In the end they said to me they gave me wrong nameservers and to change back to what my dashboard said again. I didn’t want to do that since everything was working fine, website resolving, DNSSEC okay.
But then I received a email from Cloudflare saying my nameservers weren’t pointing to Cloudflare anymore (?) so I had to change. I changed the nameservers and the dashboard now says the DNSSEC is “pending” for more than 8 hours, and analyzing my DNSSEC says
No DS records found for domain.app in the app zone.
So I don’t know. My recommendation is to not bother with DNSSEC as it’s only issues and no benefit. I’ll leave as it is because it’s resolving to my website, and I use google public DNS which validates DNSSEC I believe, so there should be no issues to anyone trying to access my website anyway.
And I’d warn against using Cloudflare as the domain registrar, their support is too slow vs namecheap instant live support 24/7. If the worse happens I can remove Cloudflare from the equation and have my website live again in minutes, but if Cloudflare were my registrar and I had this issue, I could be offline for days unless I pay the very expensive plans…