-
Notifications
You must be signed in to change notification settings - Fork 163
gpg‐signatures.json key annotations
Matej Matuška edited this page Sep 19, 2025
·
2 revisions
The gpg-signatures.json file stores and maps RPM GPG key fingerprints and names when imported to RPM's DB. JSON files don't allow comments, therefore documenting here, hope it helps someone one day.
https://access.redhat.com/security/team/key
{
"keys": [
"199e2f91fd431d51", -- release key 2 - RHEL 6-9
"5326810137017186", -- release key - RHEL 5-7
"938a80caf21541eb", -- beta key 2 - RHEL 6-9
"fd372689897da07a", -- beta key - RHEL 5-7 and even older
"45689c882fa658e0", -- auxiliary key - RHEL 5-7
"f76f66c3d4082792", -- auxiliary key 2 - RHEL 8
"5054e4a45a6340b3", -- auxiliary key 3 - RHEL 9
"219180cddb42a60e" -- old signing key - RHEL 5-7 and even older
],
"key-rpms": [
"gpg-pubkey-fd431d51-4ae0493b", -- release key 2
"gpg-pubkey-37017186-45761324", -- release key
"gpg-pubkey-f21541eb-4a5233e8", -- beta key 2
"gpg-pubkey-897da07a-3c979a7f", -- beta key
"gpg-pubkey-2fa658e0-45700c69", -- auxiliary key
"gpg-pubkey-d4082792-5b32db75", -- auxiliary key 2
"gpg-pubkey-5a6340b3-6229229e", -- auxiliary key 3
"gpg-pubkey-db42a60e-37ea5438" -- old signing key
],
"obsoleted-keys": {
"7": [],
"8": [
"gpg-pubkey-2fa658e0-45700c69", -- auxiliary key
"gpg-pubkey-37017186-45761324", -- release key
"gpg-pubkey-db42a60e-37ea5438", -- old signing key
"gpg-pubkey-897da07a-3c979a7f" -- beta key
],
"9": ["gpg-pubkey-d4082792-5b32db75"], -- auxiliary key 2
TODO does RHEL 10 still use auxiliary key 3?
"10": ["gpg-pubkey-fd431d51-4ae0493b"] -- release key 2
}
}
{
"keys": [
"24c6a8a7f4a80eb5", -- CentOS 7 (obsolete)
"4eb84e71f2ee9d55", -- Software Collections SIG
"05b555b38483c65d", -- CentOS Official
"1ff6a2171d997668" -- Centos SIG Extras (both SHA256 and SHA512)
],
"key-rpms": [
"gpg-pubkey-8483c65d-5ccc5b19", -- CentOS Official
"gpg-pubkey-1d997668-621e3cac", -- CentOS SIG Extras SHA256
"gpg-pubkey-1d997668-61bae63b" -- CentOS SIG Extras SHA512
],
"obsoleted-keys": {
"10": ["gpg-pubkey-8483c65d-5ccc5b19"] -- CentOS Official - both SHA1 and SHA256 (see https://github.com/oamg/leapp-repository/pull/1408 for more details)
}
}
No public website? Some are available here: https://wiki.almalinux.org/repos/AlmaLinux.html
{
"keys": [
"51d6647ec21ad6ea", -- ?
"d36cb86cb86b3716", -- Alma Linux 9
"2ae81e8aced7258b", -- Alma Linux 8
"429785e181b961a5", -- ?
"d07bf2a08d50eb66" -- ?
],
"key-rpms": [
"gpg-pubkey-3abb34f8-5ffd890e", -- Alma Linux legacy
"gpg-pubkey-ced7258b-6525146f", -- Alma Linux 8
"gpg-pubkey-b86b3716-61e69f29" -- Alma Linux 9
],
"obsoleted-keys": {
"7": [],
"8": [],
"9": [
"gpg-pubkey-3abb34f8-5ffd890e", -- Alma Linux legacy
"gpg-pubkey-ced7258b-6525146f" -- Alma Linux 8
],
"10": ["gpg-pubkey-b86b3716-61e69f29"] -- Alma Linux 9
}
}