-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

For nm.debian.org, at 2023-08-30:
For the past year, I have worked with Bo YU on some python packages
as well as collaboration in debian-riscv mailing list.

For this past work, Bo YU sent mails using the email address tsu.yubo@gmail.com
which is the one they're using on nm.debian.org, and they signed their work and
email using a GPG key with fingerprint E252 1CB8 1757 36A9 7052  B2F8 954E 6A70 1005 98A2.

I've made sure that they are able to decrypt encrypted messages sent to this key
and that they're able to sign messages with the same key.

Due to the long-term interactions we had, I'm convinced that Bo YU as they
present themselves on nm.debian.org is the rightful owner of both email
tsu.yubo@gmail.com and GPG key E252 1CB8 1757 36A9 7052  B2F8 954E 6A70 1005 98A2.
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEfncpR22H1vEdkazLwpPntGGCWs4FAmTvgn0ACgkQwpPntGGC
Ws6rVA//VuucpF6J8gwyBPHbjdPg8qqPR8GDdJVE1fjfJiRqQeur3c/mxE9hzil/
DqZvKc+0V+1rkNGtJUeZy794YyKvwRpEp4YFXMeAAZoyRH16Nc2aXhybiSHoVRDH
v+05ZxOADKVPAgqLB6NgJ37ICNcMMYVEPaHwLesCOOrM9tfgHAfyLoGVnWN9KpkW
wB5Elgjo95+MQlsTRLceP/dzld1vSHx5Gn6lNqcVemQyP0+aT4pS6TTez4Xav1t7
PhyIqtf/ueoXfa/2p1Y5qJqVghoKifnBpoLB5LbNMLH5A+iEQojWkhdAeDZA0bUz
65WG+rWkdr5LwnRziIhXHq0WwJSI2skdLw+R56N+OMA5xishs+4e0wNOGOi91FIy
lMyXXQaVbqZGp5mCEGqvmq53GqvtNgyjAo/nJ2cJAvNlAhJ9LlC+CZT619IcznKV
NdjY/mxz7okqt0nIm9A46AUILPKCSP4ZeWf73ji5G9zGuZW1Khvytk9uqWiYOX3n
ETb87r2xfRTQLAl0130iHTT/crNbAefo60mPIdcR01GlP8NsLtXyRa2Kqbb1gLZb
GD1x6I1tb8wW9X0ElZc1COpFalol0Fybc5b07I08y6InIecKGAdxJs5Zg4LyRbZ5
uwfGVgM9k/kAi4kyDIfKP1MFwC0adKzPjGwEYC8wXf6OZsCd6C4=
=sN7m
-----END PGP SIGNATURE-----