Downloading the archive and signature from the same server you're getting them from and verifying manually with openssl works fine here:
% openssl dgst -ripemd160 -verify /opt/local/share/macports/macports-pubkey.pem -signature libiconv-1.15_0.darwin_17.x86_64.tbz2.rmd160 libiconv-1.15_0.darwin_17.x86_64.tbz2
Verified OK
The archive, the signature or both must be getting corrupted in transit somehow. See wiki:MisbehavingServers for some ways that might be happening. Good luck, network issues like this can be tricky.