Android Signing Certificate Checker
Read an APK's signing certificate — v1/v2/v3 scheme, SHA-1 and SHA-256 fingerprints, issuer, and validity — to verify who signed the app and confirm its identity.
Drop your file here
or click to choose from your device
About Android Signing Certificate Checker
Read an APK's signing certificate — v1/v2/v3 scheme, SHA-1 and SHA-256 fingerprints, issuer, and validity — to verify who signed the app and confirm its identity.
Android Signing Certificate Checker is part of APKLint’s apk & aab analysis toolkit — Unpack, inspect, and break down Android packages. It’s free to use and needs no account.
Your privacy is the default: files you upload are processed on our servers over an encrypted connection and permanently deleted by a scheduled hourly cleanup after analysis finishes, and never shared.
What Android Signing Certificate Checker checks
- Signature scheme(s): v1 (JAR), v2, v3
- Certificate subject and issuer
- Serial number and validity dates
- SHA-1 and SHA-256 fingerprints
Good to know: Reads the embedded certificate; it confirms how the APK is signed but can't verify Play App Signing keys held by Google.
When to use Android Signing Certificate Checker
- Best for
- Reading the full signing certificate of an APK: the v1/v2/v3 scheme in use, SHA-1 and SHA-256 fingerprints, issuer/subject, and validity dates.
- Not the right tool for
- Not a general APK breakdown; if you also want size, permissions, and structure use APK Analyzer.
- What you get back
- Certificate-centric detail: signing scheme(s), fingerprints, issuer and subject, and the validity window.
- How it differs from related APKLint tools
- It is the certificate-detail view; APK Signature Checker answers the narrower 'is it validly signed and with which scheme' question.
- Limitations
- It reads what the APK presents; it cannot confirm the signer's real-world identity or Play App Signing upstream.
How to use Android Signing Certificate Checker
- Choose your APK file — Drop an .apk file onto the page, or click to select it from your device.
- Send securely — The file is uploaded over an encrypted connection to our analysis servers.
- Read your report — APKLint unpacks and inspects the package and lays out the results on screen.
- Your file is removed — It's deleted by an hourly cleanup job after analysis finishes.
Why use APKLint
Every tool is free with no login and no paywall. Reasonable file and input limits keep the free service stable.
A clean, focused interface with no third-party ad banners cluttering your results.
Files you upload are deleted by a scheduled hourly cleanup after analysis finishes, and never shared.
Built on androguard for APK parsing and manifest/certificate analysis.
Start immediately — no account, login, or email required.
Runs in any modern browser, on desktop or mobile.
Frequently asked questions
What does Android Signing Certificate Checker do?
Read an APK's signing certificate — v1/v2/v3 scheme, SHA-1 and SHA-256 fingerprints, issuer, and validity — to verify who signed the app and confirm its identity.
Where do I find the SHA-1 for API consoles?
It's in the certificate read-out. Many Google APIs ask for the signing SHA-1 or SHA-256 — both are shown here.
Is it free to use?
Yes. Every tool on APKLint is completely free, with no sign-up and no account.
How is my data handled?
Your uploaded file and its result are processed on our servers over an encrypted connection, then removed by the next hourly cleanup after analysis finishes. We never share them.
What files can I send?
An Android APK — a .apk file — up to 1 GB.