You can view the list of trusted CAs in the device settings. Search for Trusted credentials in the settings search bar, or navigate to it manually. The exact path depends on the device. For example, in Pixel phones it's Security & privacy More security settings Encryption & credentials

https://support.google.com/pixelphone/answer/2844832?hl=en

Another thing you can do is try to connect to the API from a web browser in the device. If it works, it means the problem should be inside the app you are developing.