This website contains information on the Australian CSCA operated by the Australian Passport Office for the Australian Department of Foreign Affairs and Trade.
The distinguished name of the CSCA is C = AU O = GOV OU = DFAT OU = APO CN = Passport Country Signing Authority
CSCA Public Key Certificates
The CSCA uses two types of key pairs: a main key pair and a number of backup key pairs. The main key pair is used to issue Document Signer certificates.
Backup key pairs are only used for disaster-recovery, i.e. in the unlikely case that the main key pair becomes unusable; the first backup key pair will become the new main key pair etc.
DER encoded certificates for the CSCA public keys can be found below. The information required to verify the authenticity of the following certificates is also available in authentic printed form upon request.
The next rollover of the CSCA certificate is planned for 2024.
Public Key Certificate (Certificate 05/2020)
The current public key is available as self-signed certificate, and as link certificate, verifiable by the previous public key (i.e. with serial number SN=13 89) and the SHA-1 thumbprint of b3 8a 3b e8 92 80 8b a9 42 bf b9 90 aa ff d9 e4 83 cd 50 70
The current self-signed Australian certificate public key has the serial number SN=16 f2 and the SHA-1 thumbprint of f8 b1 a9 91 e9 35 5b b4 61 9f 22 9c 35 91 dc 04 58 ac 31 ac
The link certificate of the main public key has the SHA-1 fingerprint 75 b0 0f 79 2e 8b 6a 79 93 69 33 ec f7 f5 97 26 bc 3b f3 f8
Certificate Revocation List (CRL)
The Australian certificate revocation list is updated at least once every 90 days.
If you encounter any problems while downloading the CRL, please contact the CSCA (see below).
Communication with the Australian CSCA
The primary communication channel with the CSCA is email firstname.lastname@example.org.