festival.itunes.apple.com
- Apple Inc. -
Issued by Apple Public EV Server RSA CA 2 - G1
About this certificate
This digital certificate with serial number 58:b5:a6:27:2d:34:f3:c7:d1:72:21:c8:66:44:6c:cb was issued on by Apple Inc..
With 4 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Apple Inc.
Company registration number:
C0806592
Organization: Apple Inc.
Organization: Apple Inc.
State / Province:
California
Locality: Cupertino
Country: US
Locality: Cupertino
Country: US
Apple Inc.
Organization:
Apple Inc.
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 58:b5:a6:27:2d:34:f3:c7:d1:72:21:c8:66:44:6c:cbSerial Number (int): 117915239344350785655528641779739159755
Serial Number lenght: 127 bits, 16 octets
SubjectKeyId: ab:fc:8c:1a:8d:5c:f4:11:bf:77:61:3a:ad:0d:bd:ec:b3:95:67:3e
AuthorityKeyId: 50:55:ab:43:a1:af:a9:48:2b:5a:c1:a2:87:89:04:e4:7a:0e:ca:da
Fingerprint (sha1): 76:4c:4b:48:11:a2:18:69:39:81:dc:30:e8:9a:e6:fd:fc:50:d7:05
Fingerprint (sha256): 01:15:0b:ee:da:a8:21:c9:4e:e0:22:9d:df:17:fc:52:e5:b5:1b:8c:da:9b:5d:98:8f:34:35:da:f6:ea:49:66
Issuing Certificate URL: http://certs.apple.com/apevsrsa2g1.der
Revocation information
OCSP Server: http://ocsp.apple.com/ocsp03-apevsrsa2g101CRL Distribution Point: http://crl.apple.com/apevsrsa2g1.crl
Check the revocation status for certificate festival.itunes.apple.com
4
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for festival.itunes.apple.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
uic.itunes.com
festival.itunes.apple.com
itunesevents.apple.com
uic.itunes.apple.com
festival.itunes.apple.com
itunesevents.apple.com
uic.itunes.apple.com
Other certificates including the domain name apple.com
(limited to 100 certificates)
itunes.apple.com
ja.ls.apple.com
origin-discussions2-us-dr-prz.apple.com
training.apple.com
reserves-prime.prz.apple.com
app001.apple.com
deployment-pv50.ls.apple.com
itunes.apple.com
reserve-prime.apple.com
gsp81-ssl-e1118.ls.apple.com
gsp102-ssl-e1502.ls.apple.com
api.searchads.apple.com
idmsa-uat.apple.com
webpay-sh-pilot.apple.com
mzstatic.com
store-029.blobstore.apple.com
beatsglobalquality-uat.corp.apple.com
rw.apple.com
stg-pod1-smp.corp.apple.com
gr-api-video-h-aapne1a.smoot.apple.com
web-ext-mmap-ce01.apple.com
usl-expe1405.apple.com
store-995.blobstore.apple.com
sapecc-prd-ext.sap.apple.com
swdlp.apple.com
gsx.apple.com
gsp-ssl-e1134.ls.apple.com
clx-dev.apple.com
noodle.apple.com
gsp11-ty21-dlb-2.ls.apple.com
mzuserxp.itunes.apple.com
gsp64-st14-ssl-dlb.ls.apple.com
gsp45-ssl-e1356.ls.apple.com
gsp12-st14-dlb-2.ls.apple.com
discussions-uat.apple.com
dc-portal.apple.com
supplier.apple.com
gsp48-kittyhawk-qs55-ssl.ls.apple.com
gsp81-ssl-e1502.ls.apple.com
gsp48-ssl-e691.ls.apple.com
mapsconnectapi.ls.apple.com
wdg01-uat.apple.com
wellnessclassic.apple.com
api-partner-connect-uat1.apple.com
people.apple.com
supplier-registration.apple.com
gsp60-ssl-e997.ls.apple.com
ssuat.apple.com
locate.apple.com
itunes.apple.com
suppliernet.apple.com
gsp79-am31-dlb.ls.apple.com
smp-device-qa3.apple.com
eurored3.apple.com
devcon-oomnshuttleist-test.apple.com
coreservices-e1506-ms11-bistunium-k8straefik.ls.apple.com
gsp70-ssl-e706.ls.apple.com
dinah05.corp.apple.com
gsp1-ssl.apple.com
gspe85-cn-ssl.ls.apple.com
vorpal-relay.apple.com
bswe.apple.com
cma.itunes.apple.com
gsp-ssl-apne1-ash.ls.apple.com
theloop-stage.apple.com
tokenvalidation.apple.com
linkmaker.itunes.apple.com
gsp70-ssl-e1633.ls.apple.com
gsp63-ms12-kittyhawk-ssl.ls.apple.com
gsp-ssl-sl61-ipv6.ls.apple.com
aws-onepulse.apple.com
gsp12-kh-st14-1.ls.apple.com
gsp59-ssl-e506.ls.apple.com
mr-apple-com2.apple.com
ocservice.apple.com
marketing.apple.com
ioss-callbackservices-qa3.apple.com
gsp19-kh-ms12.ls.apple.com
madeforipodandiphone.apple.com
gspe19-ssl.ls.apple.com
gsp19-1-kittyhawk-ci77-ssl.ls.apple.com
cs-integrations-stage.apple.com
gsp35-ty21-ssl.ls.apple.com
gbiportal-apps-external.apple.com
plmtest2.apple.com
gsp3-sy02-ssl.ls.apple.com
gspe35-ssl.ls.apple.com
gsp76-ty21-01.ls.apple.com
ne-access.apple.com
profilebroker.apple.com
axm-scim-qa12.apple.com
gsp95-hk02-stage-ssl.ls.apple.com
contactretail.apple.com
caffemacs-aa-prz.apple.com
bam.corp.apple.com
gsp45-ssl-e709.ls.apple.com
caffemacs-qa.apple.com
cls-webdata.education.icloud.com
gsp76-ms12.ls.apple.com
gsp82-ssl-e1277.ls.apple.com
ja.ls.apple.com
origin-discussions2-us-dr-prz.apple.com
training.apple.com
reserves-prime.prz.apple.com
app001.apple.com
deployment-pv50.ls.apple.com
itunes.apple.com
reserve-prime.apple.com
gsp81-ssl-e1118.ls.apple.com
gsp102-ssl-e1502.ls.apple.com
api.searchads.apple.com
idmsa-uat.apple.com
webpay-sh-pilot.apple.com
mzstatic.com
store-029.blobstore.apple.com
beatsglobalquality-uat.corp.apple.com
rw.apple.com
stg-pod1-smp.corp.apple.com
gr-api-video-h-aapne1a.smoot.apple.com
web-ext-mmap-ce01.apple.com
usl-expe1405.apple.com
store-995.blobstore.apple.com
sapecc-prd-ext.sap.apple.com
swdlp.apple.com
gsx.apple.com
gsp-ssl-e1134.ls.apple.com
clx-dev.apple.com
noodle.apple.com
gsp11-ty21-dlb-2.ls.apple.com
mzuserxp.itunes.apple.com
gsp64-st14-ssl-dlb.ls.apple.com
gsp45-ssl-e1356.ls.apple.com
gsp12-st14-dlb-2.ls.apple.com
discussions-uat.apple.com
dc-portal.apple.com
supplier.apple.com
gsp48-kittyhawk-qs55-ssl.ls.apple.com
gsp81-ssl-e1502.ls.apple.com
gsp48-ssl-e691.ls.apple.com
mapsconnectapi.ls.apple.com
wdg01-uat.apple.com
wellnessclassic.apple.com
api-partner-connect-uat1.apple.com
people.apple.com
supplier-registration.apple.com
gsp60-ssl-e997.ls.apple.com
ssuat.apple.com
locate.apple.com
itunes.apple.com
suppliernet.apple.com
gsp79-am31-dlb.ls.apple.com
smp-device-qa3.apple.com
eurored3.apple.com
devcon-oomnshuttleist-test.apple.com
coreservices-e1506-ms11-bistunium-k8straefik.ls.apple.com
gsp70-ssl-e706.ls.apple.com
dinah05.corp.apple.com
gsp1-ssl.apple.com
gspe85-cn-ssl.ls.apple.com
vorpal-relay.apple.com
bswe.apple.com
cma.itunes.apple.com
gsp-ssl-apne1-ash.ls.apple.com
theloop-stage.apple.com
tokenvalidation.apple.com
linkmaker.itunes.apple.com
gsp70-ssl-e1633.ls.apple.com
gsp63-ms12-kittyhawk-ssl.ls.apple.com
gsp-ssl-sl61-ipv6.ls.apple.com
aws-onepulse.apple.com
gsp12-kh-st14-1.ls.apple.com
gsp59-ssl-e506.ls.apple.com
mr-apple-com2.apple.com
ocservice.apple.com
marketing.apple.com
ioss-callbackservices-qa3.apple.com
gsp19-kh-ms12.ls.apple.com
madeforipodandiphone.apple.com
gspe19-ssl.ls.apple.com
gsp19-1-kittyhawk-ci77-ssl.ls.apple.com
cs-integrations-stage.apple.com
gsp35-ty21-ssl.ls.apple.com
gbiportal-apps-external.apple.com
plmtest2.apple.com
gsp3-sy02-ssl.ls.apple.com
gspe35-ssl.ls.apple.com
gsp76-ty21-01.ls.apple.com
ne-access.apple.com
profilebroker.apple.com
axm-scim-qa12.apple.com
gsp95-hk02-stage-ssl.ls.apple.com
contactretail.apple.com
caffemacs-aa-prz.apple.com
bam.corp.apple.com
gsp45-ssl-e709.ls.apple.com
caffemacs-qa.apple.com
cls-webdata.education.icloud.com
gsp76-ms12.ls.apple.com
gsp82-ssl-e1277.ls.apple.com
Certificate
The complete raw certificate details for festival.itunes.apple.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHnDCCBoSgAwIBAgIQWLWmJy0088fRciHIZkRsyzANBgkqhkiG9w0BAQsFADBR MQswCQYDVQQGEwJVUzETMBEGA1UEChMKQXBwbGUgSW5jLjEtMCsGA1UEAxMkQXBw bGUgUHVibGljIEVWIFNlcnZlciBSU0EgQ0EgMiAtIEcxMB4XDTI0MDEwNTIzMDEx NFoXDTI0MDcwMzIzMTExNFowgdMxHTAbBgNVBA8MFFByaXZhdGUgT3JnYW5pemF0 aW9uMRMwEQYLKwYBBAGCNzwCAQMTAlVTMRswGQYLKwYBBAGCNzwCAQIMCkNhbGlm b3JuaWExETAPBgNVBAUTCEMwODA2NTkyMQswCQYDVQQGEwJVUzETMBEGA1UECAwK Q2FsaWZvcm5pYTESMBAGA1UEBwwJQ3VwZXJ0aW5vMRMwEQYDVQQKDApBcHBsZSBJ bmMuMSIwIAYDVQQDDBlmZXN0aXZhbC5pdHVuZXMuYXBwbGUuY29tMIIBIjANBgkq hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlY4iAfrwuGUMPH1/vB2/V7b26kjZkYw2 KoL1bv7t/bSXWvffmf97EZwlv1Xl/TCrP6hk3fZlpun+JbCfHe6zUMTGmrxKism2 eu1f6qROS233+Ax/KJU+6x6/UbavBmhAPamrmxUzuF45GDGBrmmJ1AajPA/mBo5X oX9BkqjWq9s5fzY7YcwI6jDLw/8oKO5vHNgL9GsDLCfkqiQyWwAp+0wVF9WR98Ts DNmZEiVJvQRyPlrWvgA7RwP1w4lMzoAsSPpsmDmxTiHEV4bGBa9h56/YKPayVSKO zk4310K/Uyuk1zmbeBRrlSzsn27SH4LOIQ9TGAi2R5YXJek9fKyBMwIDAQABo4ID 6zCCA+cwDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBRQVatDoa+pSCtawaKHiQTk eg7K2jB6BggrBgEFBQcBAQRuMGwwMgYIKwYBBQUHMAKGJmh0dHA6Ly9jZXJ0cy5h cHBsZS5jb20vYXBldnNyc2EyZzEuZGVyMDYGCCsGAQUFBzABhipodHRwOi8vb2Nz cC5hcHBsZS5jb20vb2NzcDAzLWFwZXZzcnNhMmcxMDEwYgYDVR0RBFswWYIOdWlj Lml0dW5lcy5jb22CGWZlc3RpdmFsLml0dW5lcy5hcHBsZS5jb22CFml0dW5lc2V2 ZW50cy5hcHBsZS5jb22CFHVpYy5pdHVuZXMuYXBwbGUuY29tMGAGA1UdIARZMFcw SAYFZ4EMAQEwPzA9BggrBgEFBQcCARYxaHR0cHM6Ly93d3cuYXBwbGUuY29tL2Nl cnRpZmljYXRlYXV0aG9yaXR5L3B1YmxpYzALBglghkgBhv1sAgEwEwYDVR0lBAww CgYIKwYBBQUHAwEwNQYDVR0fBC4wLDAqoCigJoYkaHR0cDovL2NybC5hcHBsZS5j b20vYXBldnNyc2EyZzEuY3JsMB0GA1UdDgQWBBSr/IwajVz0Eb93YTqtDb3ss5Vn PjAOBgNVHQ8BAf8EBAMCBaAwggH3BgorBgEEAdZ5AgQCBIIB5wSCAeMB4QB3AN/h VuuqBa+1nA+GcY2owDJOrlbZbqf1pWoB0cE7vlJcAAABjNvlHfsAAAQDAEgwRgIh AOSd6frCQN5VJdXQl8IGQ6P76r3ofxfXOfvdAJsGh+EUAiEA/z+Hl//5hb7M7xWg SJOaPd60CfGxpS42kiqXGrG76sUAdgA7U3d1Pi25gE6LMFsG/kA7Z9hPw/THvQAN LXJv4frUFwAAAYzb5R3IAAAEAwBHMEUCIHomy6zQnL/KrLGEp6unSEKpTrEdjqFy 7LanfnQzEQAfAiEA3l+797/Dt5FqaAP8mEn71IohbU3jmGdFxl51UzttV1wAdwA/ F0tP1yJHWJQdZRyEvg0S7ZA3fx+FauvBvyiF7PhkbgAAAYzb5R3GAAAEAwBIMEYC IQCUO9HJh7Z4mgcQMr2sfPr3vB9XPXItCc4tz/q5XD6sIQIhAKvMt9Z7Pw6saw1h jXdP1zNSUr53hv2JQm2FTWGB3vtaAHUA7s3QZNXbGs7FXLedtM0TojKHRny87N7D UUhZRnEftZsAAAGM2+UdvQAABAMARjBEAiBPDsGp1v55jsaqQMc2Iz5BOBCvATTq T6M3KIqu0Z9WNQIgZjf6TfbpshtX/MjEki+IZLqv6DukjCIc4/lOzRmpP7YwDQYJ KoZIhvcNAQELBQADggEBAJ5gXkQO5sKAB5O5btankesAdsZkvHcncKAzGqlgTQEw 40fePVGJXiuf3vge0UvWGdufIE66oPuN37HxJWKtF+vC4zGjmCPjpEXyK8m2Qa7D S+cUE+JBglgz2rAcu0bLHWhNh/MsVYKl9NWnJKKwGK/txKgsiKhzPzWpTeZuD+rf naHqt3pu4hNkzzH6861kP8FmXAyvB6wUcRAbwEpOsSxSMMNTZ2xn5PzpwK0WyZHp MdnX91YEN0NLoPYJNG+5VSwH8jaxFmpGMYfVBQ3qF8Tf5h9w56+8Z3Kz3/K2b15C 6rLOWDFcCiY5Eh/juXU7cc1R4pHTgj3yRmBMj26bRzY= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlY4iAfrwuGUMPH1/vB2/ V7b26kjZkYw2KoL1bv7t/bSXWvffmf97EZwlv1Xl/TCrP6hk3fZlpun+JbCfHe6z UMTGmrxKism2eu1f6qROS233+Ax/KJU+6x6/UbavBmhAPamrmxUzuF45GDGBrmmJ 1AajPA/mBo5XoX9BkqjWq9s5fzY7YcwI6jDLw/8oKO5vHNgL9GsDLCfkqiQyWwAp +0wVF9WR98TsDNmZEiVJvQRyPlrWvgA7RwP1w4lMzoAsSPpsmDmxTiHEV4bGBa9h 56/YKPayVSKOzk4310K/Uyuk1zmbeBRrlSzsn27SH4LOIQ9TGAi2R5YXJek9fKyB MwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 117915239344350785655528641779739159755 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Apple Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Apple Public EV Server RSA CA 2 - G1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-05 23:01:14 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-07-03 23:11:14 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Private Organization' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.2 (jurisdictionOfIncorporationSP) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'California' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'C0806592' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'California' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Cupertino' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Apple Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'festival.itunes.apple.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 18879595756913339847526226750145893358981834862319510226633260157028193884155377562480182700300824131336962747152999455829980004347776151931885625342558753557687942985508836732045899159511096091906370855944356082345257060776154763908185350452599771403299467261501969867574349864202038045588096364462938121319909252429890006512964115187530112409139282855479638735760518571770119785553121593868341619545621761655288138839283067833585067004795593459786035352671669289076767794832323893572084544810788404655286807272015868990607655119016273451469083564972112191466839509656300901670278020550977309967349212329113304203571 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 5055ab43a1afa9482b5ac1a2878904e47a0ecada . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (110 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://certs.apple.com/apevsrsa2g1.der' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.apple.com/ocsp03-apevsrsa2g101' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (91 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'uic.itunes.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'festival.itunes.apple.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'itunesevents.apple.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'uic.itunes.apple.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (89 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.apple.com/certificateauthority/public' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.2.1 (DigiCert EV policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (46 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.apple.com/apevsrsa2g1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) abfc8c1a8d5cf411bf77613aad0dbdecb395673e . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (487 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (483 bytes) 01e1007700dfe156ebaa05afb59c0f86718da8c0324eae56d96ea7f5a56a01d1c13bbe525c0000018cdbe51dfb0000040300483046022100e49de9fac240de5525d5d097c20643a3fbeabde87f17d739fbdd009b0687e114022100ff3f8797fff985beccef15a048939a3ddeb409f1b1a52e36922a971ab1bbeac50076003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018cdbe51dc8000004030047304502207a26cbacd09cbfcaacb184a7aba74842a94eb11d8ea172ecb6a77e743311001f022100de5fbbf7bfc3b7916a6803fc9849fbd48a216d4de3986745c65e75533b6d575c0077003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e0000018cdbe51dc60000040300483046022100943bd1c987b6789a071032bdac7cfaf7bc1f573d722d09ce2dcffab95c3eac21022100abccb7d67b3f0eac6b0d618d774fd7335252be7786fd89426d854d6181defb5a007500eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018cdbe51dbd000004030046304402204f0ec1a9d6fe798ec6aa40c736233e413810af0134ea4fa337288aaed19f563502206637fa4df6e9b21b57fcc8c4922f8864baafe83ba48c221ce3f94ecd19a93fb6 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 009e605e440ee6c2800793b96ed6a791eb0076c664bc772770a0331aa9604d0130e347de3d51895e2b9fdef81ed14bd619db9f204ebaa0fb8ddfb1f12562ad17ebc2e331a39823e3a445f22bc9b641aec34be71413e241825833dab01cbb46cb1d684d87f32c5582a5f4d5a724a2b018afedc4a82c88a8733f35a94de66e0feadf9da1eab77a6ee21364cf31faf3ad643fc1665c0caf07ac1471101bc04a4eb12c5230c353676c67e4fce9c0ad16c991e931d9d7f7560437434ba0f609346fb9552c07f236b1166a463187d5050dea17c4dfe61f70e7afbc6772b3dff2b66f5e42eab2ce58315c0a2639121fe3b9753b71cd51e291d3823df246604c8f6e9b4736