Thanks for the speedy reply! That makes sense, will try it out later today. And also try and learna bit more about GPG, still getting used to verification/key signing processes etc.
Edit: Ok, so I grabbed the files and performed:
gpg --verify org.fdroid.fdroid_103150.apk.asc
First couple of lines were the same as you posted but I got error:
gpg: Can't check signature: public key not found
instead of "Good signature".
So I need the F-Droid public key, which is the top part of the "here is the whole certificate" section on the wiki page you linked, correct?
I've saved both just the key and the whole certificate as .txt and .gpg files then done:
gpg --import f-droid.txt
gpg: no valid OpenPGP data found.
Also, I've tried doing this to import the .asc file but get the same error.
Which bit am I misinterpreting this time? Sorry if these are basic problems for most around here.