OpenSSL: SHA256 hash of public key needed for Androids SSL Pinning is not 32 bytes long

Question

I want to include SSL Pinning into my Android App, as it is described here: https://developer.android.com/training/articles/security-config#CertificatePinning

The first step is pretty clear: I added the section to my networtk_security_config.xml file.

<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
    <domain-config>
        <domain includeSubdomains="true">example.com</domain>
        <pin-set>
            <pin digest="SHA-256">Ez8/eT99MT8/P3lKaVguP1B+PzU/Pz8/Pz95UWtGRyYNCg==</pin>
        </pin-set>
    </domain-config>
</network-security-config>

But I am struggling to create a correct hash of the public key of my certificate: my result from openssl dgst command is always to long (34 byte instead of 32). I am using openssl on Win10 with Powershell. The error stays the same, if I use a pem file as the input instead. What I did:

openssl x509 -inform der -in my-cert.der -pubkey -noout |
openssl rsa -pubin -outform der |
openssl dgst -sha256 -binary |
openssl enc -base64

So basically the command is doing following:

1. Ouput the public key (rsa) from my-cert.der
2. Convert the key to der
3. Create sha256 hash and output as binary
4. Encode the result to base64

But Android Studio warns me:

Decoded digest length 34 does not match expected length for SHA-256 > of 32

Did I miss something? Or where could the error lie?

Infos about my certificate:

Certificate:
    Data:
        Version: 3 (0x2)
        ...
    Signature Algorithm: sha256WithRSAEncryption
        ...
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:bb:37:cd:34:dc:7b:6b:c9:b2:68:90:ad:4a:75:
                    ff:46:ba:21:0a:08:8d:f5:19:54:c9:fb:88:db:f3:
                    ae:f2:3a:89:91:3c:7a:e6:ab:06:1a:6b:cf:ac:2d:
                    e8:5e:09:24:44:ba:62:9a:7e:d6:a3:a8:7e:e0:54:
                    75:20:05:ac:50:b7:9c:63:1a:6c:30:dc:da:1f:19:
                    b1:d7:1e:de:fd:d7:e0:cb:94:83:37:ae:ec:1f:43:
                    4e:dd:7b:2c:d2:bd:2e:a5:2f:e4:a9:b8:ad:3a:d4:
                    99:a4:b6:25:e9:9b:6b:00:60:92:60:ff:4f:21:49:
                    18:f7:67:90:ab:61:06:9c:8f:f2:ba:e9:b4:e9:92:
                    32:6b:b5:f3:57:e8:5d:1b:cd:8c:1d:ab:95:04:95:
                    49:f3:35:2d:96:e3:49:6d:dd:77:e3:fb:49:4b:b4:
                    ac:55:07:a9:8f:95:b3:b4:23:bb:4c:6d:45:f0:f6:
                    a9:b2:95:30:b4:fd:4c:55:8c:27:4a:57:14:7c:82:
                    9d:cd:73:92:d3:16:4a:06:0c:8c:50:d1:8f:1e:09:
                    be:17:a1:e6:21:ca:fd:83:e5:10:bc:83:a5:0a:c4:
                    67:28:f6:73:14:14:3d:46:76:c3:87:14:89:21:34:
                    4d:af:0f:45:0c:a6:49:a1:ba:bb:9c:c5:b1:33:83:
                    29:85
                Exponent: 65537 (0x10001)

I appreciate any help or hint.