Also, key and signature are correct: wget http://dl.google.com/linux/chrome/rpm/stable/x86_64/repodata\ /repomd.xml{,.asc} gpg -d repomd.xml.asc gpg: assuming signed data in 'repomd.xml' gpg: Signature made 2017-08-30T17:36:13 UTC gpg: using RSA key 1397BC53640DB551 gpg: Good signature from "Google Inc. (Linux Packages Signing Authority) <linux-packages-keymaster@google.com>" [unknown] gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: EB4C 1BFD 4F04 2F6D DDCC EC91 7721 F63B D38B 4796 Subkey fingerprint: 3B06 8FB4 789A BE4A EFA3 BB49 1397 BC53 640D B551