Spring JARs released on Maven Central are signed with the following key.

Key ID: builds@springframework.org
Fingerprint: 48B0 86A7 D843 CFA2 58E8 3286 928F BF39 003C 0425
Key size: RSA 4096
Date: 2023-01-16

You can import this key using a public key server:
$ gpg --keyserver keyserver.ubuntu.com --recv 48B086A7D843CFA258E83286928FBF39003C0425

You can also verify locally a manually downloaded key with:
$ gpg --import --import-options show-only spring.gpg