Checksum openSUSE Tumbleweed

Hi everyone
I have a question about check checksum of openSUSE Tumbleweed. I downloaded ISO via Metalink using aria2 on Debian 12.

Metalink along with the checksum SHA256 I downloaded from https://get.opensuse.org/tumbleweed/ . File *.iso.sha256.asc i downloaded from https://download.opensuse.org/tumbleweed/iso/. In my folder are
.
Checksum SHA256 is correct.

After that I imported two the Project’s signing keys, because first showed me error.
This is first imported Project’s signing key with error:



This is second imported Project’s signing key:


PGP signature:

And finally I checked the signature of this ISO:
.

Did I make any mistakes while checking the checksum?

That all looks okay.

Is your concern about “This key is not certified with a trusted signature!”? You can remove that warning by signing that project signing key yourself. You can use “kgpg” or “kleopatra” to do that. Checking here, I see that “kleopatra” is already installed, but “kgpg” was not installed (until I just installed it).

I used kgpg and the message “This key is not certified with a trusted signature!” disappeared.
Thank you for help.