This signature file may be used to cryptographically verify file integrity,
like this::

    $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D
    $ gpg --list-keys 0xA16EB94D
      pub   2048R/A16EB94D 2008-08-15 [expires: 2023-08-12]
      uid   Turnkey Linux Release Key <release@turnkeylinux.com>

    $ gpg --verify turnkey-orangehrm-12.1-squeeze-i386-openstack.tar.gz.sig
      gpg: Signature made Tue Jun  4 22:54:34 UTC 2013 using RSA key ID A16EB94D
      gpg: Good signature from "Turnkey Linux Release Key"

For your convenience we also include file checksums:

    * sha1sum  090e09fbb8b17cb2652a1e95875a95587fb8236a
    * md5sum   1b0e96bef1a444a545e8e51b3b2150e2

You can calculate these on your end and compare to check for errors, but
cryptographic verification is recommended for security reasons.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQEcBAABAgAGBQJRrnAeAAoJEIXCXpWhbrlNCTUH/R31BmWtwErP7cABwmSJ16GG
JupUJQshD4QOgasj1jnDGCE0zDOo3D+636kn5aIOUwEWtfHhLdj1J/Hr7Ou03B4x
NR2rccjxm+pCGiQANgU8o/qJWk1Y3fBh3W0XnoaLptdOOSufCU/vVNx5FJ4IyGoi
CJ0/u8EMZKF1RuAEWwMOYSf/y7DL7r2pz6A9U/4JS9O9ZkNKt6Mh80epGLFeWj8s
c5FLJLolyT5htHAUZJUKhxAx9q1JxDUHiTnDXwgwq1AH9I87EOSqaymoRF7Zt7/M
Jp1NR5nVqlaIlnxrhPa0zIukqwaszGFvzSocY32Np+UI4Kzk3iZ15edVOSQW55o=
=ykXn
-----END PGP SIGNATURE-----