A Rust CLI for validating C2PA media assets, standalone .c2pa manifests, and crJSON reports. It can also evaluate asset profiles against an asset's crJSON indicators. Structured output is JSON by default, with optional YAML, Markdown, or HTML summaries.

• Media assets — JPEG, PNG, PDF, MP4, and other formats that can contain or reference C2PA manifests
• Standalone manifests — .c2pa sidecar files (manifest structure and signatures only; no source asset)
• crJSON reports — JSON files with schema: "crjson" (structure and required fields)

• default — Validate against the official C2PA Conformance Trust List only
• itl — Try official list first, then the Interim Trust List (ITL)
• custom — Use your own trust list (requires --trust-list FILE_OR_URL)

Custom trust lists can be a local path or URL to a PEM file. Use --settings to overlay c2pa-rs settings for advanced trust configuration.

• Formats: --format json (default), yaml, markdown, or html
• Output location: -o/--output file or directory. If omitted, a single result is written next to the source (e.g. photo.jpg → photo.json); with multiple inputs and structured output (json or yaml), use -o <directory> to write one file per input
• crJSON: JSON or YAML output uses Reader crJSON for assets unless --profile is supplied
• Profile evaluation: --profile path/to/profile.yml evaluates the profile against each asset's Reader crJSON and writes the profile report in the selected structured format

Validate one or more assets (default JSON to stdout or next to file):

cargo run --bin c2pa-validate -- image.jpg
cargo run --bin c2pa-validate -- --format json ./samples/*.jpg

Write to a specific file or directory:

cargo run --bin c2pa-validate -- -o report.json image.jpg
cargo run --bin c2pa-validate -- -o ./out --format json ./samples/*.jpg

Standalone .c2pa manifest (no source asset):

cargo run --bin c2pa-validate -- manifest.c2pa

Trust list options:

cargo run --bin c2pa-validate -- --trust-mode itl image.jpg
cargo run --bin c2pa-validate -- --trust-mode custom --trust-list ./my-trust.pem image.jpg

Human-readable output and strict mode (warnings as failures):

cargo run --bin c2pa-validate -- --format markdown -o report.md image.jpg
cargo run --bin c2pa-validate -- --strict image.jpg

Profile evaluation:

cargo run --bin c2pa-validate -- --profile ./testfiles/profiles/real-media_profile.yml image.jpg
cargo run --bin c2pa-validate -- --profile ./testfiles/profiles/real-life-capture_profile.yml --format yaml -o profile-report.yaml image.png

Overlay c2pa-rs settings from a file:

cargo run --bin c2pa-validate -- --settings settings.json image.jpg

Help and version:

cargo run --bin c2pa-validate -- --help
cargo run --bin c2pa-validate -- --version

For build, workspace layout, and contributing, see CONTRIBUTING.md.