mzstatic.com

- Apple Inc. -

Issued by Apple Public EV Server RSA CA 1 - G1

About this certificate

This digital certificate with serial number 29:83:26:80:42:eb:66:a9:94:85:a3:f5:2b:9f:96:e6 was issued on by Apple Inc..

With 11 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Apple Inc.

Company registration number: C0806592
Organization: Apple Inc.
State / Province: California
Locality: Cupertino
Country: US

Apple Inc.

Organization: Apple Inc.
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 29:83:26:80:42:eb:66:a9:94:85:a3:f5:2b:9f:96:e6
Serial Number (int): 55179319609129946823106260375324038886
Serial Number lenght: 126 bits, 16 octets

SubjectKeyId: 2f:6d:4a:f4:d4:cc:37:2c:9f:63:00:4d:46:11:60:78:63:40:68:06
AuthorityKeyId: d3:bd:c1:3c:a0:cf:35:b9:34:c5:d4:db:da:10:0e:4c:de:6a:fe:58

Fingerprint (sha1): 49:f5:5c:31:7a:33:f4:37:cf:77:b8:8a:17:f5:5e:01:b0:39:e5:62
Fingerprint (sha256): 11:79:48:4a:41:8a:a0:21:ab:ba:60:e2:b5:27:db:80:83:9c:51:57:16:94:95:25:da:39:7a:af:46:d2:17:6b

Issuing Certificate URL: http://certs.apple.com/apevsrsa1g1.der

Revocation information

OCSP Server: http://ocsp.apple.com/ocsp03-apevsrsa1g101
CRL Distribution Point: http://crl.apple.com/apevsrsa1g1.crl

Check the revocation status for certificate mzstatic.com

11

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for mzstatic.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

is5-ssl-int.mzstatic.com
mzstatic.com
is1-ssl-int.mzstatic.com
is4-ssl-int.mzstatic.com
is1-ssl.mzstatic.com
is2-ssl.mzstatic.com
is3-ssl.mzstatic.com
is3-ssl-int.mzstatic.com
is4-ssl.mzstatic.com
is2-ssl-int.mzstatic.com
is5-ssl.mzstatic.com

Other certificates including the domain name mzstatic.com

(limited to 100 certificates)
itunes.apple.com
mzstatic.com
mzuserxp.itunes.apple.com
discussions-uat.apple.com
itunes.apple.com
mzstatic.com
mzuserxp.itunes.apple.com
mzstatic.com
www.me.com
itunes.apple.com
itunes.apple.com
itunes.apple.com
americasred3.apple.com
itunes.apple.com
mzstatic.com
americasred3.apple.com
discussions-uat.apple.com
discussions-uat.apple.com
discussions-uat.apple.com
mzuserxp.itunes.apple.com
mzuserxp.itunes.apple.com
discussions-uat.apple.com
cloudkit.io
mzstatic.com
mzstatic.com
mzstatic.com
itunes.apple.com
itunes.apple.com
cloudkit.io
apps.itunes.apple.com
mzstatic.com
is1-ssl.mzstatic.com
itunes.apple.com
mzstatic.com
mzstatic.com
itunes.apple.com
itunes.apple.com
mzstatic.com
discussions-uat.apple.com
discussions-uat.apple.com
mzuserxp.itunes.apple.com
itunes.apple.com
mzstatic.com
xp-qa.apple.com
itunes.apple.com
discussions-uat.apple.com
itunes.apple.com
is1-ssl.mzstatic.com
mzstatic.com
mzstatic.com
mzstatic.com
itunes.apple.com
itunes.apple.com
discussions-uat.apple.com
mzuserxp.itunes.apple.com
mzstatic.com
mzstatic.com
itunes.apple.com
itunes.apple.com
mzstatic.com
cloudkit.io
itunes.apple.com
cloudkit.io
apps.mzstatic.com
mzstatic.com
qa.mzstatic.com
apps.itunes.apple.com
itunes.apple.com
mzstatic.com
itunes.apple.com
*.mzstatic.com
discussions-uat.apple.com
static.itunes.apple.com
xp-qa.apple.com
mzstatic.com
mzstatic.com
itunes.apple.com
itunes.apple.com
itunes.apple.com
is1-ssl.mzstatic.com
mzstatic.com
mzstatic.com
apps.mzstatic.com
apps.itunes.apple.com
mzstatic.com
www.me.com
cloudkit.io
mzstatic.com
itunes.apple.com
www.imac.co.nz
itunes.apple.com
xp-qa.apple.com
itunes.apple.com
www.me.com
itunes.apple.com
mzuserxp.itunes.apple.com
discussions-uat.apple.com
mzstatic.com
americasred3.apple.com
itunes.apple.com

Certificate

The complete raw certificate details for mzstatic.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGUzCCBTugAwIBAgIQKYMmgELrZqmUhaP1K5+W5jANBgkqhkiG9w0BAQsFADBR
MQswCQYDVQQGEwJVUzETMBEGA1UEChMKQXBwbGUgSW5jLjEtMCsGA1UEAxMkQXBw
bGUgUHVibGljIEVWIFNlcnZlciBSU0EgQ0EgMSAtIEcxMB4XDTIzMTExNDE5Mjg1
NloXDTI0MTIxMzE5Mjg1NVowgcYxHTAbBgNVBA8MFFByaXZhdGUgT3JnYW5pemF0
aW9uMRMwEQYLKwYBBAGCNzwCAQMTAlVTMRswGQYLKwYBBAGCNzwCAQIMCkNhbGlm
b3JuaWExETAPBgNVBAUTCEMwODA2NTkyMQswCQYDVQQGEwJVUzETMBEGA1UECAwK
Q2FsaWZvcm5pYTESMBAGA1UEBwwJQ3VwZXJ0aW5vMRMwEQYDVQQKDApBcHBsZSBJ
bmMuMRUwEwYDVQQDDAxtenN0YXRpYy5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDj9Fquee8HwD4ZnGMeUGmlWktaZmEeImAnEAm92VhtsgUXZAKH
coFAqyEP++ZPATN7kxNylU7aRBWJQEkHAwaEzBQBmb7un0NKNlqovC0Yz9Jxea+2
975g8aZe8koDHxpKrQZZy/d8kNVSB5oS7IXiq36Px+C6JD0NkZbqRTum/zDLrftp
xdD436SYypDmEatSxPGMBg+O3EA2V2MNEiCL3WCQCSr/3aKA6oX5JwtdVnTNvZ/A
RN+7in6zfXK0CMxhPDjykfTWBNur8d7Svijji3wMe78TK0r4UINbPOveH2lq+3zK
loLqGLURuTmNowoQohzMYS128UQ8aAqDf1xdAgMBAAGjggKvMIICqzAMBgNVHRMB
Af8EAjAAMB8GA1UdIwQYMBaAFNO9wTygzzW5NMXU29oQDkzeav5YMHoGCCsGAQUF
BwEBBG4wbDAyBggrBgEFBQcwAoYmaHR0cDovL2NlcnRzLmFwcGxlLmNvbS9hcGV2
c3JzYTFnMS5kZXIwNgYIKwYBBQUHMAGGKmh0dHA6Ly9vY3NwLmFwcGxlLmNvbS9v
Y3NwMDMtYXBldnNyc2ExZzEwMTCCAQoGA1UdEQSCAQEwgf6CGGlzNS1zc2wtaW50
Lm16c3RhdGljLmNvbYIMbXpzdGF0aWMuY29tghhpczEtc3NsLWludC5tenN0YXRp
Yy5jb22CGGlzNC1zc2wtaW50Lm16c3RhdGljLmNvbYIUaXMxLXNzbC5tenN0YXRp
Yy5jb22CFGlzMi1zc2wubXpzdGF0aWMuY29tghRpczMtc3NsLm16c3RhdGljLmNv
bYIYaXMzLXNzbC1pbnQubXpzdGF0aWMuY29tghRpczQtc3NsLm16c3RhdGljLmNv
bYIYaXMyLXNzbC1pbnQubXpzdGF0aWMuY29tghRpczUtc3NsLm16c3RhdGljLmNv
bTBgBgNVHSAEWTBXMEgGBWeBDAEBMD8wPQYIKwYBBQUHAgEWMWh0dHBzOi8vd3d3
LmFwcGxlLmNvbS9jZXJ0aWZpY2F0ZWF1dGhvcml0eS9wdWJsaWMwCwYJYIZIAYb9
bAIBMBMGA1UdJQQMMAoGCCsGAQUFBwMBMDUGA1UdHwQuMCwwKqAooCaGJGh0dHA6
Ly9jcmwuYXBwbGUuY29tL2FwZXZzcnNhMWcxLmNybDAdBgNVHQ4EFgQUL21K9NTM
NyyfYwBNRhFgeGNAaAYwDgYDVR0PAQH/BAQDAgWgMBMGCisGAQQB1nkCBAMBAf8E
AgUAMA0GCSqGSIb3DQEBCwUAA4IBAQBEsUMbM+rkyGaHlGe4rqOaFnjcPqrJ2+rL
o3l7FBuwcFxdYVn8xPWG4AEninHRVR0bbdyyd7dvrIdRJVB+lKJ2Jrn/lLCoCMJJ
ONy+ze298v+R6FcI0P1vT3iLLekfXyOVqjGHgmp7F8YhhSmfTkezwgKYhwEYhhtz
X4zCoSIYWqvTp1rYl1Ga6VQZLVUICh+KMUaf/g9aqDZITqw7iw/bb3FBjU1n3p4p
9D29m2IQH5tKCZPqTKdXBfXucpPCM/FmBc+qLUeKRBz27DcQtqBeTONX8CLNAHKC
Prg8DG4l8rmEVi8KekAYIil17FVKtCkeix5NBJ8VHMdcQ+WvvLHz
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4/RarnnvB8A+GZxjHlBp
pVpLWmZhHiJgJxAJvdlYbbIFF2QCh3KBQKshD/vmTwEze5MTcpVO2kQViUBJBwMG
hMwUAZm+7p9DSjZaqLwtGM/ScXmvtve+YPGmXvJKAx8aSq0GWcv3fJDVUgeaEuyF
4qt+j8fguiQ9DZGW6kU7pv8wy637acXQ+N+kmMqQ5hGrUsTxjAYPjtxANldjDRIg
i91gkAkq/92igOqF+ScLXVZ0zb2fwETfu4p+s31ytAjMYTw48pH01gTbq/He0r4o
44t8DHu/EytK+FCDWzzr3h9pavt8ypaC6hi1Ebk5jaMKEKIczGEtdvFEPGgKg39c
XQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 55179319609129946823106260375324038886
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Apple Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Apple Public EV Server RSA CA 1 - G1'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-14 19:28:56 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-12-13 19:28:55 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Private Organization'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.2 (jurisdictionOfIncorporationSP)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'California'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'C0806592'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'California'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Cupertino'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Apple Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'mzstatic.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28776590786473755409504402533833833601787441653927447404032515955141844855732422763149478989375950857073267403521179160154928942932480566635560896451079291418091290425220954372856021908542479931447463360118184563968619315569681981439520733804619861423962122177575043720005932451569403875303444976207552998271764292697353223204276152775552785042828434370263269203171293910890322505704370278786817763745420983743362911305963482099426539750525818198015573557244200498214881216377475162695255431569222932578989020350588375541881228336683787102484127626634281577087105626268766386619162240156041529277920184399942142352477
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName d3bdc13ca0cf35b934c5d4dbda100e4cde6afe58
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (110 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://certs.apple.com/apevsrsa1g1.der'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.apple.com/ocsp03-apevsrsa1g101'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (257 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'is5-ssl-int.mzstatic.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mzstatic.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'is1-ssl-int.mzstatic.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'is4-ssl-int.mzstatic.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'is1-ssl.mzstatic.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'is2-ssl.mzstatic.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'is3-ssl.mzstatic.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'is3-ssl-int.mzstatic.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'is4-ssl.mzstatic.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'is2-ssl-int.mzstatic.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'is5-ssl.mzstatic.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (89 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.apple.com/certificateauthority/public'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.2.1 (DigiCert EV policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (46 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.apple.com/apevsrsa1g1.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							2f6d4af4d4cc372c9f63004d4611607863406806
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0044b1431b33eae4c866879467b8aea39a1678dc3eaac9dbeacba3797b141bb0705c5d6159fcc4f586e001278a71d1551d1b6ddcb277b76fac875125507e94a27626b9ff94b0a808c24938dcbecdedbdf2ff91e85708d0fd6f4f788b2de91f5f2395aa3187826a7b17c62185299f4e47b3c20298870118861b735f8cc2a122185aabd3a75ad897519ae954192d55080a1f8a31469ffe0f5aa836484eac3b8b0fdb6f71418d4d67de9e29f43dbd9b62101f9b4a0993ea4ca75705f5ee7293c233f16605cfaa2d478a441cf6ec3710b6a05e4ce357f022cd0072823eb83c0c6e25f2b984562f0a7a4018222975ec554ab4291e8b1e4d049f151cc75c43e5afbcb1f3