Sign the dist as the last step before creating the archive. Take care not to modify/regenerate dist meta files or the manifest.

Error: Old SIGNATURE detected. Please inform the module author to regenerate SIGNATURE using Module::Signature version 0.82 or newer. gpg: Signature made Thu 19 Nov 2015 09:52:01 PM JST gpg: using RSA key 566217F3C4395C9C gpg: Can't check signature: No public key ==> BAD/TAMPERED signature detected! <==