a signed record of the number-status checks you ran
Export a signed, tamper-evident, PII-free record of the supplementary number-status checks your account performed over a window, built from numbers.online signed lookup receipts. Attach it to — or reference it in — your own robocall-mitigation program documentation.
Positioning — read this first. This bundle is evidence of one input to your mitigation practices: that you queried a third-party number-status signal at call time. It is NOT an FCC certification, NOT a compliance determination, and it does NOT make you "compliant," "official," or "safe." The Robocall Mitigation Database certification is your own attestation, signed by your officer under penalty of perjury (47 CFR 64.6305). numbers.online is a supplementary-signal provider; it does not file on your behalf and asserts nothing about the legality of any call.
The FCC Robocall Mitigation Database requires voice/gateway/intermediate providers to describe their robocall-mitigation program — including the "analytics systems used (including third-party vendors)" — and to take "reasonable steps" to avoid illegal robocall traffic, recertifying annually by March 1. This bundle is defensible documentation that one such analytics input was queried at call time, at scale, over a stated window. It maps onto the "analytics systems used" field; the conclusions remain yours to make and attest.
GET https://numbers.online/api/v1/compliance/evidence?from=ISO&to=ISO
curl -s "https://numbers.online/api/v1/compliance/evidence?from=2025-06-01T00:00:00Z&to=2026-06-01T00:00:00Z" \
-H "Authorization: Bearer YOUR_ACCOUNT_KEY" > evidence-bundle.json
from/to are optional (default: the last 365 days; the window is capped at 400 days).checked_at falls in the window. SBC-redirect receipts are retained long enough (~400 days) to cover an annual recertification cycle.{
"schema_version": "2026-06-06",
"bundle_id": "nol_bundle_…",
"operator": { "account_id": "…", "key_prefix": "nol_abc12345" },
"window": { "from": "…", "to": "…" },
"generated_at": "…",
"totals": {
"checks": 18432,
"distinct_numbers": 9120,
"by_dnc": { "listed": 0, "not_listed": 0, "unknown": 18432 },
"by_reassigned": { "yes": 0, "no": 0, "unknown": 18432 },
"by_context": { "sbc_redirect": 18432 }
},
"merkle_root": "…sha256…",
"receipts": [ { "receipt_id": "…", "number_hash": "…", "signed_payload": "…", "response_signature": "ed25519:…", … } ],
"disclaimer": "Supplementary signal only. …",
"response_signature": "ed25519:…",
"truncated": false,
"public_key_url": "https://numbers.online/api/v1/publickey",
"verify": "…"
}
number_hash = sha256(E.164). No raw phone number is ever stored or exported.truncated is true (and logged) if the window held more receipts than the per-bundle cap (5000) — coverage is never silently dropped.by_dnc/by_reassigned are typically all-unknown until a government/licensed DNC data partner is configured — consistent with the supplementary-signal posture.response_signature over signed_payload with the Ed25519 public key from /api/v1/publickey; recompute sha256(your E.164) and match number_hash to bind a specific number.sha256(receipt_id + "|" + signed_payload) and verify its inclusion under merkle_root.response_signature over the canonical bundle with the same public key.Because a phone number is a small keyspace, number_hash is a binding, not a strong anonymizer — treat receipt ids and bundles as sensitive and share them only with parties (e.g. your counsel, an auditor) entitled to know the numbers.
This product, its responses, and this document deliberately avoid "official," "compliant," "FCC-approved," and "safe." The bundle is a record and supplementary evidence that supports your own program documentation — nothing more.