Create .gnupg if it doesn’t exist

$ [[ -d ~/.gnupg ]] || mkdir -p -m 700 ~/.gnupg

Generate a GPG key
$ gpg --gen-key
gpg (GnuPG) 2.0.22; Copyright (C) 2013 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Please select what kind of key you want:
   (1) RSA and RSA (default)
   (2) DSA and Elgamal
   (3) DSA (sign only)
   (4) RSA (sign only)
Your selection? 1
RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048) 
Requested keysize is 2048 bits
Please specify how long the key should be valid.
         0 = key does not expire
      <n>  = key expires in n days
      <n>w = key expires in n weeks
      <n>m = key expires in n months
      <n>y = key expires in n years
Key is valid for? (0) o
invalid value
Key is valid for? (0) 
Key does not expire at all
Is this correct? (y/N) Y

GnuPG needs to construct a user ID to identify your key.

Real name: demoGPGkey
Email address: [email protected] 
Comment: Demo GPG KEY
You selected this USER-ID:
    "demoGPGkey (Demo GPG KEY) <[email protected]>"

Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O
You need a Passphrase to protect your secret key.

We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
gpg: key F2E783BC marked as ultimately trusted
public and secret key created and signed.

gpg: checking the trustdb
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
gpg: depth: 0  valid:   1  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 1u
pub   2048R/F2E783BC 2018-10-01
      Key fingerprint = E372 1B2A 6092 0C8C 912B  EEFB 0904 A379 F2E7 83BC
uid                  demoGPGkey (Demo GPG KEY) <[email protected]>
sub   2048R/17787317 2018-10-01

tips: you should install rng-tools before gennerate GPG key. It make your generate GPG key more faster
see more at: https://www.certdepot.net/rhel7-get-started-random-number-generator/

List GPG Key
$ gpg --list-keys
/root/.gnupg/pubring.gpg
------------------------
pub   2048R/F2E783BC 2018-10-01
uid                  demoGPGkey (Demo GPG KEY) <[email protected]>
sub   2048R/17787317 2018-10-01
Export the key
gpg --export -a demoGPGkey > RPM-GPG-KEY-demoGPGkey
Import key to RPM DB
sudo rpm --import RPM-GPG-KEY-demoGPGkey
Verify the list of gpg public keys in RPM DB
rpm -q gpg-pubkey --qf '%{name}-%{version}-%{release} --> %{summary}\n'
Config rpm environment
echo "%_signature gpg" > ~/.rpmmacros
echo "%_gpg_path /root/.gnupg" > ~/.rpmmacros
echo "%_gpg_name demoGPGkey" > ~/.rpmmacros
echo "%_gpgbin /usr/bin/gpg" > ~/.rpmmacros
Finally, You can sign each RPM file
rpm --addsign your_RPM_file.rpm

Enjoy!