-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Two steps are required to cryptographically verify image integrity.

1. By verifying the integrity of this signature file, you can be sure that
   the checksums included in this file are valid.

    $ gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys 0xA16EB94D
    $ gpg --list-keys 0xA16EB94D
      pub   2048R/A16EB94D 2008-08-15 [expires: 2023-08-12]
      uid   Turnkey Linux Release Key <release@turnkeylinux.com>

    $ gpg --verify turnkey-simpleinvoices-14.1-jessie-amd64-vmdk.zip.sig
      gpg: Good signature from "Turnkey Linux Release Key"

2. By calculating the image checksum and validating the hashed value is the
   same as listed below, you can be sure the image was not corrupted in
   transit or tampered with.

    $ md5sum turnkey-simpleinvoices-14.1-jessie-amd64-vmdk.zip
      7a4ddf87f0bf82d0decedddeeecced01

    $ sha1sum turnkey-simpleinvoices-14.1-jessie-amd64-vmdk.zip
      8404c8b364d1ec4aad6bf907c4abe835ab430cdd

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAEBAgAGBQJXDJn6AAoJEIXCXpWhbrlNOcAH/AiKCcDhWGFS/llDPrqMQ4/C
WWdZIIcixxDZ6h3coQPsi4pM27tdxEKYo53gnS1YIkMlNPZ5dFrYIY2ib9F8IIBg
BqSNEDjDEdussHKaJcX57VpGLakXoG4tA6hPlkmop4Hfcjs9srRs/jW/6iHmUYXh
TyH2kP6JCHSMAyqK7JccsptCwXPOUhYcep5WdMIKHJCM033lnoqzWw2p1PRaB3Nz
yQtO0MA99AErOd2mCZBeB+QwKoEwrEtK4Rl/ZMTmcaNOVa3F3x2D83FJyrLbImw9
0w2LeHkq05V2EhPnoj5DXhsLp37i5eUuQ8qk1M+7dvi6uihDMiV7UdElBDIDhag=
=Pj9C
-----END PGP SIGNATURE-----