How to get identity information from Hyperledger Fabric ca?

Question

I have deployed a CA and generated identities. I would like to be able to get information about identities that are registered with the CA. Specifically, given a certificate, I would like to verify that it is valid.

I've tried to get general identity information using fabric-ca-client using the following commands

$ fabric-ca-client --caname caname identity list
Error: Failed to get client TLS config: No trusted root certificates for TLS were provided

$ fabric-ca-client --caname caname --tls.certfiles ./artifacts/crypto/org/ca/caname-cert.pem identity list
Error: Failed to get client TLS config: Failed to read 'C:\Users\user\artifacts\artifacts/crypto/org/ca/caname-cert.pem': open C:\Users\user\artifacts/crypto/org/ca/caname-cert.pem: The system cannot find the path specified.

$ fabric-ca-client --caname caname --tls.certfiles /etc/hyperledger/fabric-ca-server/ca/caname-cert.pem identity list
Error: Failed to get client TLS config: Failed to read 'C:/Users/user/AppData/Local/Programs/Git/etc/hyperledger/fabric-ca-server/ca/caname-cert.pem': open C:/Users/user/AppData/Local/Programs/Git/etc/hyperledger/fabric-ca-server/ca/caname-cert.pem: The system cannot find the path specified.

$ winpty docker exec -ti 6e2d0d75cc38 fabric-ca-client --caname caname --tls.certfiles /etc/hyperledger/fabric-ca-server/ca/caname-cert.pem identity list
2023/09/13 23:13:29 [ERROR] Enrollment check failed: Idemix enrollment information does not exist
Error: Enrollment information does not exist. Please execute enroll command first. Example: fabric-ca-client enroll -u http://user:userpw@serverAddr:serverPort

My CA enrollment commands:

    fabric-ca-client enroll \
        -u https://${ADMIN_NAME}:${ADMIN_PWD}@${CA_ADDRESS} \
        --caname caname} \
        --tls.certfiles ./tlsca/tls-cert.pem

    fabric-ca-client enroll \
        -u https://${ADMIN_NAME}:${ADMIN_PWD}@${CA_ADDRESS} \
        --caname caname} \
        -M ./users/${ADMIN_NAME}@${ORG_NAME_FULL}/msp \
        --tls.certfiles ./tlsca/tls-cert.pem

    fabric-ca-client enroll \
        -u https://${ADMIN_NAME}:${ADMIN_PWD}@${CA_ADDRESS} \
        --caname caname \
        -M ./users/${ADMIN_NAME}@${ORG_NAME_FULL}/tls \
        --enrollment.profile tls \
        --csr.hosts ${ADMIN_NAME}@${ORG_NAME_FULL} \
        --csr.hosts localhost \
        --tls.certfiles ./tlsca/tls-cert.pem

I am using docker to run the CA and am binding artifacts/crypto/fabric-ca/org to /etc/hyperledger/fabric-ca-server in the container. I lack experience doing anything meaningful with fabric-ca, so would appreciate any help.

Update:

I got the fabric-ca-client identity list command to work, and it lists out all identities registered with the CA. Now I want to either get their certs, or, given a cert, validate it is from that CA.