The PGP signatures for the kernel packages, and even all packages, seem to be broken.
From Manjaro Settings, when trying to install the 6.6 kernel:
linux66-6.6.3-1-x86_64 downloading...
linux66-nvidia-545.29.06-8-x86_64 downloading...
checking keyring...
checking package integrity...
:: File /var/cache/pacman/pkg/linux66-6.6.3-1-x86_64.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n]
:: File /var/cache/pacman/pkg/linux66-nvidia-545.29.06-8-x86_64.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n]
error: linux66: signature from "Manjaro Build Server <build@manjaro.org>" is unknown trust
Errors occurred, no packages were upgraded.
error: linux66-nvidia: signature from "Manjaro Build Server <build@manjaro.org>" is unknown trust
error: failed to commit transaction (invalid or corrupted package (PGP signature))
Trying to (re)install any package also causes errors regarding unknown trust. Trying to refresh or repopulate keys also doesn’t work:
❯ sudo pacman-key --refresh-keys
gpg: error reading key: No public key
gpg: key F296BDE50368C6CE: "T.J. Townsend <blakkheim@archlinux.org>" not changed
gpg: Total number processed: 1
gpg: unchanged: 1
pub ed25519 2022-08-08 [SC]
54C1FD273361EA514A237793F296BDE50368C6CE
uid [ unknown] T.J. Townsend <blakkheim@archlinux.org>
sub ed25519 2022-09-04 [SA]
sub cv25519 2022-08-08 [E]
gpg: key A6234074498E9CEE: "Christian Hesse <eworm@archlinux.org>" not changed
gpg: Total number processed: 1
gpg: unchanged: 1
pub rsa2048 2011-08-12 [SC]
02FD1C7A934E614545849F19A6234074498E9CEE
uid [ unknown] Christian Hesse <eworm@archlinux.org>
sub rsa2048 2011-08-12 [E]
sub ed25519 2019-08-29 [S]
sub cv25519 2019-08-29 [E]
gpg: error retrieving 'build@manjaro.org' via WKD: No data
gpg: error reading key: No data
gpg: refreshing 1 key from hkps://keyserver.ubuntu.com
gpg: key 279E7CF5D8D56EC8: "Manjaro Build Server <build@manjaro.org>" not changed
gpg: Total number processed: 1
gpg: unchanged: 1
❯ sudo pacman-key --populate archlinux manjaro
==> ERROR: There is no secret key available to sign with.
==> Use 'pacman-key --init' to generate a default secret key.
❯ sudo pacman-key --init
==> Generating pacman master key. This may take some time.
gpg: Generating pacman keyring master key...
gpg: revocation certificate stored as '/etc/pacman.d/gnupg/openpgp-revocs.d/FB16E095594E1F57FA036AD9357F6022944466E6.rev'
gpg: Done
==> Updating trust database...
gpg: public key of ultimately trusted key 9C6B0359C4037DD4 not found
gpg: marginals needed: 3 completes needed: 1 trust model: pgp
gpg: depth: 0 valid: 2 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 2u
==> ERROR: Trust database could not be updated.
EDIT:
I found a solution in completely refreshing the keys, as is described here