Extract the PKCS#7 object:
$ openssl smime -verify -in file.msg -noverify -pk7out > file.pk7
Dump the certificates in that file
openssl pkcs7 -print_certs -in file.pk7 > file.pem
Open the file in your favorite text editor and seperate out each certificate individually in to it's own file and import:
For each CA certificate that you want to trust:
smime_keys add_root file.pem
Note: You do not need to trust all intermediate CAs. You can simply trust the end-user certificate.
For the subject certificate that you want to add:
smime_keys add_cert file.pem
rpm2cpio ./packagecloud-test-1.1-1.x86_64.rpm | cpio -idmv
An RPM package is simply a header structure on top of a CPIO archive. The package itself is comprised of four sections: a header with a leading identifier (magic number) that identifies the file as an RPM package, a signature to verify the integrity of the package, the header or ‘tagged’ data containing package information, version numbers, and copyright messaging, and the archive containing the actual program files.
In the example above, we use cpio with the -i flag to extract the files from the archive, -d to create the leading directories where needed, and -m to preserve the file modification times when creating files. The -v flag (verbose) is to list the files processed for the sake of this example.