Infosys
Jump to verification details
Cryptographic validation status
GAFAIG validates the returned signed payload against the published verification key for this record. Verification MUST be performed against the exact messageString returned by the API. Reconstructing payloads from JSON fields is not permitted and will invalidate verification. External systems should use messageString, signature, and the public key to independently validate the proof.
- /api/verify returns the canonical public record and proof.
- proof.messageString is the exact signed payload.
- proof.signature is the cryptographic signature.
- Never reconstruct or verify from JSON fields.
- /api/.well-known/gafaig-public-key exposes the verification key.
If verification fails
Do not trust this record, do not display certification claims, and treat the record as invalid until the signature, messageString, and public key validate successfully.
Public record identity
These identifiers connect the public verification response to the Snowflake-issued registry snapshot, application, and verification case. IDs are displayed exactly as returned by the public verification endpoint.
How this proof connects to the wider GAFAIG trust surface
This page is one part of the full GAFAIG proof sequence. A record appears in the public registry, is verified through signed proof, exposes its machine-readable payload, and can then travel outside the platform through a portable widget, badge, or external modal.
The public certification record establishes the trust outcome.
This page validates the signed proof behind that record.
The machine-readable payload makes the trust record portable.
The same trust signal can appear outside GAFAIG.
This verification can be used outside GAFAIG
The registry page and this verify page provide a readable public trust surface for customers, regulators, partners, and the public.
The raw verification JSON, signature, messageString, and public key allow external systems to inspect and consume the same trust result without relying on GAFAIG UI.
Verification details
These fields are provided for reference and debugging. Trust must be established using the exact messageString returned by the API, the signature, and the public key.
Copyable verification materials
External systems MUST treat messageString as the canonical input to signature verification. The record object is for display only; the proof object is the trust layer. Do not reconstruct the signed payload from JSON fields.
Verification MUST use the exact messageString returned by the API. Never reconstruct it.
This exact string must be used for verification. Any change to whitespace, ordering, timestamp format, escaping, or field values will invalidate the signature.
{"registryId":"GAFAIG-00000010","registrySnapshotId":"a5b02c31-db24-4f80-b0f3-f855aba69a48","applicationId":"APP-DEMO-1017","caseId":"CASE-1017","entityName":"Infosys","entityType":"company","country":"India","certificationStatus":"CERTIFIED","certifiedAt":"2026-04-19T08:06:36.000Z","validFrom":"2026-04-19T08:05:33.000Z","validTo":"2027-04-19T08:05:33.000Z","publishedAt":"2026-04-19T08:06:36.000Z","renewalStatus":null,"lifecycleStatus":"active","visibilityStatus":"public","verificationEligible":true,"badgeEligible":true}CsoqU+LC0e/lL1uKbLQDhyj4FZA1rlZgRzXjLaJVJmKXvFJqyS/dF8FyBpcDMA0XTZe/aU4P+diug4NzzuEfAQ==
Format: PEM / Ed25519. Use this key with the exact messageString and signature to verify the record. This key must be fetched from the official GAFAIG public key endpoint.
-----BEGIN PUBLIC KEY----- MCowBQYDK2VwAyEA+yTbmY5N4fRD9dUARcwfjl+i4u5pKdEKegorLkX0fMI= -----END PUBLIC KEY-----
curl https://www.gafaig.com/api/verify/GAFAIG-00000010
curl https://www.gafaig.com/api/badge/GAFAIG-00000010
{
"ok": true,
"verified": true,
"registryId": "GAFAIG-00000010",
"record": {
"registryId": "GAFAIG-00000010",
"registrySnapshotId": "a5b02c31-db24-4f80-b0f3-f855aba69a48",
"applicationId": "APP-DEMO-1017",
"caseId": "CASE-1017",
"entityName": "Infosys",
"entityType": "company",
"country": "India",
"certificationStatus": "CERTIFIED",
"certifiedAt": "2026-04-19T08:06:36.000Z",
"validFrom": "2026-04-19T08:05:33.000Z",
"validTo": "2027-04-19T08:05:33.000Z",
"publishedAt": "2026-04-19T08:06:36.000Z",
"renewalStatus": null,
"lifecycleStatus": "active",
"visibilityStatus": "public",
"verificationEligible": true,
"badgeEligible": true
},
"proof": {
"alg": "Ed25519",
"kid": "gafaig-ed25519-2026-01",
"signature": "CsoqU+LC0e/lL1uKbLQDhyj4FZA1rlZgRzXjLaJVJmKXvFJqyS/dF8FyBpcDMA0XTZe/aU4P+diug4NzzuEfAQ==",
"signedAt": "2026-04-30T06:56:24.240Z",
"verificationKeyUrl": "https://www.gafaig.com/api/.well-known/gafaig-public-key",
"message": {
"registryId": "GAFAIG-00000010",
"registrySnapshotId": "a5b02c31-db24-4f80-b0f3-f855aba69a48",
"applicationId": "APP-DEMO-1017",
"caseId": "CASE-1017",
"entityName": "Infosys",
"entityType": "company",
"country": "India",
"certificationStatus": "CERTIFIED",
"certifiedAt": "2026-04-19T08:06:36.000Z",
"validFrom": "2026-04-19T08:05:33.000Z",
"validTo": "2027-04-19T08:05:33.000Z",
"publishedAt": "2026-04-19T08:06:36.000Z",
"renewalStatus": null,
"lifecycleStatus": "active",
"visibilityStatus": "public",
"verificationEligible": true,
"badgeEligible": true
},
"messageString": "{\"registryId\":\"GAFAIG-00000010\",\"registrySnapshotId\":\"a5b02c31-db24-4f80-b0f3-f855aba69a48\",\"applicationId\":\"APP-DEMO-1017\",\"caseId\":\"CASE-1017\",\"entityName\":\"Infosys\",\"entityType\":\"company\",\"country\":\"India\",\"certificationStatus\":\"CERTIFIED\",\"certifiedAt\":\"2026-04-19T08:06:36.000Z\",\"validFrom\":\"2026-04-19T08:05:33.000Z\",\"validTo\":\"2027-04-19T08:05:33.000Z\",\"publishedAt\":\"2026-04-19T08:06:36.000Z\",\"renewalStatus\":null,\"lifecycleStatus\":\"active\",\"visibilityStatus\":\"public\",\"verificationEligible\":true,\"badgeEligible\":true}"
}
}