You should be able to do it, as long as you can write or find a config plugin to make the changes that need to be made to the native projects.
The approach I would use is something like this:
Figure out what you would need to do in a plain React Native app
Create a new Expo app, install an SSL pinning library (e.g. react-native-ssl-pidding) and run npx expo prebuild to generate the native Android and iOS projects
Make the changes manually. Commit these changes to Git
Then figure out how to write a config plugin to make the same changes
Run npx expo prebuild --clean to regenerate the native projects with the config plugin’s changes applied
Use git diff to check for differences between the manual changes and the changes made by the config plugin
After you have the config plugin working in the above app, you can copy it to your real app. No need to run npx expo prebuild in the real app. It is run automatically on the server during the build process.
When writing the config plugin, try as far as possible to avoid “dangerous” mods. Also, check the expo/expo, expo/expo-cli, expo/config-plugins repositories for examples.