This signature file may be used to cryptographically verify file integrity,
like this::

    $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D
    $ gpg --list-keys 0xA16EB94D
      pub   2048R/A16EB94D 2008-08-15 [expires: 2023-08-12]
      uid   Turnkey Linux Release Key <release@turnkeylinux.com>

    $ gpg --verify turnkey-appengine-go-13.0-wheezy-i386-vmdk.zip.sig
      gpg: Signature made Tue Oct 15 14:49:01 UTC 2013 using RSA key ID A16EB94D
      gpg: Good signature from "Turnkey Linux Release Key"

For your convenience we also include file checksums:

    * sha1sum  c4c81eabb717f4ebd4ee03bc39e80e9f16e51c77
    * md5sum   afca920132895eb5325d677b56e53fa7

You can calculate these on your end and compare to check for errors, but
cryptographic verification is recommended for security reasons.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAABAgAGBQJSXVXVAAoJEIXCXpWhbrlNDX4IAJpLjskYeUfPKfZXiXckzoEE
NwY7oeWKLox2G0nOhzVppKvKm+UUsU5+JV6m9m9RR2celxlQS8bVnKTEzSuCcjFO
+rWEDrglh+yf9UqlMQz8SOWw1RSEOQWhzd6ssVIu3+ryA3rkTh8RgW7VkAD3RD7i
RFXRrZUVQMqZPqgXjuX+FGqk/CIbePR9kzEJx03zm11ATa9Zdpuvy7b48G9kdESn
mTc2/+Jbo61MIARMtPwvNsPT8ZNgFPt0uu2Sg62V6rpOdPQWnPqS9BPTYGXa07ME
rJNS3ISki1/6EphQU9VEbAO+A69vxHPXBV86hEmmknd2r52qUXPnbwGmpCpcRSw=
=Tx6i
-----END PGP SIGNATURE-----