That’s correct - the root certificate currently used for cross-signing (as well as the ISRG root) is not included in the root certificate list BlackBerry ships with their devices. Someone mentioned asking BlackBerry about this a while ago, and they indicated that they’d look into adding the root certificate, but I haven’t seen anything more official or an ETA.