Code needs to be signed when possible, for safety these days. In Linux, this is done by a very carefully set up public keyserver system. If, in Arch or Manjaro or other Arch derivatives, you see issues happening, try these steps:
/etc/pacman.d/gnupg/gpg.conf, add this line:
If you don’t do IPv6 on the Internet, the above is essential as is. The default appears to now require IPv6.
Once you have the above set, run the following:
sudo touch /root/.gnupg/dirmngr_ldapservers.conf
sudo pacman-key --init
sudo pacman-key --populate archlinux manjaro
sudo pacman-key --refresh-keys