This directory contains a private key that is only used for signing the test data, along with the public key that the package uses to verfify the signing. Here are the steps to reproduce the test data, which would be necessary if the archive and checksum changes.
gpg --import sample.private.key
gpg -u 200BDA882C95B80A --output sample_release/sample_0.1.0_SHA256SUMS.sig --detach-sig sample_release/sample_0.1.0_SHA256SUMS