I downloaded an .rpm package but if I run

# rpm -ivh xxx.rpm
It shows a long list of dependences needed to install.

If I run
yum install xxx.rpm

I’ve got an error message
Package xxx.rpm is not signed

Solution:

gedit /etc/yum.conf

replace gpgcheck=1 to gpgcheck=0