is1-ssl.mzstatic.com
- Apple Inc. -
Issued by Apple Public EV Server RSA CA 3 - G1
About this certificate
This digital certificate with serial number 26:0a:d6:2a:6f:84:e8:c3:38:b2:a8:f8:6c:b4:4f:72 was issued on by Apple Inc..
With 5 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Apple Inc.
Company registration number:
C0806592
Organization: Apple Inc.
Organization: Apple Inc.
State / Province:
California
Locality: Cupertino
Country: US
Locality: Cupertino
Country: US
Apple Inc.
Organization:
Apple Inc.
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 26:0a:d6:2a:6f:84:e8:c3:38:b2:a8:f8:6c:b4:4f:72Serial Number (int): 50566930606163671991785944302038044530
Serial Number lenght: 126 bits, 16 octets
SubjectKeyId: 6f:92:1f:aa:40:30:a3:c5:b6:8e:c1:21:fa:88:17:b2:88:d3:44:3c
AuthorityKeyId: 77:fc:2f:34:69:53:13:ce:c9:ac:5f:9a:3d:a3:88:d7:86:63:49:ba
Fingerprint (sha1): 4b:a9:38:9e:7b:19:47:6e:ba:7d:1e:3a:18:d6:de:07:ab:1a:df:60
Fingerprint (sha256): 14:13:b1:6c:c7:2a:20:88:75:18:0d:fa:ff:69:27:07:21:dd:48:a9:dd:1b:07:33:4e:48:97:d9:51:42:a6:d4
Issuing Certificate URL: http://certs.apple.com/apevsrsaca3g1.der
Revocation information
OCSP Server: http://ocsp.apple.com/ocsp03-apevsrsaca3g101CRL Distribution Point: http://crl.apple.com/apevsrsaca3g1.crl
Check the revocation status for certificate is1-ssl.mzstatic.com
5
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for is1-ssl.mzstatic.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
is2-ssl.mzstatic.com
is5-ssl.mzstatic.com
is1-ssl.mzstatic.com
is3-ssl.mzstatic.com
is4-ssl.mzstatic.com
is5-ssl.mzstatic.com
is1-ssl.mzstatic.com
is3-ssl.mzstatic.com
is4-ssl.mzstatic.com
Other certificates including the domain name mzstatic.com
(limited to 100 certificates)
itunes.apple.com
mzstatic.com
mzuserxp.itunes.apple.com
discussions-uat.apple.com
itunes.apple.com
mzstatic.com
mzuserxp.itunes.apple.com
mzstatic.com
www.me.com
itunes.apple.com
itunes.apple.com
itunes.apple.com
americasred3.apple.com
itunes.apple.com
mzstatic.com
americasred3.apple.com
discussions-uat.apple.com
discussions-uat.apple.com
discussions-uat.apple.com
mzuserxp.itunes.apple.com
mzuserxp.itunes.apple.com
discussions-uat.apple.com
cloudkit.io
mzstatic.com
mzstatic.com
mzstatic.com
itunes.apple.com
itunes.apple.com
cloudkit.io
apps.itunes.apple.com
mzstatic.com
is1-ssl.mzstatic.com
itunes.apple.com
mzstatic.com
mzstatic.com
itunes.apple.com
itunes.apple.com
mzstatic.com
discussions-uat.apple.com
discussions-uat.apple.com
mzuserxp.itunes.apple.com
itunes.apple.com
mzstatic.com
xp-qa.apple.com
itunes.apple.com
discussions-uat.apple.com
itunes.apple.com
is1-ssl.mzstatic.com
mzstatic.com
mzstatic.com
mzstatic.com
itunes.apple.com
itunes.apple.com
discussions-uat.apple.com
mzuserxp.itunes.apple.com
mzstatic.com
mzstatic.com
itunes.apple.com
itunes.apple.com
mzstatic.com
cloudkit.io
itunes.apple.com
cloudkit.io
apps.mzstatic.com
mzstatic.com
qa.mzstatic.com
apps.itunes.apple.com
itunes.apple.com
mzstatic.com
itunes.apple.com
*.mzstatic.com
discussions-uat.apple.com
static.itunes.apple.com
xp-qa.apple.com
mzstatic.com
mzstatic.com
itunes.apple.com
itunes.apple.com
itunes.apple.com
is1-ssl.mzstatic.com
mzstatic.com
mzstatic.com
apps.mzstatic.com
apps.itunes.apple.com
mzstatic.com
www.me.com
cloudkit.io
mzstatic.com
itunes.apple.com
www.imac.co.nz
itunes.apple.com
xp-qa.apple.com
itunes.apple.com
www.me.com
itunes.apple.com
mzuserxp.itunes.apple.com
discussions-uat.apple.com
mzstatic.com
americasred3.apple.com
itunes.apple.com
mzstatic.com
mzuserxp.itunes.apple.com
discussions-uat.apple.com
itunes.apple.com
mzstatic.com
mzuserxp.itunes.apple.com
mzstatic.com
www.me.com
itunes.apple.com
itunes.apple.com
itunes.apple.com
americasred3.apple.com
itunes.apple.com
mzstatic.com
americasred3.apple.com
discussions-uat.apple.com
discussions-uat.apple.com
discussions-uat.apple.com
mzuserxp.itunes.apple.com
mzuserxp.itunes.apple.com
discussions-uat.apple.com
cloudkit.io
mzstatic.com
mzstatic.com
mzstatic.com
itunes.apple.com
itunes.apple.com
cloudkit.io
apps.itunes.apple.com
mzstatic.com
is1-ssl.mzstatic.com
itunes.apple.com
mzstatic.com
mzstatic.com
itunes.apple.com
itunes.apple.com
mzstatic.com
discussions-uat.apple.com
discussions-uat.apple.com
mzuserxp.itunes.apple.com
itunes.apple.com
mzstatic.com
xp-qa.apple.com
itunes.apple.com
discussions-uat.apple.com
itunes.apple.com
is1-ssl.mzstatic.com
mzstatic.com
mzstatic.com
mzstatic.com
itunes.apple.com
itunes.apple.com
discussions-uat.apple.com
mzuserxp.itunes.apple.com
mzstatic.com
mzstatic.com
itunes.apple.com
itunes.apple.com
mzstatic.com
cloudkit.io
itunes.apple.com
cloudkit.io
apps.mzstatic.com
mzstatic.com
qa.mzstatic.com
apps.itunes.apple.com
itunes.apple.com
mzstatic.com
itunes.apple.com
*.mzstatic.com
discussions-uat.apple.com
static.itunes.apple.com
xp-qa.apple.com
mzstatic.com
mzstatic.com
itunes.apple.com
itunes.apple.com
itunes.apple.com
is1-ssl.mzstatic.com
mzstatic.com
mzstatic.com
apps.mzstatic.com
apps.itunes.apple.com
mzstatic.com
www.me.com
cloudkit.io
mzstatic.com
itunes.apple.com
www.imac.co.nz
itunes.apple.com
xp-qa.apple.com
itunes.apple.com
www.me.com
itunes.apple.com
mzuserxp.itunes.apple.com
discussions-uat.apple.com
mzstatic.com
americasred3.apple.com
itunes.apple.com
Certificate
The complete raw certificate details for is1-ssl.mzstatic.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFzDCCBLSgAwIBAgIQJgrWKm+E6MM4sqj4bLRPcjANBgkqhkiG9w0BAQsFADBR MQswCQYDVQQGEwJVUzETMBEGA1UEChMKQXBwbGUgSW5jLjEtMCsGA1UEAxMkQXBw bGUgUHVibGljIEVWIFNlcnZlciBSU0EgQ0EgMyAtIEcxMB4XDTIzMTEyNzE5MzEz NloXDTI0MDUyNTE5NDEzNlowgc4xHTAbBgNVBA8MFFByaXZhdGUgT3JnYW5pemF0 aW9uMRMwEQYLKwYBBAGCNzwCAQMTAlVTMRswGQYLKwYBBAGCNzwCAQIMCkNhbGlm b3JuaWExETAPBgNVBAUTCEMwODA2NTkyMQswCQYDVQQGEwJVUzETMBEGA1UECAwK Q2FsaWZvcm5pYTESMBAGA1UEBwwJQ3VwZXJ0aW5vMRMwEQYDVQQKDApBcHBsZSBJ bmMuMR0wGwYDVQQDDBRpczEtc3NsLm16c3RhdGljLmNvbTCCASIwDQYJKoZIhvcN AQEBBQADggEPADCCAQoCggEBANkSg0++s+uzNSzfEJBX8xYnq1XJ2Ty9DOGDSCCG dpUWTUPCIWMTVZMkzP2DIwPEkFE8nkZXbmH2hZSHxspm4Jh6CRjtNsHNceu1fTRb sME159dqJAR6ANxW6GElrDupNKDrdHKPtU/xb4iLpBSUtI1cKJJRkGnd21d16nsn 5mDi8VStpB4UhTcT/rhZPVJEu9So/UIfnF8NDAFelg+Um3B7b3wCqeZMeWRdPgyg bswVAe6YbxsZDbiDPnjWYG55m08DeDMVDFAFrh3dw5uGCpxR6aLNkfOzGlUjNyrj hYPvvN6Cnvwrw2KNwKOh/ELBDzMtR/LF4I62ggnGlasA5XECAwEAAaOCAiAwggIc MAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAUd/wvNGlTE87JrF+aPaOI14ZjSbow fgYIKwYBBQUHAQEEcjBwMDQGCCsGAQUFBzAChihodHRwOi8vY2VydHMuYXBwbGUu Y29tL2FwZXZzcnNhY2EzZzEuZGVyMDgGCCsGAQUFBzABhixodHRwOi8vb2NzcC5h cHBsZS5jb20vb2NzcDAzLWFwZXZzcnNhY2EzZzEwMTB3BgNVHREEcDBughRpczIt c3NsLm16c3RhdGljLmNvbYIUaXM1LXNzbC5tenN0YXRpYy5jb22CFGlzMS1zc2wu bXpzdGF0aWMuY29tghRpczMtc3NsLm16c3RhdGljLmNvbYIUaXM0LXNzbC5tenN0 YXRpYy5jb20wYAYDVR0gBFkwVzBIBgVngQwBATA/MD0GCCsGAQUFBwIBFjFodHRw czovL3d3dy5hcHBsZS5jb20vY2VydGlmaWNhdGVhdXRob3JpdHkvcHVibGljMAsG CWCGSAGG/WwCATATBgNVHSUEDDAKBggrBgEFBQcDATA3BgNVHR8EMDAuMCygKqAo hiZodHRwOi8vY3JsLmFwcGxlLmNvbS9hcGV2c3JzYWNhM2cxLmNybDAdBgNVHQ4E FgQUb5IfqkAwo8W2jsEh+ogXsojTRDwwDgYDVR0PAQH/BAQDAgWgMBMGCisGAQQB 1nkCBAMBAf8EAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQAb3gHJu6TrW0nE3Yai/tTK RXuFvE0x3QuUvVkIrUn1ODSu3vBlXhCE/pYtjIvJu0xEu6BBg7bUbIJGzA9ryv4f 4siH2p2cOmwZ+pc5P3cTqIHV2nb2VWVhuIExRu5XngaTCByg5uE1oKWP3zWfiSEF jqzqI/LyVvpge8vFb5jbReurZPMdtQelIw90cwjGA+5oHabDMHUmpjTRIunhaWzR CzjNHTh/iGW8cuobEb09pTMh4rnD1lMJQHBogQORzU4t8g2KHSR6o1md2zYVUQBc Z94Kl/lsnrKAleG3y7+4pSHB35sCJsMVfHMeG80a2TGTwbqLjnllgqvuCmXlA+16 -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2RKDT76z67M1LN8QkFfz FierVcnZPL0M4YNIIIZ2lRZNQ8IhYxNVkyTM/YMjA8SQUTyeRlduYfaFlIfGymbg mHoJGO02wc1x67V9NFuwwTXn12okBHoA3FboYSWsO6k0oOt0co+1T/FviIukFJS0 jVwoklGQad3bV3XqeyfmYOLxVK2kHhSFNxP+uFk9UkS71Kj9Qh+cXw0MAV6WD5Sb cHtvfAKp5kx5ZF0+DKBuzBUB7phvGxkNuIM+eNZgbnmbTwN4MxUMUAWuHd3Dm4YK nFHpos2R87MaVSM3KuOFg++83oKe/CvDYo3Ao6H8QsEPMy1H8sXgjraCCcaVqwDl cQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 50566930606163671991785944302038044530 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Apple Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Apple Public EV Server RSA CA 3 - G1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-27 19:31:36 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-25 19:41:36 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Private Organization' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.2 (jurisdictionOfIncorporationSP) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'California' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'C0806592' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'California' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Cupertino' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Apple Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'is1-ssl.mzstatic.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27402841246404956705699485472626463075978192184079495804483865475968754278033392076936595925084184466698354582760711814769106249542022296767920744671370394321150084300463848076916919384889122350472168341193529203505887073134439305027056983214983530922996566838909676756990059894012041442314037679198421786191010090444908799194831271811509306983655957667503269889565441136056431778863051264712566892309300789450500932267408471290663445662608172701030205866027769444986483583362736838444701315865591726976588209962089768704930500021206152515807037637937591496703051587513241751953905464086558401508850952809914738730353 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 77fc2f34695313cec9ac5f9a3da388d7866349ba . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (114 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://certs.apple.com/apevsrsaca3g1.der' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.apple.com/ocsp03-apevsrsaca3g101' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (112 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'is2-ssl.mzstatic.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'is5-ssl.mzstatic.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'is1-ssl.mzstatic.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'is3-ssl.mzstatic.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'is4-ssl.mzstatic.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (89 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.apple.com/certificateauthority/public' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.2.1 (DigiCert EV policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (48 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.apple.com/apevsrsaca3g1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 6f921faa4030a3c5b68ec121fa8817b288d3443c . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 001bde01c9bba4eb5b49c4dd86a2fed4ca457b85bc4d31dd0b94bd5908ad49f53834aedef0655e1084fe962d8c8bc9bb4c44bba04183b6d46c8246cc0f6bcafe1fe2c887da9d9c3a6c19fa97393f7713a881d5da76f6556561b8813146ee579e0693081ca0e6e135a0a58fdf359f8921058eacea23f2f256fa607bcbc56f98db45ebab64f31db507a5230f747308c603ee681da6c3307526a634d122e9e1696cd10b38cd1d387f8865bc72ea1b11bd3da53321e2b9c3d65309407068810391cd4e2df20d8a1d247aa3599ddb361551005c67de0a97f96c9eb28095e1b7cbbfb8a521c1df9b0226c3157c731e1bcd1ad93193c1ba8b8e796582abee0a65e503ed7a