Verify Android APK signing certificates
check-signatureskillsetup L2★1
jason0404/Jason-Android-Marketplace ↗What it does
Verify Android APK signing certificates and fingerprints
Best for
Verifying that a release APK was signed with the expected certificate before distribution, especially for Play Console key rotation or third-party signed builds.
Inputs
- · Path to one or more .apk files
Outputs
- · Signer count
- · Certificate SHA-256 digest
- · Verification status
- · Match/mismatch on comparison
- · Optional HTML report
Requires
- · apksigner (Android SDK)
- · android-apk-signing-verifier
Preconditions
- · APK files exist and are valid
- · apksigner located via PATH or Android SDK build-tools
Failure modes
- · APK not found or corrupted
- · apksigner not available in PATH or SDK locations
- · Keystore or private key access attempted (blocked by safety rules)
Trust signals
- · Safety clause explicitly forbids keystore password exposure
- · apksigner tool cross-platform search documented
- · SHA-256 digest reporting specified