Document SHA-256 container image signatures

When a new container image is pushed to Docker Hub, its SHA-256 signature should be easy to find in the repo so that consumers can verify that they are pulling down the container image that was originally built.
