diff --git a/man/dnssec-trust-anchors.d.xml b/man/dnssec-trust-anchors.d.xml
index 8b6394e9271..f14ebbce7cb 100644
--- a/man/dnssec-trust-anchors.d.xml
+++ b/man/dnssec-trust-anchors.d.xml
@@ -138,7 +138,17 @@
and follow the same overriding rules. They are text files with the
.negative suffix. Empty lines and lines whose first character is
; are ignored. Each line specifies one domain name which is the root of a DNS
- subtree where validation shall be disabled.
+ subtree where validation shall be disabled. For example:
+
+ # Reverse IPv4 mappings
+10.in-addr.arpa
+16.172.in-addr.arpa
+168.192.in-addr.arpa
+...
+# Some custom domains
+prod
+stag
+
Negative trust anchors are useful to support private DNS
subtrees that are not referenced from the Internet DNS hierarchy,