Let's Encrypts R3 certificate is an intermediate. It is not included in any trust stores. The certificates you have listed have nothing to do with Let's Encrypt. You should check that ISRG Root X1 is present in your bundle.
We are aware that Let's Encrypts default chain contains a cross-signed version of ISRG Root X1 that leads up to DST Root CA X3. This is intentional. This workaround ensures Android compatibility, because Android devices do not care about DST Root CA X3's expiry.
Devices that do care can build a chain up to ISRG Root X1, which is a) also a root and b) is part of the verification chain. You can easily build a chain up to ISRG Root X1, ignoring the expired root certificate. Most modern TLS implementations do this.
We're aware that there are broken TLS libraries (old OpenSSL, GnuTLS, LibreSSL, WolfSSL...) that can't do this. For these libraries, solutions are either:
- Patching the libraries to support better path building logics (usually this means simply upgrading them to recent versions)
- Applying workarounds, such as removing DST Root CA X3 from the trust stores.
Having ISRG Root X1 in the trust store is a requirement in any case, except for Android devices.
PS: I forgot to mention that it is possible to request a chain that does not include the final cross-sign up to DST Root CA X3 (instead terminating at ISRG Root X1). This is what Let's Encrypt calls the alternate chain. This chain is not compatible with Android < 7.1, but is compatible with aforementioned broken libraries.