+++ This bug was initially created as a clone of Bug #2184640 +++

Description of problem:
> the same issue seems to happen when checking the container image
> signature from a centos-9 host, we reported here:
> https://bugs.launchpad.net/tripleo/+bug/2015309

Follow up on that, when verifying container signatures, keys are configured per registry in /etc/containers/policy.json
for registry.access.redhat.com/ubi9:latest in the failing CI job, the key is /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release provided by containers-common on CS9
which was not updated yet:

1. curl https://gitlab.com/redhat/centos-stream/rpms/containers-common/-/raw/c9s/RPM-GPG-KEY-redhat-release | gpg2 --list-packets

1. off=0 ctb=99 tag=6 hlen=3 plen=525
   :public key packet:
   version 4, algo 1, created 1256212795, expires 0
   pkey[0]: [4096 bits]
   pkey[1]: [17 bits]
   keyid: 199E2F91FD431D51
2. off=528 ctb=b4 tag=13 hlen=2 plen=51
   :user ID packet: "Red Hat, Inc. (release key 2) <security@redhat.com>"
3. off=581 ctb=89 tag=2 hlen=3 plen=566
   :signature packet: algo 1, keyid 199E2F91FD431D51
   version 4, created 1256212795, md5len 0, sigclass 0x13
   digest algo 2, begin of digest 6c e9
   hashed subpkt 2 len 4 (sig created 2009-10-22)
   hashed subpkt 27 len 1 (key flags: 03)
   hashed subpkt 11 len 5 (pref-sym-algos: 9 8 7 3 2)
   hashed subpkt 21 len 3 (pref-hash-algos: 2 8 3)
   hashed subpkt 22 len 3 (pref-zip-algos: 2 3 1)
   hashed subpkt 30 len 1 (features: 01)
   hashed subpkt 23 len 1 (keyserver preferences: 80)
   subpkt 16 len 8 (issuer key ID 199E2F91FD431D51)
   data: [4095 bits]

digest algo 2 = SHA-1 https://www.rfc-editor.org/rfc/rfc4880#section-9.4
SHA-1 was removed in gnup2-2.3.3-3.el9 for bug 2070722
Please update RPM-GPG-KEY-redhat-* keys provided by containers-common package in CS9.