https://tls-observatory.services.mozilla.com/static/certsplainer.html has a table called "Trust Stores" that is shown for root certificates. Unfortunately, that table is displaying incorrect results, because the TLS Observatory has stale data about which root stores include each root certificate.
Kathleen reports in https://bugzilla.mozilla.org/show_bug.cgi?id=1859889
https://tls-observatory.services.mozilla.com/static/certsplainer.html has a table called "Trust Stores" that is shown for root certificates. Unfortunately, that table is displaying incorrect results, because the TLS Observatory has stale data about which root stores include each root certificate.
For accurate data, people should refer to https://www.ccadb.org/resources or directly to the root store operator web pages.
Please either update https://tls-observatory.services.mozilla.com/static/certsplainer.html to not ever display the "Trust Stores" table, or take down the web page.
Note that we will soon have a replacement for this web page that does not depend on the TLS Observatory: Bug #1817331
Examples:
https://tls-observatory.services.mozilla.com/static/certsplainer.html?id=842653 Shows that the root certificate is only included in the Microsoft and Mozilla root stores. However, this root is also included in Apple's, Google's, and Ubuntu's root stores.
https://tls-observatory.services.mozilla.com/static/certsplainer.html?id=188395466 Shows that the root certificate is not included in any root store. But actually it is included in all of the browser root stores.
https://tls-observatory.services.mozilla.com/static/certsplainer.html?id=79 Shows that the root certificate is included in most root stores, when it actually has been removed from most of them.
https://tls-observatory.services.mozilla.com/static/certsplainer.html?id=24 Shows that the root certificate is included in most root stores, when it actually has been removed from all of them.