cls-webdata.education.icloud.com
- Apple Inc. -
Issued by Apple IST CA 2 - G1
About this certificate
This digital certificate with serial number 71:69:bb:9b:03:06:09:9a:d5:d1:74:65:db:89:7d:a1 was issued on by Apple Inc..
With 8 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Apple Inc.
Organization:
Apple Inc.
State / Province:
California
Country: US
Country: US
Apple Inc.
Organization:
Apple Inc.
Organization unit: Certification Authority
Organization unit: Certification Authority
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 71:69:bb:9b:03:06:09:9a:d5:d1:74:65:db:89:7d:a1Serial Number (int): 150751759785738477054353385001885203873
Serial Number lenght: 127 bits, 16 octets
SubjectKeyId: 7c:2c:13:70:51:6b:25:b6:83:96:78:ea:9b:c2:6c:34:35:7d:fe:f0
AuthorityKeyId: d8:7a:94:44:7c:90:70:90:16:9e:dd:17:9c:01:44:03:86:d6:2a:29
Fingerprint (sha1): c9:95:a1:37:f8:b2:08:f9:ae:7e:9d:03:40:6f:dd:60:c3:ea:78:97
Fingerprint (sha256): 00:dd:1b:29:a1:05:04:e6:34:d7:1e:0c:44:6d:2f:be:75:85:a4:4c:2e:08:7a:ed:ae:11:e1:45:b0:c0:06:37
Issuing Certificate URL: http://certs.apple.com/appleistca2g1_bc.cer
Issuing Certificate URL: http://certs.apple.com/appleistca2g1.der
Revocation information
OCSP Server: http://ocsp.apple.com/ocsp03-appleistca2g128CRL Distribution Point: http://crl.apple.com/appleistca2g1.crl
Check the revocation status for certificate cls-webdata.education.icloud.com
8
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for cls-webdata.education.icloud.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Extensions
13 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
cls-webdata.education.icloud.com
mr00-cls-ingest.itunes.apple.com
st00-cls-webdata.education.icloud.com
st00-cls-iosclient.itunes.apple.com
mr00-cls-webdata.education.icloud.com
st00-cls-ingest.itunes.apple.com
pg-bootstrap.itunes.apple.com
cls-bootstrap.education.icloud.com
mr00-cls-ingest.itunes.apple.com
st00-cls-webdata.education.icloud.com
st00-cls-iosclient.itunes.apple.com
mr00-cls-webdata.education.icloud.com
st00-cls-ingest.itunes.apple.com
pg-bootstrap.itunes.apple.com
cls-bootstrap.education.icloud.com
Other certificates including the domain name icloud.com
(limited to 100 certificates)
p09-mccgateway.icloud.com
keyvalueservice.icloud.com
ckdatabase.icloud.com
caldav.icloud.com
discussions-uat.apple.com
p101-ckdatabase.icloud.com
iwmb1.icloud.com
ckcoderouter.icloud.com
p203-sharedstreams-china.icloud.com
p301-fmipweb-china.icloud.com
p127-mcc.icloud.com
p101-iwmb6.icloud.com
prod-setup.icloud.com
cls-webdata.education.icloud.com
drivews.icloud.com
metrics.icloud.com
fmf-china.icloud.com
aolauth.icloud.com
ckdevice.icloud.com
mobilebackup-internal-china.icloud.com
calendarws.icloud.com
p301-iwmb3-china.icloud.com
iwmb.icloud.com
ckdatabasews.icloud.com
fmfweb.icloud.com
p301-ckdatabase-china.icloud.com
p203-escrowproxy-china.icloud.com
drive.icloud.com
p301-notesws.icloud.com
iwmb8.icloud.com
p301-iwmb-china.icloud.com
p101-quota-china.icloud.com
fmipweb.icloud.com
fmfmail.icloud.com
fmipweb-china.icloud.com
iwmb2.icloud.com
ubiquity.icloud.com
calendar.icloud.com
p101-sharedstreams-china.icloud.com
ckshare.icloud.com
fmipmobile.icloud.com
newspublisherapi.icloud.com
p101-iwmb7.icloud.com
ckcoderouter.icloud.com
iworkexportws.icloud.com
fmipalcweb.icloud.com
e3.icloud.com
photos.icloud.com
drivews.icloud.com
calendars-china.icloud.com
p301-docws-china.icloud.com
p101-docws.icloud.com
iwres.icloud.com
p25-cache.iwork.icloud.com
streams-china.icloud.com
p101-iwmb5-china.icloud.com
p101-fmfmobile.icloud.com
www.me.com
photos.icloud.com
calendars-china.icloud.com
probe.icloud.com
ubiquity.icloud.com
p01-mcc.icloud.com
p203-iwmb4-china.icloud.com
iworkpreviewapi.icloud.com
p101-escrowproxy.icloud.com
ckdevice-china.icloud.com
contactsws.icloud.com
p203-notesws-china.icloud.com
mail.icloud.com
p101-iwmb1-china.icloud.com
p101-iwres-china.icloud.com
iwmb0-china.icloud.com
p301-setup.icloud.com
calendars-china.icloud.com
p101-content.icloud.com
ckcoderouter-china.icloud.com
iwmb9-china.icloud.com
p301-drivews.icloud.com
p75-cache.iwork.icloud.com
p301-caldav-china.icloud.com
networkresponsivetest.icloud.com
uploadimagews.icloud.com
uploadimagews.icloud.com
discussions-uat.apple.com
statici.icloud.com
discussions-uat.apple.com
aolauth.icloud.com
contactsws.icloud.com
content.icloud.com
quota.icloud.com
discussions-uat.apple.com
calendars.icloud.com
acfeedbackws.icloud.com
fmipmail-china.icloud.com
ckshare.icloud.com
iworkthumbnailws.icloud.com
ckcoderouter-china.icloud.com
p101-fmfweb.icloud.com
ckcoderouter.icloud.com
keyvalueservice.icloud.com
ckdatabase.icloud.com
caldav.icloud.com
discussions-uat.apple.com
p101-ckdatabase.icloud.com
iwmb1.icloud.com
ckcoderouter.icloud.com
p203-sharedstreams-china.icloud.com
p301-fmipweb-china.icloud.com
p127-mcc.icloud.com
p101-iwmb6.icloud.com
prod-setup.icloud.com
cls-webdata.education.icloud.com
drivews.icloud.com
metrics.icloud.com
fmf-china.icloud.com
aolauth.icloud.com
ckdevice.icloud.com
mobilebackup-internal-china.icloud.com
calendarws.icloud.com
p301-iwmb3-china.icloud.com
iwmb.icloud.com
ckdatabasews.icloud.com
fmfweb.icloud.com
p301-ckdatabase-china.icloud.com
p203-escrowproxy-china.icloud.com
drive.icloud.com
p301-notesws.icloud.com
iwmb8.icloud.com
p301-iwmb-china.icloud.com
p101-quota-china.icloud.com
fmipweb.icloud.com
fmfmail.icloud.com
fmipweb-china.icloud.com
iwmb2.icloud.com
ubiquity.icloud.com
calendar.icloud.com
p101-sharedstreams-china.icloud.com
ckshare.icloud.com
fmipmobile.icloud.com
newspublisherapi.icloud.com
p101-iwmb7.icloud.com
ckcoderouter.icloud.com
iworkexportws.icloud.com
fmipalcweb.icloud.com
e3.icloud.com
photos.icloud.com
drivews.icloud.com
calendars-china.icloud.com
p301-docws-china.icloud.com
p101-docws.icloud.com
iwres.icloud.com
p25-cache.iwork.icloud.com
streams-china.icloud.com
p101-iwmb5-china.icloud.com
p101-fmfmobile.icloud.com
www.me.com
photos.icloud.com
calendars-china.icloud.com
probe.icloud.com
ubiquity.icloud.com
p01-mcc.icloud.com
p203-iwmb4-china.icloud.com
iworkpreviewapi.icloud.com
p101-escrowproxy.icloud.com
ckdevice-china.icloud.com
contactsws.icloud.com
p203-notesws-china.icloud.com
mail.icloud.com
p101-iwmb1-china.icloud.com
p101-iwres-china.icloud.com
iwmb0-china.icloud.com
p301-setup.icloud.com
calendars-china.icloud.com
p101-content.icloud.com
ckcoderouter-china.icloud.com
iwmb9-china.icloud.com
p301-drivews.icloud.com
p75-cache.iwork.icloud.com
p301-caldav-china.icloud.com
networkresponsivetest.icloud.com
uploadimagews.icloud.com
uploadimagews.icloud.com
discussions-uat.apple.com
statici.icloud.com
discussions-uat.apple.com
aolauth.icloud.com
contactsws.icloud.com
content.icloud.com
quota.icloud.com
discussions-uat.apple.com
calendars.icloud.com
acfeedbackws.icloud.com
fmipmail-china.icloud.com
ckshare.icloud.com
iworkthumbnailws.icloud.com
ckcoderouter-china.icloud.com
p101-fmfweb.icloud.com
ckcoderouter.icloud.com
Certificate
The complete raw certificate details for cls-webdata.education.icloud.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGmzCCBYOgAwIBAgIQcWm7mwMGCZrV0XRl24l9oTANBgkqhkiG9w0BAQsFADBi MRwwGgYDVQQDExNBcHBsZSBJU1QgQ0EgMiAtIEcxMSAwHgYDVQQLExdDZXJ0aWZp Y2F0aW9uIEF1dGhvcml0eTETMBEGA1UEChMKQXBwbGUgSW5jLjELMAkGA1UEBhMC VVMwHhcNMjMxMTI0MDU1ODQ5WhcNMjQxMjIzMDU1ODQ4WjBiMQswCQYDVQQGEwJV UzETMBEGA1UECAwKQ2FsaWZvcm5pYTETMBEGA1UECgwKQXBwbGUgSW5jLjEpMCcG A1UEAwwgY2xzLXdlYmRhdGEuZWR1Y2F0aW9uLmljbG91ZC5jb20wggEiMA0GCSqG SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrfdUGuSVrsSuN0c/vBzriQlWbEQ8k3chJ tc4XGslBWz7VetNzLZ2NrC4OEjJQWQB5aSndvjyV12Bw25lTjUXNjGjLdSK+42BL fARceZHnIgVpQQqBDjd5cuVEegjiG1jgX8LpNg6i9yZcF1enmfFurHadPSw2WkLj 98Fy4nV6VpHnEeAgH1DTeJYmzkJ/fc9n6tyAQEI+L3uRT5DJbrI1FDtGmtBvO8U9 70NN+CaEQfn+J4vQ0hGhLvONRH2Nfyl/g95mOxZVeteHIygKKgMowU5TYgCFlme+ hN4RHZgaEeWg+/vO+LR91GiCkGfzHUbNZV/v7bD8ipJPQ1JnP8g5AgMBAAGjggNL MIIDRzAMBgNVHRMBAf8EAjAAMB8GA1UdIwQYMBaAFNh6lER8kHCQFp7dF5wBRAOG 1iopMIG5BggrBgEFBQcBAQSBrDCBqTA3BggrBgEFBQcwAoYraHR0cDovL2NlcnRz LmFwcGxlLmNvbS9hcHBsZWlzdGNhMmcxX2JjLmNlcjA0BggrBgEFBQcwAoYoaHR0 cDovL2NlcnRzLmFwcGxlLmNvbS9hcHBsZWlzdGNhMmcxLmRlcjA4BggrBgEFBQcw AYYsaHR0cDovL29jc3AuYXBwbGUuY29tL29jc3AwMy1hcHBsZWlzdGNhMmcxMjgw ggEpBgNVHREEggEgMIIBHIIgY2xzLXdlYmRhdGEuZWR1Y2F0aW9uLmljbG91ZC5j b22CIG1yMDAtY2xzLWluZ2VzdC5pdHVuZXMuYXBwbGUuY29tgiVzdDAwLWNscy13 ZWJkYXRhLmVkdWNhdGlvbi5pY2xvdWQuY29tgiNzdDAwLWNscy1pb3NjbGllbnQu aXR1bmVzLmFwcGxlLmNvbYIlbXIwMC1jbHMtd2ViZGF0YS5lZHVjYXRpb24uaWNs b3VkLmNvbYIgc3QwMC1jbHMtaW5nZXN0Lml0dW5lcy5hcHBsZS5jb22CHXBnLWJv b3RzdHJhcC5pdHVuZXMuYXBwbGUuY29tgiJjbHMtYm9vdHN0cmFwLmVkdWNhdGlv bi5pY2xvdWQuY29tMGIGA1UdIARbMFkwSQYGZ4EMAQICMD8wPQYIKwYBBQUHAgEW MWh0dHBzOi8vd3d3LmFwcGxlLmNvbS9jZXJ0aWZpY2F0ZWF1dGhvcml0eS9wdWJs aWMwDAYKKoZIhvdjZAULBDATBgNVHSUEDDAKBggrBgEFBQcDATA3BgNVHR8EMDAu MCygKqAohiZodHRwOi8vY3JsLmFwcGxlLmNvbS9hcHBsZWlzdGNhMmcxLmNybDAd BgNVHQ4EFgQUfCwTcFFrJbaDlnjqm8JsNDV9/vAwDgYDVR0PAQH/BAQDAgWgMBEG CyqGSIb3Y2QGGwcCBAIFADARBgsqhkiG92NkBhsPAgQCBQAwEQYLKoZIhvdjZAYb CwIEAgUAMBMGCisGAQQB1nkCBAMBAf8EAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQA4 jUgAcX9eiw5251e/r+LmD9WWjmlccdTxuauMHZiJzYmDSf6pTwUrcmkY6tghaEHD n6ilJagIs1GMGQsrO80TZsQPfQSFX+iubrvT/QPnqRnxxP3SPcySkGWQH0S2Gh3R xp5mpB+7tGdAg7NhkigZPBsgna88IWOj7WUJHQRPaXKkfKuAg4+AyekNCakraQPJ x25lYjkuqgC6Vr76S7mFbXmXeed8nZhl0QYlGjcR9yw8hn+509Y73iV4DOjvxxsc LkkjrTnxb5Y/bdFkv/sbUvNEKjq5nsVETfn7xHr8ljUsmogYoaUyCz31cXmbwLUL YS3rYd/GWAyiWLX0CCxk -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq33VBrkla7ErjdHP7wc6 4kJVmxEPJN3ISbXOFxrJQVs+1XrTcy2djawuDhIyUFkAeWkp3b48lddgcNuZU41F zYxoy3UivuNgS3wEXHmR5yIFaUEKgQ43eXLlRHoI4htY4F/C6TYOovcmXBdXp5nx bqx2nT0sNlpC4/fBcuJ1elaR5xHgIB9Q03iWJs5Cf33PZ+rcgEBCPi97kU+QyW6y NRQ7RprQbzvFPe9DTfgmhEH5/ieL0NIRoS7zjUR9jX8pf4PeZjsWVXrXhyMoCioD KMFOU2IAhZZnvoTeER2YGhHloPv7zvi0fdRogpBn8x1GzWVf7+2w/IqST0NSZz/I OQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 150751759785738477054353385001885203873 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Apple IST CA 2 - G1' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Certification Authority' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Apple Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-24 05:58:49 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-12-23 05:58:48 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'California' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Apple Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'cls-webdata.education.icloud.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21648800287032001049101851669235204044087711379892744903195075385413921460935025643985646817626716025160985085287559711891295870923262061645414674527769865562203904704697627978842790867419505798361295259102138132896021602426025283565069644833783676035950050980387155903023324468790130568747367501919237894354233973496792928782141699558397939078390163351026134428733634486207653561118052601701374352014919728252953225941490462992482440797010994111491083962160827101860744802716966956266030128473343304540030555960657621405032510087698208102533270903936198335000798276887280595152548193207031292772419266313761887078457 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName d87a94447c907090169edd179c01440386d62a29 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (172 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://certs.apple.com/appleistca2g1_bc.cer' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://certs.apple.com/appleistca2g1.der' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.apple.com/ocsp03-appleistca2g128' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (288 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cls-webdata.education.icloud.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mr00-cls-ingest.itunes.apple.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'st00-cls-webdata.education.icloud.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'st00-cls-iosclient.itunes.apple.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mr00-cls-webdata.education.icloud.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'st00-cls-ingest.itunes.apple.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pg-bootstrap.itunes.apple.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cls-bootstrap.education.icloud.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (91 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.apple.com/certificateauthority/public' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113635.100.5.11.4 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (48 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.apple.com/appleistca2g1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 7c2c1370516b25b6839678ea9bc26c34357dfef0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113635.100.6.27.7.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113635.100.6.27.15.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113635.100.6.27.11.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00388d4800717f5e8b0e76e757bfafe2e60fd5968e695c71d4f1b9ab8c1d9889cd898349fea94f052b726918ead8216841c39fa8a525a808b3518c190b2b3bcd1366c40f7d04855fe8ae6ebbd3fd03e7a919f1c4fdd23dcc929065901f44b61a1dd1c69e66a41fbbb4674083b3619228193c1b209daf3c2163a3ed65091d044f6972a47cab80838f80c9e90d09a92b6903c9c76e6562392eaa00ba56befa4bb9856d799779e77c9d9865d106251a3711f72c3c867fb9d3d63bde25780ce8efc71b1c2e4923ad39f16f963f6dd164bffb1b52f3442a3ab99ec5444df9fbc47afc96352c9a8818a1a5320b3df571799bc0b50b612deb61dfc6580ca258b5f4082c64