gistfile1.txt

# find a signed image
$ img=ghcr.io/shipwright-io/build/shipwright-build-controller@sha256:887b76092d0e6f3c4f4c7b781589f41fde1c967ae9ae62f3a6bdbb18251a562f

# find its signature object
$ sigimg=$(cosign triangulate $img)

# see that object's manifest -- it's an image with one layer of type `application/vnd.dev.cosign.simplesigning.v1+json`
$ crane manifest $sigimg | jq
...
  "layers": [
    {
      "mediaType": "application/vnd.dev.cosign.simplesigning.v1+json",
      "size": 357,
      "digest": "sha256:fc89e283d6849012b565ee43f1e785b5680d54b6d84c5c097232eb613953e4d5",
      "annotations": {
...

# get that layer blob
$ crane blob ghcr.io/shipwright-io/build/shipwright-build-controller@sha256:fc89e283d6849012b565ee43f1e785b5680d54b6d84c5c097232eb613953e4d5 | jq
{
  "critical": {
    "identity": {
      "docker-reference": "ghcr.io/shipwright-io/build/shipwright-build-controller"
    },
    "image": {
      "docker-manifest-digest": "sha256:887b76092d0e6f3c4f4c7b781589f41fde1c967ae9ae62f3a6bdbb18251a562f"
    },
    "type": "cosign container image signature"
  },
  "optional": {
    "run_attempt": "1",
    "run_id": "1564662771",
    "sha": "973ef833e68edb807658df3d1a20a55d75ffebf2"
  }
}

That contains the original signed ref (`ghcr.io/shipwright-io/...`), even if you move it to another registry and verify it from there.

---

You can copy the image to another registry and verify it there, the original ref is ignored

# copy the image and its signatures, etc.
$ cosign copy $img gcr.io/imjasonh/shipwright-build-controller

# verify it in its new location
$ COSIGN_EXPERIMENTAL=1 cosign verify gcr.io/imjasonh/shipwright-build-controller
# passes!