The PGP signatures can be verified using PGP or GPG. First download the KEYS as well as the asc signature file for the relevant distribution. Then verify the signatures using:
$ pgpk -a KEYS
$ gpgv {% block filename %}{% endblock %}.asc
$ pgp -ka KEYS
$ gpg {% block filename %}{% endblock %}.asc {% block filename %}{% endblock %}
$ gpg --import KEYS
$ gpg --verify {% block filename %}{% endblock %}.asc {% block filename %}{% endblock %}
Alternatively, you can verify the checksums of the files (see the How to verify downloaded files page).