A trustpoint is a main component in IOS PKI. A defined trustpoint is a container that holds a certificate in IOS. Each single trustpoint has the ability to hold two certificates, a CA certificate & an identity certificate. Note that the main configuration blocks include your pki trustpoint, authenticating the CA, and enrolling for your identity certificate.
Your defined trustpoint is essentially your trust policy which defines several items, a few noted below:
Which CA certificate to reference
Which CA does the trustpoint enroll to
How IOS enrolls with the trustpoint
How a certificate is validated
Remember that loading/installing a CA certificate into a trustpoint container is the authenticating the CA process & loading or importing an identity certificate into a specific trustpoint is the enrollment process.
To recap: IOS PKI includes generating your respective keypair, defining the trustpoint, authenticating the trustpoint, & finally enrolling with the trustpoint. Cheers!