"This document defines a ""manifest"" for use in the Resource Public Key Infrastructure (RPKI). A manifest is a signed object (file) that contains a listing of all the signed objects (files) in the repository publication point (directory) associated with an authority responsible for publishing in the repository. For each certificate@ Certificate Revocation List (CRL)@ or other type of signed objects issued by the authority that are published at this repository publication point@ the manifest contains both the name of the file containing the object and a hash of the file content. Manifests are intended to enable a relying party (RP) to detect certain forms of attacks against a repository. Specifically@ if an RP checks a manifest's contents against the signed objects retrieved from a repository publication point@ then the RP can detect ""stale"" (valid) data and deletion of signed objects."
RFC 6486-2012 history
2012RFC 6486-2012 Manifests for the Resource Public Key Infrastructure (RPKI)