contentauth · crandmck · Mar 26, 2026 · Mar 17, 2026 · Mar 20, 2026
diff --git a/cli/docs/x_509.md b/cli/docs/x_509.md
@@ -8,7 +8,7 @@ The c2patool uses some custom properties in the manifest definition file for sig
 
 Both the private key and signing certificate must be in PEM (privacy-enhanced mail) format. The signing certificate must contain a PEM certificate chain starting with the end-entity certificate used to sign the claim ending with the intermediate certificate before the root CA certificate. 
 
-If the manifest definition file doesn't include the `sign_cert` and `private_key` properties, c2patool uses a built-in certificate and private key.  An example certifcate and private key file are also provided in the [c2patool repo sample folder](https://github.com/contentauth/c2pa-rs/tree/main/cli/sample). 
+If the manifest definition file doesn't include the `sign_cert` and `private_key` properties, c2patool uses a built-in certificate and private key.  An example certificate and private key file are also provided in the [c2patool repo sample folder](https://github.com/contentauth/c2pa-rs/tree/main/cli/sample). 
 
 If you are using a signing algorithm other than the default `es256`, specify it in the manifest definition field `alg` with one of the following values: