gpg: Good signature from “NVIDIA Corporation <linux-bugs@nvidia.com>” [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
It checks for the key, but it’s invalid.
From zypper
zypper up
Retrieving repository ‘NVIDIA’ metadata -------------------------------------------------------------------------------------------]
Signature verification failed for file ‘repomd.xml’ from repository ‘NVIDIA’.
Note: Signing data enables the recipient to verify that no modifications occurred after the data
were signed. Accepting data with no, wrong or unknown signature can lead to a corrupted system
and in extreme cases even to a system compromise.
Note: File 'repomd.xml' is the repositories master index file. It ensures the integrity of the
whole repo.
Warning: This file was modified after it has been signed. This may have been a malicious change,
so it might not be trustworthy anymore! You should not continue unless you know it's safe.
Signature verification failed for file ‘repomd.xml’ from repository ‘NVIDIA’. Continue? [yes/no] (no):