The Australian Country Signing Certificate Authority (CSCA)

This website contains information on the Australian CSCA operated by the Australian Passport Office for the Australian Department of Foreign Affairs and Trade.

The distinguished name of the CSCA is C = AU O = GOV OU = DFAT OU = APO CN = Passport Country Signing Authority

CSCA Public Key Certificates

The CSCA uses two types of key pairs: a main key pair and a number of backup key pairs. The main key pair is used to issue Document Signer certificates.

Backup key pairs are only used for disaster-recovery, i.e. in the unlikely case that the main key pair becomes unusable; the first backup key pair will become the new main key pair etc.

DER encoded certificates for the CSCA public keys can be found below. The information required to verify the authenticity of the following certificates is also available in authentic printed form upon request.

Certificate Rollover

The next rollover of the CSCA certificate is planned for 2024.

Public Key Certificate (Certificate 05/2020)

The current public key is available as self-signed certificate, and as link certificate, verifiable by the previous public key (i.e. with serial number SN=13 89) and the SHA-1 thumbprint of ‎‎ b3 8a 3b e8 92 80 8b a9 42 bf b9 90 aa ff d9 e4 83 cd 50 70

The current self-signed Australian certificate public key has the serial number SN=16 f2 and the SHA-1 thumbprint of f8 b1 a9 91 e9 35 5b b4 61 9f 22 9c 35 91 dc 04 58 ac 31 ac

The link certificate of the main public key has the SHA-1 fingerprint ‎ 75 b0 0f 79 2e 8b 6a 79 93 69 33 ec f7 f5 97 26 bc 3b f3 f8

Previous public key certificate(s)

Certificate Revocation List (CRL)

The Australian certificate revocation list is updated at least once every 90 days.

If you encounter any problems while downloading the CRL, please contact the CSCA (see below).

Communication with the Australian CSCA

The primary communication channel with the CSCA is email