This signature file may be used to cryptographically verify file integrity,
like this::

    $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D
    $ gpg --list-keys 0xA16EB94D
      pub   2048R/A16EB94D 2008-08-15 [expires: 2023-08-12]
      uid   Turnkey Linux Release Key <release@turnkeylinux.com>

    $ gpg --verify turnkey-sitracker-12.1-squeeze-amd64-ovf.zip.sig
      gpg: Signature made Tue Jun  4 16:01:12 UTC 2013 using RSA key ID A16EB94D
      gpg: Good signature from "Turnkey Linux Release Key"

For your convenience we also include file checksums:

    * sha1sum  b5ee9e242efe6c719cbfc2ae41e00ca064b6f234
    * md5sum   9d5c6dc3991fbad8becfd685d710a69d

You can calculate these on your end and compare to check for errors, but
cryptographic verification is recommended for security reasons.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQEcBAABAgAGBQJRrg9AAAoJEIXCXpWhbrlNgVsH/jFqvXYyTUvmTZJQuvzYod4b
5xU+9qxzxo0Pt5Yyp63ljnAktENBlF+kKWDHd1fq0K3Nx8VzsKdqg5zZlGfxfQz1
/Tz1NTmtN2vZQXKlKD6jKBZSO8zjSTLvnWZXQOVZdT8eh/dl+d32ABL4q05wsHk6
qr1b4DMOTZxZ7xCbUMzKDBiEXIwA/RKYT+tEaB/m2E/TO+XKgf0UkG0G8WQipuc/
aFv0U4jZCz36sm38yduQt9wNR5CJsWkhPt15W6PEzEBAE8/4mKSEDpKxxE+GdXlS
5rabHTM6HL1U2bBayb0SsmL0/4/g+TO/2LFiXwRGL020hsZCECMj0km0Rmp8as8=
=pj8r
-----END PGP SIGNATURE-----