Julian Noble pointed out that capath is indeed working fine on Windows

.IP "--capath <CA certificate directory>"

(HTTPS) Tells curl to use the specified certificate directory to verify the

peer. The certificates must be in PEM format, and the directory must have been

processed using the c_rehash utility supplied with openssl. Certificate directories

are not supported under Windows (because c_rehash uses symbolink links to

create them). Using --capath can allow curl to make https connections much

more efficiently than using --cacert if the --cacert file contains many CA certificates.

processed using the c_rehash utility supplied with openssl. Using --capath can

allow curl to make https connections much more efficiently than using --cacert

if the --cacert file contains many CA certificates.

If this option is used several times, the last one will be used.

.IP "-f/--fail"

  puts("    --engine <eng>  Specifies the crypto engine to use (HTTPS)\n"

       "    --cacert <file> CA certifciate to verify peer against (SSL)\n"

       "    --capath <directory> CA directory (made using c_rehash) to verify\n"

       "                    peer against (SSL, NOT Windows)\n"

       "                    peer against (SSL)\n"

       "    --ciphers <list> What SSL ciphers to use (SSL)\n"

       "    --compressed    Request a compressed response (using deflate).");

  puts("    --connect-timeout <seconds> Maximum time allowed for connection\n"