Resolution: Out of scope
We noticed that some artifacts in Maven Central had bad/invalid signatures.
It seems it should not be possible to deploy artifacts with bad/invalid signatures to Maven Central.
Would you please consider preventing artifacts with bad signatures from being deployed to Central ?
The responsible party is working on the issue :