downloading required keys...
:: Import PGP key 6F120DAEC909FAD7, "Frede Hundewadt <fh@manjaro.org>"? [Y/n] y
(674/674) checking package integrity [####################################] 100%
error: pacman-mirrors: signature from "Frede Hundewadt <fh@manjaro.org>" is unknown trust
:: File /var/cache/pacman/pkg/pacman-mirrors-5.3-1-any.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] y
error: failed to commit transaction (invalid or corrupted package)
Errors occurred, no packages were upgraded.
I installed the iso to a VM, then immediately ran the required change Branch commands.
Problem solved.
Moral of the story do full update on stable before changes branch.
I reinstalled.
Ran full update on Stable
sudo pacman -Syu
Changed Branch with the command
sudo pacman-mirrors --api --set-branch unstable
updated unstable with
sudo pacman-mirrors --fasttrack 5 && sudo pacman -Syu
Hmm - it could have been an old ISO - and yes key issue may happen with those.
The keyring was updated on Oct. 3 2025 - the old key (expired and no longer in use) was removed and the new key added.
$ mbn info manjaro-keyring -q
Branch : unstable
Name : manjaro-keyring
Version : 20251003-1
Repository : core
Build Date : Fri 03 Oct 2025 08:18:54
Packager : Philip Mueller <philm@manjaro.org>
Branch : testing
Name : manjaro-keyring
Version : 20251003-1
Repository : core
Build Date : Fri 03 Oct 2025 08:18:54
Packager : Philip Mueller <philm@manjaro.org>
Branch : stable
Name : manjaro-keyring
Version : 20251003-1
Repository : core
Build Date : Fri 03 Oct 2025 08:18:54
Packager : Philip Mueller <philm@manjaro.org>
I down loaded from the main Manjaro site.
https://manjaro.org/products/download/x86
using torrent dowload, for plasma Full. Checksum checked out. But the reinstall worked as above.
That would be the 25.0.10 - but that has build date 251013 - strange it is - it should include the updated keyring
I don’t know how that came to be - you are correct - the keyring in the 25.0.10 is and the old keyring v20230719 - I always thought the buildiso to pull the latest packages.
1 Like
Yes that was 25.0.10. I assumed I could simply change Branch, then run the update for the Branch. Based on what you’ve said, and the dates, It seems that was a valid assumption. but it failed never the less.
It is possible the package failed to download properly. One of those glitches.
I think I know why - when an ISO is built it is targeting a specific branch and the keyring may have been forgotten at the snap from testing to stable - because a snap does not always imply identical to testing - it can be select set of packages from testing - and thus the keyring has been forgotten - but that is a guess - I don’t do the snaps - that is Philips department 
And that will usually work - this is simply a happy coincidence.
On the rare occasion - one can work around it by doing everything we recommend against 
sudo pacman-mirrors -aS unstable
sudo pacman -Syy
sudo pacman -S manjaro-keyring
sudo pacman -Su
1 Like
This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.