pki --verify - Verify a certificate using a CA certificate

       This sub-command of pki(1) verifies a certificate using an optional CA certificate.

       The  exit  status is 0 if the certificate was verified successfully, 1 if the certificate is untrusted, 2
       if the certificate's lifetimes are invalid, and 3 if the certificate was verified  successfully  but  the
       online revocation check indicated that it has been revoked.

       pki --verify - Verify a certificate using a CA certificate

-h,--help
              Print usage information with a summary of the available options.

       -v,--debuglevel
              Set debug level, default: 1.

       -+,--optionsfile
              Read command line options from file.

       -i,--infile
              X.509 certificate to verify. If not given it is read from STDIN.

       -c,--cacertfile
              CA  certificate  to use for trustchain verification. If not given the certificate is assumed to be
              self-signed. May optionally be a path to a directory from which CA certificates are loaded. Can be
              used multiple times.

       -l,--crlfile
              Local CRL to use for trustchain verification. May optionally be a path to a directory  from  which
              CRLs are loaded. Can be used multiple times.  Implies -o.

       -o,--online
              Enable online CRL/OCSP revocation checking.

pki(1)

5.9.13                                             2016-08-19                                    PKI--VERIFY(1)

pki--verify [--infile] [--cacertfile] [--crlfile] [--debuglevel] [--online]

       pki--verify--optionsfilepki--verify-h | --help