This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify turnkey-postgresql-12.1-squeeze-amd64-ovf.zip.sig gpg: Signature made Tue Jun 4 15:19:36 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 5ac56b403293afea6a28c55a719f4680ae4c525d * md5sum 88e644ac947b6d08625a57f01e3ae9af You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAABAgAGBQJRrgWAAAoJEIXCXpWhbrlNOo8IAK2aOihX+BTig0dMMH2I1o1T XnYGrGn8kRjhv8oDOxaoR+lXlmR9ERR+oJdkMabWYtoNcA3Hu69IcOEKg2vWIIwk e/WqZQ3b2djYBulFIViplbY441FT0fUuVGsb5N1VSFBPjuTejSW5BJdy1RuN/ze/ YHS3C9oQssb3BGzih+FWuYKe8PPAoixQLhzeK50rgirc88BITzpWhH/H7ymfYDeK svrvs45aGbSTbryATZSpL58vc9GBP57BU/EocH37Bo3vevhBuZI80xKc+dFZ3Sh4 /WdN5uwWqIDY/KATOl2axbfTAoFIrLw0dYIeZ/nla8g5gnuKmaVYAH7YvMpa0L8= =eutG -----END PGP SIGNATURE-----