I have just published a small update to https://pkpassvalidator.com/
The signature now undergoes additional checks, to ensure that the WWDR certificate is used. This is one of the most problematic things for people using my https://github.com/tomasmcguinness/dotnet-passbook library.
Hopefully this small change will help.
Tomas McGuinness 