How can the apt key be verified?

[Mikaela]

In the Linux platform instructions the key is downloaded over http. How can I verify that it's the intended key instead of something from MITM? I don't see the fingerprint mentioned anywhere on the website.

What I received is:

pub   rsa4096/0x5898470A764B32C9 2018-02-26 [SC]                               
      Key fingerprint = 5691 30E8 CA20 FBC4 CB3F  DE55 5898 470A 764B 32C9     
uid                   [ unknown] deb.h-ic.eu                                   
sub   rsa4096/0xBC1BF63BD10B8F1A 2018-02-26 [S]                                

For comparsion, here are some other signature verification instructions:

• Tor Debian/Ubuntu repository instructions
  • Tor signature verification in general
• Tails signing key verification