-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Two steps are required to cryptographically verify image integrity.

1. By verifying the integrity of this signature file, you can be sure that
   the checksums included in this file are valid.

    $ gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys 0xA16EB94D
    $ gpg --list-keys 0xA16EB94D
      pub   2048R/A16EB94D 2008-08-15 [expires: 2023-08-12]
      uid   Turnkey Linux Release Key <release@turnkeylinux.com>

    $ gpg --verify turnkey-twiki-14.0-jessie-amd64.ova.sig
      gpg: Good signature from "Turnkey Linux Release Key"

2. By calculating the image checksum and validating the hashed value is the
   same as listed below, you can be sure the image was not corrupted in
   transit or tampered with.

    $ md5sum turnkey-twiki-14.0-jessie-amd64.ova
      0047bec2b46719b0bed17f520384fb0d

    $ sha1sum turnkey-twiki-14.0-jessie-amd64.ova
      44214ac5975b7078bcf8ed99358a799835f78658

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAEBAgAGBQJWMJdaAAoJEIXCXpWhbrlNvisH/0GTdFEjZVuPiZFYfbt4jmDu
VqQZmBtuXyry6Yce2QYgfTHRw6ogF1MMjH7LyS21BuIecep7hGpjYq05YAzQQlgo
DepTcWEfyrj+M14zQPOYOxroFhYxnPbuHqo3kXuX0BgMiK5pODGiAs2wBJycGh22
LZquuKeePShpob3ryDeNPEGhKzpPBV5F0/elvbxfM3RV97x6xw8YPRcADpv1DPec
09UJQOXc0Yf1ogcBuzxZn20SuclpRtoE7fe63+gn1ulJYZQgVH0/mF1lYIGbxRwl
oHtZ2InD9RhJRVPI14vL5CkQBXyOBWm0XLv8bB6cifh54xQLoniHn7G9wZJZtkA=
=Q3zn
-----END PGP SIGNATURE-----