I would argue that you want an automated check for "verify release has been signed" then if it fails you are alerted. This is better than manually checking it every time or assuming it will always be signed. A trust but verify approach. Then one day you may find that a trusted cert has expired and signing is broken or a key is not available b/c it got accidentally deleted etc... Lots of things can go and will go wrong.