contactretail.apple.com
- Apple Inc. -
Issued by Apple Public Server RSA CA 12 - G1
About this certificate
This digital certificate with serial number 45:25:ed:e6:46:b0:90:61:2a:bd:53:86:a9:ad:83:7d was issued on by Apple Inc..
With 4 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Apple Inc.
Organization:
Apple Inc.
State / Province:
California
Country: US
Country: US
Apple Inc.
Organization:
Apple Inc.
State / Province:
California
Country: US
Country: US
This certificate has expire since
Certificate Details
Serial Number (hex): 45:25:ed:e6:46:b0:90:61:2a:bd:53:86:a9:ad:83:7dSerial Number (int): 91913671868355831024240185019437253501
Serial Number lenght: 127 bits, 16 octets
SubjectKeyId: 9e:6b:0c:1d:9f:75:1f:59:ba:22:db:35:cf:6e:a2:eb:5e:d2:3d:dd
AuthorityKeyId: 1e:5c:17:91:05:57:02:fc:77:5c:e3:70:43:ec:6b:fd:dd:d2:d8:69
Fingerprint (sha1): 48:6f:fd:a1:02:1d:2d:ac:d9:3a:cf:bd:ef:ea:04:11:ce:fd:82:e8
Fingerprint (sha256): 00:cd:0d:e6:43:eb:c1:9d:9f:f6:74:63:19:df:53:69:18:a6:3a:c7:61:80:fc:e2:38:a0:55:99:70:63:e5:8a
Issuing Certificate URL: http://certs.apple.com/apsrsa12g1.der
Revocation information
OCSP Server: http://ocsp.apple.com/ocsp03-apsrsa12g101CRL Distribution Point: http://crl.apple.com/apsrsa12g1.crl
Check the revocation status for certificate contactretail.apple.com
4
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for contactretail.apple.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
contactretail-prn.apple.com
contactretail.apple.com.cn
contactretail-mdn.apple.com
contactretail.apple.com
contactretail.apple.com.cn
contactretail-mdn.apple.com
contactretail.apple.com
Other certificates including the domain name apple.com
(limited to 100 certificates)
itunes.apple.com
ja.ls.apple.com
origin-discussions2-us-dr-prz.apple.com
training.apple.com
reserves-prime.prz.apple.com
app001.apple.com
deployment-pv50.ls.apple.com
itunes.apple.com
reserve-prime.apple.com
gsp81-ssl-e1118.ls.apple.com
gsp102-ssl-e1502.ls.apple.com
api.searchads.apple.com
idmsa-uat.apple.com
webpay-sh-pilot.apple.com
mzstatic.com
store-029.blobstore.apple.com
beatsglobalquality-uat.corp.apple.com
rw.apple.com
stg-pod1-smp.corp.apple.com
gr-api-video-h-aapne1a.smoot.apple.com
web-ext-mmap-ce01.apple.com
usl-expe1405.apple.com
store-995.blobstore.apple.com
sapecc-prd-ext.sap.apple.com
swdlp.apple.com
gsx.apple.com
gsp-ssl-e1134.ls.apple.com
clx-dev.apple.com
noodle.apple.com
gsp11-ty21-dlb-2.ls.apple.com
mzuserxp.itunes.apple.com
gsp64-st14-ssl-dlb.ls.apple.com
gsp45-ssl-e1356.ls.apple.com
gsp12-st14-dlb-2.ls.apple.com
discussions-uat.apple.com
dc-portal.apple.com
supplier.apple.com
gsp48-kittyhawk-qs55-ssl.ls.apple.com
gsp81-ssl-e1502.ls.apple.com
gsp48-ssl-e691.ls.apple.com
mapsconnectapi.ls.apple.com
wdg01-uat.apple.com
wellnessclassic.apple.com
api-partner-connect-uat1.apple.com
people.apple.com
supplier-registration.apple.com
gsp60-ssl-e997.ls.apple.com
ssuat.apple.com
locate.apple.com
itunes.apple.com
suppliernet.apple.com
gsp79-am31-dlb.ls.apple.com
smp-device-qa3.apple.com
eurored3.apple.com
devcon-oomnshuttleist-test.apple.com
coreservices-e1506-ms11-bistunium-k8straefik.ls.apple.com
dinah05.corp.apple.com
gsp1-ssl.apple.com
gspe85-cn-ssl.ls.apple.com
vorpal-relay.apple.com
bswe.apple.com
cma.itunes.apple.com
gsp-ssl-apne1-ash.ls.apple.com
theloop-stage.apple.com
tokenvalidation.apple.com
linkmaker.itunes.apple.com
gsp70-ssl-e1633.ls.apple.com
gsp63-ms12-kittyhawk-ssl.ls.apple.com
gsp-ssl-sl61-ipv6.ls.apple.com
aws-onepulse.apple.com
gsp12-kh-st14-1.ls.apple.com
gsp59-ssl-e506.ls.apple.com
mr-apple-com2.apple.com
ocservice.apple.com
marketing.apple.com
ioss-callbackservices-qa3.apple.com
gsp19-kh-ms12.ls.apple.com
madeforipodandiphone.apple.com
gspe19-ssl.ls.apple.com
gsp19-1-kittyhawk-ci77-ssl.ls.apple.com
cs-integrations-stage.apple.com
gsp35-ty21-ssl.ls.apple.com
gbiportal-apps-external.apple.com
plmtest2.apple.com
gsp3-sy02-ssl.ls.apple.com
gspe35-ssl.ls.apple.com
gsp76-ty21-01.ls.apple.com
ne-access.apple.com
profilebroker.apple.com
axm-scim-qa12.apple.com
gsp95-hk02-stage-ssl.ls.apple.com
contactretail.apple.com
caffemacs-aa-prz.apple.com
bam.corp.apple.com
gsp45-ssl-e709.ls.apple.com
caffemacs-qa.apple.com
cls-webdata.education.icloud.com
gsp82-ssl-e1277.ls.apple.com
apple-pay-gateway-qa2.apple.com
gsp57-ci77-ssl.ls.apple.com
ja.ls.apple.com
origin-discussions2-us-dr-prz.apple.com
training.apple.com
reserves-prime.prz.apple.com
app001.apple.com
deployment-pv50.ls.apple.com
itunes.apple.com
reserve-prime.apple.com
gsp81-ssl-e1118.ls.apple.com
gsp102-ssl-e1502.ls.apple.com
api.searchads.apple.com
idmsa-uat.apple.com
webpay-sh-pilot.apple.com
mzstatic.com
store-029.blobstore.apple.com
beatsglobalquality-uat.corp.apple.com
rw.apple.com
stg-pod1-smp.corp.apple.com
gr-api-video-h-aapne1a.smoot.apple.com
web-ext-mmap-ce01.apple.com
usl-expe1405.apple.com
store-995.blobstore.apple.com
sapecc-prd-ext.sap.apple.com
swdlp.apple.com
gsx.apple.com
gsp-ssl-e1134.ls.apple.com
clx-dev.apple.com
noodle.apple.com
gsp11-ty21-dlb-2.ls.apple.com
mzuserxp.itunes.apple.com
gsp64-st14-ssl-dlb.ls.apple.com
gsp45-ssl-e1356.ls.apple.com
gsp12-st14-dlb-2.ls.apple.com
discussions-uat.apple.com
dc-portal.apple.com
supplier.apple.com
gsp48-kittyhawk-qs55-ssl.ls.apple.com
gsp81-ssl-e1502.ls.apple.com
gsp48-ssl-e691.ls.apple.com
mapsconnectapi.ls.apple.com
wdg01-uat.apple.com
wellnessclassic.apple.com
api-partner-connect-uat1.apple.com
people.apple.com
supplier-registration.apple.com
gsp60-ssl-e997.ls.apple.com
ssuat.apple.com
locate.apple.com
itunes.apple.com
suppliernet.apple.com
gsp79-am31-dlb.ls.apple.com
smp-device-qa3.apple.com
eurored3.apple.com
devcon-oomnshuttleist-test.apple.com
coreservices-e1506-ms11-bistunium-k8straefik.ls.apple.com
dinah05.corp.apple.com
gsp1-ssl.apple.com
gspe85-cn-ssl.ls.apple.com
vorpal-relay.apple.com
bswe.apple.com
cma.itunes.apple.com
gsp-ssl-apne1-ash.ls.apple.com
theloop-stage.apple.com
tokenvalidation.apple.com
linkmaker.itunes.apple.com
gsp70-ssl-e1633.ls.apple.com
gsp63-ms12-kittyhawk-ssl.ls.apple.com
gsp-ssl-sl61-ipv6.ls.apple.com
aws-onepulse.apple.com
gsp12-kh-st14-1.ls.apple.com
gsp59-ssl-e506.ls.apple.com
mr-apple-com2.apple.com
ocservice.apple.com
marketing.apple.com
ioss-callbackservices-qa3.apple.com
gsp19-kh-ms12.ls.apple.com
madeforipodandiphone.apple.com
gspe19-ssl.ls.apple.com
gsp19-1-kittyhawk-ci77-ssl.ls.apple.com
cs-integrations-stage.apple.com
gsp35-ty21-ssl.ls.apple.com
gbiportal-apps-external.apple.com
plmtest2.apple.com
gsp3-sy02-ssl.ls.apple.com
gspe35-ssl.ls.apple.com
gsp76-ty21-01.ls.apple.com
ne-access.apple.com
profilebroker.apple.com
axm-scim-qa12.apple.com
gsp95-hk02-stage-ssl.ls.apple.com
contactretail.apple.com
caffemacs-aa-prz.apple.com
bam.corp.apple.com
gsp45-ssl-e709.ls.apple.com
caffemacs-qa.apple.com
cls-webdata.education.icloud.com
gsp82-ssl-e1277.ls.apple.com
apple-pay-gateway-qa2.apple.com
gsp57-ci77-ssl.ls.apple.com
Certificate
The complete raw certificate details for contactretail.apple.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHRzCCBi+gAwIBAgIQRSXt5kawkGEqvVOGqa2DfTANBgkqhkiG9w0BAQsFADBk MSswKQYDVQQDEyJBcHBsZSBQdWJsaWMgU2VydmVyIFJTQSBDQSAxMiAtIEcxMRMw EQYDVQQKEwpBcHBsZSBJbmMuMRMwEQYDVQQIEwpDYWxpZm9ybmlhMQswCQYDVQQG EwJVUzAeFw0yMzExMDkyMDUxMDhaFw0yNDAyMDcyMTAxMDdaMFkxCzAJBgNVBAYT AlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRMwEQYDVQQKDApBcHBsZSBJbmMuMSAw HgYDVQQDDBdjb250YWN0cmV0YWlsLmFwcGxlLmNvbTCCASIwDQYJKoZIhvcNAQEB BQADggEPADCCAQoCggEBAIYgThFhBFUTdL8BFm/xrw2w5qIeMKdvslF1nJP0frL0 6Owj9+qgrzQYMmFJpKOEryjxr+v6pfaexyy5DkpM/sGy2xQ6qUvHPLADhSrQ1Jws KNCTauAEXcCAJ8yE8PqHY4vL64Iuc0q/mk5axJYT1/lFVF2rlvIJkQQ3N9dvonmY XLTY/L0IG/2/kbJPEAtuWBUM4QuZy5ToyvsAaPawEwz8vsOQzgRW47CwAxBRdHlc cCymF8iPjGpXaXQ/ZwD5rupLciPm8V/8q01iMYhPEq8G+CktyXTbfWtCrLKvbMX2 QYykrbEmgySiwpivntg5g2OeF2uB4i1Sf/Hh+8d0+v8CAwEAAaOCA/4wggP6MAwG A1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAUHlwXkQVXAvx3XONwQ+xr/d3S2GkweAYI KwYBBQUHAQEEbDBqMDEGCCsGAQUFBzAChiVodHRwOi8vY2VydHMuYXBwbGUuY29t L2Fwc3JzYTEyZzEuZGVyMDUGCCsGAQUFBzABhilodHRwOi8vb2NzcC5hcHBsZS5j b20vb2NzcDAzLWFwc3JzYTEyZzEwMTB4BgNVHREEcTBvghtjb250YWN0cmV0YWls LXBybi5hcHBsZS5jb22CGmNvbnRhY3RyZXRhaWwuYXBwbGUuY29tLmNughtjb250 YWN0cmV0YWlsLW1kbi5hcHBsZS5jb22CF2NvbnRhY3RyZXRhaWwuYXBwbGUuY29t MGIGA1UdIARbMFkwSQYGZ4EMAQICMD8wPQYIKwYBBQUHAgEWMWh0dHBzOi8vd3d3 LmFwcGxlLmNvbS9jZXJ0aWZpY2F0ZWF1dGhvcml0eS9wdWJsaWMwDAYKKoZIhvdj ZAULBDATBgNVHSUEDDAKBggrBgEFBQcDATA0BgNVHR8ELTArMCmgJ6AlhiNodHRw Oi8vY3JsLmFwcGxlLmNvbS9hcHNyc2ExMmcxLmNybDAdBgNVHQ4EFgQUnmsMHZ91 H1m6Its1z26i617SPd0wDgYDVR0PAQH/BAQDAgWgMIIB9QYKKwYBBAHWeQIEAgSC AeUEggHhAd8AdgA7U3d1Pi25gE6LMFsG/kA7Z9hPw/THvQANLXJv4frUFwAAAYu1 44UbAAAEAwBHMEUCIDTEKBuHm5ELzHyNa7dLH6I+vGmyVJxCJ2ja7Ii8k6giAiEA u1QXSYWS8ura4t2IHa9Bn3MSo1NtT0v13SzEEFqypVoAdQBIsONr2qZHNA/lagL6 nTDrHFIBy1bdLIHZu7+rOdiEcwAAAYu144UIAAAEAwBGMEQCID1tIfttjWvS9DU2 TVNmXFu2jQVfjCdKVQzezgeNVi0bAiAZrpUumfCrNQh33D/8nR4YP/KxycrCZkg6 b8J2wJwezgB1AHb/iD8KtvuVUcJhzPWHujS0pM27KdxoQgqf5mdMWjp0AAABi7Xj hVMAAAQDAEYwRAIgDg+vLHNkXOe2NP1VP1vahDrr3ILEyY1xgPDJJ4YdZB0CIBWp L8ffvO7xy5fPqcj3xzRXMKG8jkFwPnKc9p2IeIy+AHcA7s3QZNXbGs7FXLedtM0T ojKHRny87N7DUUhZRnEftZsAAAGLteOFDwAABAMASDBGAiEAtIKfM6oSPLGibEbO i2BwVh+s+6hDdvqxLXySEozhICACIQCcpDVUuQNxy5W5cCu8Ga0SPl1eFAlXIu7m QpFdiGJhRzANBgkqhkiG9w0BAQsFAAOCAQEAjAxnj1cq51A7EahoqmxXM+XZDLIM eg1LdgDoRE0j9GI4WhdOu1d7eGHuBVZPLGiBGyk+p5vKhQAGsjHuKvqtB/1HIF5Q vEE8WMysHAobAtwCQamOjNb5yYKcX3HFhch9iK0gC3h+a50ZFsgaR8dle85JO7eW R6LZ6U04Z7PWdD6tIxth+1qgQjcuq8ObgltC1aFjFCqpk6WWwki8234zti2BsJLI 1087ejbejDP4lzQcKbx8hzInDqFD1p69iBM+LbJ+hCMJueRxEKGn100EBVUwrcCM b16SgnEGMKR/HI6E0H2P3VCvoMOa/B4rwrqotnAiT6CwpvtQcjCX314s7w== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhiBOEWEEVRN0vwEWb/Gv DbDmoh4wp2+yUXWck/R+svTo7CP36qCvNBgyYUmko4SvKPGv6/ql9p7HLLkOSkz+ wbLbFDqpS8c8sAOFKtDUnCwo0JNq4ARdwIAnzITw+odji8vrgi5zSr+aTlrElhPX +UVUXauW8gmRBDc312+ieZhctNj8vQgb/b+Rsk8QC25YFQzhC5nLlOjK+wBo9rAT DPy+w5DOBFbjsLADEFF0eVxwLKYXyI+MaldpdD9nAPmu6ktyI+bxX/yrTWIxiE8S rwb4KS3JdNt9a0Kssq9sxfZBjKStsSaDJKLCmK+e2DmDY54Xa4HiLVJ/8eH7x3T6 /wIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 91913671868355831024240185019437253501 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Apple Public Server RSA CA 12 - G1' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Apple Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'California' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-09 20:51:08 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-07 21:01:07 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'California' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Apple Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'contactretail.apple.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 16931863031344799380995508217723341477893246577847939418061386275486906992059483158344344276746183089970247610901981286531882401303693628415503246481485105761476879678893352495031697797937747649182584728755854371789411050646882925848685029918300164285060254196624331575768747785896005865426191946566853905096630685154081494216163065270462801433404057427104222079592403034468903343638230967347878142740428144654369598693030196439583148825429605543150314370760083277794168745097131749514481635928288693614838650194166921420959899276442105363594613448906855518018949145934054685774328272604895928108606907664534955424511 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 1e5c1791055702fc775ce37043ec6bfdddd2d869 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (108 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://certs.apple.com/apsrsa12g1.der' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.apple.com/ocsp03-apsrsa12g101' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (113 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'contactretail-prn.apple.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'contactretail.apple.com.cn' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'contactretail-mdn.apple.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'contactretail.apple.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (91 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.apple.com/certificateauthority/public' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113635.100.5.11.4 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (45 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.apple.com/apsrsa12g1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 9e6b0c1d9f751f59ba22db35cf6ea2eb5ed23ddd . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (485 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (481 bytes) 01df0076003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018bb5e3851b0000040300473045022034c4281b879b910bcc7c8d6bb74b1fa23ebc69b2549c422768daec88bc93a822022100bb5417498592f2eadae2dd881daf419f7312a3536d4f4bf5dd2cc4105ab2a55a00750048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018bb5e38508000004030046304402203d6d21fb6d8d6bd2f435364d53665c5bb68d055f8c274a550cdece078d562d1b022019ae952e99f0ab350877dc3ffc9d1e183ff2b1c9cac266483a6fc276c09c1ece00750076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018bb5e38553000004030046304402200e0faf2c73645ce7b634fd553f5bda843aebdc82c4c98d7180f0c927861d641d022015a92fc7dfbceef1cb97cfa9c8f7c7345730a1bc8e41703e729cf69d88788cbe007700eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018bb5e3850f0000040300483046022100b4829f33aa123cb1a26c46ce8b6070561facfba84376fab12d7c92128ce120200221009ca43554b90371cb95b9702bbc19ad123e5d5e14095722eee642915d88626147 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 008c0c678f572ae7503b11a868aa6c5733e5d90cb20c7a0d4b7600e8444d23f462385a174ebb577b7861ee05564f2c68811b293ea79bca850006b231ee2afaad07fd47205e50bc413c58ccac1c0a1b02dc0241a98e8cd6f9c9829c5f71c585c87d88ad200b787e6b9d1916c81a47c7657bce493bb79647a2d9e94d3867b3d6743ead231b61fb5aa042372eabc39b825b42d5a163142aa993a596c248bcdb7e33b62d81b092c8d74f3b7a36de8c33f897341c29bc7c8732270ea143d69ebd88133e2db27e842309b9e47110a1a7d74d04055530adc08c6f5e9282710630a47f1c8e84d07d8fdd50afa0c39afc1e2bc2baa8b670224fa0b0a6fb50723097df5e2cef