This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-bambooinvoice-12.0-squeeze-x86-ovf.zip.sig gpg: Signature made Tue Aug 21 11:27:57 UTC 2012 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key For your convenience we also include file checksums: * sha1sum 03d9182e527a01f36bab2a66c7e0395d35ba2697 * md5sum 97166058043cb9e57589ef8508f0ae73 You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJQM3CwAAoJEIXCXpWhbrlNHHAH/0nRkGVMYa2RpPatogRvJqbi U9KYQezHbdliY4/YVcZ/DxoHVPHty23C1JrhFOoOn2o6PtVvcrOwu2jZT8PaUUZF Fq0/4iHAUEK1vKzAfLtLa/aJlanE7mHOSDAFZDoxPD18Dm00E6dLmnyvhdZLoNc9 hDrZkyafqFlkdjGDJMtCvTK47mpmLyiSQpzLOkicDuAI5V4l4WVZpvcjCOv4Wq8W 8P1YNVtrbd8SMc1Z3szSBnhWa4RginCg19BG/XRTjw/feXwWnYTmS1yFXZFg56Rx Tm5t5q4cmyj5ru1sMJqUjbSDJXCs2NAxAzxaeOeGE+CdnAlfj2tK9cUQ1qP5icA= =yute -----END PGP SIGNATURE-----