OpenSSL

Request a ssl certificate from a host and check its validity againt the root CA's

echo Q | openssl s_client -connect technoid.nl:443 -servername technoid.nl -CAfile /etc/ca-certificates/extracted/ca-bundle.trust.crt -showcerts -verify 1