I have read through APACHE's help documents on verifying the integrity of the files using PGP but I am completely lost. I have never used PGP before so I am not sure what to do.
It says: he PGP signatures can be verified using PGP or GPG. First download the KEYS as well as the asc signature file for the relevant distribution. Make sure you get these files from the main distribution directory, rather than from a mirror. Then verify the signatures using
If PGP is too unwieldy for you, just use md5 signatures. For that, you use something like "openssl md5 httpd-source.tgz". That should compare with the md5 signature of the source you download. The signature for version 2.2.11 is found at http://www.apache.org/dist/httpd/httpd-2.2.11.tar.gz.md5. The other distributions/versions can be found at a similar link.