checkserialdns.sh check if your slave dns-servers are synchronised with your master. It users the SOA-RR and the serial-numbers to compare.

checkserialdns.sh

#!/usr/bin/env bash

#  checkserialdns.sh: checks if your DNS master and slaves are synchronised
#  Copyright (C) 2014 Benedikt Heine <[email protected]>
#
#  This program is free software: you can redistribute it and/or modify
#  it under the terms of the GNU General Public License as published by
#  the Free Software Foundation, either version 3 of the License, or
#  (at your option) any later version.
#
#  This program is distributed in the hope that it will be useful,
#  but WITHOUT ANY WARRANTY; without even the implied warranty of
#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
#  GNU General Public License for more details.
#
#  You should have received a copy of the GNU General Public License
#  along with this program. If not, see http://www.gnu.org/licenses/.
#
# checks if your dns-servers are synchronised by
# comparing the serial-number in the domains SOA-RR
#
# usage:
# checkserialdns.sh domain1 [domain2] [domain3] ... [domainN]
#

for domain in $@; do
	# get the master dns-server from your SOA-RR
	master=$(dig +short SOA $domain | cut -d " " -f 1)

	# get the latest serial-number from the master dns-server
	serial=$(dig +short SOA @$master $domain | cut -d " " -f 3)

	#	iterate the NS-RRs grabbed from master dns-server for the domain
	for server in $(dig +short NS @$master $domain); do

		# get the serial-number from the slave dns-server
		serial_slave=$(dig +short SOA @$server $domain | cut -d " " -f 3)

		if [ "x$serial_slave" = "x$serial" ]; then
			echo "ok: serial: $serial $domain $server"
			else
				echo "BAD: $domain $server"
				echo "	master serial: $serial"
				echo "	slave  serial: $serial_slave"
		fi

	done

done

Just to mention:

dig SOA +nssearch $DOMAIN

does almost the same.