§ Cryptographic Verification · FAA-registered heliport facility

aix:hp:BGY1FPJE

SIERRA NEVADA MEML HOSPITAL (GRASS VALLEY, CA)

Verified

This identifier is committed to the AirIndex audit chain, signed by DigiCert TSA, and anchored to Bitcoin. The proof is independently verifiable with off-the-shelf openssl + ots tools — no AirIndex servers required.

Identity

AIX id

aix:hp:BGY1FPJE

Asset type

hp

Internal table

Heliport

Minted at

2026-05-02T21:43:14.369Z

Full identity record →

Proof chain (anchored)

Anchor id

cmp2ry10s0000o5vsdrqk2bn9

Anchored at

2026-05-12T15:17:10.613Z

Records in batch

21245

Merkle root

7454c6cfb4297219fbe3d781877089df37898aaf1522ea79455c46c78818a432

RFC 3161 TSA signature

Authority

DigiCert-TSA

Signed at

2026-05-12T15:17:18.000Z

OpenTimestamps / Bitcoin

BTC block

949106

Completed at

2026-05-13T15:26:01.051Z

Verify independently

Three steps, no AirIndex servers required after step 1.

1. Fetch the full proof (JSON)

curl /api/provenance/record?table=AixIdentifier&id=aix%3Ahp%3ABGY1FPJE

2. Recompute the leaf hash

Extract identity columns (id, assetType, internalTable, internalId, mintedAt) from the AixIdentifier row for aix:hp:BGY1FPJE. Canonicalize as JSON: sorted keys, no whitespace, ISO 8601 dates, explicit nulls. Prefix with AixIdentifier:. SHA-256 → hex. Must equal leaf.hash in the JSON.

3. Verify the anchor proof

Base64-decode anchor.tsa.signature_base64 and run:

openssl ts -verify -in tsr.der -CAfile <DigiCert TSA root cert>

Or, for the trustless path (once Bitcoin has confirmed):

ots verify proof.ots

Full verification methodology → — canonical hashing, Merkle proof construction, openssl + ots verification commands.

Raw JSON proof: /api/provenance/record?table=AixIdentifier&id=aix%3Ahp%3ABGY1FPJE