matching-rule command doesn't work under version 11.4.1

Can someone shed some lights on how to use matching-rule command in tmsh? The description and example in tmsh_ref_guide-11-4-1.pdf on page 1657 are pretty straightforward.

 

Based on the example, I created a similar firewall rule to allow TCP access from source IP 2.2.2.2 source port 141 to destination IP 1.1.1.1 destination port 140 and applied FW rule to different context global, VS and SelfIP respectively. Then, issue the command " show security firewall matching-rule dest-addr 1.1.1.1 dest-port 140 source-adddr 2.2.2.2 source-port 141 protocol 6 vlan /Common/Inside " to see if it matches any rules. below is the tmsh response. Firewall Matching Rule: Total records returned:0 tmsh didn't find any matching rule.

 

I am lost here. Can anyone help me with this issue? Thanks in advance.

 

Sean