-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1,SHA512

OpenPGP Key Transition Statement for RabbitMQ Release Signing Key

We have created a new OpenPGP key and will be transitioning away from
the old key. The old key has not been compromised and will continue
to be valid for some time, but we will sign release artifacts and
repositories with the new key going forward.

We would like this new key to be re-integrated into the web of trust.
This message is signed by both keys to certify the transition.  The new
and old keys are signed by each other.

The old key, which we are transitioning away from, is:

pub   dsa1024/0xF7B8CEA6056E8E56 2007-07-06 [SC]
      Key fingerprint = F783 72A0 6FF5 0C80 464F  C1B4 F7B8 CEA6 056E 8E56
uid                              RabbitMQ Release Signing Key <info@rabbitmq.com>

The new key, to which we are transitioning, is:

pub   rsa4096/0x6B73A36E6026DFCA 2016-05-17 [SC]
      Key fingerprint = 0A9A F211 5F46 87BD 2980  3A20 6B73 A36E 6026 DFCA
uid                              RabbitMQ Release Signing Key <info@rabbitmq.com>

The entire key may be downloaded from: https://www.rabbitmq.com/rabbitmq-release-signing-key.asc

To fetch the full new key from a public key server using GnuPG, run:

  gpg --recv-key 0x6B73A36E6026DFCA

If you already know my old key, you can now verify that the new key is
signed by the old one:

  gpg --check-sigs 0x6B73A36E6026DFCA

If you'd like any further verification or have any questions about the
transition please contact us directly.

To verify the integrity of this statement:

  wget -q -O- https://www.rabbitmq.com/key-transition-0xF7B8CEA6056E8E56.txt | gpg --verify

The RabbitMQ Team
-----BEGIN PGP SIGNATURE-----

iEYEARECAAYFAlc8IjwACgkQ97jOpgVujlYL3QCfdO0C4R3iSDn+cmmff3xpEmWj
9JcAnRP15QAkjlOeIBRDRM+1rqLGbAMniQIcBAEBCgAGBQJXPCI8AAoJEGtzo25g
Jt/KtgUQALCNCCSnCX5A3jvtQl1iN9QegfSB7wXBkyWzc7wBwknzGCV+29P/y8rr
e8i4nBm+Kdkq55UDkFcX+kPBe+m+H/Xb53fWcoMatUb82C0YEmnJ8C1zXDcHvlVH
eSVRouWY6qa5GPcTIiGnsM5lTTYuo6BQUU7U1DbrGcpK9pi557a4mX+5aE05/hqR
w8LzMv+jhdY0/enaeQ9oqvfIP32WEVhHlzCNU5XDK0z2uOXtNoAK8AOtHufD+JaX
1DS1mHSr+l1LRkH346rW9fa5EaS6qqT1QNkjMwYDsrSiT3Z4/rIaDArPJf4SEL9R
1DGizxVN/I5VY+v+DH0fv07P4+W6mJQEPRmia2NYgHfU39QtiQYi0UW8Ep8yNpEQ
Pq+cjj1pKY9hWAkAQkRrxqM3k6h2OJEW2u9WIxuB6SaZDB1b6VZK1vQcFyybNqTx
zBHr6A+bROU6GvzO+klTrrsqnEYMZavzhzO9nupoRdfJ3+bHJASWwQDgEgNAlI6h
Yni/tbq8gcEGr6ym6cIOPz7Gwqxfpwfw0UMBfEzaZMbZkeJ6ZOzf7OIPhADtJ1S+
ilHqXw1v5uTFdBDb2P6rBkJHkQICGULoW1mbjheG/l2nBz7gRPlq6eeohW7XjJYk
645b/NuitFjWIKnnNO3YH6da92pLddzEuZOh9rdCpam/G9Uxyadk
=GeDx
-----END PGP SIGNATURE-----