-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

For nm.debian.org, at 2023-08-27:
I have worked with Bo YU on Python packages and activity on debian-riscv
in the past year.

For this past work, Bo YU sent mails using the email address tsu.yubo@gmail.com
which is the one they're using on nm.debian.org, and they signed their work and
email using a GPG key with fingerprint 21C9 A18D 8553 9666 9BD2  D8E9 F915 4FDE 143E 4BAF.

I've made sure that they are able to decrypt encrypted messages sent to this key
and that they're able to sign messages with the same key.

Due to the long-term interactions we had, I'm convinced that Bo YU as they
present themselves on nm.debian.org is the rightful owner of both email
tsu.yubo@gmail.com and GPG key 21C9 A18D 8553 9666 9BD2  D8E9 F915 4FDE 143E 4BAF.
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEfncpR22H1vEdkazLwpPntGGCWs4FAmTraG0ACgkQwpPntGGC
Ws7/+g//ZPP5pApMq5HQHeDEU/bXd9gfIQAgwjF2aHOMDGn9spsQbuIvmAp155Le
XrGum7VRZIGuS/7s/pUzu6+icreuX+6+ux9TVL8qBCuRAlBV9ee8/EPeOuNAjX2n
anSpx1yIy/8sOLqqHjVpfbaaCnDfzpSZtdqpP7RA3MIIab5PoImcx3NYKMhpfb38
KlbetrpgpRjIyGpSAeizCbNmf2NoEmi+00+Uy1bkZi5XFAHukEsSnYVA+H1lYrIJ
n+ZJCatrj8K4zE/tPCPNcgdjhF9tWqoaDk6XNE16NZlBaJUytikvGdNBHuYZbWLD
ljJBqhE3utEJ+AB9ESNKXB7GDNSouEvHaU1yuS6Bv5c9dUN9QVaQ8okkc4lvOmVH
H7lDXGqOBUApQIh2fqv1Ouo5SAToRvJJ3GuxzrbTX4cMIPVx86rN7T7xsdWHsc6U
zfhgqNp2r0jAq/bSwvbQCNLpR5f3H/FF72ZL8KPDzJQtAAarXZsuCyfNIS2YCJCE
Ujj5RVV6UR5Z3BwzPBpwMge8gRVAVdG9gg1G+/Vti+qma8FeCt76h8op795Nzt2h
dmU6Bxs3sdMOs2ZbSyqsGWlXnS8biY/nzPOHToVqCw9zz49X6UJouoDmeWkwacj6
KjJVeFj7YmxDCepGSOZ74G5Fxjb5XkK0imaqbqJKLBbj6gyq2zM=
=kVk0
-----END PGP SIGNATURE-----