[B<-CAserial filename>]
[B<-force_pubkey key>]
[B<-text>]
+[B<-ext extensions>]
[B<-certopt option>]
[B<-C>]
[B<-[digest]>]
public key, signature algorithms, issuer and subject names, serial number
any extensions present and any trust settings.
+=item B<-ext extensions>
+
+Prints out the certificate extensions in text form. Extensions are specified
+with a comma separated string, e.g., "subjectAltName,subjectKeyIdentifier".
+See the L<x509v3_config(5)> manual page for the extension names.
+
=item B<-certopt option>
Customise the output format used with B<-text>. The B<option> argument
openssl x509 -in cert.pem -noout -text
+Display the "Subject Alternative Name" extension of a certificate:
+
+ openssl x509 -in cert.pem -noout -ext subjectAltName
+
+Display the more extensions of a certificate:
+
+ openssl x509 -in cert.pem -noout -ext subjectAltName,nsCertType
+
Display the certificate serial number:
openssl x509 -in cert.pem -noout -serial