I have verified that the new fips archive key introduced in this SRU (in both the fips and fips-updates keyrings) is the key used to sign the InRelease files served by esm.ubuntu.com over https, both publicly and on the Canonical VPN.
I have verified that the new fips archive key introduced in this SRU (in both the fips and fips-updates keyrings) is the key used to sign the InRelease files served by esm.ubuntu.com over https, both publicly and on the Canonical VPN.