After you download the media, use the MD5/SHA1 sum value to verify the integrity of the download. Always verify the SHA1 hash after you download an ISO, offline bundle, or patch to ensure the integrity and authenticity of the downloaded files. If you obtain physical media from VMware and the security seal is broken, return the software to VMware for a replacement.
SHA1 or MD5 hash should match.
The vRealize Operations Manager 6.x-x.pak files are signed by the VMware software publishing certificate. vRealize Operations Manager validates the signature of the PAK file before installation.