static.itunes.apple.com
- Apple Inc. -
Issued by Apple Public EV Server RSA CA 2 - G1
About this certificate
This digital certificate with serial number 68:b9:52:5d:11:21:0a:27:56:5f:62:ee:b2:8e:60:d5 was issued on by Apple Inc..
With 37 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Apple Inc.
Company registration number:
C0806592
Organization: Apple Inc.
Organization: Apple Inc.
State / Province:
California
Locality: Cupertino
Country: US
Locality: Cupertino
Country: US
Apple Inc.
Organization:
Apple Inc.
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 68:b9:52:5d:11:21:0a:27:56:5f:62:ee:b2:8e:60:d5Serial Number (int): 139201957011567994825154034453852348629
Serial Number lenght: 127 bits, 16 octets
SubjectKeyId: 69:74:c7:bf:48:fd:db:18:db:de:29:05:ea:2f:2c:06:a5:10:45:66
AuthorityKeyId: 50:55:ab:43:a1:af:a9:48:2b:5a:c1:a2:87:89:04:e4:7a:0e:ca:da
Fingerprint (sha1): f8:53:cc:63:f8:e7:6f:cc:5f:6c:88:b4:62:aa:95:a2:fd:68:0b:34
Fingerprint (sha256): 1f:a0:d9:58:9d:a3:39:13:23:a5:5b:34:75:86:3c:e4:27:cb:08:06:4c:f9:0a:47:75:f1:26:fe:ef:f1:c7:31
Issuing Certificate URL: http://certs.apple.com/apevsrsa2g1.der
Revocation information
OCSP Server: http://ocsp.apple.com/ocsp03-apevsrsa2g101CRL Distribution Point: http://crl.apple.com/apevsrsa2g1.crl
Check the revocation status for certificate static.itunes.apple.com
37
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for static.itunes.apple.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
genius.itunes.apple.com
pcr.apple.com
ld-2.itunes.apple.com
genius-download-2.itunes.apple.com
ld-nk11.itunes.apple.com
du.itunes.apple.com
pd-st.itunes.apple.com
cma.itunes.apple.com
ld-1.itunes.apple.com
feeds.itunes.apple.com
uclient-api.itunes.apple.com
ld-st11.itunes.apple.com
genius-2.itunes.apple.com
music.apple.com
api.ent.apple.com
sitemanager.itunes.apple.com
ld-3.itunes.apple.com
ld-8.itunes.apple.com
ld-5.itunes.apple.com
ld-6.itunes.apple.com
sonos-music.apple.com
userpub.itunes.apple.com
vpp.itunes.apple.com
myapp.itunes.apple.com
homesharing.itunes.apple.com
pd-nk.itunes.apple.com
static.itunes.apple.com
ld-4.itunes.apple.com
volume.itunes.apple.com
genius-download.itunes.apple.com
genius-upload-2.itunes.apple.com
apps-internal.mzstatic.com
partiality.itunes.apple.com
genius-upload.itunes.apple.com
ld-7.itunes.apple.com
my.itunes.apple.com
cma2.itunes.apple.com
pcr.apple.com
ld-2.itunes.apple.com
genius-download-2.itunes.apple.com
ld-nk11.itunes.apple.com
du.itunes.apple.com
pd-st.itunes.apple.com
cma.itunes.apple.com
ld-1.itunes.apple.com
feeds.itunes.apple.com
uclient-api.itunes.apple.com
ld-st11.itunes.apple.com
genius-2.itunes.apple.com
music.apple.com
api.ent.apple.com
sitemanager.itunes.apple.com
ld-3.itunes.apple.com
ld-8.itunes.apple.com
ld-5.itunes.apple.com
ld-6.itunes.apple.com
sonos-music.apple.com
userpub.itunes.apple.com
vpp.itunes.apple.com
myapp.itunes.apple.com
homesharing.itunes.apple.com
pd-nk.itunes.apple.com
static.itunes.apple.com
ld-4.itunes.apple.com
volume.itunes.apple.com
genius-download.itunes.apple.com
genius-upload-2.itunes.apple.com
apps-internal.mzstatic.com
partiality.itunes.apple.com
genius-upload.itunes.apple.com
ld-7.itunes.apple.com
my.itunes.apple.com
cma2.itunes.apple.com
Other certificates including the domain name apple.com
(limited to 100 certificates)
itunes.apple.com
ja.ls.apple.com
origin-discussions2-us-dr-prz.apple.com
training.apple.com
reserves-prime.prz.apple.com
app001.apple.com
deployment-pv50.ls.apple.com
itunes.apple.com
reserve-prime.apple.com
gsp81-ssl-e1118.ls.apple.com
gsp102-ssl-e1502.ls.apple.com
api.searchads.apple.com
idmsa-uat.apple.com
webpay-sh-pilot.apple.com
mzstatic.com
store-029.blobstore.apple.com
beatsglobalquality-uat.corp.apple.com
rw.apple.com
stg-pod1-smp.corp.apple.com
gr-api-video-h-aapne1a.smoot.apple.com
web-ext-mmap-ce01.apple.com
assurance-jigglebilly.apple.com
usl-expe1405.apple.com
store-995.blobstore.apple.com
sapecc-prd-ext.sap.apple.com
swdlp.apple.com
gsx.apple.com
gsp-ssl-e1134.ls.apple.com
clx-dev.apple.com
noodle.apple.com
gsp11-ty21-dlb-2.ls.apple.com
mzuserxp.itunes.apple.com
gsp64-st14-ssl-dlb.ls.apple.com
gsp45-ssl-e1356.ls.apple.com
gsp12-st14-dlb-2.ls.apple.com
discussions-uat.apple.com
dc-portal.apple.com
supplier.apple.com
gsp48-kittyhawk-qs55-ssl.ls.apple.com
gsp81-ssl-e1502.ls.apple.com
gsp48-ssl-e691.ls.apple.com
mapsconnectapi.ls.apple.com
wdg01-uat.apple.com
wellnessclassic.apple.com
api-partner-connect-uat1.apple.com
people.apple.com
supplier-registration.apple.com
gsp60-ssl-e997.ls.apple.com
ssuat.apple.com
locate.apple.com
itunes.apple.com
suppliernet.apple.com
gsp79-am31-dlb.ls.apple.com
smp-device-qa3.apple.com
eurored3.apple.com
devcon-oomnshuttleist-test.apple.com
coreservices-e1506-ms11-bistunium-k8straefik.ls.apple.com
dmo-vip01-storeinfo.retailtech.apple.com
gsp70-ssl-e706.ls.apple.com
dinah05.corp.apple.com
gsp1-ssl.apple.com
gspe85-cn-ssl.ls.apple.com
vorpal-relay.apple.com
bswe.apple.com
cma.itunes.apple.com
gsp-ssl-apne1-ash.ls.apple.com
theloop-stage.apple.com
tokenvalidation.apple.com
linkmaker.itunes.apple.com
gsp70-ssl-e1633.ls.apple.com
gsp63-ms12-kittyhawk-ssl.ls.apple.com
gsp-ssl-sl61-ipv6.ls.apple.com
aws-onepulse.apple.com
nightcap-events.apple.com
argo-api.apple.com
gsp12-kh-st14-1.ls.apple.com
gsp59-ssl-e506.ls.apple.com
mr-apple-com2.apple.com
ocservice.apple.com
gsp36-ssl-e1627.ls.apple.com
marketing.apple.com
ioss-callbackservices-qa3.apple.com
gsp19-kh-ms12.ls.apple.com
madeforipodandiphone.apple.com
gspe19-ssl.ls.apple.com
gsp19-1-kittyhawk-ci77-ssl.ls.apple.com
cs-integrations-stage.apple.com
gsp35-ty21-ssl.ls.apple.com
gbiportal-apps-external.apple.com
plmtest2.apple.com
gsp3-sy02-ssl.ls.apple.com
gspe35-ssl.ls.apple.com
gsp76-ty21-01.ls.apple.com
ne-access.apple.com
profilebroker.apple.com
axm-scim-qa12.apple.com
gsp95-hk02-stage-ssl.ls.apple.com
contactretail.apple.com
caffemacs-aa-prz.apple.com
bam.corp.apple.com
ja.ls.apple.com
origin-discussions2-us-dr-prz.apple.com
training.apple.com
reserves-prime.prz.apple.com
app001.apple.com
deployment-pv50.ls.apple.com
itunes.apple.com
reserve-prime.apple.com
gsp81-ssl-e1118.ls.apple.com
gsp102-ssl-e1502.ls.apple.com
api.searchads.apple.com
idmsa-uat.apple.com
webpay-sh-pilot.apple.com
mzstatic.com
store-029.blobstore.apple.com
beatsglobalquality-uat.corp.apple.com
rw.apple.com
stg-pod1-smp.corp.apple.com
gr-api-video-h-aapne1a.smoot.apple.com
web-ext-mmap-ce01.apple.com
assurance-jigglebilly.apple.com
usl-expe1405.apple.com
store-995.blobstore.apple.com
sapecc-prd-ext.sap.apple.com
swdlp.apple.com
gsx.apple.com
gsp-ssl-e1134.ls.apple.com
clx-dev.apple.com
noodle.apple.com
gsp11-ty21-dlb-2.ls.apple.com
mzuserxp.itunes.apple.com
gsp64-st14-ssl-dlb.ls.apple.com
gsp45-ssl-e1356.ls.apple.com
gsp12-st14-dlb-2.ls.apple.com
discussions-uat.apple.com
dc-portal.apple.com
supplier.apple.com
gsp48-kittyhawk-qs55-ssl.ls.apple.com
gsp81-ssl-e1502.ls.apple.com
gsp48-ssl-e691.ls.apple.com
mapsconnectapi.ls.apple.com
wdg01-uat.apple.com
wellnessclassic.apple.com
api-partner-connect-uat1.apple.com
people.apple.com
supplier-registration.apple.com
gsp60-ssl-e997.ls.apple.com
ssuat.apple.com
locate.apple.com
itunes.apple.com
suppliernet.apple.com
gsp79-am31-dlb.ls.apple.com
smp-device-qa3.apple.com
eurored3.apple.com
devcon-oomnshuttleist-test.apple.com
coreservices-e1506-ms11-bistunium-k8straefik.ls.apple.com
dmo-vip01-storeinfo.retailtech.apple.com
gsp70-ssl-e706.ls.apple.com
dinah05.corp.apple.com
gsp1-ssl.apple.com
gspe85-cn-ssl.ls.apple.com
vorpal-relay.apple.com
bswe.apple.com
cma.itunes.apple.com
gsp-ssl-apne1-ash.ls.apple.com
theloop-stage.apple.com
tokenvalidation.apple.com
linkmaker.itunes.apple.com
gsp70-ssl-e1633.ls.apple.com
gsp63-ms12-kittyhawk-ssl.ls.apple.com
gsp-ssl-sl61-ipv6.ls.apple.com
aws-onepulse.apple.com
nightcap-events.apple.com
argo-api.apple.com
gsp12-kh-st14-1.ls.apple.com
gsp59-ssl-e506.ls.apple.com
mr-apple-com2.apple.com
ocservice.apple.com
gsp36-ssl-e1627.ls.apple.com
marketing.apple.com
ioss-callbackservices-qa3.apple.com
gsp19-kh-ms12.ls.apple.com
madeforipodandiphone.apple.com
gspe19-ssl.ls.apple.com
gsp19-1-kittyhawk-ci77-ssl.ls.apple.com
cs-integrations-stage.apple.com
gsp35-ty21-ssl.ls.apple.com
gbiportal-apps-external.apple.com
plmtest2.apple.com
gsp3-sy02-ssl.ls.apple.com
gspe35-ssl.ls.apple.com
gsp76-ty21-01.ls.apple.com
ne-access.apple.com
profilebroker.apple.com
axm-scim-qa12.apple.com
gsp95-hk02-stage-ssl.ls.apple.com
contactretail.apple.com
caffemacs-aa-prz.apple.com
bam.corp.apple.com
Certificate
The complete raw certificate details for static.itunes.apple.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIII/zCCB+egAwIBAgIQaLlSXREhCidWX2Luso5g1TANBgkqhkiG9w0BAQsFADBR MQswCQYDVQQGEwJVUzETMBEGA1UEChMKQXBwbGUgSW5jLjEtMCsGA1UEAxMkQXBw bGUgUHVibGljIEVWIFNlcnZlciBSU0EgQ0EgMiAtIEcxMB4XDTI0MDEwOTIwMjk1 M1oXDTI0MDcwNzIwMzk1M1owgdExHTAbBgNVBA8MFFByaXZhdGUgT3JnYW5pemF0 aW9uMRMwEQYLKwYBBAGCNzwCAQMTAlVTMRswGQYLKwYBBAGCNzwCAQIMCkNhbGlm b3JuaWExETAPBgNVBAUTCEMwODA2NTkyMQswCQYDVQQGEwJVUzETMBEGA1UECAwK Q2FsaWZvcm5pYTESMBAGA1UEBwwJQ3VwZXJ0aW5vMRMwEQYDVQQKDApBcHBsZSBJ bmMuMSAwHgYDVQQDDBdzdGF0aWMuaXR1bmVzLmFwcGxlLmNvbTCCASIwDQYJKoZI hvcNAQEBBQADggEPADCCAQoCggEBAMDIhxBMw/+RdBp7ypaXA1AiMWqV+GnGw0xU +hqKJ3gYUq9goxqFIBJLEfdvo/e65R6CaUCmHpPDe2vTodDsJKLMFizNt/lo85OU MTkxsMlG3HjSGqCNlMCvgnm7LMf9EsyHfcOhEeCUJIgRLr4KSPQDyOaqJY2scPKm VZ7leK+aadhXEj4QdKZg9fe7lP5DSUjqmOb/FhZJq8OX8Ilw7QqhWzlN66/+HEqh fdf8/kl99Qn382bvkX4KXM+ZPmjEYEHhVvIVB8mACUlaSSQ7eUJk0wI4F4mncz0D xhmXV1skgZ4QUdil/pdkc+qy/w8f127scLGhZcUbFiSP1AaGrO8CAwEAAaOCBVAw ggVMMAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAUUFWrQ6GvqUgrWsGih4kE5HoO ytowegYIKwYBBQUHAQEEbjBsMDIGCCsGAQUFBzAChiZodHRwOi8vY2VydHMuYXBw bGUuY29tL2FwZXZzcnNhMmcxLmRlcjA2BggrBgEFBQcwAYYqaHR0cDovL29jc3Au YXBwbGUuY29tL29jc3AwMy1hcGV2c3JzYTJnMTAxMIIDqwYDVR0RBIIDojCCA56C F2dlbml1cy5pdHVuZXMuYXBwbGUuY29tgg1wY3IuYXBwbGUuY29tghVsZC0yLml0 dW5lcy5hcHBsZS5jb22CImdlbml1cy1kb3dubG9hZC0yLml0dW5lcy5hcHBsZS5j b22CGGxkLW5rMTEuaXR1bmVzLmFwcGxlLmNvbYITZHUuaXR1bmVzLmFwcGxlLmNv bYIWcGQtc3QuaXR1bmVzLmFwcGxlLmNvbYIUY21hLml0dW5lcy5hcHBsZS5jb22C FWxkLTEuaXR1bmVzLmFwcGxlLmNvbYIWZmVlZHMuaXR1bmVzLmFwcGxlLmNvbYIc dWNsaWVudC1hcGkuaXR1bmVzLmFwcGxlLmNvbYIYbGQtc3QxMS5pdHVuZXMuYXBw bGUuY29tghlnZW5pdXMtMi5pdHVuZXMuYXBwbGUuY29tgg9tdXNpYy5hcHBsZS5j b22CEWFwaS5lbnQuYXBwbGUuY29tghxzaXRlbWFuYWdlci5pdHVuZXMuYXBwbGUu Y29tghVsZC0zLml0dW5lcy5hcHBsZS5jb22CFWxkLTguaXR1bmVzLmFwcGxlLmNv bYIVbGQtNS5pdHVuZXMuYXBwbGUuY29tghVsZC02Lml0dW5lcy5hcHBsZS5jb22C FXNvbm9zLW11c2ljLmFwcGxlLmNvbYIYdXNlcnB1Yi5pdHVuZXMuYXBwbGUuY29t ghR2cHAuaXR1bmVzLmFwcGxlLmNvbYIWbXlhcHAuaXR1bmVzLmFwcGxlLmNvbYIc aG9tZXNoYXJpbmcuaXR1bmVzLmFwcGxlLmNvbYIWcGQtbmsuaXR1bmVzLmFwcGxl LmNvbYIXc3RhdGljLml0dW5lcy5hcHBsZS5jb22CFWxkLTQuaXR1bmVzLmFwcGxl LmNvbYIXdm9sdW1lLml0dW5lcy5hcHBsZS5jb22CIGdlbml1cy1kb3dubG9hZC5p dHVuZXMuYXBwbGUuY29tgiBnZW5pdXMtdXBsb2FkLTIuaXR1bmVzLmFwcGxlLmNv bYIaYXBwcy1pbnRlcm5hbC5tenN0YXRpYy5jb22CG3BhcnRpYWxpdHkuaXR1bmVz LmFwcGxlLmNvbYIeZ2VuaXVzLXVwbG9hZC5pdHVuZXMuYXBwbGUuY29tghVsZC03 Lml0dW5lcy5hcHBsZS5jb22CE215Lml0dW5lcy5hcHBsZS5jb22CFWNtYTIuaXR1 bmVzLmFwcGxlLmNvbTBgBgNVHSAEWTBXMEgGBWeBDAEBMD8wPQYIKwYBBQUHAgEW MWh0dHBzOi8vd3d3LmFwcGxlLmNvbS9jZXJ0aWZpY2F0ZWF1dGhvcml0eS9wdWJs aWMwCwYJYIZIAYb9bAIBMBMGA1UdJQQMMAoGCCsGAQUFBwMBMDUGA1UdHwQuMCww KqAooCaGJGh0dHA6Ly9jcmwuYXBwbGUuY29tL2FwZXZzcnNhMmcxLmNybDAdBgNV HQ4EFgQUaXTHv0j92xjb3ikF6i8sBqUQRWYwDgYDVR0PAQH/BAQDAgWgMBMGCisG AQQB1nkCBAMBAf8EAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQDIQ4XDPjbwv3M/yQFW 19BqG0Jl5vbVMDODVMMFgiRuu7jiR08D9vC0Ik5BfcMcmCKZ/UQklqHVP3QUNOyq DKpvAwsdkwqSr1uCaMKY+tb9Uj9Id7eykE5XEo9kg3d5pImzhrIqwrsoO1cjRQWt JQHhM405FHMpl19jU7fZSqQVikkViD4Pjr4JglP8L2WyBiUSTfmSVHGur9uktsOF CsOwssWcXs1jl4oUPvMJaoxNWxGgVvLx4clgiXVPnIYKeSbRunyLJSFaMToXu1vY xvLUxr9+TmxSm/DaA04QETN/zj1FWkYdWGvA9Lo0g2EDkyMzn9MptHFN6+ZxhjbT KtNi -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwMiHEEzD/5F0GnvKlpcD UCIxapX4acbDTFT6GooneBhSr2CjGoUgEksR92+j97rlHoJpQKYek8N7a9Oh0Owk oswWLM23+Wjzk5QxOTGwyUbceNIaoI2UwK+Cebssx/0SzId9w6ER4JQkiBEuvgpI 9API5qoljaxw8qZVnuV4r5pp2FcSPhB0pmD197uU/kNJSOqY5v8WFkmrw5fwiXDt CqFbOU3rr/4cSqF91/z+SX31CffzZu+Rfgpcz5k+aMRgQeFW8hUHyYAJSVpJJDt5 QmTTAjgXiadzPQPGGZdXWySBnhBR2KX+l2Rz6rL/Dx/XbuxwsaFlxRsWJI/UBoas 7wIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 139201957011567994825154034453852348629 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Apple Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Apple Public EV Server RSA CA 2 - G1' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-09 20:29:53 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-07-07 20:39:53 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Private Organization' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.2 (jurisdictionOfIncorporationSP) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'California' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'C0806592' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'California' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Cupertino' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Apple Inc.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'static.itunes.apple.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24336638394779580641348495292428557469307684458482946571402422885355488704424869029338392143995322739058902871966142018614783889614088388788803000661840244114008040773613285973595062068662217269620572831006964675300051510878391006382736527387126477556970887818465058828272268226913307721721929200599485070210074104335257852108977559476370913450988364237533312481438729628066916327617041036531831496925409510374554075218393372936734530870929732766342508928199268908369403158078480818230035083117602336585971047206137887282284054846613999061387098039664632816921999449584612086967878715297234660999397731526733837282543 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 5055ab43a1afa9482b5ac1a2878904e47a0ecada . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (110 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://certs.apple.com/apevsrsa2g1.der' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.apple.com/ocsp03-apevsrsa2g101' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (930 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'genius.itunes.apple.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pcr.apple.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ld-2.itunes.apple.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'genius-download-2.itunes.apple.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ld-nk11.itunes.apple.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'du.itunes.apple.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pd-st.itunes.apple.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cma.itunes.apple.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ld-1.itunes.apple.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'feeds.itunes.apple.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'uclient-api.itunes.apple.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ld-st11.itunes.apple.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'genius-2.itunes.apple.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'music.apple.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api.ent.apple.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sitemanager.itunes.apple.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ld-3.itunes.apple.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ld-8.itunes.apple.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ld-5.itunes.apple.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ld-6.itunes.apple.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sonos-music.apple.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'userpub.itunes.apple.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'vpp.itunes.apple.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'myapp.itunes.apple.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'homesharing.itunes.apple.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pd-nk.itunes.apple.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'static.itunes.apple.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ld-4.itunes.apple.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'volume.itunes.apple.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'genius-download.itunes.apple.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'genius-upload-2.itunes.apple.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'apps-internal.mzstatic.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'partiality.itunes.apple.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'genius-upload.itunes.apple.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ld-7.itunes.apple.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'my.itunes.apple.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cma2.itunes.apple.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (89 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.apple.com/certificateauthority/public' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.2.1 (DigiCert EV policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (46 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.apple.com/apevsrsa2g1.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 6974c7bf48fddb18dbde2905ea2f2c06a5104566 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00c84385c33e36f0bf733fc90156d7d06a1b4265e6f6d530338354c30582246ebbb8e2474f03f6f0b4224e417dc31c982299fd442496a1d53f741434ecaa0caa6f030b1d930a92af5b8268c298fad6fd523f4877b7b2904e57128f64837779a489b386b22ac2bb283b57234505ad2501e1338d39147329975f6353b7d94aa4158a4915883e0f8ebe098253fc2f65b20625124df9925471aeafdba4b6c3850ac3b0b2c59c5ecd63978a143ef3096a8c4d5b11a056f2f1e1c96089754f9c860a7926d1ba7c8b25215a313a17bb5bd8c6f2d4c6bf7e4e6c529bf0da034e1011337fce3d455a461d586bc0f4ba348361039323339fd329b4714debe6718636d32ad362