I was able to successfully create a "regtest" CLTV redeem script for a P2SH address using the block number 0x7f but if I change it to 0xff (which I thought should be block 255) it won't work (giving me a "Negative locktime" error).
As nLockTime is unsigned I don't understand why the op code is reading a signed value and testing for it being negative.
Did I miss something?