How to fix invalid or corrupted package (PGP signature) issues on Arch Linux

I recently came across this issue on my Archmerge installation and figured I would share the fix here since it took me quite some time to figure out the solution. This is not Archmerge specific but rather Arch Linux specific. I started encountering it on Manjaro and Arch based installs right after I tried to install specific packages.

This is what I was getting when trying to install a package that required fzf (in this case, I was running the command:

packer -S pacli


Since this package relied on the fzf package, I got the following error:

error: fzf: signature from "Ambrevar <>" is unknown trust :: File /var/cache/pacman/pkg/fzf- is corrupted (invalid or corrupted package (PGP signature)).

The solution took me a while to figure out, as mentioned, but I did figure it out eventually. To resolve, launch a terminal and paste in the following:

sudo pacman-key --refresh-keys

This will take a while to refresh all of the keys on your system but once it's complete, you should be good to go.