Root certificate

A root certificate is a public key certificate that identifies a root certificate authority.
Root certificates are self-signed.

The digital certificate chain of trust starts with a self-signed certificate, called a root certificate, trust anchor, or trust root.
A certificate authority self-signs a root certificate to be able to sign other certificates.

In the X.509 system, there are 2 types of certificates:

  1. a CA certificate.
  2. an end-entity certificate.

A CA certificate can issue other certificates.
The top level, self-signed CA certificate is sometimes called the Root CA certificate.
Other CA certificates are called intermediate CA or subordinate CA certificates.