Which entity issues digital certificates as a trusted authority?

In public-key infrastructure, the Certificate Authority is the trusted entity that issues and signs digital certificates, binding a subject’s identity to a public key. The CA’s signature on a certificate vouches for that binding, and devices trust the CA because the CA’s root certificate is distributed and trusted by browsers and operating systems. The Registration Authority verifies identities but does not issue certificates itself; it passes validated requests to the CA. A Certificate Revocation List is simply a list of certificates that have been revoked and is used to check whether a certificate should no longer be trusted. A hierarchical trust model describes how trust is arranged across multiple CAs in a chain, not an entity that issues certificates.