My gpg key is on the bitcoin.org homepage: http://bitcoin.org/gavinandresen.asc
.... which you can access securely (and see the history of) at:
  https://github.com/bitcoin/bitcoin.org/blob/master/gavinandresen.asc

If you're really super-duper paranoid, you could also fetch it from
the MIT pgp keyserver or look for it in the bitcointalk forums
archives.

Import it into pgp/gpg, then you can verify that the download
checksums you have are correct with:

gpg --verify SHA256SUMS.asc

All that assuming you're running Linux.  If you're Windows or OSX, the
latest downloads are code-signed and checked for integrity
automatically by Windows/OSX.

-- 
--
Gavin Andresen