Hi,i can't check the gpg sig of the 0.4.1 hd (linux version)
This is what i get from linux terminal
sudo gpg --verify multibit-unix-0.4.1.sh.asc
gpg: assuming signed data in `multibit-unix-0.4.1.sh'
gpg: Signature made Thu 29 Sep 2016 05:05:55 PM UTC using RSA key ID A3606A58
gpg: Can't check signature: public key not found
So i downloaded the 0.3.0 and everything seems right
sudo gpg --verify multibit-hd-unix-0.3.0.sh.asc
gpg: assuming signed data in `multibit-hd-unix-0.3.0.sh'
gpg: Signature made Sun 17 Apr 2016 10:28:29 AM UTC using RSA key ID 23F7FB7B
gpg: Good signature from "Jim Burton (multibit.org developer) <firstname.lastname@example.org
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 299C 423C 672F 47F4 756A 6BA4 C197 2AED 79F7 C572
Subkey fingerprint: 4A71 A836 F572 01B4 D088 7D60 0820 A658 23F7 FB7B
EDIT:nevermind,0.4.1 is not signed anymore by Jim Burton,i didn't know he sold his software to keepkey