hi Richie - sort of, I would just do:
The main differences being that there’s not a separate “key” element, just the signature. And, RSA signing involves padding a hash of the content, and given the importance of getting those details right it’s the kind of thing best left to an RSA library that has RSA signature/verification functions already built in. It’s not something to roll your own version of, unless you are a crypto master.
If you already have a keyfile system in place using your prior method, I wouldn’t lose sleep over it, as it’s not likely to be the point of attack for a plug-in. However, going forward, why not do things in the most secure way?