In a hierarchical public key infrastructure (PKI), a certification authority (CA) who has certified the certificate signature key of another CA, and who constrains the activities of that CA. See subordinate certification authority.
Sources:
CNSSI 4009-2015