I am trying to import a specific key from ubuntu key server and when I launch the gpg command for that, the received key ID does not match the one I passed as argument:
$ gpg --keyserver keyserver.ubuntu.com --recv-keys 54404762BBB6E853
gpg: key A48449044AAD5C5D: 4 signatures not checked due to missing keys
gpg: clef A48449044AAD5C5D : « Debian Security Archive Automatic Signing Key (11/bullseye) <[email protected]> » n'est pas modifiée
gpg: Quantité totale traitée : 1
gpg: non modifiées : 1
I requested the: 54404762BBB6E853 but received A48449044AAD5C5D. Deleting and reimporting the key gives the same behavior
Edit: this behaviour is totally normal. A subkey is bound to his primary key. You will need to pass --with-subkey-fingerprints to apt-key in order to print its fingerprint. I did not notice the "sub" comming with "pub" entries. My bad.
The key you are importing can be seen on the Ubuntu keyserver HTTP interface:
Here you can see that the key you're requesting is actually a subkey of the one you're getting:
My understanding is that Debian does this so that one key can be used for signing while the other key can be kept offline.