diff --git a/downloadLatest.sh b/downloadLatest.sh
index 21a21cbf3..429ec6f13 100755
--- a/downloadLatest.sh
+++ b/downloadLatest.sh
@@ -88,11 +88,11 @@ download_cli() {
     curl -fsLO -H 'Cache-Control: no-cache, no-store' "$COSIGN_PUBLIC_KEY"
     echo "Downloading the signature file " "$SIG_URL"
     curl -fsLO -H 'Cache-Control: no-cache, no-store' "$SIG_URL"
-    sig_filename="apigeecli_${OSEXT}_${APIGEECLI_ARCH}.zip.sig"
+    sig_filename="apigeecli_${APIGEECLI_VERSION}_${OSEXT}_${APIGEECLI_ARCH}.zip.sig"
     echo "Verifying the signature"
-    cosign verify-blob --key cosign.pub --signature "$sig_filename" "$filename"
-    rm "$sig_filename"
-    rm cosign.pub
+    cosign verify-blob --key "$tmp/cosign.pub" --signature "$tmp/$sig_filename" "$tmp/$filename"
+    rm "$tmp/$sig_filename"
+    rm $tmp/cosign.pub
   else
     echo "cosign is not installed, skipping signature verification"
   fi
@@ -126,4 +126,4 @@ printf "\n"
 printf "  export PATH=\$PATH:\$HOME/.apigeecli/bin \n"
 printf "\n"
 
-export PATH=$PATH:$HOME/.apigeecli/bin
\ No newline at end of file
+export PATH=$PATH:$HOME/.apigeecli/bin