Verify .sig files

How to verify signature using .sig file

因为前段时间学关于Opengpg 的缘故，现贴一个校验总结。

C:\Users\Administrator>gpg2 --verify archlinux-2014.06.01-dual.iso.sig

gpg: Signature made 06/01/14 23:55:33 中国标准时间 using RSA key ID 9741E8AC
gpg: Can't check signature: No public key

C:\Users\Administrator>gpg2 --no-default-keyring -keyring keya.gpg archlinux-20 4.06.01-dual.iso.sig

gpg: conflicting commands

C:\Users\Administrator>gpg2 --berify --verbose keya.gpg archlinux-2014.06.01-dul.iso.sig

gpg: invalid option "--berify"

C:\Users\Administrator>gpg2 --verify --verbose keya.gpg archlinux-2014.06.01-du l.iso.sig

gpg: armor header: Version: GnuPG v2.0.22 (MingW32)

gpg: verify signatures failed: Unexpected error

C:\Users\Administrator>gpg --verify --verbose --keyring keya.gpg ./archlinux-20 2.10.06-dual.iso.sig

gpg: keyblock resource C:/Users/Administrator/AppData/Roaming/gnupg/keya.gpg': No such file or directory gpg: can't open./archlinux-2012.10.06-dual.iso.sig': Invalid argument
gpg: verify signatures failed: Invalid argument

C:\Users\Administrator>gpg2 --verify --verbose --keyring keya.gpg archlinux-201 .06.01-dual.iso.sig

gpg: keyblock resource C:/Users/Administrator/AppData/Roaming/gnupg/keya.gpg': No such file or directory gpg: assuming signed data inarchlinux-2014.06.01-dual.iso'
gpg: Signature made 06/01/14 23:55:33 中国标准时间 using RSA key ID 9741E8AC
gpg: using PGP trust model
gpg: Good signature from "Pierre Schmitz [email protected]"
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 4AA4 767B BC9C 4B1D 18AE 28B7 7F2D 434B 9741 E8AC

gpg: binary signature, digest algorithm SHA1