The JFrog Platform supports managing multiple pairs of GPG signing keys to sign packages for authentication of several package types such as Debian, Opkg, and RPM using a set of REST APIs. This feature enables you to assign a signing key pair per repository, providing you with the granularity to choose which keys to use to sign the artifacts in repositories instead of using the same key pair to sign all artifacts.
The following repository REST APIs support working with Multiple GPG Signing Keys. The Create RSA Key Pair, Get Key Pair, and Delete Key Pair APIs are also supported.