How to list, import and remove archive signing keys on CentOS 7

Official archive signing keys for CentOS 7 are located inside /etc/pki/rpm-gpg/ directory:

# ls /etc/pki/rpm-gpg/
RPM-GPG-KEY-CentOS-7  RPM-GPG-KEY-CentOS-Debug-7  RPM-GPG-KEY-CentOS-Testing-7

Any of the keys whether they are official CentOS 7 archive signing keys or other unofficial archive signing keys found at this location can be imported into the system by using rpm command. For example the following linux command will import RPM-GPG-KEY-CentOS- signing key:

# rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
OR IMPORT ALL KEYS
# rpm --import /etc/pki/rpm-gpg/*

To list all imported signing archive keys run:

# rpm -q gpg-pubkey --qf '%{NAME}-%{VERSION}-%{RELEASE}\t%{SUMMARY}\n'
gpg-pubkey-f4a80eb5-53a7ff4b    gpg(CentOS-7 Key (CentOS 7 Official Signing Key) )
gpg-pubkey-b6792c39-53c4fbdd    gpg(CentOS-7 Debug (CentOS-7 Debuginfo RPMS) )
gpg-pubkey-8fae34bd-538f1e51    gpg(CentOS-7 Testing (CentOS 7 Testing content) )

You the above list to remove any unwanted archive signing keys. This can be done by using rpm command:

# rpm -e gpg-pubkey-b6792c39-53c4fbdd

The CentOS-7 Debuginfo signing key is now removed:

# rpm -q gpg-pubkey --qf '%{NAME}-%{VERSION}-%{RELEASE}\t%{SUMMARY}\n'
gpg-pubkey-f4a80eb5-53a7ff4b    gpg(CentOS-7 Key (CentOS 7 Official Signing Key) )
gpg-pubkey-8fae34bd-538f1e51    gpg(CentOS-7 Testing (CentOS 7 Testing content) )