Example about the verification suggested by slh, by using Openwrt to read the Netgear partition (mtd7 in Openwrt) and looking at the contents.
"Netgear" partition seems to be actually six UBI partitions combined:
OEM mtd14-mtd19
cert - pot.bak - traffic_meter - traffic_meter.bak - dongle - overlay_volume
root@OpenWrt:~# ubiattach -m 7
UBI device number 1, total 548 LEBs (69582848 bytes, 66.3 MiB), available 18 LEBs (2285568 bytes, 2.1 MiB), LEB size 126976 bytes (124.0 KiB)
root@OpenWrt:~# ubinfo /dev/ubi1
ubi1
Volumes count: 6
Logical eraseblock size: 126976 bytes, 124.0 KiB
Total amount of logical eraseblocks: 548 (69582848 bytes, 66.3 MiB)
Amount of available logical eraseblocks: 18 (2285568 bytes, 2.1 MiB)
Maximum count of volumes 128
Count of bad physical eraseblocks: 0
Count of reserved physical eraseblocks: 20
Current maximum erase counter value: 3
Minimum input/output unit size: 2048 bytes
Character device major/minor: 247:0
Present volumes: 0, 1, 2, 3, 4, 5
root@OpenWrt:~# ubinfo /dev/ubi1_0
Volume ID: 0 (on ubi1)
Type: dynamic
Alignment: 1
Size: 1 LEBs (126976 bytes, 124.0 KiB)
State: OK
Name: cert
Character device major/minor: 247:1
root@OpenWrt:~# ubinfo /dev/ubi1_1
Volume ID: 1 (on ubi1)
Type: dynamic
Alignment: 1
Size: 3 LEBs (380928 bytes, 372.0 KiB)
State: OK
Name: pot.bak
...
Looking at "cert", it seems to contain Netgear's signature certificates, likely used in some package downloads & verification:
root@OpenWrt:~# cat /dev/ubi1_0 | gunzip -c | head -n 50
ca.crt100777 0 0 2462 12636266402 5305 0-----BEGIN CERTIFICATE-----
MIIDqDCCAxGgAwIBAgIJALuUloChI3TzMA0GCSqGSIb3DQEBBQUAMIGVMQswCQYD
...
ggkAu5SWgKEjdPMwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQBUsuqr
tQaQsXgy/KYJpm5gvRNRyHYJ2RZdx6QoIHS6OLqShv16fNn5+YGUxeSVQeMRa2pB
zSFQy2aS2S7OoXCK8sCP12ArlRcaXLjBjKejxUubErnK7hmP+jZBiaC6uXaZpfhf
yxHU7Dws6eNz8wQcFQxAW6jpkNRUnPBN7ZyK7Q==
-----END CERTIFICATE-----
cert.info100777 0 0 17 12636266434 5761 04H515C5T00462
client.crt100777 0 0 7507 12636266434 6212 0Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: md5WithRSAEncryption
Issuer: C=TW, ST=TW, L=Taipei, O=netgear, OU=netgear, CN=netgear/name=changeme/emailAddress=mail@netgear.com
Validity
Not Before: Dec 22 15:32:42 2015 GMT
Not After : Dec 17 15:32:42 2035 GMT
Subject: C=TW, ST=TW, L=Taipei, O=netgear, OU=netgear, CN=netgear/name=changeme/emailAddress=mail@netgear.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (1024 bit)
Modulus:
00:b9:1c:28:21:80:e9:fc:a5:76:99:51:9b:a0:c9:
...
3e:84:79:13:c5:a7:fb:53:c4:0d:a2:c3:23:ad:98:
eb:6d:66:e1:d9:91:e6:32:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
If the OEM firmware re-generates that like claimed above, there should again be a valid-looking certificate after re-flashing and using OEM firmware, even if the flash area has been earlier written with garbage during Openwrt usage.
I have not tried to identify the contents/usage of the other partitions, but that "cert" partition should be easily verifiable, as it only needs a few commands. I did not even try to understand its actual format, a tar archive or what, as just these two simple commands show the core contents:
ubiattach -m 7
cat /dev/ubi1_0 | gunzip -c | head -n 50
EDIT:
there actually seems to be a manual command to regenerate those certs that are apparently used for OEM openvpn. Relevant OEM source can be found in https://github.com/paul-chambers/netgear-r7800/blob/eeac2e10190f6f45e32e4c7012c4babc351898d8/package/openvpn/files/openvpn.init
But I see no automatics to launch that regeneration in case of a fault.