APK Signature Checker
Verify an APK's signing scheme (v1/v2/v3) and read its certificate fingerprints (SHA-1, SHA-256), issuer, and validity dates in seconds, on screen.
Drop your file here
or click to choose from your device
About APK Signature Checker
Verify an APK's signing scheme (v1/v2/v3) and read its certificate fingerprints (SHA-1, SHA-256), issuer, and validity dates in seconds, on screen.
APK Signature Checker is part of APKLint’s apk & aab analysis toolkit — Unpack, inspect, and break down Android packages. It’s free to use and needs no account.
Your privacy is the default: files you upload are processed on our servers over an encrypted connection and permanently deleted by a scheduled hourly cleanup after analysis finishes, and never shared.
What APK Signature Checker checks
- Confirms the APK is signed and with which schemes
- Flags weak v1-only (Janus-era) signing
- Shows certificate fingerprints (SHA-1, SHA-256)
- Reports certificate validity window
Good to know: Verifies the signature block's presence and scheme, not the trust chain of a private key.
When to use APK Signature Checker
- Best for
- Quickly verifying that an APK is signed and which signature scheme (v1/v2/v3) it uses, plus its fingerprints, before you trust or compare a build.
- Not the right tool for
- Not the place for certificate issuer/subject deep dives, use the Signing Certificate tool for the full record.
- What you get back
- Which signing schemes are present and the SHA-1/SHA-256 fingerprints, as a verification result.
- How it differs from related APKLint tools
- It is the focused 'is the signature valid and what scheme' check; the Signing Certificate tool shows the full certificate metadata.
- Limitations
- A valid signature proves integrity since signing, not that the publisher is who they claim.
How to use APK Signature Checker
- Choose your APK file — Drop an .apk file onto the page, or click to select it from your device.
- Send securely — The file is uploaded over an encrypted connection to our analysis servers.
- Read your report — APKLint unpacks and inspects the package and lays out the results on screen.
- Your file is removed — It's deleted by an hourly cleanup job after analysis finishes.
Why use APKLint
Every tool is free with no login and no paywall. Reasonable file and input limits keep the free service stable.
A clean, focused interface with no third-party ad banners cluttering your results.
Files you upload are deleted by a scheduled hourly cleanup after analysis finishes, and never shared.
Built on androguard for APK parsing and manifest/certificate analysis.
Start immediately — no account, login, or email required.
Runs in any modern browser, on desktop or mobile.
Frequently asked questions
What does APK Signature Checker do?
Verify an APK's signing scheme (v1/v2/v3) and read its certificate fingerprints (SHA-1, SHA-256), issuer, and validity dates in seconds, on screen.
Is v1-only signing a problem?
On modern Android it's weak — add the v2/v3 APK Signature Scheme. The check flags v1-only so you can fix it before release.
Is it free to use?
Yes. Every tool on APKLint is completely free, with no sign-up and no account.
How is my data handled?
Your uploaded file and its result are processed on our servers over an encrypted connection, then removed by the next hourly cleanup after analysis finishes. We never share them.
What files can I send?
An Android APK — a .apk file — up to 1 GB.