INFO: Using mounted CA bundle: /tekton-custom-certs/ca-bundle.crt
'/tekton-custom-certs/ca-bundle.crt' -> '/etc/pki/ca-trust/source/anchors/ca-bundle.crt'
Initializing TUF root...
WARNING: Fetching initial root from URL without providing its checksum is deprecated and will be disallowed in a future Cosign release. Please provide the initial root checksum via the --root-checksum argument.
Root status: 
 {
	"local": "/root/.sigstore/root",
	"remote": "https://tuf-tssc-tas.apps.rosa.kx-c9b089e990.jsgh.p3.openshiftapps.com",
	"metadata": {
		"root.json": {
			"version": 1,
			"len": 4128,
			"expiration": "25 Jan 27 10:08 UTC",
			"error": ""
		},
		"snapshot.json": {
			"version": 1,
			"len": 994,
			"expiration": "25 Jan 27 10:08 UTC",
			"error": ""
		},
		"targets.json": {
			"version": 1,
			"len": 2071,
			"expiration": "25 Jan 27 10:08 UTC",
			"error": ""
		},
		"timestamp.json": {
			"version": 1,
			"len": 995,
			"expiration": "25 Jan 27 10:08 UTC",
			"error": ""
		}
	},
	"targets": [
		"ctfe.pub",
		"rekor.pub",
		"fulcio_v1.crt.pem",
		"trusted_root.json"
	]
}
Getting attestation for quay.io/rhtap_qe/backend-tests-go-tvlfzjsw:4407505e02e2813604222f53e390ea9e14d7ff15@sha256:38d82b9b6afac92573503a522d514822fd6ab71f73f63ee5e91ad31a61ff151f

Verification for quay.io/rhtap_qe/backend-tests-go-tvlfzjsw:4407505e02e2813604222f53e390ea9e14d7ff15@sha256:38d82b9b6afac92573503a522d514822fd6ab71f73f63ee5e91ad31a61ff151f --
The following checks were performed on each of these signatures:
  - The cosign claims were validated
  - Existence of the claims in the transparency log was verified offline
  - The signatures were verified against the specified public key