I had a look at this thread from resident @Dobbie03 and despite it being 4 yrs old I found more recent threads about PGP errors pointing to it as well. So, I followed our friend’s advice. Unfortunately, it didn’t work.

Here’s what has been plaguing me for over 2 weeks:

(227/227) checking keys in keyring [------------------------] 100%
(227/227) checking package integrity [------------------------] 100%
error: libcap: signature from “David Runge dvzrv@archlinux.org” is marginal trust
:: File /var/cache/pacman/pkg/libcap-2.65-1-x86_64.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n]

There are a few more corrupted or invalid, but they all stem from the marginally trustworthy David.

Any help would be appreciated.

Archlinux wiki says to reset keys I can nuke /etc/pacman.d/gnupg
I suppose after that I could try the solution posted by @Dobbie03 ?
I should have gone to bed 2hrs ago. I’ll sleep on it. And try this or something tomorrow.

Best to follow the Wiki advice first.

Then look for an alternative solution.

sudo pacman -S archlinux-keyring