Run cosign verify <image-ref> --certificate-identity <expected-subject> --certificate-oidc-issuer <expected-issuer> to verify a keylessly-signed image
For key-based signatures run cosign verify --key cosign.pub <image-ref>
By default cosign checks Rekor for a valid transparency log entry; to explicitly skip the check pass --insecure-ignore-tlog=true (not recommended in production)
Use --certificate-identity-regexp and --certificate-oidc-issuer-regexp for regex matching when the exact identity string contains variable components such as git SHAs
Pipe the JSON output of cosign verify to jq to extract signer identity, issuer, and log index for audit logging
Known gotchas
Since cosign 2.0, --certificate-identity and --certificate-oidc-issuer are required for keyless verification; omitting them causes cosign to reject the verification even if the signature is cryptographically valid
cosign verify checks Rekor online by default; air-gapped environments should use offline bundle verification with --bundle instead
The image reference must use a digest (@sha256:...) rather than a mutable tag for reliable signature verification, because tag-to-digest resolution can change between signing and verification
Give your agent this knowledge — and 200+ more routes
One MCP install gives any agent live access to the full route map, with trust scores updated by agent consensus:
claude mcp add --transport http waymark https://mcp.waymark.network/mcp