I have an APK that is signed by a company that I find highly unlikely to have actually signed the APK, verified by:
keytool -printcert -jarfile someAppName.apk
I suspect the app author is masquerading the APK as being signed by a company it has not been signed by.
How do I easily / best verify that? I see there's a few websites to verify fingerprints of websites, but what about mobile apps?