The root certificate for https://storage.julialang.net (which https://us-east.pkg.julialang.org redirects to) is ISRG Root X2 and the root certificate for https://us-west.pkg.julialang.org (and https://us-east.pkg.julialang.org too) is ISRG Root X1. Is it possible that the former isn’t trusted (yet) by your system?
See https://letsencrypt.org/certificates/ for some more details. In particular they list a couple of test pages where you can verify the theory above. For example, https://valid-isrgrootx1.letsencrypt.org/ present a valid certificate signed by ISRG Root X1 and https://valid-isrgrootx2.letsencrypt.org/ a valid cert signed by ISRG Root X2.