pkiutil verify -cer <cer>

Verifies a certificate.

pkiutil verify -cer <cer>  [-pubkey <pubkey> | -pubcert <pubcert> ]​

For example:

pkiutil verify -cer mycert.cer -pubkey pub.pem

See below for a description of each option.

-cer <cet>

Verify the <cer> certificate, where <cer> is the name of a file containing the certificate.

Mandatory: Yes.

-pubcert <pubcert>

Verify the signature against the public key of the <pubcert> certificate, where <pubcert> is the name of a file containing the certificate.

Mandatory: When omitting the -pubkey command.

-pubkey <pubkey>

Verify the signature against the <pubkey> public key, where <pubkey> is the name of a file containing the key.

Mandatory: When omitting the -pubcert command.