{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreignbw7s255t4es5uopjbi5u7zysfvt3khhesduzaaeakrvhw22e34",
    "uri": "at://did:plc:34cg4tn4iwemk3v5k3n3adwf/app.bsky.feed.post/3mlmwkfxjzcd2"
  },
  "path": "/t/verify-apk-file-downloaded/34332#post_6",
  "publishedAt": "2026-05-12T04:01:46.000Z",
  "site": "https://forum.f-droid.org",
  "textContent": "In regard to this statement by F-Droid: “It is built and signed by F-Droid, and guaranteed to correspond to this source tarball.” I see there is a PGP signature provided with each apk, presumably this is a signature of the APK as signed data signed by the build server. Where to get the PGP public key the buildserver uses to sign built APKs?",
  "title": "Verify apk file downloaded?"
}