GAFAIG
PUBLIC VERIFICATION PROOF
VerifiedCERTIFIEDactiveSignature Valid

Public verification proof for Roche

This verification surface exposes the public proof behind a GAFAIG certification record. Only records that have been explicitly published by the organization appear in the public registry and verification system.
Certification
CERTIFIED
Certified
2026-06-09T19:19:43.000Z
Valid From
2026-06-09T19:19:43.000Z
Valid To
2027-06-09T19:19:43.000Z
Entity Type
company
Entity Name
Roche
Visibility
public
Published
2026-06-09T19:19:43.000Z
Validate SignatureOpen Certification RecordView Proof JSONView WidgetSee Full Demo
Page Navigation

Jump to verification details

Signature ValidationRecord IdentityGovernance Trust FlowUse Verification ProofTechnical SummaryDeveloper ProofRelated URLs
Signature validation

Cryptographic validation status

GAFAIG validates the returned canonical signed public payload using the published verification key for this record. Verification MUST be performed against the exact proof.messageString returned by the API. Reconstructing payloads from JSON fields is not permitted and will invalidate verification.

Signature ValidThe exact proof.messageString validates against the published GAFAIG verification key.
What creates trust
  • /api/verify returns the canonical public record and proof.
  • proof.messageString is the exact canonical signed public payload.
  • proof.signature is the cryptographic signature.
  • Never reconstruct or verify from JSON fields.
  • /api/.well-known/gafaig-public-key exposes the verification key.

If verification fails

Do not trust this record, do not display certification claims, and treat the record as invalid until the signature, messageString, and public key validate successfully.

Algorithm
Ed25519
Key ID
gafaig-ed25519-2026-01
Signed At
2026-06-14T15:44:25.349Z
Public Key URL
https://www.gafaig.com/api/.well-known/gafaig-public-key
RECORD IDENTITY

Public record identity

These fields connect the public verification response to the Snowflake-originated public registry snapshot. Private Application ID and Case ID values are not displayed on this public proof page.

Registry ID
GAFAIG-00000014
Registry Snapshot ID
8f8b3a58-c7a5-4ac6-9343-03cd25f72158
Entity Type
company
Country
Switzerland
Renewal Status
VALID
Lifecycle Status
active
VERIFICATION GOVERNANCE TRUST FLOW

How this verification proof connects to GAFAIG public governance trust surfaces

This verification surface is one part of the full GAFAIG proof sequence. A record appears in the public registry, is verified through signed proof, exposes its machine-readable proof payload, and can then travel outside the platform through a portable widget, badge, SDK, or external modal.

1
Certification Record

The published certification record establishes the public governance trust outcome.

2
Verification Proof

This verification surface validates the signed proof behind that record.

3
Signed Proof JSON

The machine-readable signed proof makes the public governance trust record portable.

4
External Widget

The same public governance trust signal can appear outside GAFAIG.

USE VERIFICATION PROOF

This verification proof can be used outside GAFAIG

For public review

The certification record and this verification proof provide a readable public governance trust surface for customers, regulators, partners, and the public.

For external systems

The Signed Proof JSON, signature, messageString, and public key allow external systems to inspect and consume the same trust result without relying on GAFAIG UI.

Certification Record

Open the public certification record that this proof supports.

Open Certification Record
Widget Preview

See how the same public governance trust signal appears on an external site.

View Widget
Signed Proof JSON

Open the machine-readable signed proof returned by the verification endpoint.

View Proof JSON
Demo Flow

See how this page fits into the full GAFAIG proof walkthrough.

Open Demo
Verification summary

Technical verification reference

These fields are provided for reference and debugging. Public governance trust must be established using the exact proof.messageString returned by the API, the signature, and the public key.

Lifecycle Status: ACTIVE. This record is currently valid, within its certification window, and eligible to display public trust claims when the signature validates successfully.
Registry ID
GAFAIG-00000014
Signed At
2026-06-14T15:44:25.349Z
Verification Key
https://www.gafaig.com/api/.well-known/gafaig-public-key
Signature
sq453aWMmMpAUOngX7f0NuDdrBO8KQ75OvGFmPGuiYwpOmxoFpr25s84ko+QgLQEMde4R7CAM0F6l2VAKRmrDA==
Algorithm
Ed25519
Key ID
gafaig-ed25519-2026-01
Verification Eligible
true
Badge Eligible
true
Developer verification proof

Copyable public verification materials

External systems MUST treat messageString as the canonical input to signature verification. The record object is for display only; the verification proof object is the public governance trust layer. Do not reconstruct the canonical signed public payload from JSON fields.

Verification MUST use the exact messageString returned by the API. Never reconstruct it.

This exact string must be used for verification. Any change to whitespace, ordering, timestamp format, escaping, or field values will invalidate the signature.

Canonical signed public payload
CANONICAL MESSAGESTRING — EXACT CANONICAL SIGNED PUBLIC PAYLOAD — DO NOT MODIFY
{"registryId":"GAFAIG-00000014","entityName":"Roche","certificationStatus":"CERTIFIED","certifiedAt":"2026-06-09T19:19:43.000Z","validFrom":"2026-06-09T19:19:43.000Z","validTo":"2027-06-09T19:19:43.000Z","publishedAt":"2026-06-09T19:19:43.000Z"}
Signature
Ed25519 signature
sq453aWMmMpAUOngX7f0NuDdrBO8KQ75OvGFmPGuiYwpOmxoFpr25s84ko+QgLQEMde4R7CAM0F6l2VAKRmrDA==

Format: PEM / Ed25519. Use this key with the exact messageString and signature to verify the record. This key must be fetched from the official GAFAIG public key endpoint.

Public key
PEM
-----BEGIN PUBLIC KEY-----
MCowBQYDK2VwAyEA+yTbmY5N4fRD9dUARcwfjl+i4u5pKdEKegorLkX0fMI=
-----END PUBLIC KEY-----
Verification curl
cURL
curl https://www.gafaig.com/api/verify/GAFAIG-00000014
Badge curl
cURL
curl https://www.gafaig.com/api/badge/GAFAIG-00000014
Signed Proof JSON
JSON
{
  "ok": true,
  "verified": true,
  "registryId": "GAFAIG-00000014",
  "record": {
    "registryId": "GAFAIG-00000014",
    "registrySnapshotId": "8f8b3a58-c7a5-4ac6-9343-03cd25f72158",
    "applicationId": "APP-DEMO-1024",
    "caseId": "CASE-1024",
    "entityName": "Roche",
    "entityType": "company",
    "country": "Switzerland",
    "certificationStatus": "CERTIFIED",
    "certifiedAt": "2026-06-09T19:19:43.000Z",
    "validFrom": "2026-06-09T19:19:43.000Z",
    "validTo": "2027-06-09T19:19:43.000Z",
    "publishedAt": "2026-06-09T19:19:43.000Z",
    "renewalStatus": "VALID",
    "lifecycleStatus": "active",
    "visibilityStatus": "public",
    "verificationEligible": true,
    "badgeEligible": true
  },
  "proof": {
    "alg": "Ed25519",
    "kid": "gafaig-ed25519-2026-01",
    "signature": "sq453aWMmMpAUOngX7f0NuDdrBO8KQ75OvGFmPGuiYwpOmxoFpr25s84ko+QgLQEMde4R7CAM0F6l2VAKRmrDA==",
    "signedAt": "2026-06-14T15:44:25.349Z",
    "verificationKeyUrl": "https://www.gafaig.com/api/.well-known/gafaig-public-key",
    "message": {
      "registryId": "GAFAIG-00000014",
      "entityName": "Roche",
      "certificationStatus": "CERTIFIED",
      "certifiedAt": "2026-06-09T19:19:43.000Z",
      "validFrom": "2026-06-09T19:19:43.000Z",
      "validTo": "2027-06-09T19:19:43.000Z",
      "publishedAt": "2026-06-09T19:19:43.000Z"
    },
    "messageString": "{\"registryId\":\"GAFAIG-00000014\",\"entityName\":\"Roche\",\"certificationStatus\":\"CERTIFIED\",\"certifiedAt\":\"2026-06-09T19:19:43.000Z\",\"validFrom\":\"2026-06-09T19:19:43.000Z\",\"validTo\":\"2027-06-09T19:19:43.000Z\",\"publishedAt\":\"2026-06-09T19:19:43.000Z\"}"
  }
}
Release: devGovernance verification engine executed on Snowflake (deterministic scoring, registry snapshots, and public verification views)