All images on DockerHub can be verified with Cosign using public key:
-----BEGIN PUBLIC KEY-----MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEhpzUfEhfMGugFnVMJcvYjOr7Pma8f7NPIx+sT153JQv9Pvb9sSc5eanAHLgtgt6ZJa0e6xSe2bztUyZzymAwoQ==-----END PUBLIC KEY-----