What you need
Every signed record can be downloaded as an evidence bundle (a.zip) that contains everything needed to check it, with nothing from Klariqo required at verification time:
<record>.vcon.jsonthe signed record itself<record>.tsrthe DigiCert timestamp tokendigicert-root.pemDigiCert’s public root certificate, so the check runs offlineVERIFY-THIS-RECORD.txtthese instructions
Verify it yourself
You need OpenSSL, which is free and standard. It is already on Mac and Linux. On Windows it is included in Git Bash (part of the free Git for Windows).Open a terminal in the bundle folder
Unzip the bundle, then open a terminal in that folder. On Windows, use Git Bash (not PowerShell), where OpenSSL is already available.
Run the verification
Run one line (substitute the record’s actual filenames):A genuine record prints exactly:That confirms DigiCert, not Klariqo, attests this exact record existed at the stamped time and has not been altered. Change one byte of the record and the check fails.
What this proves
| Check | What it tells you |
|---|---|
Verification: OK | This exact record, unchanged, was timestamped by DigiCert. |
| The stamped time | The record existed no later than that moment, per DigiCert’s clock. |
| Checked against DigiCert, not Klariqo | The proof does not depend on trusting Klariqo. |
Verify a vCon
Check the signature and tamper-evidence of a record.
The evidence chain
See how a call becomes a signed, timestamped record end to end.