How to inspect the signer details declared in a signed pdf
- Step 1Open the viewer — Load the signed PDF into the PDF Digital Signature Viewer. Parsing is browser-local.
- Step 2Drop the signed document — The tool finds every signature field (
/FT /Sig) in the AcroForm/Fieldsarray. - Step 3Read the declared identity — For each signature you see signer, signing time, reason, location, contact info and isCertified.
- Step 4Match against the expected signer — Confirm the declared
signername matches who you expected — remembering this is a self-declared field, not yet a verified certificate identity. - Step 5Verify the certificate — To confirm the signer's certificate is genuine and chains to a trusted root, open the PDF Signature Verifier and supply your trust-anchor PEM.
- Step 6Record both views — Keep the declared metadata next to the verifier's signer-common-name and trust result for a complete signer record.
Declared signer fields this viewer reads
Pulled from the signature dictionary, not from the certificate.
| Field | PDF source key | Notes |
|---|---|---|
signer | /Name | Name the signer declared — may differ from the certificate subject. |
signingTime | /M | Declared signing time, normalised to ISO format. |
reason | /Reason | Optional free text; often blank. |
location | /Location | Optional free text; often blank. |
contactInfo | /ContactInfo | Optional contact string. |
field | /T | Signature field name. |
isCertified | /Reference present | Marks a certifying signature; not a trust assertion. |
What the viewer does NOT show (and where to get it)
Certificate-level data requires cryptographic parsing.
| Certificate detail | Shown here? | Where to get it |
|---|---|---|
| Issuer / certificate authority | No | Desktop verifier (Acrobat / pyHanko) |
| Subject distinguished name | No (only declared /Name) | Verifier reports signer common name |
| Certificate serial number | No | Desktop verifier |
| Validity window (not-before / not-after) | No | Verifier checks validity at signing |
| Key-usage flags (Digital Signature / Non-Repudiation) | No | Desktop verifier |
| Revocation status (OCSP / CRL) | No | Desktop verifier (Acrobat / pyHanko) |
| Chain to a trusted root | No | Verifier with trust anchors |
Cookbook
How to read the declared signer fast, and exactly what to do when you need real certificate validation.
Declared signer on an approval signature
What the viewer prints for one ordinary signature.
field: "Signature1" signer: "Dana Reviewer" signingTime: "2026-04-01T13:30:00" reason: "Approved for release" location: "New York, US" isCertified: false
Declared name differs from the real certificate
The /Name field is self-declared; only the verifier reads the certificate's actual subject CN.
viewer signer: "J. Smith" (from /Name) verifier signerCN: "John A. Smith, Acme Ltd" (from certificate) → confirm the certificate CN, not just the declared name
A certifying signature
isCertified is true because the field carries /Reference.
field: "AuthorCert" signer: "Acme Document Control" signingTime: "2026-01-05T08:00:00" isCertified: true
Confirming the certificate chains to a trusted CA
Take the declared signer to the verifier and supply your root PEM.
-----BEGIN CERTIFICATE----- MIIB... (your trusted root) -----END CERTIFICATE----- → verifier: chainTrusted: true, signerCN matches expected
Unsigned file mistaken for signed
A drawn signature image is not a certificate.
hasSignatures: false message: "No digital signatures detected." (the visible mark was added by PDF Sign — no certificate exists)
Edge cases and what actually happens
You need the issuer / CA name
Not shown hereThis viewer reads the declared /Name, not the X.509 certificate, so it can't show the issuer, subject DN, serial, or key usage. Use a desktop verifier (Adobe Acrobat or pyHanko); the PDF Signature Verifier reports the signer common name from the certificate.
Declared name doesn't match the certificate
InformationalThe /Name field is self-declared and can differ from the certificate subject. Trust the certificate identity, which only the verifier reads — not the declared name alone.
Self-signed certificate
Not detected hereThe viewer can't tell a self-signed certificate from a CA-issued one because it doesn't decode the certificate. Run the verifier with your trust anchors; a self-signed cert won't chain to a trusted root.
Certificate expired at signing time
Not detected hereValidity dates live in the certificate, which this viewer doesn't parse. The verifier checks whether the certificate was within its validity window when the document was signed.
Key-usage doesn't permit signing
Not detected hereKey-usage flags (Digital Signature, Non-Repudiation) are certificate extensions this viewer doesn't read. Inspect them in a desktop verifier such as Acrobat or pyHanko.
Signature field unreadable
ReportedIf the AcroForm tree is missing, a raw-byte fallback lists the signature as signer '(unparseable)'. The field exists but its dictionary couldn't be read here — use the verifier to parse the signature structure.
Encrypted PDF
SupportedParsing loads the document with encryption ignored, so the declared signer is usually still readable. If parsing fails on a strongly encrypted file, remove protection first with PDF Unlock.
Multiple signers in one document
ExpectedEach /Sig field is reported as its own row with its own declared signer — read all of them to see every party that signed.
File too large for your tier
RejectedFree caps the input at 2 MB / 50 pages. Larger signed PDFs are rejected before parsing — upgrade or reduce the file first.
Frequently asked questions
Does this tool show the certificate's issuer and subject?
No. It reads the declared /Name from the signature dictionary, not the embedded X.509 certificate, so it does not print the issuer, subject distinguished name, serial number, validity dates, or key-usage flags. For the certificate's signer common name and chain validation, use the PDF Signature Verifier; for full certificate inspection, use Adobe Acrobat or pyHanko.
How do I know if the certificate is from a trusted authority?
This viewer can't tell you — it doesn't decode the certificate. Run the PDF Signature Verifier and paste a PEM bundle of the roots you trust; it validates whether the signer's certificate chains to one of them within its validity window. A self-signed certificate has no external trust anchor and won't chain.
Is the displayed signer name the same as the certificate identity?
Not necessarily. The signer value comes from the /Name key the signer declared, which can differ from the certificate's subject. Treat it as a hint and confirm the real identity with the verifier, which reads the certificate's common name.
What key-usage flags should a signing certificate have?
A document-signing certificate normally carries 'Digital Signature' and often 'Non-Repudiation' key-usage flags. This viewer doesn't read those flags — inspect them in a desktop verifier such as Adobe Acrobat or the open-source pyHanko.
Can I see the certificate revocation status?
No. Neither this viewer nor the in-browser verifier performs live OCSP or CRL revocation checks in this version. For revocation and long-term validation, use Adobe Acrobat (the signature panel) or pyHanko.
What does isCertified mean for the signer?
It means the field is a certifying (author) signature — it carries a /Reference entry. It identifies the signature type, not whether the signer is trusted. Validate trust separately with the verifier.
Why are reason, location, and contact blank?
Those dictionary fields (/Reason, /Location, /ContactInfo) are optional in the PDF spec. Many signers leave them empty, so blanks are normal — not an error or a sign of a forged signature.
Can it inspect signatures from DocuSign or Adobe Sign?
It can read whatever declared metadata those signatures expose in their /Sig fields. To cryptographically verify a DocuSign or Adobe Sign signature — both use X.509 certificates — run the PDF Signature Verifier.
Does it work on encrypted PDFs?
Usually yes. The viewer loads the document with encryption ignored for parsing, so the declared signer fields remain readable. If a strongly encrypted file won't parse, unlock it first with PDF Unlock.
Is my document uploaded?
No. All parsing happens in your browser; the file never leaves your device. Only anonymous usage counters are recorded when you're signed in.
What's the right tool to actually verify the signer's certificate?
The PDF Signature Verifier. It parses the signer certificate, reports the common name, recomputes the digest to confirm integrity, and — with your trust anchors — validates the chain. This viewer is the quick read of declared identity; the verifier is the proof.
Can I scrub the certificate metadata out of a signed PDF here?
No — that's a different tool. To strip document metadata use the PDF Metadata Scrubber, and to remove sensitive page content use the PDF PII Redactor. Be aware that editing a signed PDF changes its bytes and invalidates the existing signature.
Privacy first
All PDF processing runs locally in your browser using PDF-lib and pdf.js. No file is ever uploaded — only metadata counters are saved for signed-in dashboard stats.