This signature file may be used to cryptographically verify file integrity,
like this::

    $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D
    $ gpg --list-keys 0xA16EB94D
      pub   2048R/A16EB94D 2008-08-15 [expires: 2023-08-12]
      uid   Turnkey Linux Release Key <release@turnkeylinux.com>

    $ gpg --verify turnkey-tomcat-12.1-squeeze-i386-vmdk.zip.sig
      gpg: Signature made Wed Jun  5 00:40:06 UTC 2013 using RSA key ID A16EB94D
      gpg: Good signature from "Turnkey Linux Release Key"

For your convenience we also include file checksums:

    * sha1sum  8d3d8ab08e3361be83ae3d84512d11af8753df56
    * md5sum   a8fd85483a42bb8a47aab2ab0851b5b9

You can calculate these on your end and compare to check for errors, but
cryptographic verification is recommended for security reasons.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQEcBAABAgAGBQJRrojXAAoJEIXCXpWhbrlNv+MH/jz5xu7+nE05/MpdCouLPb0m
1dgRhGh7EBnen/J3tXBidtAvJ+0slrYq1N8+n1mJiIptdhh0wJGmBZFnV7iifBls
mdZttKsNnnf8pp94Yt8qhdI9s/9nM9dYns31of6XIfAGl0ZSVHJcmsQ6+QGrPRKU
aItDGTDvIyhNED7OJgCQtb1MIk+FMekfIwz8x+3Am1CmMtvjhijvW68lS3x9ZHuj
ZXhjTNf66u0CmUx4tdTan+6T8abAnxLWZQiWRjxB/GFfH7gk1zdg67oyeUPamzOT
aQh1CVi7Tll1BiLBEjesZSFDlVSO2KzBdLkA/biDldgV39t3EugeOJytISmu6U4=
=XwlP
-----END PGP SIGNATURE-----