Attestation Explorer

Use this tool to validate an attestation document from a AWS Nitro Enclave in CBOR/COSE format. An attestation from a secure enclave proves that data was processed within an enclave.

Attestations may contain sensitive information. We don't record anything uploaded here, but you should be careful where you share them.

Drag to upload attestation document
Attestation is valid

Module ID

- Issuing Nitro hypervisor module ID

Creation Timestamp

- When the document was created

Certificate Chain

- Validate that the document is tied to a valid root of trust


- Values of all locked and non-zero PCRs at the moment the attestation document was generated


(base64) - Optional value used as a proof of authenticity that your data is the subject of the attestation document

User Data

(base64) - Optional additional user data signed by the enclave

Public Key

(base64) - Optional DER-encoded key you can use to encrypt data to be read by the enclave