git.stella-ops.org/docs/samples/excititor/connector-signer-metadata-sample.json

{
  "schemaVersion": "1.0.0",
  "generatedAt": "2025-11-20T00:00:00Z",
  "connectors": [
    {
      "connectorId": "excititor:msrc",
      "provider": { "name": "Microsoft Security Response Center", "slug": "msrc" },
      "issuerTier": "tier-1",
      "signers": [
        {
          "usage": "csaf",
          "fingerprints": [
            {"alg": "sha256", "format": "pgp", "value": "F1C3D9E4A7B28C5FD6E1A203B947C2A0C5D8BEEF"},
            {"alg": "sha256", "format": "x509-spki", "value": "5A1F4C0E9B27D0C64EAC1F22C3F501AA9FCB77AC8B1D4F9F3EA7E6B4CE90F311"}
          ],
          "keyLocator": "oci://mirror.stella.local/keys/msrc-csaf@sha256:793dd8a6..."
        }
      ],
      "bundle": {
        "kind": "oci-referrer",
        "uri": "oci://mirror.stella.local/msrc/csaf:2025-11-19",
        "digest": "sha256:4b8c9fd6e479e1b6dcd2e7ed93a85c1c7d6052f7b4a6b83471e44f5c9c2a1f30",
        "publishedAt": "2025-11-19T12:00:00Z"
      },
      "validFrom": "2025-11-01"
    },
    {
      "connectorId": "excititor:oracle",
      "provider": { "name": "Oracle", "slug": "oracle" },
      "issuerTier": "tier-1",
      "signers": [
        {
          "usage": "oval",
          "fingerprints": [
            {"alg": "sha256", "format": "x509-spki", "value": "6E3AC4A95BD5402F4C7E9B2371190E0F3B3C11C7B42B88652E7EE0F659A0D202"}
          ],
          "keyLocator": "file://offline-kits/oracle/oval/signing-chain.pem",
          "certificateChain": ["-----BEGIN CERTIFICATE-----\nMIID...oracle-root...\n-----END CERTIFICATE-----"]
        }
      ],
      "bundle": {
        "kind": "file",
        "uri": "file://offline-kits/oracle/oval/oval-feed-2025-11-18.tar.gz",
        "digest": "sha256:b13b1b84af1da7ee3433e0c6c0cc28a8b5c7d3e52d93b9f86d4a4b0f1dcd8f05",
        "publishedAt": "2025-11-18T09:30:00Z"
      },
      "validFrom": "2025-10-15"
    },
    {
      "connectorId": "excititor:oci.openvex.attest",
      "provider": { "name": "StellaOps Mirror", "slug": "stella-mirror" },
      "issuerTier": "tier-0",
      "signers": [
        {
          "usage": "openvex",
          "fingerprints": [
            {"alg": "sha256", "format": "cosign", "value": "a0c1d4e5f6b7982134d56789e0fab12345cdef6789abcdeffedcba9876543210"}
          ],
          "keyLocator": "oci://mirror.stella.local/keys/stella-mirror-openvex:1",
          "certificateChain": []
        }
      ],
      "bundle": {
        "kind": "oci-tag",
        "uri": "oci://mirror.stella.local/stellaops/openvex:2025-11-19",
        "digest": "sha256:77f6c0b8f2c9845c7d0a4f3b783b0caf00cce6fb899319ff69cb941fe2c58010",
        "publishedAt": "2025-11-19T15:00:00Z"
      },
      "validFrom": "2025-11-15"
    },
    {
      "connectorId": "excititor:ubuntu",
      "provider": { "name": "Ubuntu Security", "slug": "ubuntu" },
      "issuerTier": "tier-2",
      "signers": [
        {
          "usage": "oval",
          "fingerprints": [
            {"alg": "sha256", "format": "pgp", "value": "7D19E3B4A5F67C103CB0B4DE0FA28F90D6E4C1D2"}
          ],
          "keyLocator": "tuf://mirror.stella.local/tuf/ubuntu/targets/oval-signing.pub"
        }
      ],
      "bundle": {
        "kind": "tuf",
        "uri": "tuf://mirror.stella.local/tuf/ubuntu/oval/targets/oval-2025-11-18.tar.gz",
        "digest": "sha256:e41c4fc15132f8848e9924a1a0f1a247d3c56da87b7735b6c6d8cbe64f0f07e5",
        "publishedAt": "2025-11-18T07:00:00Z"
      },
      "validFrom": "2025-11-01"
    }
  ]
}