This signature file may be used to cryptographically verify file integrity,
like this::

    $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D
    $ gpg --list-keys 0xA16EB94D
      pub   2048R/A16EB94D 2008-08-15 [expires: 2023-08-12]
      uid   Turnkey Linux Release Key <release@turnkeylinux.com>

    $ gpg --verify turnkey-redmine-12.1-squeeze-amd64-xen.tar.bz2.sig
      gpg: Signature made Tue Jun  4 16:19:24 UTC 2013 using RSA key ID A16EB94D
      gpg: Good signature from "Turnkey Linux Release Key"

For your convenience we also include file checksums:

    * sha1sum  e6186d3ef379aae4063b08aca83c6ea802b07100
    * md5sum   f72a4bc1dca8f2522f4fc67acb048338

You can calculate these on your end and compare to check for errors, but
cryptographic verification is recommended for security reasons.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQEcBAABAgAGBQJRrhOCAAoJEIXCXpWhbrlNq/MIAMZkNbvURfKXufSqgzJn2T0t
i7McTH4jgmncC+ZV/yMVyOL5WsY7bQwlDti7LpSIXctc2FO8qiaHlBxcVVghcIS+
v2tLTDep5LwN1pNRh4uSN+OS6I5n4Nk35k8A1vTPKlnpncX+uZNRQgjUcNB6ehfk
G72uE8VOx3WIxoFyhOMXpPzU5YWjHraW5Jr8JhP3ZexyLCLMklKf2IsVozNaWtC2
Wg475fUhoph/o+CBMsMCh6RIOGHFygNBbJIuxsVZa213VWgAPf/nH5/SPujzaVZF
RvNtG6kbGZ0OHljGJ3M0buvQ+AdprroowpfoNZXFtfBhwtROfHW0nsUnm3P3uRw=
=c4x+
-----END PGP SIGNATURE-----