How can I clean up the sbctl verify output? (invalid PE header & does not exist)

[Tealk]

Hello everyone,

I'm using sbctl to manage my Secure Boot keys and to sign the relevant files. When I run

sudo sbctl verify

I get the following output:

Verifying file database and EFI images in /boot...
✓ /boot/EFI/Linux/arch-linux.efi is signed
✓ /boot/EFI/Linux/linux-linux-lts.efi is signed
✓ /boot/EFI/systemd/systemd-bootx64.efi is signed
‼ /boot/amd-ucode.img: does not exist
✓ /boot/vmlinuz-linux is signed
✓ /usr/lib/systemd/boot/efi/systemd-bootx64.efi.signed is signed
✓ /boot/EFI/BOOT/BOOTX64.EFI is signed
✓ /boot/EFI/Linux/arch-linux-fallback.efi is signed
✓ /boot/EFI/Linux/arch-linux-lts-fallback.efi is signed
failed to verify file /boot/amd-ucode.img: /boot/amd-ucode.img: invalid pe header
failed to verify file /boot/initramfs-linux-lts-fallback.img: /boot/initramfs-linux-lts-fallback.img: invalid pe header
failed to verify file /boot/initramfs-linux-lts.img: /boot/initramfs-linux-lts.img: invalid pe header
failed to verify file /boot/loader/entries.srel: /boot/loader/entries.srel: invalid pe header
failed to verify file /boot/loader/loader.conf: /boot/loader/loader.conf: invalid pe header
failed to verify file /boot/loader/random-seed: /boot/loader/random-seed: invalid pe header
✓ /boot/vmlinuz-linux-lts is signed

My questions:

• How can I clean up the "does not exist" and "invalid PE header" messages, or prevent them from being shown?
• Is it possible to clean up the sbctl database so that only relevant, signable files are checked?
• Are files like initramfs images or loader.conf supposed to be signed, or is this a misunderstanding on my part?