Recently published test package not available for download

[freakboy3742]

My Platform

• macOS 12.5.1
• M1 Macbook Pro
• Connection over a home FTTC Australian-NBN broadband connection; no firewalls or proxies in use.
• Laptop connection over a Eero 6+ Wifi6 mesh router
• pip 22.2.2

Package briefcase==0.3.10.rc2 was published to test.pypi.org at 2022-09-29 02:35:22Z. The release has a valid URL: https://test.pypi.org/project/briefcase/0.3.10rc2/

However, as of 2022-09-29 03:10:00Z, https://test.pypi.org/project/briefcase shows 0.3.0rc1 as the most recent release.

pip install -i https://test.pypi.org/simple/ briefcase==0.3.10rc2 also fails, saying 0.3.0rc1 is the most recent available release.

Fastly Debug

ewogICJnZW9pcCI6IHsKICAgICJjaSI6ICJmb3JyZXN0ZmllbGQiLAogICAgInN0IjogIldBIiwKICAgICJjdCI6ICJhdXN0cmFsaWEiLAogICAgImNvIjogIk9DIiwKICAgICJjX2lwIjogIjE0LjIwMi4yNDEuMTMwIiwKICAgICJjX2FzbiI6ICI3NTQ1IiwKICAgICJjX2Fzbl9uYW1lIjogInRwZyB0ZWxlY29tIGxpbWl0ZWQiLAogICAgInJfaXAiOiAiMTM2LjE0NC41NC4xMTciLAogICAgInJfYXNuIjogIjU0ODI1IiwKICAgICJyX2Fzbl9uYW1lIjogInBhY2tldCBob3N0IGluYy4iLAogICAgInJfY2kiOiAic2FudGEgY2xhcmEiLAogICAgInJfc3QiOiAiQ0EiLAogICAgInJfY3QiOiAidW5pdGVkIHN0YXRlcyIsCiAgICAicl9jbyI6ICJOQSIKICB9LAogICJwb3BMYXRlbmN5IjogewogICAgImFkbCI6IDM3LAogICAgImFrbCI6IDgwLAogICAgImJuZSI6IDY4LAogICAgImNoYyI6IDk0LAogICAgIm1lbCI6IDQ3LAogICAgInBlciI6IDgsCiAgICAic3lkIjogNTYsCiAgICAid2xnIjogOTAsCiAgICAiYW55IjogNwogIH0sCiAgInBvcEFzc2lnbm1lbnRzIjogewogICAgImFjIjogInBlciIsCiAgICAiYXMiOiAic2pjIgogIH0sCiAgInJlcXVlc3QiOiB7CiAgICAicmVzb2x2ZXJfaXAiOiAiMTM2LjE0NC41NC4xMTciLAogICAgInJlc29sdmVyX2FzX25hbWUiOiAiUEFDS0VULCBVUyIsCiAgICAicmVzb2x2ZXJfYXNfbnVtYmVyIjogIjU0ODI1IiwKICAgICJyZXNvbHZlcl9jb3VudHJ5X2NvZGUiOiAiVVMiLAogICAgImNsaWVudF9pcCI6ICIxNC4yMDIuMjQxLjEzMCIsCiAgICAiY2xpZW50X2FzX25hbWUiOiAiVFBHLUlOVEVSTkVULUFQIFRQRyBUZWxlY29tIExpbWl0ZWQsIEFVIiwKICAgICJjbGllbnRfYXNfbnVtYmVyIjogIjc1NDUiLAogICAgInRpbWUiOiAiMjAyMi0wOS0yOVQwMjo1MjozNC4wMDBaIiwKICAgICJob3N0IjogInd3dy5mYXN0bHktZGVidWcuY29tIiwKICAgICJhY2NlcHQiOiAidGV4dC9odG1sLGFwcGxpY2F0aW9uL3hodG1sK3htbCxhcHBsaWNhdGlvbi94bWw7cT0wLjksKi8qO3E9MC44IiwKICAgICJ1c2VyYWdlbnQiOiAiTW96aWxsYS81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTVfNykgQXBwbGVXZWJLaXQvNjA1LjEuMTUgKEtIVE1MLCBsaWtlIEdlY2tvKSBWZXJzaW9uLzE1LjYuMSBTYWZhcmkvNjA1LjEuMTUiLAogICAgImFjY2VwdGxhbmd1YWdlIjogImVuLUFVLGVuO3E9MC45IiwKICAgICJhY2NlcHRlbmNvZGluZyI6ICJnemlwIiwKICAgICJmYXN0bHlzZXJ2ZXJpcCI6ICIxNTEuMTAxLjQwLjY0IiwKICAgICJ4ZmYiOiAiMTQuMjAyLjI0MS4xMzAiLAogICAgImRhdGFjZW50ZXIiOiAiU0pDIiwKICAgICJiYW5kd2lkdGhfbWJwcyI6ICI1LjI2IiwKICAgICJjd25kIjogMzYwLAogICAgIm5leHRob3AiOiAiMTcyLjE2LjE0OC4xIiwKICAgICJydHQiOiAyMTAuMTcxLAogICAgImRlbHRhX3JldHJhbnMiOiAwLAogICAgInRvdGFsX3JldHJhbnMiOiAwCiAgfQp9

DNS Resolution

$ dig pypi.org A

; <<>> DiG 9.10.6 <<>> pypi.org A
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18638
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;pypi.org.                      IN      A

;; ANSWER SECTION:
pypi.org.               73367   IN      A       151.101.192.223
pypi.org.               73367   IN      A       151.101.128.223
pypi.org.               73367   IN      A       151.101.0.223
pypi.org.               73367   IN      A       151.101.64.223

;; Query time: 218 msec
;; SERVER: 192.168.4.1#53(192.168.4.1)
;; WHEN: Thu Sep 29 10:53:12 AWST 2022
;; MSG SIZE  rcvd: 133

$ dig pypi.org AAAA

; <<>> DiG 9.10.6 <<>> pypi.org AAAA
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 615
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;pypi.org.                      IN      AAAA

;; ANSWER SECTION:
pypi.org.               84704   IN      AAAA    2a04:4e42:600::223
pypi.org.               84704   IN      AAAA    2a04:4e42::223
pypi.org.               84704   IN      AAAA    2a04:4e42:400::223
pypi.org.               84704   IN      AAAA    2a04:4e42:200::223

;; Query time: 214 msec
;; SERVER: 192.168.4.1#53(192.168.4.1)
;; WHEN: Thu Sep 29 10:53:28 AWST 2022
;; MSG SIZE  rcvd: 181

$ dig files.pythonhosted.org A

; <<>> DiG 9.10.6 <<>> files.pythonhosted.org A
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18073
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;files.pythonhosted.org.                IN      A

;; ANSWER SECTION:
files.pythonhosted.org. 80647   IN      CNAME   dualstack.r.ssl.global.fastly.net.
dualstack.r.ssl.global.fastly.net. 30 IN A      151.101.41.63

;; Query time: 231 msec
;; SERVER: 192.168.4.1#53(192.168.4.1)
;; WHEN: Thu Sep 29 10:53:45 AWST 2022
;; MSG SIZE  rcvd: 169

$ dig files.pythonhosted.org AAAA

; <<>> DiG 9.10.6 <<>> files.pythonhosted.org AAAA
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 64482
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;files.pythonhosted.org.                IN      AAAA

;; ANSWER SECTION:
files.pythonhosted.org. 80637   IN      CNAME   dualstack.r.ssl.global.fastly.net.
dualstack.r.ssl.global.fastly.net. 30 IN AAAA   2a04:4e42:a::319

;; Query time: 217 msec
;; SERVER: 192.168.4.1#53(192.168.4.1)
;; WHEN: Thu Sep 29 10:53:54 AWST 2022
;; MSG SIZE  rcvd: 181

$ dig test.pypi.org A            

; <<>> DiG 9.10.6 <<>> test.pypi.org A
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 65482
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;test.pypi.org.                 IN      A

;; ANSWER SECTION:
test.pypi.org.          86021   IN      CNAME   dualstack.r.ssl.global.fastly.net.
dualstack.r.ssl.global.fastly.net. 37 IN A      151.101.41.63

;; Query time: 214 msec
;; SERVER: 192.168.4.1#53(192.168.4.1)
;; WHEN: Thu Sep 29 10:54:08 AWST 2022
;; MSG SIZE  rcvd: 151

$dig test.pypi.org AAAA

; <<>> DiG 9.10.6 <<>> test.pypi.org AAAA
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 64078
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;test.pypi.org.                 IN      AAAA

;; ANSWER SECTION:
test.pypi.org.          85996   IN      CNAME   dualstack.r.ssl.global.fastly.net.
dualstack.r.ssl.global.fastly.net. 22 IN AAAA   2a04:4e42:a::319

;; Query time: 214 msec
;; SERVER: 192.168.4.1#53(192.168.4.1)
;; WHEN: Thu Sep 29 10:54:33 AWST 2022
;; MSG SIZE  rcvd: 163

Traceroutes / IPv4

$ traceroute pypi.org
traceroute: Warning: pypi.org has multiple addresses; using 151.101.192.223
traceroute to pypi.org (151.101.192.223), 64 hops max, 52 byte packets
 1  192.168.4.1 (192.168.4.1)  7.559 ms  3.951 ms  2.730 ms
 2  10.1.1.1 (10.1.1.1)  4.443 ms  3.211 ms  3.597 ms
 3  10.20.26.56 (10.20.26.56)  8.718 ms  8.082 ms  7.936 ms
 4  203.29.134-212.tpgi.com.au (203.29.134.212)  9.845 ms  8.611 ms  8.352 ms
 5  * * *
 6  * * *

$ traceroute files.pythonhosted.org
traceroute to dualstack.r.ssl.global.fastly.net (151.101.41.63), 64 hops max, 52 byte packets
 1  192.168.4.1 (192.168.4.1)  7.038 ms  3.296 ms  3.604 ms
 2  10.1.1.1 (10.1.1.1)  10.073 ms  4.651 ms  3.917 ms
 3  10.20.26.56 (10.20.26.56)  10.081 ms  8.801 ms  9.863 ms
 4  203.29.134-193.tpgi.com.au (203.29.134.193)  10.452 ms  8.253 ms  10.312 ms
 5  syd-tpg-wat-crt2-ge-3-1.static.tpgi.com.au (203.26.22.125)  57.920 ms  57.563 ms  57.131 ms
 6  adl-ts3-2600-105.tpgi.com.au (203.29.135.105)  61.818 ms  57.084 ms  58.127 ms
 7  syd-gls-har-int2-be100.tpgi.com.au (203.221.3.4)  62.525 ms  64.038 ms
    syd-gls-har-int2-be200.tpgi.com.au (203.221.3.68)  63.012 ms
 8  * * *
 9  * * *

$ traceroute test.pypi.org
traceroute to dualstack.r.ssl.global.fastly.net (151.101.41.63), 64 hops max, 52 byte packets
 1  192.168.4.1 (192.168.4.1)  5.166 ms  3.112 ms  3.942 ms
 2  10.1.1.1 (10.1.1.1)  3.947 ms  4.351 ms  3.624 ms
 3  10.20.26.56 (10.20.26.56)  10.534 ms  7.872 ms  8.063 ms
 4  203.29.134-193.tpgi.com.au (203.29.134.193)  11.562 ms  9.135 ms  8.797 ms
 5  syd-tpg-wat-crt2-ge-3-1.static.tpgi.com.au (203.26.22.125)  58.765 ms  57.368 ms  57.069 ms
 6  adl-ts3-2600-105.tpgi.com.au (203.29.135.105)  59.979 ms  57.594 ms  57.201 ms
 7  syd-gls-har-int2-be200.tpgi.com.au (203.221.3.68)  66.272 ms
    syd-gls-har-int2-be100.tpgi.com.au (203.221.3.4)  64.804 ms
    syd-gls-har-int2-be200.tpgi.com.au (203.221.3.68)  62.414 ms
 8  * * *
 9  * * *

Traceroutes / IPv6 (If available)

$ traceroute6 pypi.org
traceroute6: Warning: pypi.org has multiple addresses; using 2a04:4e42:400::223
traceroute6 to pypi.org (2a04:4e42:400::223) from fd14:e13f:8ce6:1:1c2c:6e24:ea7c:6f2c, 64 hops max, 12 byte packets
 1  fd14:e13f:8ce6:1::1  6.826 ms !N  8.914 ms !N  13.945 ms !N

$ traceroute6 files.pythonhosted.org
traceroute6 to dualstack.r.ssl.global.fastly.net (2a04:4e42:a::319) from fd14:e13f:8ce6:1:1c2c:6e24:ea7c:6f2c, 64 hops max, 12 byte packets
 1  fd14:e13f:8ce6:1::1  4.793 ms !N  4.151 ms !N  3.798 ms !N

$ traceroute6 test.pypi.org
traceroute6 to dualstack.r.ssl.global.fastly.net (2a04:4e42:a::319) from fd14:e13f:8ce6:1:1c2c:6e24:ea7c:6f2c, 64 hops max, 12 byte packets
 1  fd14:e13f:8ce6:1::1  3.326 ms !N  3.237 ms !N  5.688 ms !N

HTTPS Requests / IPv4

$ curl -vvv -I --ipv4 https://pypi.org/pypi/pip/json

*   Trying 151.101.0.223:443...
* Connected to pypi.org (151.101.0.223) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*  CAfile: /etc/ssl/cert.pem
*  CApath: none
* (304) (OUT), TLS handshake, Client hello (1):
* (304) (IN), TLS handshake, Server hello (2):
* (304) (IN), TLS handshake, Unknown (8):
* (304) (IN), TLS handshake, Certificate (11):
* (304) (IN), TLS handshake, CERT verify (15):
* (304) (IN), TLS handshake, Finished (20):
* (304) (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / AEAD-CHACHA20-POLY1305-SHA256
* ALPN, server accepted to use h2
* Server certificate:
*  subject: CN=pypi.org
*  start date: Jul 26 19:45:14 2022 GMT
*  expire date: Aug 27 19:45:13 2023 GMT
*  subjectAltName: host "pypi.org" matched cert's "pypi.org"
*  issuer: C=BE; O=GlobalSign nv-sa; CN=GlobalSign Atlas R3 DV TLS CA 2022 Q3
*  SSL certificate verify ok.
* Using HTTP2, server supports multiplexing
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0x12d812c00)
> HEAD /pypi/pip/json HTTP/2
> Host: pypi.org
> user-agent: curl/7.79.1
> accept: */*
> 
< HTTP/2 200 
HTTP/2 200 
< access-control-allow-headers: Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since
access-control-allow-headers: Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since
< access-control-allow-methods: GET
access-control-allow-methods: GET
< access-control-allow-origin: *
access-control-allow-origin: *
< access-control-expose-headers: X-PyPI-Last-Serial
access-control-expose-headers: X-PyPI-Last-Serial
< access-control-max-age: 86400
access-control-max-age: 86400
< cache-control: max-age=900, public
cache-control: max-age=900, public
< content-security-policy: base-uri 'self'; block-all-mixed-content; connect-src 'self' https://api.github.com/repos/ fastly-insights.com *.fastly-insights.com *.ethicalads.io https://api.pwnedpasswords.com https://cdn.jsdelivr.net/npm/mathjax@3.2.2/es5/sre/mathmaps/ https://2p66nmmycsj3.statuspage.io; default-src 'none'; font-src 'self' fonts.gstatic.com; form-action 'self' https://checkout.stripe.com; frame-ancestors 'none'; frame-src 'none'; img-src 'self' https://warehouse-camo.ingress.cmh1.psfhosted.org/ www.google-analytics.com *.fastly-insights.com *.ethicalads.io; script-src 'self' www.googletagmanager.com www.google-analytics.com *.fastly-insights.com *.ethicalads.io 'sha256-U3hKDidudIaxBDEzwGJApJgPEf2mWk6cfMWghrAa6i0=' https://cdn.jsdelivr.net/npm/mathjax@3.2.2/ 'sha256-1CldwzdEg2k1wTmf7s5RWVd7NMXI/7nxxjJM2C4DqII=' 'sha256-0POaN8stWYQxhzjKS+/eOfbbJ/u4YHO5ZagJvLpMypo='; style-src 'self' fonts.googleapis.com *.ethicalads.io 'sha256-2YHqZokjiizkHi1Zt+6ar0XJ0OeEy/egBnlm+MDMtrM=' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=' 'sha256-JLEjeN9e5dGsz5475WyRaoA4eQOdNPxDIeUhclnJDCE=' 'sha256-mQyxHEuwZJqpxCw3SLmc4YOySNKXunyu2Oiz1r3/wAE=' 'sha256-OCf+kv5Asiwp++8PIevKBYSgnNLNUZvxAp4a7wMLuKA=' 'sha256-h5LOiLhk6wiJrGsG5ItM0KimwzWQH/yAcmoJDJL//bY='; worker-src *.fastly-insights.com
content-security-policy: base-uri 'self'; block-all-mixed-content; connect-src 'self' https://api.github.com/repos/ fastly-insights.com *.fastly-insights.com *.ethicalads.io https://api.pwnedpasswords.com https://cdn.jsdelivr.net/npm/mathjax@3.2.2/es5/sre/mathmaps/ https://2p66nmmycsj3.statuspage.io; default-src 'none'; font-src 'self' fonts.gstatic.com; form-action 'self' https://checkout.stripe.com; frame-ancestors 'none'; frame-src 'none'; img-src 'self' https://warehouse-camo.ingress.cmh1.psfhosted.org/ www.google-analytics.com *.fastly-insights.com *.ethicalads.io; script-src 'self' www.googletagmanager.com www.google-analytics.com *.fastly-insights.com *.ethicalads.io 'sha256-U3hKDidudIaxBDEzwGJApJgPEf2mWk6cfMWghrAa6i0=' https://cdn.jsdelivr.net/npm/mathjax@3.2.2/ 'sha256-1CldwzdEg2k1wTmf7s5RWVd7NMXI/7nxxjJM2C4DqII=' 'sha256-0POaN8stWYQxhzjKS+/eOfbbJ/u4YHO5ZagJvLpMypo='; style-src 'self' fonts.googleapis.com *.ethicalads.io 'sha256-2YHqZokjiizkHi1Zt+6ar0XJ0OeEy/egBnlm+MDMtrM=' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=' 'sha256-JLEjeN9e5dGsz5475WyRaoA4eQOdNPxDIeUhclnJDCE=' 'sha256-mQyxHEuwZJqpxCw3SLmc4YOySNKXunyu2Oiz1r3/wAE=' 'sha256-OCf+kv5Asiwp++8PIevKBYSgnNLNUZvxAp4a7wMLuKA=' 'sha256-h5LOiLhk6wiJrGsG5ItM0KimwzWQH/yAcmoJDJL//bY='; worker-src *.fastly-insights.com
< content-type: application/json
content-type: application/json
< etag: "E4nWm4FNE2yZo7IIuiW4Ng"
etag: "E4nWm4FNE2yZo7IIuiW4Ng"
< referrer-policy: origin-when-cross-origin
referrer-policy: origin-when-cross-origin
< server: nginx/1.13.9
server: nginx/1.13.9
< x-pypi-last-serial: 14644688
x-pypi-last-serial: 14644688
< accept-ranges: bytes
accept-ranges: bytes
< date: Thu, 29 Sep 2022 03:07:07 GMT
date: Thu, 29 Sep 2022 03:07:07 GMT
< x-served-by: cache-iad-kcgs7200098-IAD, cache-per12621-PER
x-served-by: cache-iad-kcgs7200098-IAD, cache-per12621-PER
< x-cache: HIT, HIT
x-cache: HIT, HIT
< x-cache-hits: 6225, 1
x-cache-hits: 6225, 1
< x-timer: S1664420827.375388,VS0,VE1
x-timer: S1664420827.375388,VS0,VE1
< vary: Accept-Encoding, Accept-Encoding
vary: Accept-Encoding, Accept-Encoding
< strict-transport-security: max-age=31536000; includeSubDomains; preload
strict-transport-security: max-age=31536000; includeSubDomains; preload
< x-frame-options: deny
x-frame-options: deny
< x-xss-protection: 1; mode=block
x-xss-protection: 1; mode=block
< x-content-type-options: nosniff
x-content-type-options: nosniff
< x-permitted-cross-domain-policies: none
x-permitted-cross-domain-policies: none
< content-length: 146199
content-length: 146199

< 
* Connection #0 to host pypi.org left intact

$ curl -vvv -I --ipv4 https://files.pythonhosted.org/packages/ae/e8/2340d46ecadb1692a1e455f13f75e596d4eab3d11a57446f08259dee8f02/pip-10.0.1.tar.gz
*   Trying 151.101.41.63:443...
* Connected to files.pythonhosted.org (151.101.41.63) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*  CAfile: /etc/ssl/cert.pem
*  CApath: none
* (304) (OUT), TLS handshake, Client hello (1):
* (304) (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-CHACHA20-POLY1305
* ALPN, server accepted to use h2
* Server certificate:
*  subject: CN=*.pythonhosted.org
*  start date: Sep 27 20:45:08 2022 GMT
*  expire date: Oct 29 20:45:07 2023 GMT
*  subjectAltName: host "files.pythonhosted.org" matched cert's "*.pythonhosted.org"
*  issuer: C=BE; O=GlobalSign nv-sa; CN=GlobalSign Atlas R3 DV TLS CA 2022 Q3
*  SSL certificate verify ok.
* Using HTTP2, server supports multiplexing
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0x15200ec00)
> HEAD /packages/ae/e8/2340d46ecadb1692a1e455f13f75e596d4eab3d11a57446f08259dee8f02/pip-10.0.1.tar.gz HTTP/2
> Host: files.pythonhosted.org
> user-agent: curl/7.79.1
> accept: */*
> 
< HTTP/2 200 
HTTP/2 200 
< last-modified: Wed, 26 Feb 2020 17:47:37 GMT
last-modified: Wed, 26 Feb 2020 17:47:37 GMT
< etag: "83a177756e2c801d0b3a6f7b0d4f3f7e"
etag: "83a177756e2c801d0b3a6f7b0d4f3f7e"
< x-goog-generation: 1582739257438329
x-goog-generation: 1582739257438329
< x-goog-metageneration: 1
x-goog-metageneration: 1
< x-goog-stored-content-encoding: identity
x-goog-stored-content-encoding: identity
< x-goog-stored-content-length: 1246072
x-goog-stored-content-length: 1246072
< content-type: binary/octet-stream
content-type: binary/octet-stream
< x-goog-hash: crc32c=Om2N1A==
x-goog-hash: crc32c=Om2N1A==
< x-goog-hash: md5=g6F3dW4sgB0LOm97DU8/fg==
x-goog-hash: md5=g6F3dW4sgB0LOm97DU8/fg==
< server: UploadServer
server: UploadServer
< cache-control: max-age=365000000, immutable, public
cache-control: max-age=365000000, immutable, public
< accept-ranges: bytes
accept-ranges: bytes
< date: Thu, 29 Sep 2022 03:08:07 GMT
date: Thu, 29 Sep 2022 03:08:07 GMT
< age: 1955590
age: 1955590
< x-served-by: cache-bfi-krnt7300071-BFI, cache-sjc10044-SJC
x-served-by: cache-bfi-krnt7300071-BFI, cache-sjc10044-SJC
< x-cache: HIT, HIT
x-cache: HIT, HIT
< x-cache-hits: 2, 1
x-cache-hits: 2, 1
< x-timer: S1664420887.318162,VS0,VE7
x-timer: S1664420887.318162,VS0,VE7
< strict-transport-security: max-age=31536000; includeSubDomains; preload
strict-transport-security: max-age=31536000; includeSubDomains; preload
< x-frame-options: deny
x-frame-options: deny
< x-xss-protection: 1; mode=block
x-xss-protection: 1; mode=block
< x-content-type-options: nosniff
x-content-type-options: nosniff
< x-permitted-cross-domain-policies: none
x-permitted-cross-domain-policies: none
< x-robots-header: noindex
x-robots-header: noindex
< content-length: 1246072
content-length: 1246072

< 
* Connection #0 to host files.pythonhosted.org left intact

$ curl -vvv -I --ipv4 https://test.pypi.org/pypi/pip/json

*   Trying 151.101.41.63:443...
* Connected to test.pypi.org (151.101.41.63) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*  CAfile: /etc/ssl/cert.pem
*  CApath: none
* (304) (OUT), TLS handshake, Client hello (1):
* (304) (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-CHACHA20-POLY1305
* ALPN, server accepted to use h2
* Server certificate:
*  subject: CN=pypi.org
*  start date: Jul 26 19:45:14 2022 GMT
*  expire date: Aug 27 19:45:13 2023 GMT
*  subjectAltName: host "test.pypi.org" matched cert's "*.pypi.org"
*  issuer: C=BE; O=GlobalSign nv-sa; CN=GlobalSign Atlas R3 DV TLS CA 2022 Q3
*  SSL certificate verify ok.
* Using HTTP2, server supports multiplexing
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0x120811400)
> HEAD /pypi/pip/json HTTP/2
> Host: test.pypi.org
> user-agent: curl/7.79.1
> accept: */*
> 
< HTTP/2 200 
HTTP/2 200 
< access-control-allow-headers: Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since
access-control-allow-headers: Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since
< access-control-allow-methods: GET
access-control-allow-methods: GET
< access-control-allow-origin: *
access-control-allow-origin: *
< access-control-expose-headers: X-PyPI-Last-Serial
access-control-expose-headers: X-PyPI-Last-Serial
< access-control-max-age: 86400
access-control-max-age: 86400
< cache-control: max-age=900, public
cache-control: max-age=900, public
< content-security-policy: base-uri 'self'; block-all-mixed-content; connect-src 'self' https://api.github.com/repos/ fastly-insights.com *.fastly-insights.com *.ethicalads.io https://api.pwnedpasswords.com https://cdn.jsdelivr.net/npm/mathjax@3.2.2/es5/sre/mathmaps/; default-src 'none'; font-src 'self' fonts.gstatic.com; form-action 'self' https://checkout.stripe.com; frame-ancestors 'none'; frame-src 'none'; img-src 'self' https://warehouse-test-camo.ingress.cmh1.psfhosted.org/ www.google-analytics.com *.fastly-insights.com *.ethicalads.io; script-src 'self' www.googletagmanager.com www.google-analytics.com *.fastly-insights.com *.ethicalads.io 'sha256-U3hKDidudIaxBDEzwGJApJgPEf2mWk6cfMWghrAa6i0=' https://cdn.jsdelivr.net/npm/mathjax@3.2.2/ 'sha256-1CldwzdEg2k1wTmf7s5RWVd7NMXI/7nxxjJM2C4DqII=' 'sha256-0POaN8stWYQxhzjKS+/eOfbbJ/u4YHO5ZagJvLpMypo='; style-src 'self' fonts.googleapis.com *.ethicalads.io 'sha256-2YHqZokjiizkHi1Zt+6ar0XJ0OeEy/egBnlm+MDMtrM=' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=' 'sha256-JLEjeN9e5dGsz5475WyRaoA4eQOdNPxDIeUhclnJDCE=' 'sha256-mQyxHEuwZJqpxCw3SLmc4YOySNKXunyu2Oiz1r3/wAE=' 'sha256-OCf+kv5Asiwp++8PIevKBYSgnNLNUZvxAp4a7wMLuKA=' 'sha256-h5LOiLhk6wiJrGsG5ItM0KimwzWQH/yAcmoJDJL//bY='; worker-src *.fastly-insights.com
content-security-policy: base-uri 'self'; block-all-mixed-content; connect-src 'self' https://api.github.com/repos/ fastly-insights.com *.fastly-insights.com *.ethicalads.io https://api.pwnedpasswords.com https://cdn.jsdelivr.net/npm/mathjax@3.2.2/es5/sre/mathmaps/; default-src 'none'; font-src 'self' fonts.gstatic.com; form-action 'self' https://checkout.stripe.com; frame-ancestors 'none'; frame-src 'none'; img-src 'self' https://warehouse-test-camo.ingress.cmh1.psfhosted.org/ www.google-analytics.com *.fastly-insights.com *.ethicalads.io; script-src 'self' www.googletagmanager.com www.google-analytics.com *.fastly-insights.com *.ethicalads.io 'sha256-U3hKDidudIaxBDEzwGJApJgPEf2mWk6cfMWghrAa6i0=' https://cdn.jsdelivr.net/npm/mathjax@3.2.2/ 'sha256-1CldwzdEg2k1wTmf7s5RWVd7NMXI/7nxxjJM2C4DqII=' 'sha256-0POaN8stWYQxhzjKS+/eOfbbJ/u4YHO5ZagJvLpMypo='; style-src 'self' fonts.googleapis.com *.ethicalads.io 'sha256-2YHqZokjiizkHi1Zt+6ar0XJ0OeEy/egBnlm+MDMtrM=' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=' 'sha256-JLEjeN9e5dGsz5475WyRaoA4eQOdNPxDIeUhclnJDCE=' 'sha256-mQyxHEuwZJqpxCw3SLmc4YOySNKXunyu2Oiz1r3/wAE=' 'sha256-OCf+kv5Asiwp++8PIevKBYSgnNLNUZvxAp4a7wMLuKA=' 'sha256-h5LOiLhk6wiJrGsG5ItM0KimwzWQH/yAcmoJDJL//bY='; worker-src *.fastly-insights.com
< content-type: application/json
content-type: application/json
< etag: "WaaMYkQMMG2lpLF1jqj2OQ"
etag: "WaaMYkQMMG2lpLF1jqj2OQ"
< referrer-policy: origin-when-cross-origin
referrer-policy: origin-when-cross-origin
< server: nginx/1.13.9
server: nginx/1.13.9
< x-pypi-last-serial: 540778
x-pypi-last-serial: 540778
< accept-ranges: bytes
accept-ranges: bytes
< date: Thu, 29 Sep 2022 03:07:44 GMT
date: Thu, 29 Sep 2022 03:07:44 GMT
< x-served-by: cache-iad-kiad7000107-IAD, cache-sjc10035-SJC
x-served-by: cache-iad-kiad7000107-IAD, cache-sjc10035-SJC
< x-cache: MISS, MISS
x-cache: MISS, MISS
< x-cache-hits: 0, 0
x-cache-hits: 0, 0
< x-timer: S1664420864.740504,VS0,VE962
x-timer: S1664420864.740504,VS0,VE962
< vary: Accept-Encoding, Accept-Encoding
vary: Accept-Encoding, Accept-Encoding
< strict-transport-security: max-age=31536000; includeSubDomains; preload
strict-transport-security: max-age=31536000; includeSubDomains; preload
< x-frame-options: deny
x-frame-options: deny
< x-xss-protection: 1; mode=block
x-xss-protection: 1; mode=block
< x-content-type-options: nosniff
x-content-type-options: nosniff
< x-permitted-cross-domain-policies: none
x-permitted-cross-domain-policies: none
< content-length: 12242
content-length: 12242

< 
* Connection #0 to host test.pypi.org left intact

HTTPS Requests / IPv6 (If available)

$ curl -vvv -I --ipv6 https://pypi.org/pypi/pip/json
*   Trying 2a04:4e42:600::223:443...
* connect to 2a04:4e42:600::223 port 443 failed: Network is unreachable
*   Trying 2a04:4e42::223:443...
* connect to 2a04:4e42::223 port 443 failed: Network is unreachable
*   Trying 2a04:4e42:400::223:443...
* connect to 2a04:4e42:400::223 port 443 failed: Network is unreachable
*   Trying 2a04:4e42:200::223:443...
* connect to 2a04:4e42:200::223 port 443 failed: Network is unreachable
* Failed to connect to pypi.org port 443 after 16038 ms: Network is unreachable
* Closing connection 0
curl: (7) Failed to connect to pypi.org port 443 after 16038 ms: Network is unreachable

$ curl -vvv -I --ipv6 https://files.pythonhosted.org/packages/ae/e8/2340d46ecadb1692a1e455f13f75e596d4eab3d11a57446f08259dee8f02/pip-10.0.1.tar.gz
*   Trying 2a04:4e42:a::319:443...
* connect to 2a04:4e42:a::319 port 443 failed: Network is unreachable
* Failed to connect to files.pythonhosted.org port 443 after 4719 ms: Network is unreachable
* Closing connection 0
curl: (7) Failed to connect to files.pythonhosted.org port 443 after 4719 ms: Network is unreachable

$ curl -vvv -I --ipv6 https://test.pypi.org/pypi/pip/json
*   Trying 2a04:4e42:a::319:443...
* connect to 2a04:4e42:a::319 port 443 failed: Network is unreachable
* Failed to connect to test.pypi.org port 443 after 4017 ms: Network is unreachable
* Closing connection 0
curl: (7) Failed to connect to test.pypi.org port 443 after 4017 ms: Network is unreachable

TLS Debug / IPv4

$ echo -n | openssl s_client -4 -connect pypi.org:443
CONNECTED(00000005)
depth=2 OU = GlobalSign Root CA - R3, O = GlobalSign, CN = GlobalSign
verify return:1
depth=1 C = BE, O = GlobalSign nv-sa, CN = GlobalSign Atlas R3 DV TLS CA 2022 Q3
verify return:1
depth=0 CN = www.python.org
verify return:1
---
Certificate chain
 0 s:/CN=www.python.org
   i:/C=BE/O=GlobalSign nv-sa/CN=GlobalSign Atlas R3 DV TLS CA 2022 Q3
 1 s:/C=BE/O=GlobalSign nv-sa/CN=GlobalSign Atlas R3 DV TLS CA 2022 Q3
   i:/OU=GlobalSign Root CA - R3/O=GlobalSign/CN=GlobalSign
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIGpTCCBY2gAwIBAgIQAeB+dl8h8zCJbXb/T4ayCTANBgkqhkiG9w0BAQsFADBY
MQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1zYTEuMCwGA1UE
AxMlR2xvYmFsU2lnbiBBdGxhcyBSMyBEViBUTFMgQ0EgMjAyMiBRMzAeFw0yMjA3
MjYxODQ1MTBaFw0yMzA4MjcxODQ1MDlaMBkxFzAVBgNVBAMMDnd3dy5weXRob24u
b3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8o44EkMKZTdtsEtj
Js1caeZEn3YE0fNgO0H7PxbBoNsWFYtupoRz1FRdnQLThGOVg53Qo/nhBRQAxvsX
4aOxk15NPIC8Irz+XYahv4cL9lTa+oQkQINgyG7G4ohXKZDRpTnRZMOCh+VyYANq
0Ou5G855tZv1Q2iFtvxXzr2VGLZTSbqZCemaO0zBaVxSTOLrMbRDUmRh3nnCQIq6
1Agg+6oetT7OBmGQNyG998iA7/R4DcNrFFw1zM64c24v6xM+3Lq3yx6x6OCbFuxB
6waJuBUheP8OUIlaPl6IYzKWPHZ8p5iKIfTYo4iGKAwdJF241sivWVXngxezS3M+
kGSUdQIDAQABo4IDqDCCA6QwXwYDVR0RBFgwVoIOd3d3LnB5dGhvbi5vcmeCDCou
cHl0aG9uLm9yZ4IPZG9jcy5weXRob24ub3JnghRkb3dubG9hZHMucHl0aG9uLm9y
Z4IPcHlwaS5weXRob24ub3JnMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggr
BgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFEfow+xITtwxOc96M4M5FTpT5iC1
MFcGA1UdIARQME4wCAYGZ4EMAQIBMEIGCisGAQQBoDIKAQMwNDAyBggrBgEFBQcC
ARYmaHR0cHM6Ly93d3cuZ2xvYmFsc2lnbi5jb20vcmVwb3NpdG9yeS8wDAYDVR0T
AQH/BAIwADCBngYIKwYBBQUHAQEEgZEwgY4wQAYIKwYBBQUHMAGGNGh0dHA6Ly9v
Y3NwLmdsb2JhbHNpZ24uY29tL2NhL2dzYXRsYXNyM2R2dGxzY2EyMDIycTMwSgYI
KwYBBQUHMAKGPmh0dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5jb20vY2FjZXJ0L2dz
YXRsYXNyM2R2dGxzY2EyMDIycTMuY3J0MB8GA1UdIwQYMBaAFPqROWOa+60QJOW+
tbnaq9nERmmrMEgGA1UdHwRBMD8wPaA7oDmGN2h0dHA6Ly9jcmwuZ2xvYmFsc2ln
bi5jb20vY2EvZ3NhdGxhc3IzZHZ0bHNjYTIwMjJxMy5jcmwwggF+BgorBgEEAdZ5
AgQCBIIBbgSCAWoBaAB2AK33vvp8/xDIi509nB4+GGq0Zyldz7EMJMqFhjTr3IKK
AAABgjvTxVoAAAQDAEcwRQIhANm5HDXI2mlGd9kIqCCXTjGj002t+2CG7sQYK+HS
g5UcAiAJfl0H09N/2UMyCf3d9/uEFiD8AJ/TBqY4m2T2aVkzswB2ALNzdwfhhFD4
Y4bWBancEQlKeS2xZwwLh9zwAw55NqWaAAABgjvTxdsAAAQDAEcwRQIgRRtMcCkj
S/QLTFLSL2VTJyQCmax8LNyyW+NnB2FL60sCIQDREJ4mzZVnj2jBaj57pSPYvfAd
1kn4/tXwcoHvACnh9AB2AOg+0No+9QY1MudXKLyJa8kD08vREWvs62nhd31tBr1u
AAABgjvTxYkAAAQDAEcwRQIhAJOvXfRoEb8hGOWp1aQw5Wa5i6uT8jeM1aQ99SyH
Bqe8AiAlb/2RPzm7PcYijQaOrVWv3KNzwV55hQoORXpHhAx9tTANBgkqhkiG9w0B
AQsFAAOCAQEAaARRA6buT3OthmPwjxaPxxXE1DhlMypJ3YeQWH8WykVlRCdrxrV6
IoRUuyhZuOwBI0vIbTy/d0/Ybi3ylzFMViJqM37CUAaXkxRVm0rVTQPs5eQ+/Skf
u4Pbl7X9EmVdcbyH17uVLdHBITuNQYyLU2IUU8YuINn7MHcvz7p6sRcnRO6YGyXr
JoHI5cGIc7Zmg64ZZE7ImZ+vWSPxjTRuTDAkfV2i+rMTKh8xydPC4zlns5uRxI1S
alNjy/XsgiHnIz2TYw2iJMUknifwvCWPTBdl5VYwHVp4+dbY0tuMm5ah5JSdXMeb
zLSBNtAp/sdJfAKAGtjsxXSqGzYOq7cV4A==
-----END CERTIFICATE-----
subject=/CN=www.python.org
issuer=/C=BE/O=GlobalSign nv-sa/CN=GlobalSign Atlas R3 DV TLS CA 2022 Q3
---
No client certificate CA names sent
Server Temp Key: ECDH, X25519, 253 bits
---
SSL handshake has read 3492 bytes and written 281 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-CHACHA20-POLY1305
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : ECDHE-RSA-CHACHA20-POLY1305
    Session-ID: 9A8C861C492CE9850492B3EBE381EC93EE1C5F20B581C3B1E4285694742D8C57
    Session-ID-ctx: 
    Master-Key: 550A776E5F2BC19D02CB0E0BB98D112D939FE2DB40395E62307A2D9C76A845ECC08CB215564BA941EF4A7B1A68ED3810
    TLS session ticket lifetime hint: 7200 (seconds)
    TLS session ticket:
    0000 - f6 83 f2 27 9e d2 86 63-2e 2d b2 73 19 12 2b 22   ...'...c.-.s..+"
    0010 - c8 d2 2a 84 fa 82 a4 4f-7c 9e 95 7f 62 00 9d 95   ..*....O|...b...
    0020 - b9 2f a1 f2 37 ce 4a 38-5b 2b eb 7e 20 db 26 9f   ./..7.J8[+.~ .&.
    0030 - 31 41 a2 1f 1b 3e d0 87-03 f1 92 7e 75 22 ca 57   1A...>.....~u".W
    0040 - 28 f1 bc 1c 26 1f 03 7f-77 b2 ca 41 f3 b6 07 8a   (...&...w..A....
    0050 - e6 0c ba eb 60 9d d6 a8-25 84 da 65 52 df fd 66   ....`...%..eR..f
    0060 - d8 af 05 c9 4d be 9e 16-14 93 bb 03 c3 ba 48 f2   ....M.........H.
    0070 - ac 7a 1c 21 5f 3e 8c a4-b6 b0 b2 a8 d8 58 75 42   .z.!_>.......XuB
    0080 - a6 bd 81 e8 61 64 31 09-dc 22 45 e0 dc b7 a1 3e   ....ad1.."E....>
    0090 - fe 69 cc 3d 7d 83 29 19-36 e0 ab 81 73 8f 13 e6   .i.=}.).6...s...

    Start Time: 1664420923
    Timeout   : 7200 (sec)
    Verify return code: 0 (ok)
---
DONE

$ echo -n | openssl s_client -4 -connect files.pythonhosted.org:443

CONNECTED(00000003)
depth=2 OU = GlobalSign Root CA - R3, O = GlobalSign, CN = GlobalSign
verify return:1
depth=1 C = BE, O = GlobalSign nv-sa, CN = GlobalSign Atlas R3 DV TLS CA 2022 Q2
verify return:1
depth=0 CN = r.shared-319-default.ssl.fastly.net
verify return:1
---
Certificate chain
 0 s:/CN=r.shared-319-default.ssl.fastly.net
   i:/C=BE/O=GlobalSign nv-sa/CN=GlobalSign Atlas R3 DV TLS CA 2022 Q2
 1 s:/C=BE/O=GlobalSign nv-sa/CN=GlobalSign Atlas R3 DV TLS CA 2022 Q2
   i:/OU=GlobalSign Root CA - R3/O=GlobalSign/CN=GlobalSign
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIGijCCBXKgAwIBAgIQAVFGZFhFIUeW0/ZCviniYTANBgkqhkiG9w0BAQsFADBY
MQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1zYTEuMCwGA1UE
AxMlR2xvYmFsU2lnbiBBdGxhcyBSMyBEViBUTFMgQ0EgMjAyMiBRMjAeFw0yMjA3
MDcwNDUxNTlaFw0yMzA4MDgwNDUxNThaMC4xLDAqBgNVBAMMI3Iuc2hhcmVkLTMx
OS1kZWZhdWx0LnNzbC5mYXN0bHkubmV0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAynuskYYWEf0CTdt8j7jtYbz2zH+V5UBiDU+DQHZuDMpeQKiB0XNV
x/ik2Twwy+n5ynVsq9W1WqMdMAhz6OmuZi9McahotzKFVn5ex9v+GF2d58/6x50t
6YnM7LhWJf7ME7A/00kVxxxckK3OJprQ8fb+B87IwV2Uz8ZBKs4WBQE2Td80SXCI
50WxEqx1y6dFnkUxS40XhFrPGPO3GGKARaCO8nYX5WaYnD7/YFZK3wrnU+OiSCeR
jsNCZn33QgQSAXABnkm1kp9egJBTVXTmI8ZDU7/mngRYLwLB3elVVnVJ4dlKIkmG
grQpfn02PaJPY2w/yzgn2b08q0P3m+QSOQIDAQABo4IDeDCCA3QwLgYDVR0RBCcw
JYIjci5zaGFyZWQtMzE5LWRlZmF1bHQuc3NsLmZhc3RseS5uZXQwDgYDVR0PAQH/
BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQU
Ycfcn3D4Rz40j90p4wdOGrTIPPAwVwYDVR0gBFAwTjAIBgZngQwBAgEwQgYKKwYB
BAGgMgoBAzA0MDIGCCsGAQUFBwIBFiZodHRwczovL3d3dy5nbG9iYWxzaWduLmNv
bS9yZXBvc2l0b3J5LzAMBgNVHRMBAf8EAjAAMIGeBggrBgEFBQcBAQSBkTCBjjBA
BggrBgEFBQcwAYY0aHR0cDovL29jc3AuZ2xvYmFsc2lnbi5jb20vY2EvZ3NhdGxh
c3IzZHZ0bHNjYTIwMjJxMjBKBggrBgEFBQcwAoY+aHR0cDovL3NlY3VyZS5nbG9i
YWxzaWduLmNvbS9jYWNlcnQvZ3NhdGxhc3IzZHZ0bHNjYTIwMjJxMi5jcnQwHwYD
VR0jBBgwFoAUYqp0oVeg7eLE5EiYFOPT3K55USUwSAYDVR0fBEEwPzA9oDugOYY3
aHR0cDovL2NybC5nbG9iYWxzaWduLmNvbS9jYS9nc2F0bGFzcjNkdnRsc2NhMjAy
MnEyLmNybDCCAX8GCisGAQQB1nkCBAIEggFvBIIBawFpAHUArfe++nz/EMiLnT2c
Hj4YarRnKV3PsQwkyoWGNOvcgooAAAGB1wAj0gAABAMARjBEAiBbBrQh9+wdM5hI
IsnehANptBJkZYkjJtvOs3DPg/nxPAIgWa0N8acY7/NFGCaYoKSWiL9/AuFVcyCP
eLDaBU0tkgIAdwCzc3cH4YRQ+GOG1gWp3BEJSnktsWcMC4fc8AMOeTalmgAAAYHX
ACRGAAAEAwBIMEYCIQDGIkE538POfSmDqrIzGOpMNoSdI86uwSAgPvK4J737VQIh
AImoLe/2rEFuLY/dcXozsn+2j8EljZA7yaopNBb5uAgZAHcAejKMVNi3LbYg6jjg
Uh7phBZwMhOFTTvSK8E6V6NS61IAAAGB1wAkQQAABAMASDBGAiEA59uGzs8M1vaf
g8cPMyhwD3jRDkSkpevtuyj0lTO40ngCIQCF+S3PrrUlQ2CfSTps7qZoOehff77A
/Q0VsS+JDsF93DANBgkqhkiG9w0BAQsFAAOCAQEAuegsKYrUSrsO7YFh6hcxHofP
/e2AKxxFTd44gsvRynGx6xSXGhWuosev815/6Z8lpqwL35W0VOtNkDt9+znLDS8j
CSAoKWstVTg3+8rv6MMZY8jNxJ3r7uMgFNKI3MZv8ZhO2f3dkkciNtW66QIqUfDu
/DFMo+GvdYt4DeB9XiMh2errR21kwMQIQVQT0wLh4AlU4744RjJFe/t76I0Q66yC
bvDei6SLrY3wbTrzinrLduvWdXKmQ9mw9VIiyux1cQB5vuU0WmvhSc/w0yzFfD3y
G8Sl8linOXtzPsReQZD+l4GYYqwshTumgsbu34Dv2HhWx3vOqqTsQSDUV0+nZA==
-----END CERTIFICATE-----
subject=/CN=r.shared-319-default.ssl.fastly.net
issuer=/C=BE/O=GlobalSign nv-sa/CN=GlobalSign Atlas R3 DV TLS CA 2022 Q2
---
No client certificate CA names sent
Server Temp Key: ECDH, X25519, 253 bits
---
SSL handshake has read 3465 bytes and written 281 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-CHACHA20-POLY1305
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : ECDHE-RSA-CHACHA20-POLY1305
    Session-ID: 5E557EE8AB089AAA30AE681BA6783EE30C8F8E846DEC52634E9D7F94411FCD26
    Session-ID-ctx: 
    Master-Key: 1EC69953254243B472E82DCA9ACF429BD0A5C6CBF43A4EABE8603DA3742A32CF0D7E5F07E90B2E4E86699106E6BFE3C5
    TLS session ticket lifetime hint: 7200 (seconds)
    TLS session ticket:
    0000 - f6 83 f2 27 9e d2 86 63-2e 2d b2 73 19 12 2b 22   ...'...c.-.s..+"
    0010 - d7 26 7c 90 89 c5 a9 2d-74 1c 1f e3 05 c0 37 74   .&|....-t.....7t
    0020 - a9 92 07 85 31 97 8a 16-34 34 cc eb 10 15 61 b1   ....1...44....a.
    0030 - 9a cf 31 df c4 60 ac 28-98 8b 4a b1 bd 5c f5 f8   ..1..`.(..J..\..
    0040 - e4 d0 34 ce 61 62 9c 0d-62 b9 cd 15 8b 71 69 bc   ..4.ab..b....qi.
    0050 - f9 55 11 9a 6f b0 68 87-08 85 b0 14 88 fc 9e eb   .U..o.h.........
    0060 - 97 7b c1 66 4c 1f 61 e8-12 75 c1 c0 59 d0 c4 8e   .{.fL.a..u..Y...
    0070 - 43 bc df 27 98 1a 85 6e-60 8a 77 6f e6 cc f7 50   C..'...n`.wo...P
    0080 - 8b 0f d3 19 f9 99 c2 fa-3c 9e bf e5 78 06 84 ed   ........<...x...
    0090 - b7 5e 29 7b 0f b7 be bc-58 d3 18 cb 5e 44 20 24   .^){....X...^D $

    Start Time: 1664420981
    Timeout   : 7200 (sec)
    Verify return code: 0 (ok)
---
DONE

$ echo -n | openssl s_client -4 -connect test.pypi.org:443

CONNECTED(00000003)
depth=2 OU = GlobalSign Root CA - R3, O = GlobalSign, CN = GlobalSign
verify return:1
depth=1 C = BE, O = GlobalSign nv-sa, CN = GlobalSign Atlas R3 DV TLS CA 2022 Q2
verify return:1
depth=0 CN = r.shared-319-default.ssl.fastly.net
verify return:1
---
Certificate chain
 0 s:/CN=r.shared-319-default.ssl.fastly.net
   i:/C=BE/O=GlobalSign nv-sa/CN=GlobalSign Atlas R3 DV TLS CA 2022 Q2
 1 s:/C=BE/O=GlobalSign nv-sa/CN=GlobalSign Atlas R3 DV TLS CA 2022 Q2
   i:/OU=GlobalSign Root CA - R3/O=GlobalSign/CN=GlobalSign
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIGijCCBXKgAwIBAgIQAVFGZFhFIUeW0/ZCviniYTANBgkqhkiG9w0BAQsFADBY
MQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1zYTEuMCwGA1UE
AxMlR2xvYmFsU2lnbiBBdGxhcyBSMyBEViBUTFMgQ0EgMjAyMiBRMjAeFw0yMjA3
MDcwNDUxNTlaFw0yMzA4MDgwNDUxNThaMC4xLDAqBgNVBAMMI3Iuc2hhcmVkLTMx
OS1kZWZhdWx0LnNzbC5mYXN0bHkubmV0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAynuskYYWEf0CTdt8j7jtYbz2zH+V5UBiDU+DQHZuDMpeQKiB0XNV
x/ik2Twwy+n5ynVsq9W1WqMdMAhz6OmuZi9McahotzKFVn5ex9v+GF2d58/6x50t
6YnM7LhWJf7ME7A/00kVxxxckK3OJprQ8fb+B87IwV2Uz8ZBKs4WBQE2Td80SXCI
50WxEqx1y6dFnkUxS40XhFrPGPO3GGKARaCO8nYX5WaYnD7/YFZK3wrnU+OiSCeR
jsNCZn33QgQSAXABnkm1kp9egJBTVXTmI8ZDU7/mngRYLwLB3elVVnVJ4dlKIkmG
grQpfn02PaJPY2w/yzgn2b08q0P3m+QSOQIDAQABo4IDeDCCA3QwLgYDVR0RBCcw
JYIjci5zaGFyZWQtMzE5LWRlZmF1bHQuc3NsLmZhc3RseS5uZXQwDgYDVR0PAQH/
BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQU
Ycfcn3D4Rz40j90p4wdOGrTIPPAwVwYDVR0gBFAwTjAIBgZngQwBAgEwQgYKKwYB
BAGgMgoBAzA0MDIGCCsGAQUFBwIBFiZodHRwczovL3d3dy5nbG9iYWxzaWduLmNv
bS9yZXBvc2l0b3J5LzAMBgNVHRMBAf8EAjAAMIGeBggrBgEFBQcBAQSBkTCBjjBA
BggrBgEFBQcwAYY0aHR0cDovL29jc3AuZ2xvYmFsc2lnbi5jb20vY2EvZ3NhdGxh
c3IzZHZ0bHNjYTIwMjJxMjBKBggrBgEFBQcwAoY+aHR0cDovL3NlY3VyZS5nbG9i
YWxzaWduLmNvbS9jYWNlcnQvZ3NhdGxhc3IzZHZ0bHNjYTIwMjJxMi5jcnQwHwYD
VR0jBBgwFoAUYqp0oVeg7eLE5EiYFOPT3K55USUwSAYDVR0fBEEwPzA9oDugOYY3
aHR0cDovL2NybC5nbG9iYWxzaWduLmNvbS9jYS9nc2F0bGFzcjNkdnRsc2NhMjAy
MnEyLmNybDCCAX8GCisGAQQB1nkCBAIEggFvBIIBawFpAHUArfe++nz/EMiLnT2c
Hj4YarRnKV3PsQwkyoWGNOvcgooAAAGB1wAj0gAABAMARjBEAiBbBrQh9+wdM5hI
IsnehANptBJkZYkjJtvOs3DPg/nxPAIgWa0N8acY7/NFGCaYoKSWiL9/AuFVcyCP
eLDaBU0tkgIAdwCzc3cH4YRQ+GOG1gWp3BEJSnktsWcMC4fc8AMOeTalmgAAAYHX
ACRGAAAEAwBIMEYCIQDGIkE538POfSmDqrIzGOpMNoSdI86uwSAgPvK4J737VQIh
AImoLe/2rEFuLY/dcXozsn+2j8EljZA7yaopNBb5uAgZAHcAejKMVNi3LbYg6jjg
Uh7phBZwMhOFTTvSK8E6V6NS61IAAAGB1wAkQQAABAMASDBGAiEA59uGzs8M1vaf
g8cPMyhwD3jRDkSkpevtuyj0lTO40ngCIQCF+S3PrrUlQ2CfSTps7qZoOehff77A
/Q0VsS+JDsF93DANBgkqhkiG9w0BAQsFAAOCAQEAuegsKYrUSrsO7YFh6hcxHofP
/e2AKxxFTd44gsvRynGx6xSXGhWuosev815/6Z8lpqwL35W0VOtNkDt9+znLDS8j
CSAoKWstVTg3+8rv6MMZY8jNxJ3r7uMgFNKI3MZv8ZhO2f3dkkciNtW66QIqUfDu
/DFMo+GvdYt4DeB9XiMh2errR21kwMQIQVQT0wLh4AlU4744RjJFe/t76I0Q66yC
bvDei6SLrY3wbTrzinrLduvWdXKmQ9mw9VIiyux1cQB5vuU0WmvhSc/w0yzFfD3y
G8Sl8linOXtzPsReQZD+l4GYYqwshTumgsbu34Dv2HhWx3vOqqTsQSDUV0+nZA==
-----END CERTIFICATE-----
subject=/CN=r.shared-319-default.ssl.fastly.net
issuer=/C=BE/O=GlobalSign nv-sa/CN=GlobalSign Atlas R3 DV TLS CA 2022 Q2
---
No client certificate CA names sent
Server Temp Key: ECDH, X25519, 253 bits
---
SSL handshake has read 3465 bytes and written 281 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-CHACHA20-POLY1305
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : ECDHE-RSA-CHACHA20-POLY1305
    Session-ID: 57BF64A8D0BBD9942F212C3A050F95570D477D3516D9496EAD407336AE0A3820
    Session-ID-ctx: 
    Master-Key: C84152FAEB66052A2D88EE3694247CF040CDD340CF9D7CF4B609D6F6C71B98825E36A487D9961C962B23C1BA77843118
    TLS session ticket lifetime hint: 7200 (seconds)
    TLS session ticket:
    0000 - f6 83 f2 27 9e d2 86 63-2e 2d b2 73 19 12 2b 22   ...'...c.-.s..+"
    0010 - 74 37 7a 0a 8b 9d 06 ce-eb c8 0c 99 b3 50 fc 97   t7z..........P..
    0020 - bd e5 e3 9d a2 3f 23 4b-c3 13 18 eb 2b fe d1 00   .....?#K....+...
    0030 - 45 08 ae f8 e9 e8 1b 5c-70 b8 03 15 9d 34 20 49   E......\p....4 I
    0040 - 8f 2a 82 4b b2 11 b7 0a-ec cc e9 84 43 82 07 1b   .*.K........C...
    0050 - b2 27 79 61 d0 40 82 04-d6 82 7b 82 f1 0c 8e 38   .'ya.@....{....8
    0060 - 8d 4d 04 07 4e c5 42 9d-0e e0 31 65 07 b4 68 46   .M..N.B...1e..hF
    0070 - 39 5d 5d cd 13 21 55 51-06 bf d5 2c 0c f6 13 d9   9]]..!UQ...,....
    0080 - 76 75 42 1a 56 48 88 33-83 21 05 13 39 5d 4f 4b   vuB.VH.3.!..9]OK
    0090 - 8b c5 78 32 97 04 22 0f-1e 8c 6b 16 0d ee 3e 7b   ..x2.."...k...>{

    Start Time: 1664420941
    Timeout   : 7200 (sec)
    Verify return code: 0 (ok)
---
DONE

TLS Debug / IPv6 (If available)

$ echo -n | openssl s_client -6 -connect pypi.org:443

connect: Network is unreachable
connect:errno=51

$ echo -n | openssl s_client -6 -connect files.pythonhosted.org:443
connect: Network is unreachable
connect:errno=51

$ echo -n | openssl s_client -6 -connect test.pypi.org:443

connect: Network is unreachable
connect:errno=51

Code of Conduct

• [X] I agree to follow the PSF Code of Conduct

[freakboy3742]

Update: I have now published rc3 and rc4, and neither are showing up as the "current" release (or showing up at all on the list of releases at https://test.pypi.org/project/briefcase/#history)

After a Fastly cache flush (requested over private channels), rc2 is now showing as the current release on https://test.pypi.org/project/briefcase/ - however, pip install is still showing rc1 as the most recent release, and rc2, rc3 and rc4 are not available for download.

[freakboy3742]

Update: Another Fastly cache flush requested over private channels; RC2-4 are now showing. RC5-7 are not.

[pradyunsg]

Not sure what's happening or why, but I believe you can force a cache purge for pip-visible pages by doing a curl -X PURGE https/test.pypi.org/simple/<packagename>.

[freakboy3742]

@pradyunsg That command doesn't seem to work (at least, not as written); some sort of credential handshake is evidently required:

(testvenv) rkm@eunectes briefcase % curl -X PURGE https://test.pypi.org/simple/briefcase/
{"msg":"Provided credentials are missing or invalid"}% 

(testvenv) rkm@eunectes briefcase % curl -u __token__:<TOKEN VALUE REDACTED> -X PURGE https://test.pypi.org/simple/briefcase/
{"msg":"Provided credentials are missing or invalid"}%                                                                                                                                                

(testvenv) rkm@eunectes briefcase % curl https://test.pypi.org/simple/briefcase/ 
<!DOCTYPE html>
<html>
  <head>
    <meta name="pypi:repository-version" content="1.0">
    <title>Links for briefcase</title>
  </head>
...

[ewdurbin]

This is likely https://github.com/pypi/warehouse/issues/12214. When you say you're requesting cache purges over private channel... what is that?

[freakboy3742]

Pinging @coderanger on Signal :-)

[ewdurbin]

Closing this. specifically because it is clear that test.pypi.org was extra broke given https://github.com/pypi/warehouse/issues/12214#issuecomment-1262963213 :)

Will track issues with further purges in pip/warehouse#12214