Which commands can be used to verify that file.tgz has not been tampered with since the file creator created the signature?