apsrsa12g1.der: C=US,ST=California,O=Apple Inc.,CN=Apple Public Server RSA CA 12 - G1 (Intermediate Certificate, Expiring 2028-12-06) detail info and audit record

 

Page content

CA Certificate Information and Audit Record

This certificate is intermediate certificate used for the issuance of other certificates.

Download certificate through curl:

curl -sSL "http://certs.apple.com/apsrsa12g1.der" --output cert.crt

Download certificate through wget:

wget -q "http://certs.apple.com/apsrsa12g1.der" --output-document=cert.crt

CA Certificate Detail Information

Use openssl x509 to decode DER certificate to get detail information:

openssl x509 -in cert.crt -inform der -text -noout

Use openssl x509 to decode PEM certificate to get detail information:

openssl x509 -in cert.crt -inform pem -text -noout

Decoded detail certificate information:

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0a:e4:8f:23:01:30:64:41:92:59:e1:c2:9a:e9:8d:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services
        Validity
            Not Before: Jun 19 00:00:00 2019 GMT
            Not After : Dec  6 23:59:59 2028 GMT
        Subject: CN=Apple Public Server RSA CA 12 - G1, O=Apple Inc., ST=California, C=US
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:be:12:37:5e:b8:9f:79:15:98:0b:ec:7a:53:
                    9b:0f:09:a6:00:3e:77:01:2c:10:6c:c9:07:6d:ef:
                    3b:62:c9:13:84:1b:a7:c4:29:91:b5:b5:3a:19:30:
                    44:b7:8e:d8:2a:57:ee:d1:70:15:7d:c5:7d:a3:55:
                    e5:3e:13:00:27:1e:42:29:c2:80:d6:72:d7:b4:80:
                    b7:c0:2c:bd:e1:91:57:30:5c:9a:09:6a:88:d5:17:
                    c9:8c:1e:52:6d:41:84:eb:dc:56:24:67:a1:6a:00:
                    bb:7f:2c:55:31:7a:2b:37:fd:98:2d:ba:0e:c4:a2:
                    a0:6c:65:e1:79:83:bf:65:49:9b:59:a9:c3:4b:9b:
                    ed:cd:ba:f6:54:74:01:c1:18:8c:c3:fb:ec:15:94:
                    e8:72:f4:8c:5a:84:3f:d9:ed:e2:24:a6:e2:53:79:
                    d6:15:a4:b9:a7:5f:f7:c7:ab:dd:a0:62:83:47:7b:
                    39:4d:37:cb:dd:20:b9:6c:3d:5e:24:21:da:f0:4c:
                    ab:28:ec:82:36:e4:a8:5a:d3:f9:77:87:1d:b1:10:
                    1b:54:21:02:cc:1b:12:85:f9:f0:fd:02:37:18:85:
                    23:2a:85:33:39:ff:6b:72:b9:de:10:27:12:32:e3:
                    4f:43:8f:83:a1:36:8a:07:03:1b:ab:04:31:f0:57:
                    c6:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                keyid:A0:11:0A:23:3E:96:F1:07:EC:E2:AF:29:EF:82:A5:7F:D0:30:A4:B4

            X509v3 Subject Key Identifier: 
                1E:5C:17:91:05:57:02:FC:77:5C:E3:70:43:EC:6B:FD:DD:D2:D8:69
            X509v3 Key Usage: critical
                Digital Signature, Certificate Sign, CRL Sign
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Certificate Policies: 
                Policy: 1.2.840.113635.100.5.11.4
                Policy: 2.23.140.1.2.2

            X509v3 Basic Constraints: critical
                CA:TRUE, pathlen:0
            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:http://crl.comodoca.com/AAACertificateServices.crl

            Authority Information Access: 
                OCSP - URI:http://ocsp.comodoca.com

    Signature Algorithm: sha256WithRSAEncryption
         66:bb:5c:f4:dd:fb:59:60:9d:3f:dd:0d:fd:9a:80:b0:08:21:
         7a:5b:4e:7e:97:b4:41:8c:ab:d8:e8:bd:76:ca:d3:be:b3:1e:
         54:12:59:aa:5d:e9:97:7f:a7:fb:96:c9:dc:2e:4d:b7:7e:72:
         86:e4:51:31:59:84:a1:8c:91:8d:1e:f2:05:e0:23:6b:34:f6:
         44:34:11:fa:2d:15:43:9d:43:ba:9f:d5:4f:94:33:b2:48:11:
         99:83:82:c4:e7:f6:f0:4b:37:06:ed:c0:7f:6d:e9:cb:d8:c4:
         7f:ff:56:15:b2:2f:4e:e9:3e:47:d3:14:15:6a:bc:0a:6b:19:
         9f:4c:82:b6:99:0f:64:bd:a9:8b:bd:ba:c7:d2:be:e1:f8:96:
         be:1b:dc:db:99:ee:68:77:cc:eb:38:68:3d:ce:9a:0c:77:d0:
         35:3c:0d:5f:36:2e:29:06:37:8f:cc:17:eb:83:38:68:07:b4:
         fb:f4:a3:39:6f:3e:b1:5c:f1:bb:04:fa:54:e7:8c:fd:7d:f7:
         0e:57:fa:43:ed:a7:3a:e4:8d:83:cd:ac:6c:53:83:89:e1:ba:
         0a:3a:cb:e1:8f:38:29:74:d1:2f:93:ff:bf:78:a1:3a:bf:1c:
         59:63:e8:8a:0e:bc:e4:7b:51:a2:a8:df:da:a7:63:00:3a:16:
         cd:05:d2:da

CA Certificate in PEM Format

Use openssl x509 to convert certificate from DER format to PEM format:

openssl x509 -in cert.crt -inform der

Converted PEM format certificate:

-----BEGIN CERTIFICATE-----
MIIEkDCCA3igAwIBAgIQCuSPIwEwZEGSWeHCmumNGDANBgkqhkiG9w0BAQsFADB7
MQswCQYDVQQGEwJHQjEbMBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYD
VQQHDAdTYWxmb3JkMRowGAYDVQQKDBFDb21vZG8gQ0EgTGltaXRlZDEhMB8GA1UE
AwwYQUFBIENlcnRpZmljYXRlIFNlcnZpY2VzMB4XDTE5MDYxOTAwMDAwMFoXDTI4
MTIwNjIzNTk1OVowZDErMCkGA1UEAxMiQXBwbGUgUHVibGljIFNlcnZlciBSU0Eg
Q0EgMTIgLSBHMTETMBEGA1UEChMKQXBwbGUgSW5jLjETMBEGA1UECBMKQ2FsaWZv
cm5pYTELMAkGA1UEBhMCVVMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC9vhI3XrifeRWYC+x6U5sPCaYAPncBLBBsyQdt7ztiyROEG6fEKZG1tToZMES3
jtgqV+7RcBV9xX2jVeU+EwAnHkIpwoDWcte0gLfALL3hkVcwXJoJaojVF8mMHlJt
QYTr3FYkZ6FqALt/LFUxeis3/Zgtug7EoqBsZeF5g79lSZtZqcNLm+3NuvZUdAHB
GIzD++wVlOhy9IxahD/Z7eIkpuJTedYVpLmnX/fHq92gYoNHezlNN8vdILlsPV4k
IdrwTKso7II25Kha0/l3hx2xEBtUIQLMGxKF+fD9AjcYhSMqhTM5/2tyud4QJxIy
409Dj4OhNooHAxurBDHwV8ZlAgMBAAGjggElMIIBITAfBgNVHSMEGDAWgBSgEQoj
PpbxB+zirynvgqV/0DCktDAdBgNVHQ4EFgQUHlwXkQVXAvx3XONwQ+xr/d3S2Gkw
DgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAh
BgNVHSAEGjAYMAwGCiqGSIb3Y2QFCwQwCAYGZ4EMAQICMBIGA1UdEwEB/wQIMAYB
Af8CAQAwQwYDVR0fBDwwOjA4oDagNIYyaHR0cDovL2NybC5jb21vZG9jYS5jb20v
QUFBQ2VydGlmaWNhdGVTZXJ2aWNlcy5jcmwwNAYIKwYBBQUHAQEEKDAmMCQGCCsG
AQUFBzABhhhodHRwOi8vb2NzcC5jb21vZG9jYS5jb20wDQYJKoZIhvcNAQELBQAD
ggEBAGa7XPTd+1lgnT/dDf2agLAIIXpbTn6XtEGMq9jovXbK076zHlQSWapd6Zd/
p/uWydwuTbd+cobkUTFZhKGMkY0e8gXgI2s09kQ0EfotFUOdQ7qf1U+UM7JIEZmD
gsTn9vBLNwbtwH9t6cvYxH//VhWyL07pPkfTFBVqvAprGZ9MgraZD2S9qYu9usfS
vuH4lr4b3NuZ7mh3zOs4aD3Omgx30DU8DV82LikGN4/MF+uDOGgHtPv0ozlvPrFc
8bsE+lTnjP199w5X+kPtpzrkjYPNrGxTg4nhugo6y+GPOCl00S+T/794oTq/HFlj
6IoOvOR7UaKo39qnYwA6Fs0F0to=
-----END CERTIFICATE-----

Decode PEM Certificate online

Download PEM Certificate

Also see Top 1 Millions Domains CA Certificate List


Page version: e13a7e3f2 2023-05-06