-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Two steps are required to cryptographically verify image integrity.

1. By verifying the integrity of this signature file, you can be sure that
   the checksums included in this file are valid.

    $ gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys 0xA16EB94D
    $ gpg --list-keys 0xA16EB94D
      pub   2048R/A16EB94D 2008-08-15 [expires: 2023-08-12]
      uid   Turnkey Linux Release Key <release@turnkeylinux.com>

    $ gpg --verify turnkey-mongodb-14.1-jessie-amd64.ova.sig
      gpg: Good signature from "Turnkey Linux Release Key"

2. By calculating the image checksum and validating the hashed value is the
   same as listed below, you can be sure the image was not corrupted in
   transit or tampered with.

    $ md5sum turnkey-mongodb-14.1-jessie-amd64.ova
      64f682d0bad0d2255a7afa5b76e499cf

    $ sha1sum turnkey-mongodb-14.1-jessie-amd64.ova
      29e12d7a5613680be5e0659428145c5347a957b4

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAEBAgAGBQJXDJn1AAoJEIXCXpWhbrlN+bQIAIOnYqJoal1qjNTTzEFjBbiA
dj4Yc2LXFNE9ClnOSOsr11TE3B/Bcu8oOAaUhqcxJLW3g/7GCySMLcBL3QH67mPe
L/LP5lQCbqK7S+tKbl14bjpFKD7wwZ31LdaupgnhrLPv5qKG3Obv4yy2mtbLTfOr
P9UHz+oyjLD771ASLI+kPtCFxXKJsrtGpc09vSSc1mKiYTz4LJXysah5ntLNC77W
dAy9xLShwNg7IKMuIa8ZhrFN7y/0BuuSbt6CGpv12e18ofJzz5h20LAyzaEx1dVP
VU8wPhPvgCKVWW10Rei9UuI0k5+gLYutnavnY1sarR0Ma6hUVCy/oDVA4KnsGjw=
=I5Gk
-----END PGP SIGNATURE-----