From b6ccd4d63384830019176ae1060ffdab8f081c00 Mon Sep 17 00:00:00 2001
From: Manoj Paladiya <manoj.paladiya@ibm.com>
Date: Thu, 9 Feb 2023 12:21:11 +0530
Subject: [PATCH] Update README.md for v1.5.0 release

Signed-off-by: Manoj Paladiya <manoj.paladiya@ibm.com>
---
 README.md                               | 10 ++--
 certificates/ibm-pak-plugin.pem.cer     | 43 +++++++++++++
 certificates/ibm-pak-plugin.pem.chain   | 70 ++++++++++++++++++++++
 certificates/ibm-pak-plugin.pem.pub.key | 14 +++++
 docs/command-help.md                    | 15 +++--
 docs/download-github.md                 | 65 +++++++++++---------
 docs/verify-v2.md                       | 80 +++++++++++++++++++++++++
 docs/verify.md                          |  3 +
 8 files changed, 263 insertions(+), 37 deletions(-)
 create mode 100644 certificates/ibm-pak-plugin.pem.cer
 create mode 100644 certificates/ibm-pak-plugin.pem.chain
 create mode 100644 certificates/ibm-pak-plugin.pem.pub.key
 create mode 100644 docs/verify-v2.md

diff --git a/README.md b/README.md
index 7a98bf6..a9d880c 100644
--- a/README.md
+++ b/README.md
@@ -34,14 +34,14 @@ There are two ways to obtain the plugin
 
 ### Download from IBM container registry
 
-The plugin is also provided in a container image `cp.icr.io/cpopen/cpfs/ibm-pak:TAG` where TAG should be replaced with the corresponding plugin version, for example cp.icr.io/cpopen/cpfs/ibm-pak:v1.4.2 will have v1.4.2 of the plugin.
+The plugin is also provided in a container image `cp.icr.io/cpopen/cpfs/ibm-pak:TAG` where TAG should be replaced with the corresponding plugin version, for example cp.icr.io/cpopen/cpfs/ibm-pak:v1.5.0 will have v1.5.0 of the plugin.
 
 The following command will create a container and copy the plug-ins for all the supported platforms in a directory, plugin-dir. You can specify any directory name and it will be created while copying. After copying, it will delete the temporary container. The plugin-dir will have all the binaries and other artifacts you find in a Github release and repo at [IBM/ibm-pak](https://github.com/IBM/ibm-pak). For example,
 
 1. If you use docker:
 
 ```
-id=$(docker create cp.icr.io/cpopen/cpfs/ibm-pak:v1.4.2 - )
+id=$(docker create cp.icr.io/cpopen/cpfs/ibm-pak:v1.5.0 - )
 docker cp $id:/ibm-pak-plugin plugin-dir
 docker rm -v $id
 cd plugin-dir
@@ -50,7 +50,7 @@ cd plugin-dir
 2. If you podman:
 
 ```
-id=$(podman create cp.icr.io/cpopen/cpfs/ibm-pak:v1.4.2 - )
+id=$(podman create cp.icr.io/cpopen/cpfs/ibm-pak:v1.5.0 - )
 podman cp $id:/ibm-pak-plugin plugin-dir
 podman rm -v $id
 cd plugin-dir
@@ -58,7 +58,9 @@ cd plugin-dir
 
 ### Check Certificate/Key Validity and Archives
 
-[Verify certificates and archives](docs/verify.md)
+* [ibm-pak versions less than v1.5.0](docs/verify.md)
+
+* [ibm-pak versions greater than or equal to v1.5.0](docs/verify-v2.md)
 
 
 
diff --git a/certificates/ibm-pak-plugin.pem.cer b/certificates/ibm-pak-plugin.pem.cer
new file mode 100644
index 0000000..ac65690
--- /dev/null
+++ b/certificates/ibm-pak-plugin.pem.cer
@@ -0,0 +1,43 @@
+-----BEGIN CERTIFICATE-----
+MIIHrDCCBZSgAwIBAgIQBEXbzjEy72lLuGFm+DSGoTANBgkqhkiG9w0BAQsFADBp
+MQswCQYDVQQGEwJVUzEXMBUGA1UEChMORGlnaUNlcnQsIEluYy4xQTA/BgNVBAMT
+OERpZ2lDZXJ0IFRydXN0ZWQgRzQgQ29kZSBTaWduaW5nIFJTQTQwOTYgU0hBMzg0
+IDIwMjEgQ0ExMB4XDTIzMDExMzAwMDAwMFoXDTI0MDIwMTIzNTk1OVowgbAxCzAJ
+BgNVBAYTAlVTMREwDwYDVQQIEwhOZXcgWW9yazEPMA0GA1UEBxMGQXJtb25rMTQw
+MgYDVQQKEytJbnRlcm5hdGlvbmFsIEJ1c2luZXNzIE1hY2hpbmVzIENvcnBvcmF0
+aW9uMREwDwYDVQQLEwhJQk0gQ0NTUzE0MDIGA1UEAxMrSW50ZXJuYXRpb25hbCBC
+dXNpbmVzcyBNYWNoaW5lcyBDb3Jwb3JhdGlvbjCCAiIwDQYJKoZIhvcNAQEBBQAD
+ggIPADCCAgoCggIBAL2l185gcMrUUzd+55JnqhzTAcS8pzpuofGe7fVoxWriENFU
+QtCfgASbZGxs2DXXl+D9fDzc1Oh+bjCoCeTSzrkvzIr1Z8YeUYB/W8wSxlfAPSoK
+lvSXyDng1fjq1+W9KNyjfdMptIJWGkpYjLh36sjZxbpzebj6FAFN3hSQEtYlXFWu
+ZQF/QaKcO9hHEuriuOQVOCG1hbBo40fo9HsAWT1E+mDbMYNJNhNytnhd+Ff4W4qJ
+k+4jwq/jr2WwDRapuNoL72wvFBkLwTayMIMSgSXoK2dd98Ck057qvF9XAR1HNGuI
+rznPmDvQj3dTnauhnsvIvNqjGFQR0FcCchM6w4loVmkBJXROnr40iA9GsezIv04d
+gtKG8pfaUxQTi14RRk5p+QwLncBO9KR0SIUyzQRhDrfqIzNT6rDRqCO/1ZMTqe5g
+5s7FEYMITGPn+PQfm85vMstiTGANCBoxWzTJma54a6sFm93Tb/PHLXXCM1ZAwpQw
+i8dz92gLgWdR5w9VL0xINcsCEZZQeXovKOt6DoLUUrl6wK4FFC5P8lymX212zwIk
+qBQ9FRTN7wmQ7qKQC53A4vBzMQbBVhf30X4St16bYIvqw8ytVHab+4x0i715gpXb
+9m67Xs7eJrIOoTzex54HclZiVe5dKC+TJRbaxJ0EDcNkNfbib3xExd3Gux9NAgMB
+AAGjggIGMIICAjAfBgNVHSMEGDAWgBRoN+Drtjv4XxGG+/5hewiIZfROQjAdBgNV
+HQ4EFgQU3Mf+pvnZMtNLC2DcZEGhW/XqOGEwDgYDVR0PAQH/BAQDAgeAMBMGA1Ud
+JQQMMAoGCCsGAQUFBwMDMIG1BgNVHR8Ega0wgaowU6BRoE+GTWh0dHA6Ly9jcmwz
+LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFRydXN0ZWRHNENvZGVTaWduaW5nUlNBNDA5
+NlNIQTM4NDIwMjFDQTEuY3JsMFOgUaBPhk1odHRwOi8vY3JsNC5kaWdpY2VydC5j
+b20vRGlnaUNlcnRUcnVzdGVkRzRDb2RlU2lnbmluZ1JTQTQwOTZTSEEzODQyMDIx
+Q0ExLmNybDA+BgNVHSAENzA1MDMGBmeBDAEEATApMCcGCCsGAQUFBwIBFhtodHRw
+Oi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwgZQGCCsGAQUFBwEBBIGHMIGEMCQGCCsG
+AQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wXAYIKwYBBQUHMAKGUGh0
+dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFRydXN0ZWRHNENvZGVT
+aWduaW5nUlNBNDA5NlNIQTM4NDIwMjFDQTEuY3J0MAwGA1UdEwEB/wQCMAAwDQYJ
+KoZIhvcNAQELBQADggIBAFpVnfigiH6qBuWcCwYntUR4HHU99L3Aeqi56hpayHJm
+3IGnmEJ43z707StDDd08ML5yEt2RFH8gJ9A9j4rWOIOxWYeFxA3lw9y5dSWKpKM+
+WBAFeONFftkqYTrgOrhb5/2QQOVzNjMhVR7zhS0DYLKDcmPJvUj4eixh5CJwWP97
+zQy3dI+oSgyKBMIEkJcRtsZTZkcgMSSbnTYoB3cd3m7CkuHOoO5foo+uWUGkNVhG
+HsZAJ70SNtuKUx0SuS8WVvXf2LfeA7NE6ajjnV4yYDFP0noRuDUYwhSsEZxQJEZF
+HDg/5owbmjVblMgxBhUPz1fpYz3z7NsKN0KPcZpsPppUBl2xbLwWldbB+JH1hiKM
+f9Jh/MIBy0nvWikDYXmDXEY+zDPB+dVx7lUv2INwKtrati9zS8RW7fWuVWOHj9c7
+qQ5kzevFDeP1O6xwPleAC/unOr23/KrpEF6JX3q0YQ67/cWoZBVXgRt74o4OxTWD
+QrhaSNFaE2+otbKzh7hz7mUH8ENAk2AzYp7OggIsG5EGHBFFi0YYJndfKpl6OKwX
+jTjYMY7w/yKE9jjByOlu9rugcHYpX/6ntp3n88NPIAtgKVh0Y1+0Y7rypLZM9usa
+4eRI8dTsmWGhQEQ7y4Lb6yXSqom7bwLDfEAv6J17i0pVs77A2fhApvDVbOfIXL/g
+-----END CERTIFICATE-----
diff --git a/certificates/ibm-pak-plugin.pem.chain b/certificates/ibm-pak-plugin.pem.chain
new file mode 100644
index 0000000..42e0284
--- /dev/null
+++ b/certificates/ibm-pak-plugin.pem.chain
@@ -0,0 +1,70 @@
+-----BEGIN CERTIFICATE-----
+MIIGsDCCBJigAwIBAgIQCK1AsmDSnEyfXs2pvZOu2TANBgkqhkiG9w0BAQwFADBi
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSEwHwYDVQQDExhEaWdpQ2VydCBUcnVzdGVkIFJvb3Qg
+RzQwHhcNMjEwNDI5MDAwMDAwWhcNMzYwNDI4MjM1OTU5WjBpMQswCQYDVQQGEwJV
+UzEXMBUGA1UEChMORGlnaUNlcnQsIEluYy4xQTA/BgNVBAMTOERpZ2lDZXJ0IFRy
+dXN0ZWQgRzQgQ29kZSBTaWduaW5nIFJTQTQwOTYgU0hBMzg0IDIwMjEgQ0ExMIIC
+IjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA1bQvQtAorXi3XdU5WRuxiEL1
+M4zrPYGXcMW7xIUmMJ+kjmjYXPXrNCQH4UtP03hD9BfXHtr50tVnGlJPDqFX/IiZ
+wZHMgQM+TXAkZLON4gh9NH1MgFcSa0OamfLFOx/y78tHWhOmTLMBICXzENOLsvsI
+8IrgnQnAZaf6mIBJNYc9URnokCF4RS6hnyzhGMIazMXuk0lwQjKP+8bqHPNlaJGi
+TUyCEUhSaN4QvRRXXegYE2XFf7JPhSxIpFaENdb5LpyqABXRN/4aBpTCfMjqGzLm
+ysL0p6MDDnSlrzm2q2AS4+jWufcx4dyt5Big2MEjR0ezoQ9uo6ttmAaDG7dqZy3S
+vUQakhCBj7A7CdfHmzJawv9qYFSLScGT7eG0XOBv6yb5jNWy+TgQ5urOkfW+0/tv
+k2E0XLyTRSiDNipmKF+wc86LJiUGsoPUXPYVGUztYuBeM/Lo6OwKp7ADK5GyNnm+
+960IHnWmZcy740hQ83eRGv7bUKJGyGFYmPV8AhY8gyitOYbs1LcNU9D4R+Z1MI3s
+MJN2FKZbS110YU0/EpF23r9Yy3IQKUHw1cVtJnZoEUETWJrcJisB9IlNWdt4z4FK
+PkBHX8mBUHOFECMhWWCKZFTBzCEa6DgZfGYczXg4RTCZT/9jT0y7qg0IU0F8WD1H
+s/q27IwyCQLMbDwMVhECAwEAAaOCAVkwggFVMBIGA1UdEwEB/wQIMAYBAf8CAQAw
+HQYDVR0OBBYEFGg34Ou2O/hfEYb7/mF7CIhl9E5CMB8GA1UdIwQYMBaAFOzX44LS
+cV1kTN8uZz/nupiuHA9PMA4GA1UdDwEB/wQEAwIBhjATBgNVHSUEDDAKBggrBgEF
+BQcDAzB3BggrBgEFBQcBAQRrMGkwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRp
+Z2ljZXJ0LmNvbTBBBggrBgEFBQcwAoY1aHR0cDovL2NhY2VydHMuZGlnaWNlcnQu
+Y29tL0RpZ2lDZXJ0VHJ1c3RlZFJvb3RHNC5jcnQwQwYDVR0fBDwwOjA4oDagNIYy
+aHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0VHJ1c3RlZFJvb3RHNC5j
+cmwwHAYDVR0gBBUwEzAHBgVngQwBAzAIBgZngQwBBAEwDQYJKoZIhvcNAQEMBQAD
+ggIBADojRD2NCHbuj7w6mdNW4AIapfhINPMstuZ0ZveUcrEAyq9sMCcTEp6QRJ9L
+/Z6jfCbVN7w6XUhtldU/SfQnuxaBRVD9nL22heB2fjdxyyL3WqqQz/WTauPrINHV
+UHmImoqKwba9oUgYftzYgBoRGRjNYZmBVvbJ43bnxOQbX0P4PpT/djk9ntSZz0rd
+KOtfJqGVWEjVGv7XJz/9kNF2ht0csGBc8w2o7uCJob054ThO2m67Np375SFTWsPK
+6Wrxoj7bQ7gzyE84FJKZ9d3OVG3ZXQIUH0AzfAPilbLCIXVzUstG2MQ0HKKlS43N
+b3Y3LIU/Gs4m6Ri+kAewQ3+ViCCCcPDMyu/9KTVcH4k4Vfc3iosJocsL6TEa/y4Z
+XDlx4b6cpwoG1iZnt5LmTl/eeqxJzy6kdJKt2zyknIYf48FWGysj/4+16oh7cGvm
+oLr9Oj9FpsToFpFSi0HASIRLlk2rREDjjfAVKM7t8RhWByovEMQMCGQ8M4+uKIw8
+y4+ICw2/O/TOHnuO77Xry7fwdxPm5yg/rBKupS8ibEH5glwVZsxsDsrFhsP2JjMM
+B0ug0wcCampAMEhLNKhRILutG4UI4lkNbcoFUCvqShyepf2gpx8GdOfy1lKQ/a+F
+SCH5Vzu0nAPthkX0tGFuv2jiJmCG6sivqf6UHedjGzqGVnhO
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFkDCCA3igAwIBAgIQBZsbV56OITLiOQe9p3d1XDANBgkqhkiG9w0BAQwFADBi
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSEwHwYDVQQDExhEaWdpQ2VydCBUcnVzdGVkIFJvb3Qg
+RzQwHhcNMTMwODAxMTIwMDAwWhcNMzgwMTE1MTIwMDAwWjBiMQswCQYDVQQGEwJV
+UzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQu
+Y29tMSEwHwYDVQQDExhEaWdpQ2VydCBUcnVzdGVkIFJvb3QgRzQwggIiMA0GCSqG
+SIb3DQEBAQUAA4ICDwAwggIKAoICAQC/5pBzaN675F1KPDAiMGkz7MKnJS7JIT3y
+ithZwuEppz1Yq3aaza57G4QNxDAf8xukOBbrVsaXbR2rsnnyyhHS5F/WBTxSD1If
+xp4VpX6+n6lXFllVcq9ok3DCsrp1mWpzMpTREEQQLt+C8weE5nQ7bXHiLQwb7iDV
+ySAdYyktzuxeTsiT+CFhmzTrBcZe7FsavOvJz82sNEBfsXpm7nfISKhmV1efVFiO
+DCu3T6cw2Vbuyntd463JT17lNecxy9qTXtyOj4DatpGYQJB5w3jHtrHEtWoYOAMQ
+jdjUN6QuBX2I9YI+EJFwq1WCQTLX2wRzKm6RAXwhTNS8rhsDdV14Ztk6MUSaM0C/
+CNdaSaTC5qmgZ92kJ7yhTzm1EVgX9yRcRo9k98FpiHaYdj1ZXUJ2h4mXaXpI8OCi
+EhtmmnTK3kse5w5jrubU75KSOp493ADkRSWJtppEGSt+wJS00mFt6zPZxd9LBADM
+fRyVw4/3IbKyEbe7f/LVjHAsQWCqsWMYRJUadmJ+9oCw++hkpjPRiQfhvbfmQ6QY
+uKZ3AeEPlAwhHbJUKSWJbOUOUlFHdL4mrLZBdd56rF+NP8m800ERElvlEFDrMcXK
+chYiCd98THU/Y+whX8QgUWtvsauGi0/C1kVfnSD8oR7FwI+isX4KJpn15GkvmB0t
+9dmpsh3lGwIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIB
+hjAdBgNVHQ4EFgQU7NfjgtJxXWRM3y5nP+e6mK4cD08wDQYJKoZIhvcNAQEMBQAD
+ggIBALth2X2pbL4XxJEbw6GiAI3jZGgPVs93rnD5/ZpKmbnJeFwMDF/k5hQpVgs2
+SV1EY+CtnJYYZhsjDT156W1r1lT40jzBQ0CuHVD1UvyQO7uYmWlrx8GnqGikJ9yd
++SeuMIW59mdNOj6PWTkiU0TryF0Dyu1Qen1iIQqAyHNm0aAFYF/opbSnr6j3bTWc
+fFqK1qI4mfN4i/RN0iAL3gTujJtHgXINwBQy7zBZLq7gcfJW5GqXb5JQbZaNaHqa
+sjYUegbyJLkJEVDXCLG4iXqEI2FCKeWjzaIgQdfRnGTZ6iahixTXTBmyUEFxPT9N
+cCOGDErcgdLMMpSEDQgJlxxPwO5rIHQw0uA5NBCFIRUBCOhVMt5xSdkoF1BN5r5N
+0XWs0Mr7QbhDparTwwVETyw2m+L64kW4I1NsBm9nVX9GtUw/bihaeSbSpKhil9Ie
+4u1Ki7wb/UdKDd9nZn6yW0HQO+T0O/QEY+nvwlQAUaCKKsnOeMzV6ocEGLPOr0mI
+r/OSmbaz5mEP0oUA51Aa5BuVnRmhuZyxm7EAHu/QD09CbMkKvO5D+jpxpchNJqU1
+/YldvIViHTLSoCtU7ZpXwdv6EM8Zt4tKG48BtieVU+i2iW1bvGjUI+iLUaJW+fCm
+gKDWHrO8Dw9TdSmq6hN35N6MgSGtBxBHEa2HPQfRdbzP82Z+
+-----END CERTIFICATE-----
diff --git a/certificates/ibm-pak-plugin.pem.pub.key b/certificates/ibm-pak-plugin.pem.pub.key
new file mode 100644
index 0000000..d4bc636
--- /dev/null
+++ b/certificates/ibm-pak-plugin.pem.pub.key
@@ -0,0 +1,14 @@
+-----BEGIN PUBLIC KEY-----
+MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAvaXXzmBwytRTN37nkmeq
+HNMBxLynOm6h8Z7t9WjFauIQ0VRC0J+ABJtkbGzYNdeX4P18PNzU6H5uMKgJ5NLO
+uS/MivVnxh5RgH9bzBLGV8A9KgqW9JfIOeDV+OrX5b0o3KN90ym0glYaSliMuHfq
+yNnFunN5uPoUAU3eFJAS1iVcVa5lAX9Bopw72EcS6uK45BU4IbWFsGjjR+j0ewBZ
+PUT6YNsxg0k2E3K2eF34V/hbiomT7iPCr+OvZbANFqm42gvvbC8UGQvBNrIwgxKB
+JegrZ133wKTTnuq8X1cBHUc0a4ivOc+YO9CPd1Odq6Gey8i82qMYVBHQVwJyEzrD
+iWhWaQEldE6evjSID0ax7Mi/Th2C0obyl9pTFBOLXhFGTmn5DAudwE70pHRIhTLN
+BGEOt+ojM1PqsNGoI7/VkxOp7mDmzsURgwhMY+f49B+bzm8yy2JMYA0IGjFbNMmZ
+rnhrqwWb3dNv88ctdcIzVkDClDCLx3P3aAuBZ1HnD1UvTEg1ywIRllB5ei8o63oO
+gtRSuXrArgUULk/yXKZfbXbPAiSoFD0VFM3vCZDuopALncDi8HMxBsFWF/fRfhK3
+Xptgi+rDzK1Udpv7jHSLvXmCldv2brtezt4msg6hPN7HngdyVmJV7l0oL5MlFtrE
+nQQNw2Q19uJvfETF3ca7H00CAwEAAQ==
+-----END PUBLIC KEY-----
diff --git a/docs/command-help.md b/docs/command-help.md
index 2fe652e..9cbbd0e 100644
--- a/docs/command-help.md
+++ b/docs/command-help.md
@@ -156,11 +156,13 @@ Usage:
 oc ibm-pak generate mirror-manifests <case name> <target-registry> --version <case version> --filter <list of groups> [--final-registry <final-registry>]
 
 Flags:
-    --version string          the exact "case version" already downloaded by "oc ibm-pak get" (optional - assumes latest if not provided)
-    --filter string           comma separated list of values, which can either be a group name or architecture (default "")
-    --final-registry string   if the provided target registry is a filesystem (has a "file://" prefix), a final registry needs to be provided to 
-                              generate proper ICSP and Catalog Sources (default "") 
-    -h, --help                help for mirror-manifests   
+      --filter string           comma separated list of values, which can either be a group name or architecture (default "")
+      --final-registry string   if the provided target registry is a filesystem (has a "file://" prefix), a final registry needs to be provided to generate proper ICSP and Catalog Sources, if target registry is a registry server then this argument enables the registry to registry mirroring path (default "")
+  -h, --help                    help for mirror-manifests
+      --version string          the exact "case version" already downloaded by "oc ibm-pak get" (optional - assumes latest if not provided)
+Global Flags:
+      --log_file string   If non-empty, use this log file
+  -v, --v Level           number for the log level verbosity [0 (normal), 1 (fine), 2 (finer) or 3 (finest)]
 ```
 
 Example:
@@ -170,6 +172,9 @@ oc ibm-pak generate mirror-manifests ibm-my-cloudpak myregistry.com --version 1.
 
 2) Generate mirror manifests for a target directory structure that can be served as a registry
 oc ibm-pak generate mirror-manifests ibm-my-cloudpak file://myrepository --version 1.0.0 --final-registry myregistry.com
+
+3) Generate mirror manifests for mirroring images to an intermediate registry server and from that server to a final registry server specified via final-registry argument. This creates images-mapping-to-registry.txt and images-mapping-from-registry.txt. Both of these files should used as input to `oc image mirrorr`. When images-mapping-to-registry.txt is used, it will enable mirroring the images to intermediate-registry.com. When images-mapping-from-registry.txt. is used, it will enable mirroring images from intermediate-registry.com to myregistry.com
+oc ibm-pak generate mirror-manifests ibm-my-cloudpak intermediate-registry.com --version 1.0.0 --final-registry myregistry.com
 ```
 
 # oc ibm-pak describe
diff --git a/docs/download-github.md b/docs/download-github.md
index e42bacb..06097f1 100644
--- a/docs/download-github.md
+++ b/docs/download-github.md
@@ -8,85 +8,78 @@
   - [Linux ppc64le-architecture](#linux-ppc64le-architecture)
   - [Linux s390x-architecture](#linux-s390x-architecture)
   - [Windows](#windows)
-- [Download public keys](#download-public-keys)
+- [Download public keys for ibm-pak versions less than v1.5.0](#download-public-keys-for-ibm-pak-versions-less-than-v150)
+- [Download public keys for ibm-pak versions greater than or equal to v1.5.0](#download-public-keys-for-ibm-pak-versions-greater-than-or-equal-to-v150)
 
 <!-- END doctoc generated TOC please keep comment here to allow auto update -->
 
 # Download plugin from github release
 
-- [Download plugin from github release](#download-plugin-from-github-release)
-  - [MacOS](#macos)
-  - [Linux x86-architecture](#linux-x86-architecture)
-  - [Linux ppc64le-architecture](#linux-ppc64le-architecture)
-  - [Linux s390x-architecture](#linux-s390x-architecture)
-  - [Windows](#windows)
-- [Download public keys](#download-public-keys)
-
 ## MacOS 
 
 Example using `curl`:
 ```
-curl -L https://github.com/IBM/ibm-pak/releases/download/v1.4.2/oc-ibm_pak-darwin-amd64.tar.gz -o oc-ibm_pak-darwin-amd64.tar.gz
-curl -L https://github.com/IBM/ibm-pak/releases/download/v1.4.2/oc-ibm_pak-darwin-amd64.tar.gz.sig -o oc-ibm_pak-darwin-amd64.tar.gz.sig
+curl -L https://github.com/IBM/ibm-pak/releases/download/v1.5.0/oc-ibm_pak-darwin-amd64.tar.gz -o oc-ibm_pak-darwin-amd64.tar.gz
+curl -L https://github.com/IBM/ibm-pak/releases/download/v1.5.0/oc-ibm_pak-darwin-amd64.tar.gz.sig -o oc-ibm_pak-darwin-amd64.tar.gz.sig
 ```
 
 Example using `wget`:
 ```
-wget https://github.com/IBM/ibm-pak/releases/download/v1.4.2/oc-ibm_pak-darwin-amd64.tar.gz
-wget https://github.com/IBM/ibm-pak/releases/download/v1.4.2/oc-ibm_pak-darwin-amd64.tar.gz.sig
+wget https://github.com/IBM/ibm-pak/releases/download/v1.5.0/oc-ibm_pak-darwin-amd64.tar.gz
+wget https://github.com/IBM/ibm-pak/releases/download/v1.5.0/oc-ibm_pak-darwin-amd64.tar.gz.sig
 ```
 
 ## Linux x86-architecture
 
 Example using `curl`:
 ```
-curl -L https://github.com/IBM/ibm-pak/releases/download/v1.4.2/oc-ibm_pak-linux-amd64.tar.gz -o oc-ibm_pak-linux-amd64.tar.gz
-curl -L https://github.com/IBM/ibm-pak/releases/download/v1.4.2/oc-ibm_pak-linux-amd64.tar.gz.sig -o oc-ibm_pak-linux-amd64.tar.gz.sig
+curl -L https://github.com/IBM/ibm-pak/releases/download/v1.5.0/oc-ibm_pak-linux-amd64.tar.gz -o oc-ibm_pak-linux-amd64.tar.gz
+curl -L https://github.com/IBM/ibm-pak/releases/download/v1.5.0/oc-ibm_pak-linux-amd64.tar.gz.sig -o oc-ibm_pak-linux-amd64.tar.gz.sig
 ```
 
 Example using `wget`:
 ```
-wget https://github.com/IBM/ibm-pak/releases/download/v1.4.2/oc-ibm_pak-linux-amd64.tar.gz
-wget https://github.com/IBM/ibm-pak/releases/download/v1.4.2/oc-ibm_pak-linux-amd64.tar.gz.sig
+wget https://github.com/IBM/ibm-pak/releases/download/v1.5.0/oc-ibm_pak-linux-amd64.tar.gz
+wget https://github.com/IBM/ibm-pak/releases/download/v1.5.0/oc-ibm_pak-linux-amd64.tar.gz.sig
 ```
 
 ## Linux ppc64le-architecture
 
 Example using `curl`:
 ```
-curl -L https://github.com/IBM/ibm-pak/releases/download/v1.4.2/oc-ibm_pak-linux-ppc64le.tar.gz -o oc-ibm_pak-linux-ppc64le.tar.gz
-curl -L https://github.com/IBM/ibm-pak/releases/download/v1.4.2/oc-ibm_pak-linux-ppc64le.tar.gz.sig -o oc-ibm_pak-linux-ppc64le.tar.gz.sig
+curl -L https://github.com/IBM/ibm-pak/releases/download/v1.5.0/oc-ibm_pak-linux-ppc64le.tar.gz -o oc-ibm_pak-linux-ppc64le.tar.gz
+curl -L https://github.com/IBM/ibm-pak/releases/download/v1.5.0/oc-ibm_pak-linux-ppc64le.tar.gz.sig -o oc-ibm_pak-linux-ppc64le.tar.gz.sig
 ```
 
 Example using `wget`:
 ```
-wget https://github.com/IBM/ibm-pak/releases/download/v1.4.2/oc-ibm_pak-linux-ppc64le.tar.gz
-wget https://github.com/IBM/ibm-pak/releases/download/v1.4.2/oc-ibm_pak-linux-ppc64le.tar.gz.sig
+wget https://github.com/IBM/ibm-pak/releases/download/v1.5.0/oc-ibm_pak-linux-ppc64le.tar.gz
+wget https://github.com/IBM/ibm-pak/releases/download/v1.5.0/oc-ibm_pak-linux-ppc64le.tar.gz.sig
 ```
 
 ## Linux s390x-architecture
 
 Example using `curl`:
 ```
-curl -L https://github.com/IBM/ibm-pak/releases/download/v1.4.2/oc-ibm_pak-linux-s390x.tar.gz -o oc-ibm_pak-linux-s390x.tar.gz
-curl -L https://github.com/IBM/ibm-pak/releases/download/v1.4.2/oc-ibm_pak-linux-s390x.tar.gz.sig -o oc-ibm_pak-linux-s390x.tar.gz.sig
+curl -L https://github.com/IBM/ibm-pak/releases/download/v1.5.0/oc-ibm_pak-linux-s390x.tar.gz -o oc-ibm_pak-linux-s390x.tar.gz
+curl -L https://github.com/IBM/ibm-pak/releases/download/v1.5.0/oc-ibm_pak-linux-s390x.tar.gz.sig -o oc-ibm_pak-linux-s390x.tar.gz.sig
 ```
 
 Example using `wget`:
 ```
-wget https://github.com/IBM/ibm-pak/releases/download/v1.4.2/oc-ibm_pak-linux-s390x.tar.gz
-wget https://github.com/IBM/ibm-pak/releases/download/v1.4.2/oc-ibm_pak-linux-s390x.tar.gz.sig
+wget https://github.com/IBM/ibm-pak/releases/download/v1.5.0/oc-ibm_pak-linux-s390x.tar.gz
+wget https://github.com/IBM/ibm-pak/releases/download/v1.5.0/oc-ibm_pak-linux-s390x.tar.gz.sig
 ```
 
 ## Windows
 
 Example (from PowerShell) using `curl`:
 ```
-curl https://github.com/IBM/ibm-pak/releases/download/v1.4.2/oc-ibm_pak-windows-amd64.tar.gz -o oc-ibm_pak-windows-amd64.tar.gz
-curl https://github.com/IBM/ibm-pak/releases/download/v1.4.2/oc-ibm_pak-windows-amd64.tar.gz.sig -o oc-ibm_pak-windows-amd64.tar.gz.sig
+curl https://github.com/IBM/ibm-pak/releases/download/v1.5.0/oc-ibm_pak-windows-amd64.tar.gz -o oc-ibm_pak-windows-amd64.tar.gz
+curl https://github.com/IBM/ibm-pak/releases/download/v1.5.0/oc-ibm_pak-windows-amd64.tar.gz.sig -o oc-ibm_pak-windows-amd64.tar.gz.sig
 ```
 
-# Download public keys
+# Download public keys for ibm-pak versions less than v1.5.0
 
 Retrieve the latest public keys (example with wget):
 ```
@@ -101,3 +94,19 @@ curl https://raw.githubusercontent.com/IBM/ibm-pak/main/ibm-pak-plugin.pem -o ib
 curl https://raw.githubusercontent.com/IBM/ibm-pak/main/ibm-pak-plugin-chain0.pem -o ibm-pak-plugin-chain0.pem
 curl https://raw.githubusercontent.com/IBM/ibm-pak/main/ibm-pak-plugin-chain1.pem -o ibm-pak-plugin-chain1.pem
 ```
+
+# Download public keys for ibm-pak versions greater than or equal to v1.5.0
+
+Retrieve the latest public keys (example with wget):
+```
+wget https://raw.githubusercontent.com/IBM/ibm-pak/main/certificates/ibm-pak-plugin.pem.cer
+wget https://raw.githubusercontent.com/IBM/ibm-pak/main/certificates/ibm-pak-plugin.pem.chain
+wget https://raw.githubusercontent.com/IBM/ibm-pak/main/certificates/ibm-pak-plugin.pem.pub.key
+```
+
+Retrieve the latest public keys (example with curl):
+```
+curl https://raw.githubusercontent.com/IBM/ibm-pak/main/certificates/ibm-pak-plugin.pem.cer -o ibm-pak-plugin.pem.cer
+curl https://raw.githubusercontent.com/IBM/ibm-pak/main/certificates/ibm-pak-plugin.pem.chain -o ibm-pak-plugin.pem.chain
+curl https://raw.githubusercontent.com/IBM/ibm-pak/main/certificates/ibm-pak-plugin.pem.pub.key -o ibm-pak-plugin.pem.pub.key
+```
diff --git a/docs/verify-v2.md b/docs/verify-v2.md
new file mode 100644
index 0000000..ae34c32
--- /dev/null
+++ b/docs/verify-v2.md
@@ -0,0 +1,80 @@
+<!-- START doctoc generated TOC please keep comment here to allow auto update -->
+<!-- DON'T EDIT THIS SECTION, INSTEAD RE-RUN doctoc TO UPDATE -->
+**Table of Contents**  *generated with [DocToc](https://github.com/thlorenz/doctoc)*
+
+- [Download public keys](#download-public-keys)
+- [Check Certificate/Key Validity and Archives](#check-certificatekey-validity-and-archives)
+  - [Check Certificate/Key Validity](#check-certificatekey-validity)
+    - [Verify that the certificate/key is owned by IBM:](#verify-that-the-certificatekey-is-owned-by-ibm)
+    - [Verify authenticity of certificate/key:](#verify-authenticity-of-certificatekey)
+  - [Optionally Compare the certificate and the public key](#optionally-compare-the-certificate-and-the-public-key)
+    - [Check public key details](#check-public-key-details)
+    - [Check certficate details](#check-certficate-details)
+  - [Verify Archive](#verify-archive)
+
+<!-- END doctoc generated TOC please keep comment here to allow auto update -->
+# Download public keys
+Please follow instructions provided [here](download-github.md#download-public-keys-for-ibm-pak-versions-greater-than-or-equal-to-v150)
+# Check Certificate/Key Validity and Archives
+
+* [Check Certificate/Key Validity](#check-certificate/key-validity)
+* [Optionally Validate Each Certificate Individually](#optionally-validate-each-certificate-individually)
+* [Verify Archive](#verify-archive)
+
+
+
+## Check Certificate/Key Validity
+
+### Verify that the certificate/key is owned by IBM:
+Note: On windows, run below commands from Git Bash
+
+```
+openssl x509 -inform pem -in ibm-pak-plugin.pem.cer -noout -text
+```
+
+### Verify authenticity of certificate/key:
+
+```
+openssl ocsp -no_nonce -issuer ibm-pak-plugin.pem.chain -cert ibm-pak-plugin.pem.cer -VAfile ibm-pak-plugin.pem.chain -text -url http://ocsp.digicert.com -respout ocsptest
+```
+
+Should see a message that contains:
+
+`Response verify OK`
+
+## Optionally Compare the certificate and the public key
+
+### Check public key details
+
+```
+openssl rsa -noout -text -inform PEM -in ibm-pak-plugin.pem.pub.key -pubin
+```
+
+Make a note of modulus and Exponent
+
+### Check certficate details
+
+```
+openssl x509 -inform pem -in ibm-pak-plugin.pem.cer -noout -text
+```
+
+Check the `Public-Key` section in the output and compare with previous result.
+
+
+## Verify Archive
+
+We will verify oc-ibm_pak-linux-amd64.tar.gz. Steps will be same for other archives.
+
+Convert the signature from base64 to bytes
+
+```
+export ARCHIVE=oc-ibm_pak-linux-amd64.tar.gz
+openssl enc -d -A -base64 -in "${ARCHIVE}.sig" -out "/tmp/${ARCHIVE}.decoded.sig"
+```
+
+Verify the signature bytes:
+
+```
+export ARCHIVE=oc-ibm_pak-linux-amd64.tar.gz
+openssl dgst -verify ibm-pak-plugin.pem.pub.key -keyform PEM -sha256 -signature "/tmp/${ARCHIVE}.decoded.sig" -binary "${ARCHIVE}"
+```
diff --git a/docs/verify.md b/docs/verify.md
index 07659e9..8fe4362 100644
--- a/docs/verify.md
+++ b/docs/verify.md
@@ -2,6 +2,7 @@
 <!-- DON'T EDIT THIS SECTION, INSTEAD RE-RUN doctoc TO UPDATE -->
 **Table of Contents**  *generated with [DocToc](https://github.com/thlorenz/doctoc)*
 
+- [Download public keys](#download-public-keys)
 - [Check Certificate/Key Validity and Archives](#check-certificatekey-validity-and-archives)
   - [Check Certificate/Key Validity](#check-certificatekey-validity)
     - [Verify that the certificate/key is owned by IBM:](#verify-that-the-certificatekey-is-owned-by-ibm)
@@ -12,6 +13,8 @@
   - [Verify Archive](#verify-archive)
 
 <!-- END doctoc generated TOC please keep comment here to allow auto update -->
+# Download public keys
+Please follow instructions provided [here](download-github.md#download-public-keys-for-ibm-pak-versions-less-than-v150)
 
 # Check Certificate/Key Validity and Archives