Can I create a maintainer with only PGP authentication?

No, initially the mntner has to be created with an authentication other than PGP. After that you can create the key-cert object protected with the new mntner. Upon creation of the mntner and the key-cert object (protected by your mntner), you can change the authentication to PGP.