mzstatic.com
- Apple Inc. -
Issued by Apple Public EV Server RSA CA 1 - G1
About this certificate
This digital certificate with serial number 29:83:26:80:42:eb:66:a9:94:85:a3:f5:2b:9f:96:e6 was issued on by Apple Inc..
With 11 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Apple Inc.
Company registration number:
C0806592
Organization: Apple Inc.
Organization: Apple Inc.
State / Province:
California
Locality: Cupertino
Country: US
Locality: Cupertino
Country: US
Apple Inc.
Organization:
Apple Inc.
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 29:83:26:80:42:eb:66:a9:94:85:a3:f5:2b:9f:96:e6Serial Number (int): 55179319609129946823106260375324038886
Serial Number lenght: 126 bits, 16 octets
SubjectKeyId: 2f:6d:4a:f4:d4:cc:37:2c:9f:63:00:4d:46:11:60:78:63:40:68:06
AuthorityKeyId: d3:bd:c1:3c:a0:cf:35:b9:34:c5:d4:db:da:10:0e:4c:de:6a:fe:58
Fingerprint (sha1): 49:f5:5c:31:7a:33:f4:37:cf:77:b8:8a:17:f5:5e:01:b0:39:e5:62
Fingerprint (sha256): 11:79:48:4a:41:8a:a0:21:ab:ba:60:e2:b5:27:db:80:83:9c:51:57:16:94:95:25:da:39:7a:af:46:d2:17:6b
Issuing Certificate URL: http://certs.apple.com/apevsrsa1g1.der
Revocation information
OCSP Server: http://ocsp.apple.com/ocsp03-apevsrsa1g101CRL Distribution Point: http://crl.apple.com/apevsrsa1g1.crl
Check the revocation status for certificate mzstatic.com
11
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for mzstatic.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
is5-ssl-int.mzstatic.com
mzstatic.com
is1-ssl-int.mzstatic.com
is4-ssl-int.mzstatic.com
is1-ssl.mzstatic.com
is2-ssl.mzstatic.com
is3-ssl.mzstatic.com
is3-ssl-int.mzstatic.com
is4-ssl.mzstatic.com
is2-ssl-int.mzstatic.com
is5-ssl.mzstatic.com
mzstatic.com
is1-ssl-int.mzstatic.com
is4-ssl-int.mzstatic.com
is1-ssl.mzstatic.com
is2-ssl.mzstatic.com
is3-ssl.mzstatic.com
is3-ssl-int.mzstatic.com
is4-ssl.mzstatic.com
is2-ssl-int.mzstatic.com
is5-ssl.mzstatic.com
Other certificates including the domain name mzstatic.com
(limited to 100 certificates)
itunes.apple.com
mzstatic.com
mzuserxp.itunes.apple.com
discussions-uat.apple.com
itunes.apple.com
mzstatic.com
mzuserxp.itunes.apple.com
mzstatic.com
www.me.com
itunes.apple.com
itunes.apple.com
itunes.apple.com
americasred3.apple.com
itunes.apple.com
mzstatic.com
americasred3.apple.com
discussions-uat.apple.com
discussions-uat.apple.com
discussions-uat.apple.com
mzuserxp.itunes.apple.com
mzuserxp.itunes.apple.com
discussions-uat.apple.com
cloudkit.io
mzstatic.com
mzstatic.com
mzstatic.com
itunes.apple.com
itunes.apple.com
cloudkit.io
apps.itunes.apple.com
mzstatic.com
is1-ssl.mzstatic.com
itunes.apple.com
mzstatic.com
mzstatic.com
itunes.apple.com
itunes.apple.com
mzstatic.com
discussions-uat.apple.com
discussions-uat.apple.com
mzuserxp.itunes.apple.com
itunes.apple.com
mzstatic.com
xp-qa.apple.com
itunes.apple.com
discussions-uat.apple.com
itunes.apple.com
is1-ssl.mzstatic.com
mzstatic.com
mzstatic.com
mzstatic.com
itunes.apple.com
itunes.apple.com
discussions-uat.apple.com
mzuserxp.itunes.apple.com
mzstatic.com
mzstatic.com
itunes.apple.com
itunes.apple.com
mzstatic.com
cloudkit.io
itunes.apple.com
cloudkit.io
apps.mzstatic.com
mzstatic.com
qa.mzstatic.com
apps.itunes.apple.com
itunes.apple.com
mzstatic.com
itunes.apple.com
*.mzstatic.com
discussions-uat.apple.com
static.itunes.apple.com
xp-qa.apple.com
mzstatic.com
mzstatic.com
itunes.apple.com
itunes.apple.com
itunes.apple.com
is1-ssl.mzstatic.com
mzstatic.com
mzstatic.com
apps.mzstatic.com
apps.itunes.apple.com
mzstatic.com
www.me.com
cloudkit.io
mzstatic.com
itunes.apple.com
www.imac.co.nz
itunes.apple.com
xp-qa.apple.com
itunes.apple.com
www.me.com
itunes.apple.com
mzuserxp.itunes.apple.com
discussions-uat.apple.com
mzstatic.com
americasred3.apple.com
itunes.apple.com
mzstatic.com
mzuserxp.itunes.apple.com
discussions-uat.apple.com
itunes.apple.com
mzstatic.com
mzuserxp.itunes.apple.com
mzstatic.com
www.me.com
itunes.apple.com
itunes.apple.com
itunes.apple.com
americasred3.apple.com
itunes.apple.com
mzstatic.com
americasred3.apple.com
discussions-uat.apple.com
discussions-uat.apple.com
discussions-uat.apple.com
mzuserxp.itunes.apple.com
mzuserxp.itunes.apple.com
discussions-uat.apple.com
cloudkit.io
mzstatic.com
mzstatic.com
mzstatic.com
itunes.apple.com
itunes.apple.com
cloudkit.io
apps.itunes.apple.com
mzstatic.com
is1-ssl.mzstatic.com
itunes.apple.com
mzstatic.com
mzstatic.com
itunes.apple.com
itunes.apple.com
mzstatic.com
discussions-uat.apple.com
discussions-uat.apple.com
mzuserxp.itunes.apple.com
itunes.apple.com
mzstatic.com
xp-qa.apple.com
itunes.apple.com
discussions-uat.apple.com
itunes.apple.com
is1-ssl.mzstatic.com
mzstatic.com
mzstatic.com
mzstatic.com
itunes.apple.com
itunes.apple.com
discussions-uat.apple.com
mzuserxp.itunes.apple.com
mzstatic.com
mzstatic.com
itunes.apple.com
itunes.apple.com
mzstatic.com
cloudkit.io
itunes.apple.com
cloudkit.io
apps.mzstatic.com
mzstatic.com
qa.mzstatic.com
apps.itunes.apple.com
itunes.apple.com
mzstatic.com
itunes.apple.com
*.mzstatic.com
discussions-uat.apple.com
static.itunes.apple.com
xp-qa.apple.com
mzstatic.com
mzstatic.com
itunes.apple.com
itunes.apple.com
itunes.apple.com
is1-ssl.mzstatic.com
mzstatic.com
mzstatic.com
apps.mzstatic.com
apps.itunes.apple.com
mzstatic.com
www.me.com
cloudkit.io
mzstatic.com
itunes.apple.com
www.imac.co.nz
itunes.apple.com
xp-qa.apple.com
itunes.apple.com
www.me.com
itunes.apple.com
mzuserxp.itunes.apple.com
discussions-uat.apple.com
mzstatic.com
americasred3.apple.com
itunes.apple.com
Certificate
The complete raw certificate details for mzstatic.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGUzCCBTugAwIBAgIQKYMmgELrZqmUhaP1K5+W5jANBgkqhkiG9w0BAQsFADBR MQswCQYDVQQGEwJVUzETMBEGA1UEChMKQXBwbGUgSW5jLjEtMCsGA1UEAxMkQXBw bGUgUHVibGljIEVWIFNlcnZlciBSU0EgQ0EgMSAtIEcxMB4XDTIzMTExNDE5Mjg1 NloXDTI0MTIxMzE5Mjg1NVowgcYxHTAbBgNVBA8MFFByaXZhdGUgT3JnYW5pemF0 aW9uMRMwEQYLKwYBBAGCNzwCAQMTAlVTMRswGQYLKwYBBAGCNzwCAQIMCkNhbGlm b3JuaWExETAPBgNVBAUTCEMwODA2NTkyMQswCQYDVQQGEwJVUzETMBEGA1UECAwK Q2FsaWZvcm5pYTESMBAGA1UEBwwJQ3VwZXJ0aW5vMRMwEQYDVQQKDApBcHBsZSBJ bmMuMRUwEwYDVQQDDAxtenN0YXRpYy5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDj9Fquee8HwD4ZnGMeUGmlWktaZmEeImAnEAm92VhtsgUXZAKH coFAqyEP++ZPATN7kxNylU7aRBWJQEkHAwaEzBQBmb7un0NKNlqovC0Yz9Jxea+2 975g8aZe8koDHxpKrQZZy/d8kNVSB5oS7IXiq36Px+C6JD0NkZbqRTum/zDLrftp xdD436SYypDmEatSxPGMBg+O3EA2V2MNEiCL3WCQCSr/3aKA6oX5JwtdVnTNvZ/A RN+7in6zfXK0CMxhPDjykfTWBNur8d7Svijji3wMe78TK0r4UINbPOveH2lq+3zK loLqGLURuTmNowoQohzMYS128UQ8aAqDf1xdAgMBAAGjggKvMIICqzAMBgNVHRMB Af8EAjAAMB8GA1UdIwQYMBaAFNO9wTygzzW5NMXU29oQDkzeav5YMHoGCCsGAQUF BwEBBG4wbDAyBggrBgEFBQcwAoYmaHR0cDovL2NlcnRzLmFwcGxlLmNvbS9hcGV2 c3JzYTFnMS5kZXIwNgYIKwYBBQUHMAGGKmh0dHA6Ly9vY3NwLmFwcGxlLmNvbS9v Y3NwMDMtYXBldnNyc2ExZzEwMTCCAQoGA1UdEQSCAQEwgf6CGGlzNS1zc2wtaW50 Lm16c3RhdGljLmNvbYIMbXpzdGF0aWMuY29tghhpczEtc3NsLWludC5tenN0YXRp Yy5jb22CGGlzNC1zc2wtaW50Lm16c3RhdGljLmNvbYIUaXMxLXNzbC5tenN0YXRp Yy5jb22CFGlzMi1zc2wubXpzdGF0aWMuY29tghRpczMtc3NsLm16c3RhdGljLmNv bYIYaXMzLXNzbC1pbnQubXpzdGF0aWMuY29tghRpczQtc3NsLm16c3RhdGljLmNv bYIYaXMyLXNzbC1pbnQubXpzdGF0aWMuY29tghRpczUtc3NsLm16c3RhdGljLmNv bTBgBgNVHSAEWTBXMEgGBWeBDAEBMD8wPQYIKwYBBQUHAgEWMWh0dHBzOi8vd3d3 LmFwcGxlLmNvbS9jZXJ0aWZpY2F0ZWF1dGhvcml0eS9wdWJsaWMwCwYJYIZIAYb9 bAIBMBMGA1UdJQQMMAoGCCsGAQUFBwMBMDUGA1UdHwQuMCwwKqAooCaGJGh0dHA6 Ly9jcmwuYXBwbGUuY29tL2FwZXZzcnNhMWcxLmNybDAdBgNVHQ4EFgQUL21K9NTM NyyfYwBNRhFgeGNAaAYwDgYDVR0PAQH/BAQDAgWgMBMGCisGAQQB1nkCBAMBAf8E AgUAMA0GCSqGSIb3DQEBCwUAA4IBAQBEsUMbM+rkyGaHlGe4rqOaFnjcPqrJ2+rL o3l7FBuwcFxdYVn8xPWG4AEninHRVR0bbdyyd7dvrIdRJVB+lKJ2Jrn/lLCoCMJJ ONy+ze298v+R6FcI0P1vT3iLLekfXyOVqjGHgmp7F8YhhSmfTkezwgKYhwEYhhtz X4zCoSIYWqvTp1rYl1Ga6VQZLVUICh+KMUaf/g9aqDZITqw7iw/bb3FBjU1n3p4p 9D29m2IQH5tKCZPqTKdXBfXucpPCM/FmBc+qLUeKRBz27DcQtqBeTONX8CLNAHKC Prg8DG4l8rmEVi8KekAYIil17FVKtCkeix5NBJ8VHMdcQ+WvvLHz -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4/RarnnvB8A+GZxjHlBp pVpLWmZhHiJgJxAJvdlYbbIFF2QCh3KBQKshD/vmTwEze5MTcpVO2kQViUBJBwMG hMwUAZm+7p9DSjZaqLwtGM/ScXmvtve+YPGmXvJKAx8aSq0GWcv3fJDVUgeaEuyF 4qt+j8fguiQ9DZGW6kU7pv8wy637acXQ+N+kmMqQ5hGrUsTxjAYPjtxANldjDRIg i91gkAkq/92igOqF+ScLXVZ0zb2fwETfu4p+s31ytAjMYTw48pH01gTbq/He0r4o 44t8DHu/EytK+FCDWzzr3h9pavt8ypaC6hi1Ebk5jaMKEKIczGEtdvFEPGgKg39c XQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 55179319609129946823106260375324038886 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Apple Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Apple Public EV Server RSA CA 1 - G1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-14 19:28:56 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-12-13 19:28:55 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Private Organization' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.2 (jurisdictionOfIncorporationSP) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'California' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'C0806592' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'California' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Cupertino' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Apple Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'mzstatic.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28776590786473755409504402533833833601787441653927447404032515955141844855732422763149478989375950857073267403521179160154928942932480566635560896451079291418091290425220954372856021908542479931447463360118184563968619315569681981439520733804619861423962122177575043720005932451569403875303444976207552998271764292697353223204276152775552785042828434370263269203171293910890322505704370278786817763745420983743362911305963482099426539750525818198015573557244200498214881216377475162695255431569222932578989020350588375541881228336683787102484127626634281577087105626268766386619162240156041529277920184399942142352477 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName d3bdc13ca0cf35b934c5d4dbda100e4cde6afe58 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (110 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://certs.apple.com/apevsrsa1g1.der' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.apple.com/ocsp03-apevsrsa1g101' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (257 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'is5-ssl-int.mzstatic.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mzstatic.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'is1-ssl-int.mzstatic.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'is4-ssl-int.mzstatic.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'is1-ssl.mzstatic.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'is2-ssl.mzstatic.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'is3-ssl.mzstatic.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'is3-ssl-int.mzstatic.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'is4-ssl.mzstatic.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'is2-ssl-int.mzstatic.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'is5-ssl.mzstatic.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (89 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.apple.com/certificateauthority/public' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.2.1 (DigiCert EV policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (46 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.apple.com/apevsrsa1g1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 2f6d4af4d4cc372c9f63004d4611607863406806 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0044b1431b33eae4c866879467b8aea39a1678dc3eaac9dbeacba3797b141bb0705c5d6159fcc4f586e001278a71d1551d1b6ddcb277b76fac875125507e94a27626b9ff94b0a808c24938dcbecdedbdf2ff91e85708d0fd6f4f788b2de91f5f2395aa3187826a7b17c62185299f4e47b3c20298870118861b735f8cc2a122185aabd3a75ad897519ae954192d55080a1f8a31469ffe0f5aa836484eac3b8b0fdb6f71418d4d67de9e29f43dbd9b62101f9b4a0993ea4ca75705f5ee7293c233f16605cfaa2d478a441cf6ec3710b6a05e4ce357f022cd0072823eb83c0c6e25f2b984562f0a7a4018222975ec554ab4291e8b1e4d049f151cc75c43e5afbcb1f3