-p
выдаст сертификаты в формате PEM, которые можно передать в openssl x509
утилиту для отображения. Например:
security find-certificate -p -c "Apple Worldwide Developer Relations Certification Authority" | openssl x509 -text -noout
Вот полный вывод:
$ security find-certificate -p -c "Apple Worldwide Developer Relations Certification Authority" | openssl x509 -text -noout Certificate: Data: Version: 3 (0x2) Serial Number: 25 (0x19) Signature Algorithm: sha1WithRSAEncryption Issuer: C = US, O = Apple Inc., OU = Apple Certification Authority, CN = Apple Root CA Validity Not Before: Feb 14 18:56:35 2008 GMT Not After : Feb 14 18:56:35 2016 GMT Subject: C = US, O = Apple Inc., OU = Apple Worldwide Developer Relations, CN = Apple Worldwide Developer Relations Certification Authority Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:ca:38:54:a6:cb:56:aa:c8:24:39:48:e9:8c:ee: ec:5f:b8:7f:26:91:bc:34:53:7a:ce:7c:63:80:61: 77:64:5e:a5:07:23:b6:39:fe:50:2d:15:56:58:70: 2d:7e:c4:6e:c1:4a:85:3e:2f:f0:de:84:1a:a1:57: c9:af:7b:18:ff:6a:fa:15:12:49:15:08:19:ac:aa: db:2a:32:ed:96:63:68:52:15:3d:8c:8a:ec:bf:6b: 18:95:e0:03:ac:01:7d:97:05:67:ce:0e:85:95:37: 6a:ed:09:b6:ae:67:cd:51:64:9f:c6:5c:d1:bc:57: 6e:67:35:80:76:36:a4:87:81:6e:38:8f:d8:2b:15: 4e:7b:25:d8:5a:bf:4e:83:c1:8d:d2:93:d5:1a:71: b5:60:9c:9d:33:4e:55:f9:12:58:0c:86:b8:16:0d: c1:e5:77:45:8d:50:48:ba:2b:2d:e4:94:85:e1:e8: c4:9d:c6:68:a5:b0:a3:fc:67:7e:70:ba:02:59:4b: 77:42:91:39:b9:f5:cd:e1:4c:ef:c0:3b:48:8c:a6: e5:21:5d:fd:6a:6a:bb:a7:16:35:60:d2:e6:ad:f3: 46:29:c9:e8:c3:8b:e9:79:c0:6a:61:67:15:b2:f0: fd:e5:68:bc:62:5f:6e:cf:99:dd:ef:1b:63:fe:92: 65:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Certificate Sign, CRL Sign X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 88:27:17:09:A9:B6:18:60:8B:EC:EB:BA:F6:47:59:C5:52:54:A3:B7 X509v3 Authority Key Identifier: keyid:2B:D0:69:47:94:76:09:FE:F4:6B:8D:2E:40:A6:F7:47:4D:7F:08:5E X509v3 CRL Distribution Points: Full Name: URI:http://www.apple.com/appleca/root.crl 1.2.840.113635.100.6.2.1: .. Signature Algorithm: sha1WithRSAEncryption da:32:00:96:c5:54:94:d3:3b:82:37:66:7d:2e:68:d5:c3:c6: b8:cb:26:8c:48:90:cf:13:24:6a:46:8e:63:d4:f0:d0:13:06: dd:d8:c4:c1:37:15:f2:33:13:39:26:2d:ce:2e:55:40:e3:0b: 03:af:fa:12:c2:e7:0d:21:b8:d5:80:cf:ac:28:2f:ce:2d:b3: 4e:af:86:19:04:c6:e9:50:dd:4c:29:47:10:23:fc:6c:bb:1b: 98:6b:48:89:e1:5b:9d:de:46:db:35:85:35:ef:3e:d0:e2:58: 4b:38:f4:ed:75:5a:1f:5c:70:1d:56:39:12:e5:e1:0d:11:e4: 89:25:06:bd:d5:b4:15:8e:5e:d0:59:97:90:e9:4b:81:e2:df: 18:af:44:74:1e:19:a0:3a:47:cc:91:1d:3a:eb:23:5a:fe:a5: 2d:97:f7:7b:bb:d6:87:46:42:85:eb:52:3d:26:b2:63:a8:b4: b1:ca:8f:f4:cc:e2:b3:c8:47:e0:bf:9a:59:83:fa:da:98:53: 2a:82:f5:7c:65:2e:95:d9:33:5d:f5:ed:65:cc:31:37:c5:5a: 04:e8:6b:e1:e7:88:03:4a:75:9e:9b:28:cb:4a:40:88:65:43: 75:dd:cb:3a:25:23:c5:9e:57:f8:2e:ce:d2:a9:92:5e:73:2e: 2f:25:75:15