(If you'd like to see what this looks like, here's a recording of me doing it just now, complete with file sizes and certificate SHA1 hashes.)
Verify the signature and certificate chain that signed the archive.
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
pkgutil --verbose --check-signature ./Xcode_8_GM_seed.xip
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Extract the PBZX stream from the archive.
+++++++++++++++++++++++++++++
xar -xf ./Xcode_8_GM_seed.xip
+++++++++++++++++++++++++++++
Obtain a PBZX v2 unpacker and... unpack the packed stuff.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
curl -O https:
python parse_pbzx2.py Content
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Decompress the archive (there should only be one chunk, "part00").
++++++++++++++++++++++++++++
xz -d Content.part00.cpio.xz
++++++++++++++++++++++++++++
Unpack the CPIO archive as a privileged user (since the device frameworks have weird symlinks that make cpio complain otherwise, and it needs to be owned by root anyway) and move the resulting Xcode app bundle into /Applications.
+++++++++++++++++++++++++++++++++++++++
sudo cpio -idm < ./Content.part00.cpio
sudo mv ./Xcode.app /Applications/
+++++++++++++++++++++++++++++++++++++++
It should prompt you to do the post-install setup steps upon first launch.