diff --git a/cp/app/Controllers/SystemController.php b/cp/app/Controllers/SystemController.php
index a6028f7..6cf86f9 100644
--- a/cp/app/Controllers/SystemController.php
+++ b/cp/app/Controllers/SystemController.php
@@ -1012,44 +1012,49 @@ class SystemController extends Controller
 
                 $secureTld = $tld['secure'];
                 if ($secureTld === 1) {
-                    // Remove the leading dot
                     $tld_extension_cleaned = ltrim($tld['tld'], '.');
+                    $zone = escapeshellarg($tld_extension_cleaned);
+                    $statusOutput = shell_exec("rndc dnssec -status $zone");
 
-                    // Path to the JSON file
-                    $jsonFilePath = "/tmp/{$tld_extension_cleaned}.json";
-
-                    // Initialize a variable to hold the data for Twig
-                    $dnssecData = null;
-
-                    if (file_exists($jsonFilePath) && is_readable($jsonFilePath)) {
-                        // Read and decode the JSON file
-                        $jsonContent = file_get_contents($jsonFilePath);
-                        $data = json_decode($jsonContent, true);
-
-                        if (json_last_error() === JSON_ERROR_NONE) {
-                            // Ensure keys exist and process them
-                            if (isset($data['keys']) && is_array($data['keys'])) {
-                                $dnssecData = [
-                                    'zoneName' => $data['zoneName'] ?? 'N/A',
-                                    'timestamp' => $data['timestamp'] ?? 'N/A',
-                                    'keys' => [],
-                                ];
-
-                                foreach ($data['keys'] as $key) {
-                                    $dnssecData['keys'][] = [
-                                        'keyFile' => $key['keyFile'] ?? 'N/A',
-                                        'dsRecord' => $key['dsRecord'] ?? 'N/A',
-                                        'timestamp' => $key['timestamp'] ?? 'N/A',
-                                    ];
-                                }
-                            } else {
-                                $dnssecData = ['error' => "No keys found in JSON."];
-                            }
-                        } else {
-                            $dnssecData = ['error' => "Failed to decode JSON: " . json_last_error_msg()];
-                        }
+                    if (!$statusOutput) {
+                        $dnssecData = ['error' => "Unable to fetch DNSSEC status for $zone."];
                     } else {
-                        $dnssecData = ['error' => "File {$jsonFilePath} not found or not readable."];
+                        // Extract all KSKs regardless of algorithm
+                        preg_match_all('/key: (\d+) \((\w+)\), KSK/', $statusOutput, $matches, PREG_SET_ORDER);
+
+                        $dnssecData = [
+                            'zoneName' => $tld['tld'],
+                            'timestamp' => date('Y-m-d H:i:s'),
+                            'keys' => [],
+                        ];
+
+                        foreach ($matches as $match) {
+                            $keyId = $match[1];
+                            $algorithm = $match[2];
+
+                            // Determine if key is active or in rollover state
+                            $keyStatus = strpos($statusOutput, "key: $keyId") !== false
+                                ? (strpos($statusOutput, "key signing: yes") !== false ? 'Active' : 'Pending Rollover')
+                                : 'Unknown';
+
+                            // Extract DS record for this key
+                            $dsRecord = shell_exec("dnssec-dsfromkey -2 /var/lib/bind/K{$tld_extension_cleaned}.+008+{$keyId}.key");
+                            $dsRecord = $dsRecord ? trim($dsRecord) : 'N/A';
+
+                            // Append key details
+                            $dnssecData['keys'][] = [
+                                'key_id' => $keyId,
+                                'algorithm' => $algorithm,
+                                'ds_record' => $dsRecord,
+                                'status' => $keyStatus,
+                                'timestamp' => date('Y-m-d H:i:s'),
+                            ];
+                        }
+
+                        // If no keys were found, set an error message
+                        if (empty($dnssecData['keys'])) {
+                            $dnssecData = ['error' => "No DNSSEC keys found for $zone."];
+                        }
                     }
                 } else {
                     $dnssecData = ['error' => "DNSSEC is not enabled for this TLD."];
diff --git a/cp/resources/views/admin/system/manageTld.twig b/cp/resources/views/admin/system/manageTld.twig
index af7d0f5..4ffc302 100644
--- a/cp/resources/views/admin/system/manageTld.twig
+++ b/cp/resources/views/admin/system/manageTld.twig
@@ -93,56 +93,80 @@
                   </div>
                 </div>
 
-                {% if dnssecData is defined and dnssecData.keys is defined %}
-                <div class="card mb-3">
-                  <div class="card-header">
-                    <h5 class="card-title">{{ __('DNSSEC Details') }} <span class="card-subtitle">{{ __('Last Updated:') }} {{ dnssecData.timestamp }}</span></h5>
-                  </div>
-                  <div class="card-body">
-                    <div class="table-responsive">
-                      <table class="table table-vcenter card-table">
-                        <thead>
-                          <tr>
-                            <th>{{ __('Key File') }}</th>
-                            <th>{{ __('DS Record') }}</th>
-                            <th>{{ __('Timestamp') }}</th>
-                          </tr>
-                        </thead>
-                        <tbody>
-                          {% for key in dnssecData.keys %}
-                          <tr>
-                            <td>{{ key.keyFile }}</td>
-                            <td><p class="user-select-all tracking-wide mb-0"><kbd>{{ key.dsRecord }}</kbd></p></td>
-                            <td>{{ key.timestamp }}</td>
-                          </tr>
-                          {% endfor %}
-                        </tbody>
-                      </table>
+                {% if dnssecData is defined and dnssecData.keys is defined and dnssecData.keys|length > 0 %}
+                    <div class="card mb-3">
+                        <div class="card-header">
+                            <h5 class="card-title">{{ __('DNSSEC Details') }}
+                                <span class="card-subtitle">{{ __('Last Updated:') }} {{ dnssecData.timestamp }}</span>
+                            </h5>
+                        </div>
+                        <div class="card-body">
+                            <div class="table-responsive">
+                                <table class="table table-vcenter card-table">
+                                    <thead>
+                                        <tr>
+                                            <th>{{ __('Key ID') }}</th>
+                                            <th>{{ __('Algorithm') }}</th>
+                                            <th>{{ __('DS Record') }}</th>
+                                            <th>{{ __('Status') }}</th>
+                                            <th>{{ __('Timestamp') }}</th>
+                                        </tr>
+                                    </thead>
+                                    <tbody>
+                                        {% for key in dnssecData.keys %}
+                                        <tr>
+                                            <td>{{ key.key_id }}</td>
+                                            <td>{{ key.algorithm }}</td>
+                                            <td>
+                                                {% if key.ds_record != 'N/A' %}
+                                                    <p class="user-select-all tracking-wide mb-0">
+                                                        <kbd>{{ key.ds_record }}</kbd>
+                                                    </p>
+                                                {% else %}
+                                                    <span class="text-muted">{{ __('Not Available') }}</span>
+                                                {% endif %}
+                                            </td>
+                                            <td>
+                                                {% if key.status == 'Active' %}
+                                                    <span class="badge bg-success">{{ __('Active') }}</span>
+                                                {% elseif key.status == 'Pending Rollover' %}
+                                                    <span class="badge bg-warning">{{ __('Pending Rollover') }}</span>
+                                                {% else %}
+                                                    <span class="badge bg-secondary">{{ __('Unknown') }}</span>
+                                                {% endif %}
+                                            </td>
+                                            <td>{{ key.timestamp }}</td>
+                                        </tr>
+                                        {% endfor %}
+                                    </tbody>
+                                </table>
+                            </div>
+                        </div>
                     </div>
-                  </div>
-                </div>
                 {% elseif dnssecData.error is defined %}
-                <div class="card mb-3">
-                  <div class="card-header">
-                    <h5 class="card-title">{{ __('DNSSEC Details') }}</h5>
-                  </div>
-                  <div class="card-body">
-                    <div class="alert alert-warning" role="alert">
-                      <h4 class="alert-title">{{ dnssecData.error }}</h4>
+                    <div class="card mb-3">
+                        <div class="card-header">
+                            <h5 class="card-title">{{ __('DNSSEC Details') }}</h5>
+                        </div>
+                        <div class="card-body">
+                            <div class="alert alert-warning" role="alert">
+                                <h4 class="alert-title">{{ dnssecData.error }}</h4>
+                            </div>
+                        </div>
                     </div>
-                  </div>
-                </div>
                 {% else %}
-                <div class="card mb-3">
-                  <div class="card-header">
-                    <h5 class="card-title">{{ __('DNSSEC Details') }}</h5>
-                  </div>
-                  <div class="card-body">
-                    <div class="alert alert-info" role="alert">
-                      <div><h4 class="alert-heading">{{ __('No DNSSEC data available.') }}</h4></div>
+                    <div class="card mb-3">
+                        <div class="card-header">
+                            <h5 class="card-title">{{ __('DNSSEC Details') }}</h5>
+                        </div>
+                        <div class="card-body">
+                            <div class="alert alert-info" role="alert">
+                                <div>
+                                    <h4 class="alert-heading">{{ __('No DNSSEC data available.') }}</h4>
+                                </div>
+                            </div>
+                        </div>
                     </div>
-                  </div>
-                </div>
                 {% endif %}
 
                 <div class="card mb-3">