# Signed attestation

Source: https://redcrown.ai/docs/guides/signed-attestation/

Download a tamper-evident, independently verifiable signed proof.

## 1. Download

An attestation proves authenticity, integrity, and provenance. It does not by itself prove the input data was representative.

**UI**

Open a proof page at `app.redcrown.ai/proof/<token>` and click **Download signed attestation**. The file is saved as `<run-id>-attestation.json`.

**CLI**

```
redcrown attest <run-id>
```

Writes `<run-id>-attestation.json` to the current directory. The file contains the signed run report and the RedCrown public key URL used to verify it.

**MCP**

Not available via MCP. Fetch the public attestation route directly or use the CLI above.

## 2. Verify offline

Verification checks the RedCrown RS256 signature against the published key. The check is fully offline once you have the attestation file and a copy of the key.

**UI**

Not available via the UI. Verify with the CLI.

**CLI**

```
redcrown verify <run-id>-attestation.json
```

Checks the RedCrown signature against the published key. Add `--key <jwks>` to pin a specific key URL for air-gapped verification.

**MCP**

Not available via MCP. Use the CLI above to verify attestation files.

Last verified 2026-07-02.
