Specification Reference • Auto-updated weekly
C2PA Spec Versions & Supported File Formats
Current Stable Release
v2.2
Published May 2025
Version data fetched from github.com/c2pa-org/c2pa-spec at build time and refreshed weekly.
The C2PA specification is an evolving open standard published by the Coalition for Content Provenance and Authenticity (C2PA). This page tracks the current stable release, full version history, and the complete list of file formats the standard supports — auto-updated from the official spec repository every week.
Version History
| Version | Published | Key Changes |
|---|---|---|
| v2.2Latest | May 2025 | Video streaming support, extended file format coverage, updated Trust List infrastructure. Current stable release. |
| v2.1 | September 2024 | Expanded assertion types including AI training data disclosure assertions. |
| v2.0 | November 2023 | COSE-based claim signature format and time-stamp authority (TSA) integration. |
| v1.3 | January 2023 | Cloud signing workflows and soft binding for streaming media. |
| v1.0 | January 2022 | First public release. Manifest structure, assertions, and signing requirements. |
Supported File Formats
The C2PA specification uses JUMBF (JPEG Universal Metadata Box Format, ISO/IEC 19566-5) as its manifest container. This container can be embedded in a wide range of file types or stored as a sidecar file. The following formats are covered by the current specification:
Images
| Format | Extension | Embedding Method |
|---|---|---|
| JPEG | .jpg / .jpeg | JUMBF embedded in APP11 segment |
| PNG | .png | JUMBF embedded in iTXt chunk |
| WebP | .webp | JUMBF embedded in XMP chunk |
| AVIF | .avif | JUMBF embedded in mdat/meta box |
| HEIC / HEIF | .heic / .heif | JUMBF embedded in meta box |
| TIFF | .tiff / .tif | JUMBF embedded in EXIF/XMP |
| GIF | .gif | Sidecar file (.c2pa) |
| SVG | .svg | JUMBF embedded in metadata element |
Video
| Format | Extension | Embedding Method |
|---|---|---|
| MP4 (MPEG-4) | .mp4 | JUMBF embedded in uuid box |
| MOV (QuickTime) | .mov | JUMBF embedded in uuid box |
| AVI | .avi | Sidecar file (.c2pa) |
Audio
| Format | Extension | Embedding Method |
|---|---|---|
| MP3 | .mp3 | JUMBF via ID3v2 tag |
| WAV | .wav | JUMBF embedded in LIST chunk |
| FLAC | .flac | JUMBF embedded in metadata block |
| OGG | .ogg | Sidecar file (.c2pa) |
Documents
| Format | Extension | Embedding Method |
|---|---|---|
| JUMBF embedded in embedded file stream |
Is C2PA an ISO Standard?
C2PA is published as an open technical specification by the Coalition for Content Provenance and Authenticity (C2PA), which operates as a Joint Development Foundation project. It is not a formal ISO standard, but builds directly on established ISO and IETF standards:
- ISO/IEC 19566-5 (JUMBF): The container format used to embed manifests in files
- IETF RFC 8152 (COSE): The signing format used for C2PA claim signatures since v2.0
- RFC 3161 (TSA): The timestamping protocol used for time-stamp authority integration
- X.509 / RFC 5280: The certificate format used for signer identity
Some C2PA members have discussed pursuing formal ISO standardization, but no ISO track has been formally announced as of early 2026. The specification is freely available and royalty-free under the C2PA coalition's IP policy.
Which Versions Does C2PA Viewer Support?
C2PA Viewer uses the @contentauth/c2pa-web WASM library for all manifest parsing. This library tracks the current stable C2PA specification and supports manifests from v1.0 through the current release. Older manifests signed under v1.x remain verifiable; the library handles backward compatibility across spec versions.
Frequently Asked Questions
What is the current C2PA specification version?
The current stable C2PA specification version is v2.2, published May 2025. The specification is published by the Coalition for Content Provenance and Authenticity (C2PA) and freely available at c2pa.org.
What file formats does C2PA support?
C2PA supports JPEG, PNG, WebP, AVIF, HEIC/HEIF, TIFF, GIF, SVG, MP4, MOV, AVI, MP3, WAV, FLAC, OGG, PDF, and more. The manifest store uses JUMBF as its container, embedded directly in most formats or stored as a sidecar.
Is C2PA an ISO standard?
C2PA is published by the Coalition for Content Provenance and Authenticity (C2PA), a Joint Development Foundation project. It is not currently an ISO standard, but references and builds on ISO/IEC 19566-5 (JUMBF), IETF RFC 8152 (COSE), and other established standards.
How often does the C2PA specification update?
Approximately one to two major versions per year since v1.0 in January 2022. The specification repository and release notes are publicly available on GitHub at github.com/c2pa-org/c2pa-spec.
Verify Any Supported File Format
C2PA Viewer supports all formats listed above. Drop a file to inspect its manifest, verify the signature, and view the full assertion set — no upload, no account.
Open C2PA Viewer →