gistfile1.txt

//SIGNED THE KEY HERE
vagrant@branch:~$ sudo apt-key adv --recv-keys --keyserver  keyserver.ubuntu.com 40976EAF437D05B5
Executing: /tmp/tmp.rgDkkOapk3/gpg.1.sh --recv-keys
--keyserver
keyserver.ubuntu.com
40976EAF437D05B5
gpg: requesting key 437D05B5 from hkp server keyserver.ubuntu.com
gpg: key 437D05B5: "Ubuntu Archive Automatic Signing Key <ftpmaster@ubuntu.com>" not changed
gpg: Total number processed: 1
gpg:              unchanged: 1

//THEN RUN APT-GET UPDATE
vagrant@branch:~$ sudo apt-get update
Get:1 http://security.ubuntu.com/ubuntu xenial-security InRelease [102 kB]                                                                       
Hit:2 http://ppa.launchpad.net/ondrej/php/ubuntu xenial InRelease                                                                                
Ign:3 http://archive.ubuntu.com/ubuntu trusty InRelease                                       
Get:4 http://archive.ubuntu.com/ubuntu trusty Release [11.9 kB]          
Hit:5 http://us.archive.ubuntu.com/ubuntu xenial InRelease                    
Get:6 http://us.archive.ubuntu.com/ubuntu xenial-updates InRelease [102 kB]
Get:7 http://archive.ubuntu.com/ubuntu trusty Release.gpg [933 B]             
Get:8 http://us.archive.ubuntu.com/ubuntu xenial-backports InRelease [102 kB] 
Ign:7 http://archive.ubuntu.com/ubuntu trusty Release.gpg      
Fetched 319 kB in 1s (225 kB/s)
Reading package lists... Done
W: GPG error: http://archive.ubuntu.com/ubuntu trusty Release: The following signatures were invalid: BADSIG 40976EAF437D05B5 Ubuntu Archive Automatic Signing Key <ftpmaster@ubuntu.com>
W: The repository 'http://archive.ubuntu.com/ubuntu trusty Release' is not signed.
N: Data from such a repository can't be authenticated and is therefore potentially dangerous to use.
N: See apt-secure(8) manpage for repository creation and user configuration details.