I can answer one of your questions
How do I know the apks haven’t been tampered with?
The signing certificate per appid is not allowed to change over the appids lifetime (if a private key is compromised, publishers have to republish under a new appid). As new Apk installs are trust-on-first-use, if the package was signed by the proper certificate you have authenticity assurance for the lifetime of the install and later updates. Packages themselves have an integrity mechanism that is signed by the certificate.
How to deduct the Apk is signed by the original publisher certificate? there is no public notary (yet), but I speculate cleanapk does check this certificate fingerprint against prior fingerprints of the same package name. If they are identical as recorded (for month or years for historical known packages) cleanapk themselves have assurance too of uploading an Apk as intended by the publisher. Obviously an apk mirror can’t do this for never-before-seen appids. If you have a Play console developer account you should be able to query the Google Publisher API and get some datapoints from “upstream”.
I think similar to what Hypatia does for known-bad package cert fingerprints it would heighten assurance if a database of known-good appid:certfingerprint is preseeded on the device and pinning to the appids cert fingerprint on install.
Marlinspike of Signal created a community effort in 2011 for SSL certificates as alternative to CAs / Web PKI, “convergence” (defunct since a few years). It queried multiple notaries for their view on the websites SSL cert fingerprints to establish a quorum. If you get malicious certificates, a majority disagrees and warns. Something akin I envision for apk packages, then the apk mirror source is less of a concern on TOFU.
I wrote [HOWTO] verify Apk signatures and reflect on Publisher trust if anyone want to read more on it. There are websites recording historical certificate fingerprints, they offer their database to researchers or offer their services (androidobservatory (not active anymore), scatterscam (close to exodus-privacy), pithus).