-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Two steps are required to cryptographically verify image integrity.

1. By verifying the integrity of this signature file, you can be sure that
   the checksums included in this file are valid.

    $ gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys 0xA16EB94D
    $ gpg --list-keys 0xA16EB94D
      pub   2048R/A16EB94D 2008-08-15 [expires: 2023-08-12]
      uid   Turnkey Linux Release Key <release@turnkeylinux.com>

    $ gpg --verify turnkey-django-14.0-jessie-amd64.ova.sig
      gpg: Good signature from "Turnkey Linux Release Key"

2. By calculating the image checksum and validating the hashed value is the
   same as listed below, you can be sure the image was not corrupted in
   transit or tampered with.

    $ md5sum turnkey-django-14.0-jessie-amd64.ova
      2f781292d838cc061c619c8cbee4c5d7

    $ sha1sum turnkey-django-14.0-jessie-amd64.ova
      bf991851501c47f592ac02c23df3e1f3628a3d17

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAEBAgAGBQJWMJdVAAoJEIXCXpWhbrlNC1cH/3QMwybGKI0mIPlrI3WMxUUT
vMO1Oy774lG4tBfDIkI5/c1p3MdcZ13sK7Ooyjnd6GF5/vwmGeYt84tMSAjFdoJ9
QNlSwBDjWhOO5uwMzJGMjavTKDkhpJNPgGr6GxcGBSEFUZL/+49t5/aE8JiQ025C
4GUZCPTZFe6W4jNUe8zXeXDkRWs4kvFuccDm1CD9uuOVnSFP5mBFnBP/zyukx8kX
/bfOsFf4Bol/HeUWxk26eeKYEffU0Si56Gau06skPaxCWv4CJelwsQyH2ZucNp0g
pH/QulyvUT+7yPWH/GySn65beDm3zrU8dG4gJX4y1KpwSomxuwmUN7feP+HripE=
=1Twf
-----END PGP SIGNATURE-----