The Australian Country Signing Certificate Authority (CSCA)

This website contains information on the Australian CSCA operated by the Australian Passport Office for the Australian Department of Foreign Affairs and Trade.

The distinguished name of the CSCA is C = AU O = GOV OU = DFAT OU = APO CN = Passport Country Signing Authority

CSCA Public Key Certificates

The CSCA uses two types of key pairs: a main key pair and a number of backup key pairs. The main key pair is used to issue Document Signer certificates.

Backup key pairs are only used for disaster-recovery, i.e. in the unlikely case that the main key pair becomes unusable; the first backup key pair will become the new main key pair etc.

DER encoded certificates for the CSCA public keys can be found below. The information required to verify the authenticity of the following certificates is also available in authentic printed form upon request.

Certificate Rollover

The next rollover of the CSCA certificate is planned for 2020.

Public Key Certificate (Certificate 06/2017)

The current public key is available as self-signed certificate, and as link certificate, verifiable by the previous public key (i.e. with serial number SN=31 1b).and the SHA-1 thumbprint of ‎‎c1 24 46 cc 72 95 7d 65 0e 92 73 d2 c5 33 91 4a 6f 5a 29 ec.

Previous Public Key Certificate(s)

The Current self-signed Australian certificate public key has the serial number SN=13 89 and the SHA-1 thumbprint of ‎b3 8a 3b e8 92 80 8b a9 42 bf b9 90 aa ff d9 e4 83 cd 50 70.

The link certificate of the main public key has the SHA-1 fingerprint ‎12 0a bf 03 54 5e 30 4a a0 63 ae 7f 4c 57 af 81 8d ad 5a e6

Certificate Revocation List (CRL)

The Australian certificate revocation list is updated at least once every 90 days.

If you encounter any problems while downloading the CRL, please contact the CSCA (see below).

Communication with the Australian CSCA

The primary communication channel with the CSCA is email csca-australia [at] dfat.gov.au (subject: CSCA-Australia) .