It is important to check the TLS certs on your machine against the canonical list that the maker of your computer / OS provides.

It has often surprised me how difficult it is to find such lists from software and hardware makers.

In any case, Apple now makes such a list available. But it is terrible to digest or really understand in any way. When I went to print the thing out, even at Scale 70%, the thing came to 45 pages.

With that in mind, I created this quick Google Sheets file of all the 240+ certs you should have in a nice spreadsheet that can be manipulated and viewed as you please. Enjoy:

Apple Trusted Certs
Trusted Certs Certificate name,Issued by,Type,Key size,Sig alg,Serial number,Expires,EV policy,Fingerprint (SHA-256)AAA Certificate Services,AAA Certificate Services,RSA,2048 bits,SHA-1,1,23:59:59 Dec 31, 2028,Not EV,D7 A7 A0 FB 5D 7E 27 31 D7 71 E9 48 4E BC DE F7 1D 5F 0C 3E 0A 29 48 78 2B C8 ...
Google Docs

NOTE: As soon as I posted this I realize I should be thanking Lee Neubecker for originally walking me through how important control and understanding of the TLS certs you have locally is. A fantastic cyber expert and certainly one of the best in the midwest. I also owe him for his Cloud Radium discovery some time ago, which pointed out many unusual connections between Chinese hacking and Cheyenne, Wyoming.