LPNZ policy
| Resign | 2 hours |
| Refresh | 3 days |
| Validity Default | 7 days |
| Validity NSEC/NSEC3 | 7 days |
| Jitter | 12 hours |
| Inception Offset | 3600 seconds |
| Method | NSEC |
| TTL | 3600 seconds |
| Retire Safety | 3600 seconds |
| Publish Safety | 3600 seconds |
| Share Keys? | No |
| Purge dead keys after | 14 days |
| KSK | |
| Algorithm | RSA/SHA-256, 2048 bits |
| Lifetime | 2 years |
| Repository | SoftHSM-KSK |
| Number of Standby Keys | |
| Manual Rollover? | No |
| Use RFC5011? | No |
| ZSK | |
| Algorithm | RSA/SHA-256, 1024 bits |
| Lifetime | 30 days |
| Repository | SoftHSM-ZSK |
| Number of Standby Keys | 1 |
| Manual Rollover? | No |
| Propagation Delay | 43200 seconds |
| SOA TTL | 3600 seconds |
| SOA Minimum | 3600 seconds |
| SOA Serial Format | YYYYMMDDnn (Date + 2-Digit-Counter) |
| Propagation Delay | 9999 seconds |
| DS TTL | 3600 seconds |
| SOA TTL | 172800 seconds |
| SOA Minimum | 10800 seconds |