-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Two steps are required to cryptographically verify image integrity.

1. By verifying the integrity of this signature file, you can be sure that
   the checksums included in this file are valid.

    $ gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys 0xA16EB94D
    $ gpg --list-keys 0xA16EB94D
      pub   2048R/A16EB94D 2008-08-15 [expires: 2023-08-12]
      uid   Turnkey Linux Release Key <release@turnkeylinux.com>

    $ gpg --verify turnkey-projectpier-14.1-jessie-amd64-vmdk.zip.sig
      gpg: Good signature from "Turnkey Linux Release Key"

2. By calculating the image checksum and validating the hashed value is the
   same as listed below, you can be sure the image was not corrupted in
   transit or tampered with.

    $ md5sum turnkey-projectpier-14.1-jessie-amd64-vmdk.zip
      9162167b6d37e8d48a8abc2faa2c49a3

    $ sha1sum turnkey-projectpier-14.1-jessie-amd64-vmdk.zip
      30b277c20024894b2274cf43407afef5aa7df072

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAEBAgAGBQJXDJn5AAoJEIXCXpWhbrlNQ44IAJis/9Hw8XrRfq40ej95XOB5
cFgkfj0GGwXxkrKWC1L5usSICpdi6R1nVqMPTVD5WPJX9Zig1ENR91VVfY5girUs
qhHF2/DKmJ0jfquvyKXmbc12IEz3kEEdVyn8kGIkFwjP+fPS6gqAKvbz7SsEiNVP
lGVC634h3EbtKgX/zvDXx+9ekI4S61haGamLdPQoTtPibKsSEdene1iNocN4FZlX
7X6g/sOxE4r6i06HFA3RKZNI0ZKp3qeK+cRIEAeQkWVHu8Z0JTX3Y2PL4ZNb34gq
M1ec0hg1Z9EsjRAY89qWKS+lfuHr1TXwcwROEAgphOym/gDvtgkYoK2FR9YwvFA=
=INwI
-----END PGP SIGNATURE-----