The Wayback Machine - https://web.archive.org/web/20191230203404/https://alt.fedoraproject.org/en/verify.html

Alternative versions and formats of Fedora for download

Verify your Downloaded Image

CHECKSUM and Verify Instructions

How do I verify my image?

Once you have downloaded an image, verify it for security and integrity. To verify your image, start by downloading the proper CHECKSUM file into the same directory as the image you downloaded.

Workstation

For aarch64

Server

aarch64 Minimal

For aarch64

For ppc64le

For s390x

Cloud

For aarch64 iso

For aarch64 images

For ppc64le images

For s390x images

For Cloud Base images

Container

For aarch64

For ppc64le

For s390x

Next, import Fedora's GPG key(s):

$ curl https://getfedora.org/static/fedora.gpg | gpg --import

You can verify the details of the GPG key(s) here.

Now, verify that the CHECKSUM file is valid:

$ gpg --verify-files *-CHECKSUM

The CHECKSUM file should have a good signature from one of the following keys:

12C944D0 - Fedora 32
3C3359C4 - Fedora 31
CFC659B9 - Fedora 30
DBBDCF7C - IOT 2019

Finally, now that the CHECKSUM file has been verified, check that the image's checksum matches:

$ sha256sum -c *-CHECKSUM

If the output states that the file is valid, then it's ready to use!

How do I verify my downloaded image on another operating system?

Read these instructions to verify your image.

Nov	DEC	Aug
	30
2018	2019	2021