abbr. "
CA".
In the PKI world, and entiry which may sign a certificate.
An application will have a collection of trusted CA certificates. Before trusting the validity of an arbitary certificate, the application will check to see whether it has been signed by any of it's trusted CAs, or by a CA authorised to sign certificates by a trusted CA.
In essence, a Certificate Authority is an organisation which you as a user are expected to trust to only sign certificates after verifying the authenticity of the certificate with due diligence. Companies such as Verisign and Thwaite run commercial CAs.
This concept of trusting a central monolith (the original idea was that the United Nations would be the root CA for everyone, and everyone would hold their [infallibility to be self evident) is one way of managing certificates. If you find it difficult to trust large bodies, maybe the PGP Web of Trust model will be more appealing to you.