-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Two steps are required to cryptographically verify image integrity.

1. By verifying the integrity of this signature file, you can be sure that
   the checksums included in this file are valid.

    $ gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys 0xA16EB94D
    $ gpg --list-keys 0xA16EB94D
      pub   2048R/A16EB94D 2008-08-15 [expires: 2023-08-12]
      uid   Turnkey Linux Release Key <release@turnkeylinux.com>

    $ gpg --verify debian-8-turnkey-mongodb_14.1-1_amd64.ova.sig
      gpg: Good signature from "Turnkey Linux Release Key"

2. By calculating the image checksum and validating the hashed value is the
   same as listed below, you can be sure the image was not corrupted in
   transit or tampered with.

    $ md5sum debian-8-turnkey-mongodb_14.1-1_amd64.ova
      9739e2424cf7fc07e41f62611295de22

    $ sha1sum debian-8-turnkey-mongodb_14.1-1_amd64.ova
      8d6ea2ad5c5c34185eac75e1f5de78e80b18f7b6

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAEBAgAGBQJXDJnsAAoJEIXCXpWhbrlN/pkIAOM8Fa9Bo4c09T/Vl7HAYQmU
cOhJkSsLha4A7C9AbGYHKwaphPlsLxemo+CVh/OeHkYjek9kvmykgBPB4PMHGIiK
OHlYpiANGBo76K2+6j4aN8zk9Ju+LI/AojXWs1Ahyk0c03S5ClMIdlk3mndNLjE5
dJL7sF8FpMDLqc7hRElrKp4vhGpazCdQ58+O6qvwvC/YAZ3QBrFawHGEFD7EHn3Q
t8dDmBiMMHv2HvaNhBsZxYxEaxlvkuH9WoWfcbRdgGo5AcWldzkwLXUhBdxmgIP3
eOAGkJlyQ6vqxKCE4JHqiyWXi00/v54/k1Hqa+IVBzpD15Bj8pRUNqe+JZMwF50=
=oLlC
-----END PGP SIGNATURE-----