itunes.apple.com

- Apple Inc. -

Issued by VeriSign Class 3 Extended Validation SSL SGC CA

About this certificate

This digital certificate with serial number 30:a3:fb:eb:94:9f:e2:1c:91:21:c5:6b:82:dc:00:72 was issued on by VeriSign, Inc..

With 64 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
  • Subscriber Certificate: extKeyUsage values other than id-kp-serverAuth, id-kp-clientAuth, and id-kp-emailProtection SHOULD NOT be present. (BRs: 7.1.2.3)

Apple Inc.

Company registration number: C0806592
Organization: Apple Inc.
Organization unit: iTMS Engineering
Address: 1 Infinite Loop
Postal code: 95014
State / Province: California
Locality: Cupertino
Country: US

VeriSign, Inc.

Organization: VeriSign, Inc.
Organization unit: VeriSign Trust Network
Organization unit: Terms of use at https://www.verisign.com/rpa (c)06
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 30:a3:fb:eb:94:9f:e2:1c:91:21:c5:6b:82:dc:00:72
Serial Number (int): 64654397735042914664898570727030784114
Serial Number lenght: 126 bits, 16 octets

SubjectKeyId: 73:c3:24:15:ce:84:ce:3f:14:1a:2b:7e:04:7f:3a:69:3b:d7:a1:a8
AuthorityKeyId: 4e:43:c8:1d:76:ef:37:53:7a:4f:f2:58:6f:94:f3:38:e2:d5:bd:df

Fingerprint (sha1): d1:32:3c:ee:ad:7e:7f:18:50:f2:61:63:f3:83:76:91:53:8f:c5:a9
Fingerprint (sha256): 21:f0:9e:55:a1:60:ee:62:d8:f4:a5:74:6b:aa:7b:c9:d6:0f:c2:b8:10:d4:f8:c6:79:26:52:e4:a2:96:74:6c

Issuing Certificate URL: http://EVIntl-aia.verisign.com/EVIntl2006.cer

Revocation information

OCSP Server: http://EVIntl-ocsp.verisign.com
CRL Distribution Point: http://EVIntl-crl.verisign.com/EVIntl2006.crl

Check the revocation status for certificate itunes.apple.com

64

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for itunes.apple.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA1 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication
Netscape Server-Gated Cryptography

Extensions

9 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

api.itunes.apple.com
ax.init.itunes.apple.com
bookkeeper.itunes.apple.com
c.itunes.apple.com
client-api.itunes.apple.com
du.itunes.apple.com
dzc.itunes.apple.com
feeds.itunes.apple.com
files.itunes.apple.com
genius-2.itunes.apple.com
genius-download-2.itunes.apple.com
genius-download.itunes.apple.com
genius-upload-2.itunes.apple.com
genius-upload.itunes.apple.com
genius.itunes.apple.com
init.itunes.apple.com
itunes.apple.com
itunesu.itunes.apple.com
ld-1.itunes.apple.com
ld-2.itunes.apple.com
ld-3.itunes.apple.com
ld-4.itunes.apple.com
ld-5.itunes.apple.com
ld-6.itunes.apple.com
ld-7.itunes.apple.com
ld-8.itunes.apple.com
ld-nk11.itunes.apple.com
ld-st11.itunes.apple.com
my.itunes.apple.com
myapp.itunes.apple.com
p1-u.itunes.apple.com
p2-u.itunes.apple.com
partiality.itunes.apple.com
pd-nk.itunes.apple.com
pd-st.itunes.apple.com
ping.itunes.apple.com
s.itunes.apple.com
s.mzstatic.com
sc.itunes.apple.com
se.itunes.apple.com
search.itunes.apple.com
sidebar.itunes.apple.com
sitemanager.itunes.apple.com
sp.itunes.apple.com
static.itunes.apple.com
su.itunes.apple.com
upp.itunes.apple.com
userprofile.itunes.apple.com
userpub.itunes.apple.com
vocabulary.itunes.apple.com
volume.itunes.apple.com
vpp.itunes.apple.com
itun.es
macappsto.re
mzsupport.apple.com
appsto.re
homesharing.itunes.apple.com
play.itunes.apple.com
tl.itunes.apple.com
tl-activity.itunes.apple.com
tl-services.itunes.apple.com
storepreview.apple.com
storepreview.itunes.apple.com
ns.itunes.apple.com

Other certificates including the domain name apple.com

(limited to 100 certificates)
itunes.apple.com
ja.ls.apple.com
origin-discussions2-us-dr-prz.apple.com
training.apple.com
reserves-prime.prz.apple.com
app001.apple.com
deployment-pv50.ls.apple.com
itunes.apple.com
reserve-prime.apple.com
gsp81-ssl-e1118.ls.apple.com
gsp102-ssl-e1502.ls.apple.com
api.searchads.apple.com
idmsa-uat.apple.com
webpay-sh-pilot.apple.com
mzstatic.com
store-029.blobstore.apple.com
beatsglobalquality-uat.corp.apple.com
rw.apple.com
stg-pod1-smp.corp.apple.com
gr-api-video-h-aapne1a.smoot.apple.com
web-ext-mmap-ce01.apple.com
assurance-jigglebilly.apple.com
usl-expe1405.apple.com
store-995.blobstore.apple.com
sapecc-prd-ext.sap.apple.com
swdlp.apple.com
gsx.apple.com
gsp-ssl-e1134.ls.apple.com
clx-dev.apple.com
noodle.apple.com
gsp11-ty21-dlb-2.ls.apple.com
mzuserxp.itunes.apple.com
gsp64-st14-ssl-dlb.ls.apple.com
gsp45-ssl-e1356.ls.apple.com
gsp12-st14-dlb-2.ls.apple.com
discussions-uat.apple.com
dc-portal.apple.com
supplier.apple.com
gsp48-kittyhawk-qs55-ssl.ls.apple.com
gsp81-ssl-e1502.ls.apple.com
gsp48-ssl-e691.ls.apple.com
mapsconnectapi.ls.apple.com
wdg01-uat.apple.com
wellnessclassic.apple.com
api-partner-connect-uat1.apple.com
people.apple.com
supplier-registration.apple.com
gsp60-ssl-e997.ls.apple.com
ssuat.apple.com
locate.apple.com
itunes.apple.com
suppliernet.apple.com
gsp79-am31-dlb.ls.apple.com
smp-device-qa3.apple.com
eurored3.apple.com
devcon-oomnshuttleist-test.apple.com
coreservices-e1506-ms11-bistunium-k8straefik.ls.apple.com
dmo-vip01-storeinfo.retailtech.apple.com
gsp70-ssl-e706.ls.apple.com
dinah05.corp.apple.com
gsp1-ssl.apple.com
gspe85-cn-ssl.ls.apple.com
vorpal-relay.apple.com
bswe.apple.com
cma.itunes.apple.com
gsp-ssl-apne1-ash.ls.apple.com
theloop-stage.apple.com
tokenvalidation.apple.com
linkmaker.itunes.apple.com
gsp70-ssl-e1633.ls.apple.com
gsp63-ms12-kittyhawk-ssl.ls.apple.com
gsp-ssl-sl61-ipv6.ls.apple.com
aws-onepulse.apple.com
nightcap-events.apple.com
argo-api.apple.com
gsp12-kh-st14-1.ls.apple.com
gsp59-ssl-e506.ls.apple.com
mr-apple-com2.apple.com
ocservice.apple.com
gsp36-ssl-e1627.ls.apple.com
marketing.apple.com
ioss-callbackservices-qa3.apple.com
gsp19-kh-ms12.ls.apple.com
madeforipodandiphone.apple.com
gspe19-ssl.ls.apple.com
gsp19-1-kittyhawk-ci77-ssl.ls.apple.com
cs-integrations-stage.apple.com
gsp35-ty21-ssl.ls.apple.com
gbiportal-apps-external.apple.com
plmtest2.apple.com
gsp3-sy02-ssl.ls.apple.com
gspe35-ssl.ls.apple.com
gsp76-ty21-01.ls.apple.com
ne-access.apple.com
profilebroker.apple.com
axm-scim-qa12.apple.com
gsp95-hk02-stage-ssl.ls.apple.com
contactretail.apple.com
caffemacs-aa-prz.apple.com
bam.corp.apple.com

Certificate

The complete raw certificate details for itunes.apple.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIL/DCCCuSgAwIBAgIQMKP765Sf4hyRIcVrgtwAcjANBgkqhkiG9w0BAQUFADCB
vjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug
YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE4MDYGA1UEAxMv
VmVyaVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBTR0MgQ0Ew
HhcNMTMxMjE4MDAwMDAwWhcNMTUxMTEzMjM1OTU5WjCCAQ8xEzARBgsrBgEEAYI3
PAIBAxMCVVMxGzAZBgsrBgEEAYI3PAIBAhMKQ2FsaWZvcm5pYTEdMBsGA1UEDxMU
UHJpdmF0ZSBPcmdhbml6YXRpb24xETAPBgNVBAUTCEMwODA2NTkyMQswCQYDVQQG
EwJVUzEOMAwGA1UEERQFOTUwMTQxEzARBgNVBAgTCkNhbGlmb3JuaWExEjAQBgNV
BAcUCUN1cGVydGlubzEYMBYGA1UECRQPMSBJbmZpbml0ZSBMb29wMRMwEQYDVQQK
FApBcHBsZSBJbmMuMRkwFwYDVQQLFBBpVE1TIEVuZ2luZWVyaW5nMRkwFwYDVQQD
FBBpdHVuZXMuYXBwbGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxoLC6Ebq4YRzcIB+vq44PqhSGoXi9pctBlKlhFTMDIftLF+qVRDC98wRm98k
lS36gCpP2bCt2U71nbtm7If/QQAtLvSF7GzR4Iz1OSI4ricoJiqDqTyj4Iwv2uoj
Qxq5j8m+HL3xQ1syWshSV1ULO12GYDhEsofdxQZhvpImGIrQfWKuzXuE3cJwZKPO
tHdVK5qHoVa5Q6UdKNZNR3xRZ5yBdNaCciaoXCJHgrC8qoNrYF9KGRGf6ZXoDFL5
qR+JwoAqzT3JwZzCRi+a9m6d8dmTv8loIq0qf8ooNqip4YYVF/E5rjxjBdMExuPf
w/8PGXdnxnsfQwYyXMaHc7yVYQIDAQABo4IHoDCCB5wwggYVBgNVHREEggYMMIIG
CIIUYXBpLml0dW5lcy5hcHBsZS5jb22CGGF4LmluaXQuaXR1bmVzLmFwcGxlLmNv
bYIbYm9va2tlZXBlci5pdHVuZXMuYXBwbGUuY29tghJjLml0dW5lcy5hcHBsZS5j
b22CG2NsaWVudC1hcGkuaXR1bmVzLmFwcGxlLmNvbYITZHUuaXR1bmVzLmFwcGxl
LmNvbYIUZHpjLml0dW5lcy5hcHBsZS5jb22CFmZlZWRzLml0dW5lcy5hcHBsZS5j
b22CFmZpbGVzLml0dW5lcy5hcHBsZS5jb22CGWdlbml1cy0yLml0dW5lcy5hcHBs
ZS5jb22CImdlbml1cy1kb3dubG9hZC0yLml0dW5lcy5hcHBsZS5jb22CIGdlbml1
cy1kb3dubG9hZC5pdHVuZXMuYXBwbGUuY29tgiBnZW5pdXMtdXBsb2FkLTIuaXR1
bmVzLmFwcGxlLmNvbYIeZ2VuaXVzLXVwbG9hZC5pdHVuZXMuYXBwbGUuY29tghdn
ZW5pdXMuaXR1bmVzLmFwcGxlLmNvbYIVaW5pdC5pdHVuZXMuYXBwbGUuY29tghBp
dHVuZXMuYXBwbGUuY29tghhpdHVuZXN1Lml0dW5lcy5hcHBsZS5jb22CFWxkLTEu
aXR1bmVzLmFwcGxlLmNvbYIVbGQtMi5pdHVuZXMuYXBwbGUuY29tghVsZC0zLml0
dW5lcy5hcHBsZS5jb22CFWxkLTQuaXR1bmVzLmFwcGxlLmNvbYIVbGQtNS5pdHVu
ZXMuYXBwbGUuY29tghVsZC02Lml0dW5lcy5hcHBsZS5jb22CFWxkLTcuaXR1bmVz
LmFwcGxlLmNvbYIVbGQtOC5pdHVuZXMuYXBwbGUuY29tghhsZC1uazExLml0dW5l
cy5hcHBsZS5jb22CGGxkLXN0MTEuaXR1bmVzLmFwcGxlLmNvbYITbXkuaXR1bmVz
LmFwcGxlLmNvbYIWbXlhcHAuaXR1bmVzLmFwcGxlLmNvbYIVcDEtdS5pdHVuZXMu
YXBwbGUuY29tghVwMi11Lml0dW5lcy5hcHBsZS5jb22CG3BhcnRpYWxpdHkuaXR1
bmVzLmFwcGxlLmNvbYIWcGQtbmsuaXR1bmVzLmFwcGxlLmNvbYIWcGQtc3QuaXR1
bmVzLmFwcGxlLmNvbYIVcGluZy5pdHVuZXMuYXBwbGUuY29tghJzLml0dW5lcy5h
cHBsZS5jb22CDnMubXpzdGF0aWMuY29tghNzYy5pdHVuZXMuYXBwbGUuY29tghNz
ZS5pdHVuZXMuYXBwbGUuY29tghdzZWFyY2guaXR1bmVzLmFwcGxlLmNvbYIYc2lk
ZWJhci5pdHVuZXMuYXBwbGUuY29tghxzaXRlbWFuYWdlci5pdHVuZXMuYXBwbGUu
Y29tghNzcC5pdHVuZXMuYXBwbGUuY29tghdzdGF0aWMuaXR1bmVzLmFwcGxlLmNv
bYITc3UuaXR1bmVzLmFwcGxlLmNvbYIUdXBwLml0dW5lcy5hcHBsZS5jb22CHHVz
ZXJwcm9maWxlLml0dW5lcy5hcHBsZS5jb22CGHVzZXJwdWIuaXR1bmVzLmFwcGxl
LmNvbYIbdm9jYWJ1bGFyeS5pdHVuZXMuYXBwbGUuY29tghd2b2x1bWUuaXR1bmVz
LmFwcGxlLmNvbYIUdnBwLml0dW5lcy5hcHBsZS5jb22CB2l0dW4uZXOCDG1hY2Fw
cHN0by5yZYITbXpzdXBwb3J0LmFwcGxlLmNvbYIJYXBwc3RvLnJlghxob21lc2hh
cmluZy5pdHVuZXMuYXBwbGUuY29tghVwbGF5Lml0dW5lcy5hcHBsZS5jb22CE3Rs
Lml0dW5lcy5hcHBsZS5jb22CHHRsLWFjdGl2aXR5Lml0dW5lcy5hcHBsZS5jb22C
HHRsLXNlcnZpY2VzLml0dW5lcy5hcHBsZS5jb22CFnN0b3JlcHJldmlldy5hcHBs
ZS5jb22CHXN0b3JlcHJldmlldy5pdHVuZXMuYXBwbGUuY29tghNucy5pdHVuZXMu
YXBwbGUuY29tMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWgMCgGA1UdJQQhMB8G
CCsGAQUFBwMBBggrBgEFBQcDAgYJYIZIAYb4QgQBMEQGA1UdIAQ9MDswOQYLYIZI
AYb4RQEHFwYwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cudmVyaXNpZ24uY29t
L2NwczAdBgNVHQ4EFgQUc8MkFc6Ezj8UGit+BH86aTvXoagwHwYDVR0jBBgwFoAU
TkPIHXbvN1N6T/JYb5TzOOLVvd8wPgYDVR0fBDcwNTAzoDGgL4YtaHR0cDovL0VW
SW50bC1jcmwudmVyaXNpZ24uY29tL0VWSW50bDIwMDYuY3JsMHYGCCsGAQUFBwEB
BGowaDArBggrBgEFBQcwAYYfaHR0cDovL0VWSW50bC1vY3NwLnZlcmlzaWduLmNv
bTA5BggrBgEFBQcwAoYtaHR0cDovL0VWSW50bC1haWEudmVyaXNpZ24uY29tL0VW
SW50bDIwMDYuY2VyMA0GCSqGSIb3DQEBBQUAA4IBAQAABTPJBlbSCcJcJAI398b5
okrdG2FTgSquYLvSDVDlDy/RhdaxHiPtauQtKIxL4/NeWA+h5DCg46JncAbJVsRV
7K6jp4Rx+XzqnJ3wHpo3Xnmu+fE2nc0NfWwz8dLm37oCFTNvFmG+SI4LYH5Aflv+
WXWn7ZYGDrEzISew34RmnLL/2atE+rWdjjCdS71ISYwO0Qv4NTqmA4LHFP9CqcmU
PMi5Zk74feBI+cR74o5PuuYfshcBkZNFRIJ1AP1+J6CQhC8Ea3sJZO61XccVLntM
oD4/WWQRS3oHbYJT4RWNyrJmZ3v9sSTOhfwdidMWztDTb5MG1yUeInlT36skRRGc
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxoLC6Ebq4YRzcIB+vq44
PqhSGoXi9pctBlKlhFTMDIftLF+qVRDC98wRm98klS36gCpP2bCt2U71nbtm7If/
QQAtLvSF7GzR4Iz1OSI4ricoJiqDqTyj4Iwv2uojQxq5j8m+HL3xQ1syWshSV1UL
O12GYDhEsofdxQZhvpImGIrQfWKuzXuE3cJwZKPOtHdVK5qHoVa5Q6UdKNZNR3xR
Z5yBdNaCciaoXCJHgrC8qoNrYF9KGRGf6ZXoDFL5qR+JwoAqzT3JwZzCRi+a9m6d
8dmTv8loIq0qf8ooNqip4YYVF/E5rjxjBdMExuPfw/8PGXdnxnsfQwYyXMaHc7yV
YQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 64654397735042914664898570727030784114
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'VeriSign, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'VeriSign Trust Network'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Terms of use at https://www.verisign.com/rpa (c)06'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'VeriSign Class 3 Extended Validation SSL SGC CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2013-12-18 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2015-11-13 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.2 (jurisdictionOfIncorporationSP)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'California'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Private Organization'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'C0806592'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.17 (postalCode)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String '95014'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'California'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'Cupertino'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.9 (streetAddress)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String '1 Infinite Loop'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'Apple Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'iTMS Engineering'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:20|false] TeletexString, T61String 'itunes.apple.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25059665211534339174024159576162717160973498956939235662842869101193359406842635749327701016603968481019662000979197019334131925541626174761290567047999576249384827454017459026431650004146546166383114532626826480696645920478747028444027523249844910379312552570530943594716544473518827705440109675131135807924297566270266946028202628840693975130359525064357251163649634464111467749937604591219202161815188777633315456996336407574838700224503082984556099811915896561944695942231206522738652935480884349444472980022184901855985849406217343781754888074251331263337371602662572038116704842052585615536446695120849350727009
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (1548 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api.itunes.apple.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ax.init.itunes.apple.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bookkeeper.itunes.apple.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'c.itunes.apple.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'client-api.itunes.apple.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'du.itunes.apple.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dzc.itunes.apple.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'feeds.itunes.apple.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'files.itunes.apple.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'genius-2.itunes.apple.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'genius-download-2.itunes.apple.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'genius-download.itunes.apple.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'genius-upload-2.itunes.apple.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'genius-upload.itunes.apple.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'genius.itunes.apple.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'init.itunes.apple.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'itunes.apple.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'itunesu.itunes.apple.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ld-1.itunes.apple.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ld-2.itunes.apple.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ld-3.itunes.apple.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ld-4.itunes.apple.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ld-5.itunes.apple.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ld-6.itunes.apple.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ld-7.itunes.apple.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ld-8.itunes.apple.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ld-nk11.itunes.apple.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ld-st11.itunes.apple.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'my.itunes.apple.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'myapp.itunes.apple.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'p1-u.itunes.apple.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'p2-u.itunes.apple.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'partiality.itunes.apple.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pd-nk.itunes.apple.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pd-st.itunes.apple.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ping.itunes.apple.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 's.itunes.apple.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 's.mzstatic.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sc.itunes.apple.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'se.itunes.apple.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'search.itunes.apple.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sidebar.itunes.apple.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sitemanager.itunes.apple.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sp.itunes.apple.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'static.itunes.apple.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'su.itunes.apple.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'upp.itunes.apple.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'userprofile.itunes.apple.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'userpub.itunes.apple.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'vocabulary.itunes.apple.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'volume.itunes.apple.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'vpp.itunes.apple.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'itun.es'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'macappsto.re'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mzsupport.apple.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'appsto.re'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'homesharing.itunes.apple.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'play.itunes.apple.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tl.itunes.apple.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tl-activity.itunes.apple.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tl-services.itunes.apple.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'storepreview.apple.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'storepreview.itunes.apple.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ns.itunes.apple.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (33 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.113730.4.1 (serverGatedCrypto)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (61 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.113733.1.7.23.6 (VeriSign EV policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.verisign.com/cps'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							73c32415ce84ce3f141a2b7e047f3a693bd7a1a8
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 4e43c81d76ef37537a4ff2586f94f338e2d5bddf
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://EVIntl-crl.verisign.com/EVIntl2006.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (106 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://EVIntl-ocsp.verisign.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://EVIntl-aia.verisign.com/EVIntl2006.cer'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.5 (sha1WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00000533c90656d209c25c240237f7c6f9a24add1b6153812aae60bbd20d50e50f2fd185d6b11e23ed6ae42d288c4be3f35e580fa1e430a0e3a2677006c956c455ecaea3a78471f97cea9c9df01e9a375e79aef9f1369dcd0d7d6c33f1d2e6dfba0215336f1661be488e0b607e407e5bfe5975a7ed96060eb1332127b0df84669cb2ffd9ab44fab59d8e309d4bbd48498c0ed10bf8353aa60382c714ff42a9c9943cc8b9664ef87de048f9c47be28e4fbae61fb2170191934544827500fd7e27a090842f046b7b0964eeb55dc7152e7b4ca03e3f5964114b7a076d8253e1158dcab266677bfdb124ce85fc1d89d316ced0d36f9306d7251e227953dfab2445119c