diff --git a/.cspell.json b/.cspell.json
index e477ef83d393..484af2af58d7 100644
--- a/.cspell.json
+++ b/.cspell.json
@@ -40,6 +40,7 @@
     "dropright",
     "dropstart",
     "dropup",
+    "dgst",
     "errorf",
     "favicon",
     "favicons",
diff --git a/site/content/docs/5.3/getting-started/download.md b/site/content/docs/5.3/getting-started/download.md
index 9c20c6bb2296..39e0d866c60b 100644
--- a/site/content/docs/5.3/getting-started/download.md
+++ b/site/content/docs/5.3/getting-started/download.md
@@ -54,10 +54,15 @@ If you're using our compiled JavaScript and prefer to include Popper separately,
 
 We recommend [jsDelivr](https://www.jsdelivr.com/) and use it ourselves in our documentation. However, in some cases—like in some specific countries or environments—you may need to use other CDN providers like [cdnjs](https://cdnjs.com/) or [unpkg](https://unpkg.com/).
 
-You'll find the same files on these CDN providers, albeit with different URLs. When changing the URLs, you'll also need to update the `integrity` attribute. Tools like [SRI Hash Generator](https://www.srihash.org/) can help you generate the correct values.
-
 With cdnjs, you can [use this direct Bootstrap package link](https://cdnjs.com/libraries/bootstrap) to copy and paste ready-to-use HTML snippets for each dist file from any version of Bootstrap.
 
+You'll find the same files on these CDN providers, albeit with different URLs. **If the SRI hashes differ, you shouldn't use the files from that CDN, because it means that the file was modified by someone.**
+Note that you should compare same length hashes, e.g. sha384 with sha384, otherwise it's expected for them to be different. As such, you can use [SRI Hash Generator](https://www.srihash.org/) to make sure the hashes are the same for a given file. Alternatively, you can achieve the same from the CLI assuming you have OpenSSL installed, for example:
+
+```sh
+openssl dgst -sha384 -binary bootstrap.min.js | openssl base64 -A
+```
+
 ## Package managers
 
 Pull in Bootstrap's **source files** into nearly any project with some of the most popular package managers. No matter the package manager, Bootstrap will **require a [Sass compiler]({{< docsref "/getting-started/contribute#sass" >}}) and [Autoprefixer](https://github.com/postcss/autoprefixer)** for a setup that matches our official compiled versions.