This signature file may be used to cryptographically verify file integrity,
like this::

    $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D
    $ gpg --list-keys 0xA16EB94D
    pub   2048R/A16EB94D 2008-08-15 [expires: 2023-08-12]
    uid   Turnkey Linux Release Key <release@turnkeylinux.com>

    $ gpg --verify turnkey-appengine-java-12.0-squeeze-x86-vmdk.zip.sig
    gpg: Signature made Tue Aug 21 11:31:18 UTC 2012 using RSA key ID A16EB94D
    gpg: Good signature from "Turnkey Linux Release Key

For your convenience we also include file checksums:

* sha1sum  62c97b598a3ee32cf6febf4cc1ea7c4325f912a7
* md5sum   e9cdb2e863ff901b30f13d75aeffacc1

You can calculate these on your end and compare to check for errors, but
cryptographic verification is recommended for security reasons.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQEcBAABAgAGBQJQM3FyAAoJEIXCXpWhbrlNMiQH/jTLNErclsWUsBBcEtEOHz2D
XuG7YacPymrUFLkEPonziKrFGraGtQBkpteaghJ7XoNSI6YVpx9EWxLQcuwgeqZE
wB05iOcEILMAE2pAUXSCG/mWk/cT1vMqmiJR0S/9PRiu97aFglZwAgvnubVOnaH2
sWUGskd+/NoKA5WwibizaLrPwJPUoIWfsA2qlsg0iv77ozn9IZ4Ag4mafAsYf/Ld
j43yN6z9vOyxhjX6X/TJObONjAih3XfzD0yAk6t6uJQxO5Q+YVahmKxk77E7+sm0
Me47lJyIUj1RyraSt5FokpFe1+sSTCoU6jxa/vq5MIaIc42W2Bjv/VkLmn6UG/s=
=6wgI
-----END PGP SIGNATURE-----