Audit Verification

External bundle access requests

External auditors can verify records and download the PII-free attestation (.sspa) freely. The full bundle (.sspb) carries domain context (potential PII), so it is released only after you approve a request here — approval mints a time-limited download link for the requester.

Attestation Verification

⬇ Download Attestation

Public Key (PEM)

🔍 Verify this record yourself — offline, no server trust

Don't take this page's word for it. The CLI verifier re-checks everything offline: the canonical claim hash, the approver's WebAuthn signature, the Sovereign trust countersignature, the Rekor transparency-log inclusion proof (SET + Merkle path + checkpoint) and the RFC 3161 timestamp.

Download a verification artifact with a button above — the .sspa attestation (PII-free), or the full .sspb bundle if you are signed in as staff.
Pull the verifier and the Sovereign trust public key, then verify it:

Look up a Sovereign Record above to see the exact commands.

The trust public key is the root of trust — it is supplied to the verifier separately, so a bundle can never self-certify. For this demo it is served here; in production, obtain it through an independent trusted channel. Links: verify-ssp.py · trust-public.pem.

Raw Log Entry (JSON)

Results will display here...

External bundle access requests

Attestation Verification

🔍 Verify this record yourself — offline, no server trust