Hans, I found out why Acrobat isn’t reading time from signatures performed with ConTeXt. PAdES signatures require the /M key in the signature dictionary (https://www.etsi.org/deliver/etsi_en/319100_319199/31914201/01.02.01_60/en_3...). Just in case you wonder, this has been a requirement in previous versions: https://www.etsi.org/deliver/etsi_en/319100_319199/31914201/01.01.01_60/en_3... and https://www.etsi.org/deliver/etsi_ts/103100_103199/103172/02.02.02_60/ts_103.... Besides that, the CMS signature itself should not have any signing-time attribute. It might have a timestamp token as unsigned attribute added to the signature, as I already mentioned in my previous messages, but I’m still investigating this. BTW, there is an ongoing pull request to be able to have CMS signatures without signing time attribute in OpenSSL (https://github.com/openssl/openssl/pull/15783). But this still has to be merged (after being finished). The attached patch adds the /M entry in the signature dictionary. This is the best we (or at least I) can do right now. Many thanks for your help, Pablo