garrettr/gist:d8f58f481c44f100615653e2b62d4566

## gistfile1.txt
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 805352261826810658 (0xb2d2f9d7d3e9322)
    Signature Algorithm: ecdsa-with-SHA256
        Issuer: CN=Apple IST CA 8 - G1, OU=Certification Authority, O=Apple Inc., C=US
        Validity
            Not Before: Jun  2 00:31:36 2018 GMT
            Not After : Jul  2 00:31:36 2019 GMT
        Subject: CN=icloud.com, OU=management:idms.group.665035, O=Apple Inc., ST=California, C=US
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (256 bit)
                pub:
                    04:df:92:b4:97:01:40:e8:98:ac:65:39:c1:8e:04:
                    27:a4:87:c3:ff:97:6c:8b:ef:50:28:76:8b:7f:9f:
                    f9:ab:f8:d7:4f:0f:d5:69:72:fe:da:ca:47:d5:0d:
                    04:44:5f:4f:c2:11:fc:96:bd:b2:ee:a2:bc:3e:da:
                    2d:5d:24:f9:58
                ASN1 OID: prime256v1
                NIST CURVE: P-256
        X509v3 extensions:
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Authority Key Identifier:
                keyid:C3:C4:A4:58:05:63:D7:83:06:BA:96:8D:DC:B2:8F:32:F6:BB:B7:41

            Authority Information Access:
                CA Issuers - URI:http://certs.apple.com/appleistca8g1.der
                OCSP - URI:http://ocsp.apple.com/ocsp03-appleistca8g101

            X509v3 Subject Alternative Name:
                DNS:icloud.com
            X509v3 Certificate Policies:
                Policy: 1.2.840.113635.100.5.11.4
                  User Notice:
                    Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.
                  User Notice:
                    Explicit Text: http://www.apple.com/certificateauthority/

            X509v3 Extended Key Usage:
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:http://crl.apple.com/appleistca8g1.crl

            X509v3 Subject Key Identifier:
                78:6F:F3:AC:33:24:E1:3B:E9:37:55:9E:AB:D3:09:9F:BD:36:77:66
            X509v3 Key Usage: critical
                Digital Signature, Key Agreement
    Signature Algorithm: ecdsa-with-SHA256
         30:45:02:21:00:95:e4:0b:b8:0e:ba:00:7a:fb:f4:d6:7f:f8:
         9e:16:31:17:3c:bf:ce:43:b0:2e:a0:f0:84:f4:f8:46:83:2a:
         e1:02:20:1c:84:a3:e7:09:21:d2:b5:8e:04:4a:6e:63:1c:d8:
         9a:4e:8d:4f:da:ca:fb:a5:4d:14:d7:6c:51:02:bf:d8:37
-----BEGIN CERTIFICATE-----
MIIEHzCCA8WgAwIBAgIICy0vnX0+kyIwCgYIKoZIzj0EAwIwYjEcMBoGA1UEAwwT
QXBwbGUgSVNUIENBIDggLSBHMTEgMB4GA1UECwwXQ2VydGlmaWNhdGlvbiBBdXRo
b3JpdHkxEzARBgNVBAoMCkFwcGxlIEluYy4xCzAJBgNVBAYTAlVTMB4XDTE4MDYw
MjAwMzEzNloXDTE5MDcwMjAwMzEzNlowczETMBEGA1UEAwwKaWNsb3VkLmNvbTEl
MCMGA1UECwwcbWFuYWdlbWVudDppZG1zLmdyb3VwLjY2NTAzNTETMBEGA1UECgwK
QXBwbGUgSW5jLjETMBEGA1UECAwKQ2FsaWZvcm5pYTELMAkGA1UEBhMCVVMwWTAT
BgcqhkjOPQIBBggqhkjOPQMBBwNCAATfkrSXAUDomKxlOcGOBCekh8P/l2yL71Ao
dot/n/mr+NdPD9Vpcv7aykfVDQREX0/CEfyWvbLuorw+2i1dJPlYo4ICUjCCAk4w
DAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBTDxKRYBWPXgwa6lo3cso8y9ru3QTB+
BggrBgEFBQcBAQRyMHAwNAYIKwYBBQUHMAKGKGh0dHA6Ly9jZXJ0cy5hcHBsZS5j
b20vYXBwbGVpc3RjYThnMS5kZXIwOAYIKwYBBQUHMAGGLGh0dHA6Ly9vY3NwLmFw
cGxlLmNvbS9vY3NwMDMtYXBwbGVpc3RjYThnMTAxMBUGA1UdEQQOMAyCCmljbG91
ZC5jb20wgf4GA1UdIASB9jCB8zCB8AYKKoZIhvdjZAULBDCB4TCBpAYIKwYBBQUH
AgIwgZcMgZRSZWxpYW5jZSBvbiB0aGlzIGNlcnRpZmljYXRlIGJ5IGFueSBwYXJ0
eSBhc3N1bWVzIGFjY2VwdGFuY2Ugb2YgYW55IGFwcGxpY2FibGUgdGVybXMgYW5k
IGNvbmRpdGlvbnMgb2YgdXNlIGFuZC9vciBjZXJ0aWZpY2F0aW9uIHByYWN0aWNl
IHN0YXRlbWVudHMuMDgGCCsGAQUFBwICMCwMKmh0dHA6Ly93d3cuYXBwbGUuY29t
L2NlcnRpZmljYXRlYXV0aG9yaXR5LzAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB
BQUHAwIwNwYDVR0fBDAwLjAsoCqgKIYmaHR0cDovL2NybC5hcHBsZS5jb20vYXBw
bGVpc3RjYThnMS5jcmwwHQYDVR0OBBYEFHhv86wzJOE76TdVnqvTCZ+9NndmMA4G
A1UdDwEB/wQEAwIDiDAKBggqhkjOPQQDAgNIADBFAiEAleQLuA66AHr79NZ/+J4W
MRc8v85DsC6g8IT0+EaDKuECIByEo+cJIdK1jgRKbmMc2JpOjU/ayvulTRTXbFEC
v9g3
-----END CERTIFICATE-----
	Certificate:
	Data:
	Version: 3 (0x2)
	Serial Number: 805352261826810658 (0xb2d2f9d7d3e9322)
	Signature Algorithm: ecdsa-with-SHA256
	Issuer: CN=Apple IST CA 8 - G1, OU=Certification Authority, O=Apple Inc., C=US
	Validity
	Not Before: Jun 2 00:31:36 2018 GMT
	Not After : Jul 2 00:31:36 2019 GMT
	Subject: CN=icloud.com, OU=management:idms.group.665035, O=Apple Inc., ST=California, C=US
	Subject Public Key Info:
	Public Key Algorithm: id-ecPublicKey
	Public-Key: (256 bit)
	pub:
	04:df:92:b4:97:01:40:e8:98:ac:65:39:c1:8e:04:
	27:a4:87:c3:ff:97:6c:8b:ef:50:28:76:8b:7f:9f:
	f9:ab:f8:d7:4f:0f:d5:69:72:fe:da:ca:47:d5:0d:
	04:44:5f:4f:c2:11:fc:96:bd:b2:ee:a2:bc:3e:da:
	2d:5d:24:f9:58
	ASN1 OID: prime256v1
	NIST CURVE: P-256
	X509v3 extensions:
	X509v3 Basic Constraints: critical
	CA:FALSE
	X509v3 Authority Key Identifier:
	keyid:C3:C4:A4:58:05:63:D7:83:06:BA:96:8D:DC:B2:8F:32:F6:BB:B7:41

	Authority Information Access:
	CA Issuers - URI:http://certs.apple.com/appleistca8g1.der
	OCSP - URI:http://ocsp.apple.com/ocsp03-appleistca8g101

	X509v3 Subject Alternative Name:
	DNS:icloud.com
	X509v3 Certificate Policies:
	Policy: 1.2.840.113635.100.5.11.4
	User Notice:
	Explicit Text: Reliance on this certificate by any party assumes acceptance of any applicable terms and conditions of use and/or certification practice statements.
	User Notice:
	Explicit Text: http://www.apple.com/certificateauthority/

	X509v3 Extended Key Usage:
	TLS Web Server Authentication, TLS Web Client Authentication
	X509v3 CRL Distribution Points:

	Full Name:
	URI:http://crl.apple.com/appleistca8g1.crl

	X509v3 Subject Key Identifier:
	78:6F:F3:AC:33:24:E1:3B:E9:37:55:9E:AB:D3:09:9F:BD:36:77:66
	X509v3 Key Usage: critical
	Digital Signature, Key Agreement
	Signature Algorithm: ecdsa-with-SHA256
	30:45:02:21:00:95:e4:0b:b8:0e:ba:00:7a:fb:f4:d6:7f:f8:
	9e:16:31:17:3c:bf:ce:43:b0:2e:a0:f0:84:f4:f8:46:83:2a:
	e1:02:20:1c:84:a3:e7:09:21:d2:b5:8e:04:4a:6e:63:1c:d8:
	9a:4e:8d:4f:da:ca:fb:a5:4d:14:d7:6c:51:02:bf:d8:37
	-----BEGIN CERTIFICATE-----
	MIIEHzCCA8WgAwIBAgIICy0vnX0+kyIwCgYIKoZIzj0EAwIwYjEcMBoGA1UEAwwT
	QXBwbGUgSVNUIENBIDggLSBHMTEgMB4GA1UECwwXQ2VydGlmaWNhdGlvbiBBdXRo
	b3JpdHkxEzARBgNVBAoMCkFwcGxlIEluYy4xCzAJBgNVBAYTAlVTMB4XDTE4MDYw
	MjAwMzEzNloXDTE5MDcwMjAwMzEzNlowczETMBEGA1UEAwwKaWNsb3VkLmNvbTEl
	MCMGA1UECwwcbWFuYWdlbWVudDppZG1zLmdyb3VwLjY2NTAzNTETMBEGA1UECgwK
	QXBwbGUgSW5jLjETMBEGA1UECAwKQ2FsaWZvcm5pYTELMAkGA1UEBhMCVVMwWTAT
	BgcqhkjOPQIBBggqhkjOPQMBBwNCAATfkrSXAUDomKxlOcGOBCekh8P/l2yL71Ao
	dot/n/mr+NdPD9Vpcv7aykfVDQREX0/CEfyWvbLuorw+2i1dJPlYo4ICUjCCAk4w
	DAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBTDxKRYBWPXgwa6lo3cso8y9ru3QTB+
	BggrBgEFBQcBAQRyMHAwNAYIKwYBBQUHMAKGKGh0dHA6Ly9jZXJ0cy5hcHBsZS5j
	b20vYXBwbGVpc3RjYThnMS5kZXIwOAYIKwYBBQUHMAGGLGh0dHA6Ly9vY3NwLmFw
	cGxlLmNvbS9vY3NwMDMtYXBwbGVpc3RjYThnMTAxMBUGA1UdEQQOMAyCCmljbG91
	ZC5jb20wgf4GA1UdIASB9jCB8zCB8AYKKoZIhvdjZAULBDCB4TCBpAYIKwYBBQUH
	AgIwgZcMgZRSZWxpYW5jZSBvbiB0aGlzIGNlcnRpZmljYXRlIGJ5IGFueSBwYXJ0
	eSBhc3N1bWVzIGFjY2VwdGFuY2Ugb2YgYW55IGFwcGxpY2FibGUgdGVybXMgYW5k
	IGNvbmRpdGlvbnMgb2YgdXNlIGFuZC9vciBjZXJ0aWZpY2F0aW9uIHByYWN0aWNl
	IHN0YXRlbWVudHMuMDgGCCsGAQUFBwICMCwMKmh0dHA6Ly93d3cuYXBwbGUuY29t
	L2NlcnRpZmljYXRlYXV0aG9yaXR5LzAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB
	BQUHAwIwNwYDVR0fBDAwLjAsoCqgKIYmaHR0cDovL2NybC5hcHBsZS5jb20vYXBw
	bGVpc3RjYThnMS5jcmwwHQYDVR0OBBYEFHhv86wzJOE76TdVnqvTCZ+9NndmMA4G
	A1UdDwEB/wQEAwIDiDAKBggqhkjOPQQDAgNIADBFAiEAleQLuA66AHr79NZ/+J4W
	MRc8v85DsC6g8IT0+EaDKuECIByEo+cJIdK1jgRKbmMc2JpOjU/ayvulTRTXbFEC
	v9g3
	-----END CERTIFICATE-----