geolocation: add geoprobe identity to signed TWAMP replies, make verify interval configurable

[ben-dz]

Resolves: #3166

Summary of Changes

• Add GeoprobePubkey field to signed TWAMP reply packets so targets can distinguish which physical probe responded, even when multiple probes share the same signing authority
• Rename ReflectorPubkey → AuthorityPubkey for clarity (reply now carries both the authority and geoprobe identities)
• Replace the package-level VerifyInterval global with a per-reflector constructor argument, exposed as --verify-interval CLI flag on geoprobe-agent (default 29s)
• Lower default probe interval for geoprobe-target-sender from 60s to 30s to fit within the verify window

Diff Breakdown

Category	Files	Lines (+/-)	Net
Core logic	4	+44 / -33	+11
Scaffolding	2	+30 / -20	+10
Tests	4	+85 / -45	+40
Docs	1	+7 / -4	+3

Most change is in tests and packet structure; core logic is a small net addition.

Key files (click to expand)

• tools/twamp/pkg/signed/packet.go — add GeoprobePubkey field, rename ReflectorPubkey → AuthorityPubkey, update reply size (204→236 bytes)
• tools/twamp/pkg/signed/reflector_linux.go — store verifyInterval and geoprobePubkey as struct fields, use per-instance interval
• tools/twamp/pkg/signed/reflector.go — remove global VerifyInterval var, add verifyInterval param to constructor
• controlplane/telemetry/cmd/geoprobe-agent/main.go — add --verify-interval flag (default 29s), pass geoprobePubkey + interval to reflector
• controlplane/telemetry/cmd/geoprobe-target-sender/main.go — lower default interval to 30s, adapt to renamed reply fields
• rfcs/rfc16-geolocation-verification.md — update reply packet layout to reflect new GeoprobePubkey field

Testing Verification

• All tools/twamp/pkg/signed tests pass (packet round-trip, byte layout, rate-limit, concurrent clients, signature verification)
• geoprobe-target-sender unit tests pass
• Lint clean across all changed packages

[ben-dz]

Skip-changelog is because this is updates to something already in the changelog.