While looking at ways to prove the authenticity of a PKI Root Certificate published on a web page I recalled this nice method of PGP signing a web page. The result looks like this.
You can validate the web page using GPG/PGP (get the public key)
wget http://example.com/root-cert-pem.html gpg --verify root-cert-pem.html