I'd like to manually verify the PGP signature on a Maven artifact from Central, but I don't know where to start.

I see on Apache's Guide to uploading artifacts to the Central Repository that it says "we require you to provide PGP signatures for all your artifacts".

And I've seen that Sonatype's Nexus Pro software mentions verifying signatures in a blog post on Nexus Pro features

But I can't find any information on how to get the signatures manually. I'm familiar enough with GPG to perform the actual verification. How do I get a .asc file for an artifact in Central?

You can simple download those artifacts (.asc) files and manually check the signature. Maven Central is accessible via http like this:

http://search.maven.org/remotecontent?filepath=com/soebes/smpp/smpp/0.4/smpp-0.4.pom.asc

If you want to check all pgp signatures of your project dependency automatically, you can try execute:

mvn com.github.s4u.plugins:pgpverify-maven-plugin:check

This plugin downloads all signature (.asc) files and needed pgp key to do signature check.

More info about this plugin you can find on site: http://www.simplify4u.org/pgpverify-maven-plugin/