When you perform Steps for preparing RACF to verify signed programs (one-time setup), you initialize program signature verification. These steps include preparing several certificate objects and general resource profiles, defining the program verification module (IRRPVERS) as a signed program that must be verified when it is loaded, and finally loading and successfully verifying the signature of the IRRPVERS module for the first time.

To verify IRRPVERS, RACF® uses the IBM® root CA certificate labeled STG Code Signing CA that is supplied with RACF. For a listing of the output from the RACDCERT LIST command for this certificate, see Listings of RACF supplied certificates.