INFO: Using mounted CA bundle: /tekton-custom-certs/ca-bundle.crt
'/tekton-custom-certs/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt'
Initializing TUF root...
WARNING: Fetching initial root from URL without providing its checksum is deprecated and will be disallowed in a future Cosign release. Please provide the initial root checksum via the --root-checksum argument.
Root status: 
 {
	"local": "/root/.sigstore/root",
	"remote": "https://tuf-tssc-tas.apps.rosa.kx-c3b8fcc52f.5e3o.p3.openshiftapps.com",
	"metadata": {
		"root.json": {
			"version": 1,
			"len": 4128,
			"expiration": "23 Jan 27 06:12 UTC",
			"error": ""
		},
		"snapshot.json": {
			"version": 1,
			"len": 994,
			"expiration": "23 Jan 27 06:12 UTC",
			"error": ""
		},
		"targets.json": {
			"version": 1,
			"len": 2071,
			"expiration": "23 Jan 27 06:12 UTC",
			"error": ""
		},
		"timestamp.json": {
			"version": 1,
			"len": 995,
			"expiration": "23 Jan 27 06:12 UTC",
			"error": ""
		}
	},
	"targets": [
		"fulcio_v1.crt.pem",
		"trusted_root.json",
		"ctfe.pub",
		"rekor.pub"
	]
}
Getting attestation for quay.io/rhtap_qe/backend-tests-go-cnvuhcrf:940ddaf1fa8fec99ce014fef34ee68d0dc6d0742@sha256:70c4402da7e8f5aff6d0979793b083f6313447030fdcb81b9419932f6df0d368

Verification for quay.io/rhtap_qe/backend-tests-go-cnvuhcrf:940ddaf1fa8fec99ce014fef34ee68d0dc6d0742@sha256:70c4402da7e8f5aff6d0979793b083f6313447030fdcb81b9419932f6df0d368 --
The following checks were performed on each of these signatures:
  - The cosign claims were validated
  - Existence of the claims in the transparency log was verified offline
  - The signatures were verified against the specified public key