The Australian Country Signing Certificate Authority (CSCA)

This website contains information on the Australian CSCA operated by the Australian Passport Office for the Australian Department of Foreign Affairs and Trade.

The distinguished name of the CSCA is C = AU O = GOV OU = DFAT OU = APO CN = Passport Country Signing Authority

CSCA Public Key Certificates

The CSCA uses two types of key pairs: a main key pair and a number of backup key pairs. The main key pair is used to issue Document Signer certificates.

Backup key pairs are only used for disaster-recovery, i.e. in the unlikely case that the main key pair becomes unusable; the first backup key pair will become the new main key pair etc.

DER encoded certificates for the CSCA public keys can be found below. The information required to verify the authenticity of the following certificates is also available in authentic printed form upon request.

Certificate Rollover

The next rollover of the CSCA certificate is planned for 2028.

Public Key Certificate (Certificate 05/2024)

The current public key is available as self-signed certificate, and as link certificate, verifiable by the previous public key (i.e. with serial number SN=16f5) and the SHA-1 thumbprint of ‎‎75 b0 0f 79 2e 8b 6a 79 93 69 33 ec f7 f5 97 26 bc 3b f3 f8

The current self-signed Australian certificate public key has the serial number SN=69 18 and the SHA-1 thumbprint of 2c 14 11 2a ed 05 b5 e9 37 3c 3e c1 8a 8f 7c 56 e6 31 c0 8e

The link certificate of the main public key has the SHA-1 fingerprint  6c 32 f0 79 d1 33 85 5b 33 aa 3c 55 12 a2 a4 d9 2e 53 85 70

Previous public key certificate(s)

Certificate Revocation List (CRL)

The Australian certificate revocation list is updated at least once every 90 days.

If you encounter any problems while downloading the CRL, please contact the CSCA (see below).

Communication with the Australian CSCA

The primary communication channel with the CSCA is email