Bug #95155 for App-MusicTools: Invalid signature

cpansign -v Executing gpg --verify --batch --no-tty --keyserver=hkp://pool.sks-keyservers.net:11371 --keyserver-options=auto-key-retrieve SIGNATURE gpg: Signature made Tue 08 Apr 2014 11:19:54 PM CEST using RSA key ID B04EE094 gpg: Good signature from "Jeremy Mates <jmates@cpan.org>" gpg: aka "Jeremy Mates <jeremy.mates@gmail.com>" gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: F285 7A01 1CB6 4476 938A 0FC4 34C4 556A B04E E094 --- SIGNATURE Tue Apr 8 23:19:58 2014 +++ (current) Tue Apr 29 03:44:10 2014 @@ -1,6 +1,8 @@ SHA1 5af545c218bf29dd2f3c9202e292c2116254d035 Changes SHA1 846252ea9428ead5a9f387bcd843958f5759609c LICENSE -SHA1 ba4997e01dfb0d06af2ea19b522e897ee345fe6e MANIFEST +SHA1 743bfbc9814faa5e54880ab84741410241df1641 MANIFEST +SHA1 ccc523b26c85c9c1f3be7a536ba84f553e76c9ee META.json +SHA1 d6ca194d4c5d41beada8665551924eb152eeaec6 META.yml SHA1 41a374089ecff734a6fccd3b202bdaaa51a5a762 Makefile.PL SHA1 170894ba424238d52a4a657e3f04f0f2118fd934 README SHA1 9ac889d9c038a1f60967d1f213cabd9defcf4ec3 atonal-util ==> MISMATCHED content between SIGNATURE and distribution files! <==