These ARNs may belong to ALBs created by regional API Gateway endpoints.
You cannot delete an ACM certificate that is being used by another AWS service. To delete a certificate that is in use, you must first remove the certificate association. This is done using the console or CLI for the associated service. Open the ACM console at https://console.aws.amazon.com/acm/
Similarly, defining a custom endpoint for your domain in Amazon ElasticSearch Service (Amazon ES) creates an Application Load Balancer. The Application Load Balancer is owned by the ElasticSearch service, not by your account. The ACM certificate provided with creating the custom endpoint is associated with the Application Load Balancer.
The below link will help you locate the certificate: https://aws.amazon.com/premiumsupport/knowledge-center/acm-certificate-resources/
Gathering details about the specific certificate might also be of use, and that can be done by following this link: https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-describe.html
Hope this helps. Thanks for reaching out.
Upon further research, the ARNs are Gateway API regional endpoints using AWS system accounts, for example: arn:aws:elasticloadbalancing:us-east-1:392220576650:loadbalancer/app/prod-iad-1-cdtls-1-2-626/b90fa9e7c54b1b67
My Gateway APIs in that region do NOT use this cert for custom domains.
How can I determine if these are references to deleted or extant APIs? The cert expires soon, so I want to avoid things breaking when it does.
If they do reference deleted APIs, how can I remove the cert?
Certificate used by Elastic Load Balancers in an unrecognized AWS account?Accepted Answerasked a month ago
Why does my ACM cert give associated resources in another account?Accepted Answerasked 10 months ago
SSL Certificate showing as not in useasked 4 months ago
Can't Delete Certificate because there are Dangling Load Balancer ResourcesAccepted Answerasked 9 months ago
Amazon Certificate Manager (ACM) certificate re-importAccepted Answerasked 4 years ago
ACM domain validation: Renewal for internal or non public Load-BalancersAccepted Answerasked 4 years ago
Unable to delete certificate - in use by an unknown accountasked 3 years ago
Associated resource owned by an unrecognized accountasked 2 years ago
AWS Certificate Manager(ssl certificate)asked 4 months ago
Tag Editor shows deleted load balancersasked 2 years ago