Custom hostname verification with DNSSEC enabled

I was struggling with migrating custom domains from a domain to another domain, then I encountered the error “The hostname is using Cloudflare and cannot be activated with an TXT or HTTP validation token. To activate the custom hostname, the DNS target needs to point to the SaaS zone”.

If the custom domain is not a roodomain, that’s OK, but unfortunately it is. When I tried to add a CNAME on it’s @ record, it showed “Cannot add an @ CNAME record when DNSSEC enabled”.

How can I solve this problem?