Yes, the stable repository has been signed. The 2.387.2 release had not been run at the time you asked the question. It has run now. The instructions on the page are now updated. Thanks for checking!
We’ll host a retrospective on the challenges associated with the rotation of the PGP repository signing keys and the challenges associated with the rotation of the code signing certificate used for the MSI installer and the war file. I’m sure that improvements will be identified in that retrospective.