This has been the topic in multiple questions here on stack overflow:
- Why is one of these two itext 7 signed and validated document is not valid with Adobe DC reader?
- Sign concatenated PDF in append mode with CERTIFIED_NO_CHANGES_ALLOWED
- Adding LTV in signature makes pdf invalid using C#
- After add LTV signature got corrupted for some pdf file
- PAdES LTV signing of a PDF/A-3A document yields invalid signature
Additional Problems
There most likely are other issues still to be found in your example PDF, though. As mentioned above, cross references like in your first revision usually only cause problems after adding an incremental update to the signed PDF. That is not the case for your example PDF. Thus, I would expect other oddities in it.
Remarks
Some additional observations:
Starting from the first revision you have a number of extra entries in the document information dictionary: SIG_PAGE, SIG_LLX, SIG_LLY, SIG_URX, and SIG_URY. IMO this is not the appropriate place, although conforming readers may store custom metadata in the document information dictionary, they may not store private content or structural information there. Such information shall be stored in the document catalogue instead. (ISO 32000-1 section 14.3.3 "Document Information Dictionary") IMO those entries look like processing instructions private to your work flow, not metadata of public interest.
Your signature dictionary contains a R value. Since PDF 1.5 this entry shall not be used, and the information shall be stored in the Prop_Build dictionary. (ISO 32000-1 table 252 "Entries in a signature dictionary")