I have a domain mydomain.com. The DNS servers for this domain are under my control and I'm running PowerDNS there. I've set up DNSSEC for my main domain mydomain.com and I've registered the keys at registrar. Everything works fine for the main domain. However when I create subdomains (zones) with PowerAdmin GUI then I get the following error for my subdomains from DNSSEC analysis tool at http://dnssec-debugger.verisignlabs.com/: No DS records found for subdomain.mydomain.com in the mydomain.com zone
Question: how to add that DS record to mydomain.com zone with powerdns?
Note: I haven't used PowerAdmin, so this is a PowerDNS answer.
Assuming you have also signed these subdomains/zones, you would use pdnssec show-zone to see the DS records for them. Then, insert these DS records into the parent zone (mydomain.com), with fields set like this:
You also need to insert NS records (as above, but with type=NS and content=name of your server), to get a valid delegation, even if it is local!
If you don't actually care about DNSSEC for the subdomains, just insert the NS records and leave out the DS. This will tell validators that the subdomain is deliberately insecure.