This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-postgresql-12.0-squeeze-x86-xen.tar.bz2.sig gpg: Signature made Tue Aug 21 16:43:21 UTC 2012 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key For your convenience we also include file checksums: * sha1sum 3e922b75ef2fff5cee02cf2c2b544b86bb049b10 * md5sum 04c61031fd02a78e699894a878a86d1d You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJQM7qhAAoJEIXCXpWhbrlNhyUIAMldMstsFXdXBzAKl5sVTus9 f6q5s7eeiCQOFwP9TqDuXZ6kGEwTfawPBnhQ0V43MCbqg64mlseJnTBDdP7HCck9 AUZK0UgpUCzHVgWaMUwrflFQRAu3jPSOYXPXlM5U801fJOpryzJ3sl9nH3OYBJsX nbBl8ZezYi41UeZ8v6nGnlkI2K03PgHZ1ZHiOUKf82zcPNA2cN52q4dYeRV5n6wr VhyYjppfgz8TybzzzlWDWRdmxHjjRr+s7Hb5TF31H9RpiPHCARiEwq/yfOi5JIR/ jPHgS4adURs8kEB6gg9BBVOdtocQSSdBJ7cNG0rkJfbYV7vovI0G4d8Qa3Xc05A= =Gcpj -----END PGP SIGNATURE-----