AI Artifact Registry
The CertifiedData AI artifact registry is a publicly accessible, cryptographically verifiable record of all certified AI datasets — queryable by certificate ID, dataset hash, or generation timestamp.
Every certified artifact generates a permanent registry entry. The registry is the ground truth for AI artifact provenance — the source that auditors, regulators, and enterprise buyers query to verify claims.
Why a public registry matters
A certificate issued by a private system is only as trustworthy as that system. If verification requires contacting the issuer, the issuer can modify records, deny certificates, or become unavailable. This makes the certificate dependent on the issuer's continued goodwill.
A public registry changes the trust model. Certificate entries are permanently published and publicly queryable. The issuer cannot silently revoke a certificate — any revocation is publicly visible. Auditors do not need to trust the issuer; they query the registry directly.
Registry query capabilities
Query by certificate ID
CertifiedDataEvery certificate has a unique ID (e.g. cert_01j9k2m...). Any party with a certificate ID can retrieve the full certificate record from the registry.
Query by dataset hash
CertifiedDataIf you have a dataset file, compute its SHA-256 hash and query the registry. If the hash matches a registered certificate, the dataset's provenance is verified.
Public key registry
The Ed25519 public key used to sign certificates is published at the well-known endpoint. Anyone can verify any certificate signature without contacting CertifiedData.
Revocation status
Certificate revocation status is publicly queryable. A revoked certificate does not disappear — it is marked revoked with a timestamp and reason.
Issuer verification
The registry records the issuing organization (Certified Data LLC) and the signing key ID. Key rotation events are logged and publicly visible.
Bulk export
Registry entries can be exported in bulk for compliance documentation, AIBOM assembly, and internal audit purposes.
Registry API — verify by certificate ID
# Query registry by certificate ID
GET https://certifieddata.io/api/registry/cert_01j9k2m...
# Response
{
"certification_id": "cert_01j9k2m...",
"status": "active",
"timestamp": "2025-11-14T09:23:41Z",
"issuer": "Certified Data LLC",
"dataset_hash": "sha256:a3f9b2e1...",
"algorithm": "CTGAN",
"rows": 250000,
"signature": "base64url:MEYCIQDx...",
"public_key_id": "key_2025_01",
"verify_url": "https://certifieddata.io/verify/cert_01j9k2m..."
}
# Query by dataset hash
GET https://certifieddata.io/api/registry?hash=sha256:a3f9b2e1...Registry entry permanence
Registry entries are permanent. A certified artifact cannot have its registry entry deleted — only marked revoked. This permanence is a core trust property: it prevents retroactive denial of certification and ensures audit trails remain intact.
This design mirrors how certificate transparency logs work for TLS certificates. The registry is an append-only log of certification events. Each entry is anchored to the Ed25519 signature — any modification to a registry entry would invalidate the signature.
Related
AI Governance Hub
The hub for AI governance infrastructure including artifact registries, provenance, and audit trails.
AI Governance Framework
How artifact registries anchor a verifiable AI governance framework.
AI Trust Infrastructure
The cryptographic foundation underlying the artifact registry.
How Verification Works
Step-by-step guide to verifying certificates against the registry.
AI Artifact Certification
How artifacts are certified and registered.
Explore the CertifiedData trust infrastructure
CertifiedData organizes AI trust infrastructure around certification, verification, governance, and artifact transparency. Explore the related authority pages below.