Heterogeneous integration (HI) of chiplets provides benefits of diverse functionality, high performance with compact packaging. These chiplets can be assembled and interconnected on a packaging substrate to build a system-in-package (SiP) by a supply chain entity called SiP designer / OEM. Furthermore, the involvement of an overseas pure-play untrusted foundry and various chiplet suppliers may cause an increased number of potentially untrusted chiplets in the supply chain. These foundries have complete access to the GDSII layout and test vectors. As a result, an adversarial foundry can perform malicious changes (hardware Trojans) in chiplets, exposing respective SiP to security attacks. For a secure heterogeneous integration, all chiplets need trust validation by the SiP designer. The trust validation of these chiplets can be challenging as SiP designers do not have access to proprietary information such as chiplet layout and test vectors. This paper proposes a physical inspection-based semiconductor certification authority (SeCA) for trust validation of chiplets. SeCA will perform the trust validation of chiplets by getting minimal information from the chiplet design house or OEM. The chiplet design house will facilitate trust validation by sharing the image of the active region of transistors from the chiplet layout. This minimal information protects the chiplet design house from IP theft, and it will be used to compare with the backside SEM image of chiplets shared by SiP designers to detect any malicious change. We have validated our proposed approach using an active layer layout image and corresponding SEM image of an IC and demonstrated malicious change detection in various scenarios.