When a website uses HTTPS they have a certificate that proves who they are. Your device uses that certificate to encrypt your data so that only that service can decrypt it. The issue is that it's just a file and anyone can make one. So to determine whether I trust your certificate I need it to be cryptographically signed by someone I already trust. These are the certificate authorities.

If I was a certificate authority that your device trusts then I could create a certificate for any domain and your device would believe me. Meaning I could sit between you and any web service and have you encrypt things with my certificate in a way that lets me decrypt everything before forwarding it to the service and you would never know.

“A hero cannot be defeated simply by making him die”

Victorious Eagle Warfare by Gloryhammer

In this vein, you should try the food you are given before seasoning, adding salt, or covering it in sauce.

If you haven’t yet, you should make a post on !newcommunities@lemmy.world

It’s a progressive web app instead of a native app, but Voyager just recently added this! You can check it out here: https://vger.app

I read somewhere that it means your instance knows you are subscribed but the other instance hasn’t synced that info yet. AFAIK this shouldn’t affect functionality on your end.