diff --git a/provisioner/rkp_factory_extraction_lib.cpp b/provisioner/rkp_factory_extraction_lib.cpp
index b7e1e340..ec70d086 100644
--- a/provisioner/rkp_factory_extraction_lib.cpp
+++ b/provisioner/rkp_factory_extraction_lib.cpp
@@ -267,3 +267,17 @@ CborResult<Array> getCsr(std::string_view componentName, IRemotelyProvisionedCom
         return getCsrV3(componentName, irpc, selfTest);
     }
 }
+
+bool isRemoteProvisioningSupported(IRemotelyProvisionedComponent* irpc) {
+    RpcHardwareInfo hwInfo;
+    auto status = irpc->getHardwareInfo(&hwInfo);
+    if (status.isOk()) {
+        return true;
+    }
+    if (status.getExceptionCode() == EX_UNSUPPORTED_OPERATION) {
+        return false;
+    }
+    std::cerr << "Unexpected error when getting hardware info. Description: "
+              << status.getDescription() << "." << std::endl;
+    exit(-1);
+}
diff --git a/provisioner/rkp_factory_extraction_lib.h b/provisioner/rkp_factory_extraction_lib.h
index ae8ea6b6..93c498ad 100644
--- a/provisioner/rkp_factory_extraction_lib.h
+++ b/provisioner/rkp_factory_extraction_lib.h
@@ -53,3 +53,7 @@ getCsr(std::string_view componentName,
 void selfTestGetCsr(
     std::string_view componentName,
     aidl::android::hardware::security::keymint::IRemotelyProvisionedComponent* irpc);
+
+// Returns true if the given IRemotelyProvisionedComponent supports remote provisioning.
+bool isRemoteProvisioningSupported(
+    aidl::android::hardware::security::keymint::IRemotelyProvisionedComponent* irpc);
diff --git a/provisioner/rkp_factory_extraction_tool.cpp b/provisioner/rkp_factory_extraction_tool.cpp
index 62d62cf3..1cb11448 100644
--- a/provisioner/rkp_factory_extraction_tool.cpp
+++ b/provisioner/rkp_factory_extraction_tool.cpp
@@ -78,6 +78,11 @@ void writeOutput(const std::string instance_name, const Array& csr) {
 }
 
 void getCsrForIRpc(const char* descriptor, const char* name, IRemotelyProvisionedComponent* irpc) {
+    // AVF RKP HAL is not always supported, so we need to check if it is supported before
+    // generating the CSR.
+    if (std::string(name) == "avf" && !isRemoteProvisioningSupported(irpc)) {
+        return;
+    }
     auto [request, errMsg] = getCsr(name, irpc, FLAGS_self_test);
     auto fullName = getFullServiceName(descriptor, name);
     if (!request) {