It is important to check the TLS certs on your machine against the canonical list that the maker of your computer / OS provides.
It has often surprised me how difficult it is to find such lists from software and hardware makers.
In any case, Apple now makes such a list available. But it is terrible to digest or really understand in any way. When I went to print the thing out, even at Scale 70%, the thing came to 45 pages.
With that in mind, I created this quick Google Sheets file of all the 240+ certs you should have in a nice spreadsheet that can be manipulated and viewed as you please. Enjoy:
NOTE: As soon as I posted this I realize I should be thanking Lee Neubecker for originally walking me through how important control and understanding of the TLS certs you have locally is. A fantastic cyber expert and certainly one of the best in the midwest. I also owe him for his Cloud Radium discovery some time ago, which pointed out many unusual connections between Chinese hacking and Cheyenne, Wyoming.