-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Two steps are required to cryptographically verify image integrity.

1. By verifying the integrity of this signature file, you can be sure that
   the checksums included in this file are valid.

    $ gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys 0xA16EB94D
    $ gpg --list-keys 0xA16EB94D
      pub   2048R/A16EB94D 2008-08-15 [expires: 2023-08-12]
      uid   Turnkey Linux Release Key <release@turnkeylinux.com>

    $ gpg --verify turnkey-asp-net-apache-14.0-jessie-amd64.ova.sig
      gpg: Good signature from "Turnkey Linux Release Key"

2. By calculating the image checksum and validating the hashed value is the
   same as listed below, you can be sure the image was not corrupted in
   transit or tampered with.

    $ md5sum turnkey-asp-net-apache-14.0-jessie-amd64.ova
      4221ec6bc2b5b9ba20bab7d00d0ebf94

    $ sha1sum turnkey-asp-net-apache-14.0-jessie-amd64.ova
      31f1fc5a73c0786f0b685465b10133001af6b22a

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAEBAgAGBQJWMJdUAAoJEIXCXpWhbrlN1IMH/iCef1u++wrW43ATHRtyJzQt
cuk6JFMjiOCLeUvOqkaR1gO6h576v57cnZNv8a9kt8mopP/+6fIZikFTOGrURQgN
G1bCcG3CY+/2OVRIx0LabDVfZGKCpgeSDF+CuvgPjbeYN910d0d8SqBZ4YoyT6C+
XDPMiyZh5Qjh/UHF/Kylq4phz933qpChZiwlevST71sHbHt5gPbCpl3FncNcRCdA
lBdhpYkwcgxwevdnra2KjF0KHnpuvHt4beorsMG7LsYWUR6r8FIXsDXEpT+Ttm8/
nY++i5yXHIHb06rIKR9X5RbJ+NIwTdgNPZU1gYG3BvQ7hkQsLw1+M5kwhAWfOV4=
=/e0I
-----END PGP SIGNATURE-----