When dealing with signed certs the usual practise is to validate it with the private key. This command will allow you to verify the signed cert matches the private key generated during CSR (
Certficate Signing Request) request. Run the below command and make sure the stdin outpot string is same for both.
It needs both
.keyfile for verification
# openssl x509 -noout -modulus -in signed_cert.crt | openssl md5 && openssl rsa -noout -modulus -in private_ca_server_key.key | openssl md5