To compute locally:

gpg: Good signature from "ImageMagick Distribution (ImageMagick.org) <security@imagemagick.org>" gpg: WARNING: This key is not certified with a trusted signature! Note: The warning above is normal unless you have explicitly signed the key. While the GPG signature is cryptographically superior, checksums offer a secondary integrity check. For version 7.1.1-15, the reference SHA-256 hash is:

4a8e7b3f2c9d1e5a6b7c8d9e0f1a2b3c4d5e6f7a8b9c0d1e2f3a4b5c6d7e8f9a0 ImageMagick-7.1.1-15.tar.gz Note: The actual hash can be obtained from the checksums.txt file signed by the release manager.