{"meta":{"title":"Verifying attestations offline","intro":"Artifact attestations can be verified without an internet connection.","product":"GitHub Actions","breadcrumbs":[{"href":"/en/actions","title":"GitHub Actions"},{"href":"/en/actions/how-tos","title":"How-tos"},{"href":"/en/actions/how-tos/secure-your-work","title":"Secure your work"},{"href":"/en/actions/how-tos/secure-your-work/use-artifact-attestations","title":"Use artifact attestations"},{"href":"/en/actions/how-tos/secure-your-work/use-artifact-attestations/verify-attestations-offline","title":"Verify attestations offline"}],"documentType":"article"},"body":"# Verifying attestations offline\n\nArtifact attestations can be verified without an internet connection.\n\n## Prerequisites\n\nBefore starting this guide, you should be generating artifact attestations for your builds. See [Using artifact attestations to establish provenance for builds](/en/actions/security-guides/using-artifact-attestations-to-establish-provenance-for-builds).\n\n## Step 1: Download attestation bundle\n\nFirst, get the attestation bundle from the attestation API.\n\nYou can do so with the following command from a machine that is online:\n\n```bash copy\ngh attestation download PATH/TO/YOUR/BUILD/ARTIFACT-BINARY -R ORGANIZATION_NAME/REPOSITORY_NAME\n```\n\nHere is example output from that command:\n\n```bash\nWrote attestations to file sha256:ae57936def59bc4c75edd3a837d89bcefc6d3a5e31d55a6fa7a71624f92c3c3b.jsonl.\nAny previous content has been overwritten\n\nThe trusted metadata is now available at sha256:ae57936def59bc4c75edd3a837d89bcefc6d3a5e31d55a6fa7a71624f92c3c3b.jsonl\n```\n\n## Step 2: Download trusted roots\n\nNext, get the key material from the trusted roots.\n\nArtifact attestations uses the Sigstore public good instance for public repositories, and GitHub's Sigstore instance for private repositories. You can use one command to get both trusted roots:\n\n```bash copy\ngh attestation trusted-root > trusted_root.jsonl\n```\n\n### Updating trusted root information in an offline environment\n\nIt's best practice to generate a new `trusted_root.jsonl` file any time you are importing new signed material into your offline environment.\n\nThe key material in `trusted_root.jsonl` does not have a built-in expiration date, so anything signed before you generate the trusted root file will continue to successfully verify. Anything signed after the file is generated will verify until that Sigstore instance rotates its key material, which typically happens a few times per year. You will not know if key material has been revoked since you last generated the trusted root file.\n\n## Step 3: Perform offline verification\n\nNow, you are ready to verify the artifact offline.\n\nYou should import into your offline environment:\n\n* GitHub CLI\n* Your artifact\n* The bundle file\n* The trusted root file\n\nYou can then perform offline verification with the following command:\n\n```bash copy\ngh attestation verify PATH/TO/YOUR/BUILD/ARTIFACT-BINARY -R ORGANIZATION_NAME/REPOSITORY_NAME --bundle sha256:ae57936def59bc4c75edd3a837d89bcefc6d3a5e31d55a6fa7a71624f92c3c3b.jsonl --custom-trusted-root trusted_root.jsonl\n```"}