Below are the steps to verify the PGP public key of pandanoir.
gpg --import pandanoir.asc
gpg --verify signed-message.txt
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
This is Naoto Ikuno. fingerprint of PGP key is 307BE088C56B9F0D
-----BEGIN PGP SIGNATURE-----
iHUEARYKAB0WIQQEYzqFjz831UnPMO4we+CIxWufDQUCaBNFGgAKCRAwe+CIxWuf
DbyGAP9jDEdf1dzDuccuLZFh9SGu6mIXcY68VNMOweNBBKpi6gD+JM72l+1iL9dh
ndzLEGvu1m3WzHMa4a4jGz2QW3o65Qo=
=zqP+
-----END PGP SIGNATURE-----
The Bash script to perform the above steps is also included below.
#!/bin/bash
# Download the public key and import it into a temporary keyring
mkdir -p /tmp/verify-key
gpg --no-default-keyring \
--keyring /tmp/verify-key/keyring.gpg \
--import <(curl -s https://keys.openpgp.org/vks/v1/by-fingerprint/04633A858F3F37D549CF30EE307BE088C56B9F0D)
# Verify the message
gpg --no-default-keyring \
--keyring /tmp/verify-key/keyring.gpg \
--verify <(curl -s https://www.pandanoir.net/signed-message.txt)
# Delete the temporary keyring
rm -rf /tmp/verify-key
You can also verify it by pasting the signed message above into Keybase's verify tool.