gpg --verify sigfile signed-files