This signature file may be used to cryptographically verify file integrity, like this:: $ gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 0xA16EB94D $ gpg --list-keys 0xA16EB94D pub 2048R/A16EB94D 2008-08-15 [expires: 2023-08-12] uid Turnkey Linux Release Key $ gpg --verify debian-7-turnkey-asp-net-apache_13.0-1_amd64.tar.gz.sig gpg: Signature made Wed Oct 16 08:19:59 UTC 2013 using RSA key ID A16EB94D gpg: Good signature from "Turnkey Linux Release Key" For your convenience we also include file checksums: * sha1sum 332a4340e74267b23eee2a9f773d696e3616b40b * md5sum f15dcbc635ada7e79cc0b5c56e4cce9d You can calculate these on your end and compare to check for errors, but cryptographic verification is recommended for security reasons. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAABAgAGBQJSXkwoAAoJEIXCXpWhbrlNMrEH/1AnY/D9BvpRgI4uJj97UcZ5 y3VpLgUsounfQMPzDMAjD+5f75SWQpUyaREB6hsya8+z8MVIR5sgM9855bQC9VT4 6fFMWLO250QeI+PvqhPT1TKCT9vtiB3NX/72H42ZNseT2WWLB+L1eQqik1O+ApNU +g8359CTYp7ax0jMMqi+itPaZ6f822ZO0UeNaTP128D0bKTonnMCX7RECdCS3MkA jXIDb80QYlMTDuzaZ+cdfBDdXTv/ZWbZgEWdVeiFPa6I7nTFosi97oVLWGS8iMSA bnQYFTjT6Y7nLb7ukxyHi+7cRK3XRC8z7pUTDiNCcrP2Sf7ta4zmprKrR4/dAEk= =qR5G -----END PGP SIGNATURE-----