What in Blockcerts at this moment do you consider third-party and especially centralized services?
The main centralized point is the issuer profile which is usually but not forcibly hosted on a DNS host, which then points to the revocation list.
An issuer can use a DID though and with a proper decentralized method achieve a higher score of decentralization. Any DID that is currently resolved by the universal DID resolver is supported in Blockcerts.
As for revocation lists, Blockcerts follows the bitstring status list v1 spec which is an official w3c recommendation. I haven’t explored all the solutions but I think it would be possible to host the list in a decentralized manner, but again I’m not at this point aware of a solution that does that.
Blockcerts also relies on third party blockchain explorers by default as it is otherwise costly (from a manpower and infrastructure perspective) to maintain your own node and transaction resolver, but an implementer may specify their own explorer.
verifying a certificate manually, especially when presenting to institutions or employers unfamiliar with blockchain tech:
I’m not sure what you mean to say with “manually” as we rely on multiple levels of cryptographic solutions to ensure the data is not tampered with. Cert-verifier-js does the verification as needed and the steps mostly ensure that the data verified is the same as the data issued (through jsonld normalization and hash comparison), that the hash that was stored on the blockchain is the same as the local hash generated during verification, that the keys belong to the issuer, that those have not been revoked, and that the credential is still valid and not suspended nor revoked, as well as a few other normative checks.
how do you handle explaining the concept of cryptographic proofs and blockchain verification to non-technical stakeholders in a way that builds trust
I have worked in this field for the past 7 years and I’m not sure I can still explain it in a way that builds trust 
. Joking aside, it’s math and technologies used to manage and secure trillions of USD worth of money and that we apply those to W3C standards to secure data.
Any insights, examples, or resources would be really appreciated
This might take you a while, but explore the work of the DIF, the CCG, IPFS, SOLID, Blockchain whitepapers, and so on and so forth.
As for Blockcerts itself, you can take a look at the tests of cert-verifier-js and cert-issuer.
I’m sorry there is no easy way to learn this quickly.