You are missing the left hand side of the output, but what you have looks fine. The DS records in your zone are not something that you wild manually create, so there is no need to try to add them back.
Is there a specific performance issue that you are trying to resolve?
I have a privacy suggestion you may wish to employ in the future.
When altering a domain name, it is preferable to use a designated reserved domain like example.com to that of an uninvolved third-party.
When altering a domain name, it is preferable to use a designated reserved domain like example.com to that of an uninvolved third-party.
Noted, that would be helpful to use in future queries.
Also thanks for confirming my output looks fine. I’m not trying to solve a performance issue but just ensure I’ve configured DNSSEC correctly. However the previous answer still leaves me with 2 questions if you could please help me:
If I don’t need to manually create the DS records, did Cloudflare add them automatically on my domain when enabling DNSSEC?
If the above is true, why does Cloudflare allow adding DS records manually and throw Error Code: 1004 on attempting to do so?
Not just subdomains, delegated subdomains. This means the subdomain has its own DNS outside of Cloudflare. If that DNS uses DNSSEC to sign, its key material needs to be present in that parent zone, not unlike the key material that you added at your registrar.
Any subdomain records that are held in the same Cloudflare account would be signed using the same key material that you added at your registrar.