I would like to verify the signature on a signed serial assertion without snapd being available. I understand it’s based on a pgp signature, so I want to be able to extract that signature and verify is using the public part of the pgp key used to sign it.
From the docs https://core.docs.ubuntu.com/en/reference/assertions/serial , the signature is the part at the end of the assertion document, separated by a new line after the yaml. However, it seems to be encoded somehow, and I’m not sure how to extract it. What format is the encoding, and how can I decode it to extract to to find the signature ?