I have an app which is not in internal database of appverifier. On the website there is no hash certificate but they post a public key and gpg signature file with .asc extension. How can I verify the apk in this situation?
Discussion
I believe then that you have to request such app to be included in the internal database. They have a Matrix server for communicating and report. Otherwise you can use the github repository.
Sorry for not being able to help further!