Sadly, I’m even getting the same errors when I do pacman -S archlinux-keyring. It’s again asking if I want to to delete the damaged (invalid or damaged Package (PGP-Signature)), so that doesn’t resolve it sadly.
I’m getting nuts about this
If I then confirm with Y it says errors occured (invalid or damaged package (PGP-signature)). No packages have been upgraded
You can - temporarily work around the gpg issue by loosing the package check in pacman.conf
# By default, pacman accepts packages signed by keys that its local keyring
# trusts (see pacman-key and its man page), as well as unsigned packages.
SigLevel = Required DatabaseOptional
This should not be necessary but as a last resort.
Change SigLevel to read SigLevel = TrustAll - do remember to set it back when
You can use manjaro-get-iso (CLI) or manjaro-iso-downloader (GUI) package to download and verify the iso.