This signature file may be used to cryptographically verify file integrity,
like this::

    $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D
    $ gpg --list-keys 0xA16EB94D
      pub   2048R/A16EB94D 2008-08-15 [expires: 2023-08-12]
      uid   Turnkey Linux Release Key <release@turnkeylinux.com>

    $ gpg --verify turnkey-appengine-go-12.1-squeeze-i386-xen.tar.bz2.sig
      gpg: Signature made Tue Jun  4 19:56:53 UTC 2013 using RSA key ID A16EB94D
      gpg: Good signature from "Turnkey Linux Release Key"

For your convenience we also include file checksums:

    * sha1sum  642ab027aa23ae73cc17ac76485f4f1c332a4a45
    * md5sum   5aac1bb51bb1dd141bcdeb47f1b62689

You can calculate these on your end and compare to check for errors, but
cryptographic verification is recommended for security reasons.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQEcBAABAgAGBQJRrkZ7AAoJEIXCXpWhbrlN2tgH/iXy1VnrLVuc37vIbSiJrbrD
bvJa419eg4rRJHLkvAl22zVFrSMeFVIRxvVBI+a0DbxE5fqxUTYB5Apk++1wRpFo
CQsQzx39/hQ7MsMdYwNdGTEpDS4NfJawWLZ4V3KtQYft5zxAyU56OrNx388dtfgS
4PM4jQ63GZPTKicERC6Fqtk1Szu2W7AxDtI7xFE+Na93J7TU48AWiSf9xfvZSEv8
wP84uPUI1Q+MBmthH8lpcS/DuOpi4UPJ0/f5MHow+XffOVKDo3p4pF/yt6t8FJZy
7JZNgKI0S73TTNTt/RWIicf4Xza7aceHS+RDuam1ylsvXxDrPx9uNTGlgo7oNos=
=lqbU
-----END PGP SIGNATURE-----