-zone: invalid option -- '-' Usage: ldns-verify-zone [OPTIONS] <zonefile> Reads the zonefile and checks for DNSSEC errors. It checks whether NSEC(3)s are present, and verifies all signatures It also checks the NSEC(3) chain, but it will error on opted-out delegations OPTIONS: -h show this text -a apex only, check only the zone apex -e <period> signatures may not expire within this period. (default no period is used) -i <period> signatures must have been valid at least this long. (default signatures should just be valid now) -k <file> specify a file that contains a trusted DNSKEY or DS rr. This option may be given more than once. Default is /etc/unbound/root.key -p [0-100] only checks this percentage of the zone. Defaults to 100 -S chase signature(s) to a known key. The network may be accessed to validate the zone's DNSKEYs. (implies -k) -t YYYYMMDDhhmmss | [+|-]offset set the validation time either by an absolute time value or as an offset in seconds from <now>. For data that came from the network (while chasing), system time will be used for validating it regardless. -v shows the version and exits -V [0-5] set verbosity level (default 3) <period>s are given in ISO 8601 duration format: P[n]Y[n]M[n]DT[n]H[n]M[n]S if no file is given standard input is read