The Australian Country Signing Certificate Authority (CSCA)
This website contains information on the Australian CSCA operated by the Australian Passport Office for the Australian Department of Foreign Affairs and Trade.
The distinguished name of the CSCA is C = AU O = GOV OU = DFAT OU = APO CN = Passport Country Signing Authority
CSCA Public Key Certificates
The CSCA uses two types of key pairs: a main key pair and a number of backup key pairs. The main key pair is used to issue Document Signer certificates.
Backup key pairs are only used for disaster-recovery, i.e. in the unlikely case that the main key pair becomes unusable; the first backup key pair will become the new main key pair etc.
DER encoded certificates for the CSCA public keys can be found below. The information required to verify the authenticity of the following certificates is also available in authentic printed form upon request.
The next rollover of the CSCA certificate is planned for 2020.
Public Key Certificate (Certificate 06/2017)
The current public key is available as self-signed certificate, and as link certificate, verifiable by the previous public key (i.e. with serial number SN=31 1b).and the SHA-1 thumbprint of c1 24 46 cc 72 95 7d 65 0e 92 73 d2 c5 33 91 4a 6f 5a 29 ec.
The Current self-signed Australian certificate public key has the serial number SN=13 89 and the SHA-1 thumbprint of b3 8a 3b e8 92 80 8b a9 42 bf b9 90 aa ff d9 e4 83 cd 50 70.
The link certificate of the main public key has the SHA-1 fingerprint 12 0a bf 03 54 5e 30 4a a0 63 ae 7f 4c 57 af 81 8d ad 5a e6
Certificate Revocation List (CRL)
The Australian certificate revocation list is updated at least once every 90 days.
If you encounter any problems while downloading the CRL, please contact the CSCA (see below).
Communication with the Australian CSCA
The primary communication channel with the CSCA is email csca-australia [at] dfat.gov.au (subject: CSCA-Australia) .