This signature file may be used to cryptographically verify file integrity,
like this::

    $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D
    $ gpg --list-keys 0xA16EB94D
    pub   2048R/A16EB94D 2008-08-15 [expires: 2023-08-12]
    uid   Turnkey Linux Release Key <release@turnkeylinux.com>

    $ gpg --verify turnkey-appengine-java-12.0-squeeze-x86-ovf.zip.sig
    gpg: Signature made Tue Aug 21 11:31:40 UTC 2012 using RSA key ID A16EB94D
    gpg: Good signature from "Turnkey Linux Release Key

For your convenience we also include file checksums:

* sha1sum  992b13dc5daa00903cb79ae427fecd45642d1b68
* md5sum   dc91a6b9b24a581b55cd4295650a8a4d

You can calculate these on your end and compare to check for errors, but
cryptographic verification is recommended for security reasons.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQEcBAABAgAGBQJQM3GGAAoJEIXCXpWhbrlNe90IANs2WDLHP8Yl+8gE8IcNiJ+C
L+SEz+rFInUZjwz76yc6Tsc1rf1281ndRAb/U+6SZpOFpp3Vfh17kIS9kmlpfi0q
rwZuI4enJbDr+/gZaHFcAsnSuiTHSvoW4vUm3lGJj3/U57prAMwgB6iSAtJRShg6
5pbCRzak7K+/pt/rI8o+m75MtnA7zABWklbT32uqziwTmjEwx/4xW9eCiGRmMiGd
fFUAkigB9EUob4FMh9+UwDrfoejEiLi5rwK//Hw2fpiyoI7xvV8RieajZOhcK7QT
rX6HNJ9O4d1Y9W9g8d0Br2VYCkIWAgbtpPuuOFB5bIUDNi1xyiQXfimTk0cL2RU=
=BaAc
-----END PGP SIGNATURE-----