What is a C2PA manifest?

A C2PA manifest is a cryptographically signed block of metadata embedded in a file. It records who created the file, what software was used, whether AI tools were involved, and the complete edit history — all in a tamper-evident format.

Can I inspect the raw JSON manifest in the C2PA Viewer?

Yes. The C2PA Viewer exposes the complete raw JSON manifest in an expandable section. This is a key advantage over tools like verify.contentauthenticity.org, which only shows processed, human-readable output without the raw manifest structure.

Why is my file taking a long time to process?

Large files or files with complex multi-step edit histories may take longer. The progress log in the viewer shows the current processing phase. Ensure you have a stable internet connection for the initial library load, and use an up-to-date browser for full WebAssembly support.

How to Use the C2PA Viewer Tool — Step-by-Step Guide

TL;DR — Quick Start

Go to c2paviewer.com
Click Browse Files or drag and drop a JPEG, PNG, MP4, or MOV
Wait 1–3 seconds for in-browser analysis
Read the author, software, AI indicators, and edit history
Expand Raw Manifest to view the full JSON

The C2PA Viewer is a free, browser-based tool that reads C2PA (Coalition for Content Provenance and Authenticity) manifests embedded in digital images and videos. It uses the official c2pa-js library (WebAssembly) to process files entirely on your device — nothing is uploaded to any server. This guide walks through every feature so you can verify content authenticity in under three minutes.

Privacy-first architecture

Your files never leave your device. C2PA analysis runs in-browser via WebAssembly. The only outbound request is a one-time CDN load of the c2pa-js library. After that, the tool works offline.

Step 1 — Open the C2PA Viewer

Visit c2paviewer.com in any modern browser. Chrome 90+, Firefox 90+, Safari 15+, and Edge 90+ all have full WebAssembly support. No login, plugin, or installation is required.

Ready to follow along? Open the tool in a second tab and work through each step as you read.

Open C2PA Viewer →

Step 2 — Load Your File

Three methods are available for loading content into the viewer. Choose whichever fits your workflow:

Method	How	Best For
Browse Files	Click the button, select a file from your device	Desktop and mobile users
Drag and Drop	Drag a file from Explorer/Finder onto the drop zone	Desktop users, faster workflow
Try a Sample	Click a pre-loaded sample image provided on the page	First-time users, testing

Supported file formats

The C2PA standard covers several container formats. The C2PA Viewer supports the most common ones:

JPEG / JPG — the most widely used format for C2PA-enabled cameras (Sony, Leica, Nikon) and AI tools (Adobe Firefly, Google ImageFX)
PNG — supported; less common in camera workflows but used by some AI generation tools
WebP — supported for browser-generated content
TIFF — supported for high-resolution professional images
MP4 / MOV — video files with embedded C2PA metadata

Formats not yet covered by the browser-based viewer (HEIC, AVIF, PDF, audio) can be inspected using the command-line tool c2patool (see the C2PA metadata inspection guide).

Step 3 — Wait for In-Browser Analysis

After you select a file, the viewer loads the c2pa-js WebAssembly module and passes the file bytes to it locally. A real-time progress log shows each phase: library initialization, manifest extraction, signature validation, and result rendering. For most files this takes 1–3 seconds. Large video files or files with long edit chains may take up to 10 seconds.

If the tool seems slow

Check the progress log — it will show which phase is running
Ensure a stable internet connection for the first-time library load
Disable ad blockers that may block WebAssembly CDN requests
Upgrade to a current browser version if WebAssembly support is limited

Step 4 — Read and Interpret the Results

The viewer displays one of three result states. Each tells you something specific about the file's provenance status:

Valid C2PA Data found

The file contains a cryptographically valid C2PA manifest. The signature chain is intact and the manifest has not been tampered with since it was signed. The viewer displays author details, software, AI indicators, and edit history.

No C2PA Data found

The file has no embedded C2PA manifest. This is the result for most photos and images on the internet today, since C2PA adoption is still growing. It does not mean the content is fake — only that no provenance record exists.

Corrupted or Invalid C2PA Data

A manifest exists but the cryptographic signature is broken. This can occur because the file was re-saved by software that does not preserve C2PA integrity, or the manifest was manually altered. Treat this result as a provenance warning.

Step 5 — Explore the Manifest Sections

When C2PA data is found, the viewer organizes the manifest into distinct sections. Here is what each one contains and how to use it:

Author / Creator Identity

Displays the name or organization extracted from the X.509 signing certificate embedded in the manifest. This is the entity that cryptographically signed the content — typically a camera manufacturer, software company, or news organization. A link to the full certificate is provided for additional verification.

Software Used

Lists every software agent declared in the manifest's stds.schema-org.SoftwareApplication assertion. Common entries include Adobe Photoshop, Adobe Lightroom, Leica FOTOS, and AI generation tools like Adobe Firefly or Google ImageFX.

AI Generation Indicators

The C2PA standard includes a dedicated c2pa.ai_generative_training assertion. The viewer flags any content where AI generation or AI-assisted editing is declared in the manifest, along with the specific model or tool name where available.

Edit History (Actions)

Shows the chronological list of c2pa.actions assertions — every operation recorded since the content was first signed. Actions include c2pa.created, c2pa.edited, c2pa.transcoded, and others. Each entry shows the timestamp and the software that performed the action.

Thumbnails

For files with multiple manifest entries, the viewer displays embedded thumbnails from each signing event. Use the navigation arrows to scroll through them and see how the image appeared at each stage of its editing history.

Step 6 — Inspect the Raw JSON Manifest

Expand the Raw Manifest section to view the complete, unprocessed C2PA manifest as JSON. This is the most detailed level of inspection available in the browser — equivalent to running c2patool image.jpg on the command line. Key paths to look for:

manifests[active_manifest].signature_info — issuer, certificate chain, timestamp
manifests[active_manifest].assertions — all claims embedded in the manifest
manifests[active_manifest].validation_status — array of errors (empty = valid)

Troubleshooting Common Issues

Problem	Likely Cause	Fix
File won't load	Unsupported format or corrupted file	Convert to JPEG or PNG; refresh and try again
Tool won't start	Browser lacks WebAssembly support	Update browser to latest version; disable aggressive ad blockers
Processing very slow	Large file or complex edit chain	Check the progress log; wait for completion
Valid camera photo shows no C2PA data	File re-saved by non-C2PA software (WhatsApp, iMessage, etc.)	Use the original file directly from the camera or app export
Corrupted C2PA data warning	Manifest was stripped or modified after signing	Obtain the original file from the source; consider the content unverified

Frequently Asked Questions

Does the C2PA Viewer upload my files to a server?

No. All processing happens in your browser via WebAssembly. Your files never leave your device. The only network request is loading the c2pa-js library itself on first use.

What file formats are supported?

JPEG, PNG, WebP, TIFF, MP4, and MOV. JPEG is the most common format used by C2PA-enabled cameras and AI tools. For HEIC, AVIF, PDF, or audio files, use the c2patool command-line utility.

What does "No C2PA Data Found" mean?

The file has no embedded C2PA manifest. This is normal for most images — C2PA adoption is still growing. It does not mean the content is manipulated, only that no provenance record exists.

Can I see the raw JSON manifest?

Yes. Expand the "Raw Manifest" section after analysis. The C2PA Viewer is one of the few browser tools that exposes the complete JSON structure — verify.contentauthenticity.org (the official tool) only shows processed, human-readable output.

Which cameras produce C2PA-enabled photos?

As of early 2026, cameras from Sony (A9 III, A1 II), Leica (M11-P, Q3 43), and Nikon (Z6III — with suspended credentials) ship with C2PA signing. Google Pixel 9 adds C2PA credentials to photos via a software feature. See our supported devices list for the full and current roster.

Why is processing slow?

Large files or files with long edit histories take more time. Check the progress log for the current phase. A stable connection is needed on first use to download the c2pa-js library. Subsequent uses are faster because the library is cached.

Disclaimer: The C2PA Viewer reads and displays C2PA manifest data as-is. A valid C2PA signature confirms the manifest has not been altered since signing, but it does not independently verify that the content itself is truthful or unmanipulated before the first signing event. Treat C2PA data as one signal in a broader content verification process.

Ready to inspect a file?

Use the C2PA Viewer now — free, private, no registration. Works on desktop and mobile.

Open C2PA Viewer →