mu4e5dcryibbx.mrap.accesspoint.s3-global.amazonaws.com

Issued by Amazon RSA 2048 M03

About this certificate

This digital certificate with serial number 0a:7c:98:ce:1f:34:26:49:e8:9b:27:21:30:34:92:fc was issued on by Amazon.

This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=mu4e5dcryibbx.mrap.accesspoint.s3-global.amazonaws.com

Amazon

Organization: Amazon
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 0a:7c:98:ce:1f:34:26:49:e8:9b:27:21:30:34:92:fc
Serial Number (int): 13939224025225790607715194136429892348
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: e7:1b:36:6f:c4:df:cb:54:4d:06:a6:d4:cf:26:6f:8e:d8:44:01:60
AuthorityKeyId: 55:d9:18:5f:d2:1c:cc:01:e1:58:b4:be:ab:d9:55:42:01:d7:2e:02

Fingerprint (sha1): f2:fc:5e:1e:32:e1:78:a1:70:c3:eb:8b:03:77:91:21:dc:d4:0d:1c
Fingerprint (sha256): 00:01:0e:7e:3c:32:a7:06:c1:c8:88:29:d8:2c:8a:a5:1e:83:50:b6:2f:5b:15:38:b2:b1:46:fc:be:2b:47:2b

Issuing Certificate URL: http://crt.r2m03.amazontrust.com/r2m03.cer

Revocation information

OCSP Server: http://ocsp.r2m03.amazontrust.com
CRL Distribution Point: http://crl.r2m03.amazontrust.com/r2m03.crl

Check the revocation status for certificate mu4e5dcryibbx.mrap.accesspoint.s3-global.amazonaws.com

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for mu4e5dcryibbx.mrap.accesspoint.s3-global.amazonaws.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

mu4e5dcryibbx.mrap.accesspoint.s3-global.amazonaws.com

Other certificates including the domain name amazonaws.com

(limited to 100 certificates)
fd7q5ahpgwxzgzjeydx7ued3dy.ap-south-1.es.amazonaws.com
*.canary-705cb9c9ce.4vp3ak.c1.kafka.ap-southeast-1.amazonaws.com
3wmpdnfzuawkweauyeqwsz3sgq.us-west-2.es.amazonaws.com
phgarilyufhxfvyv6rqey2igyu.us-east-1.es.amazonaws.com
hcmsmyn7brxhvxc6zgbctvjh44.us-east-2.es.amazonaws.com
urnomx4z6o62opvpawsmrldfgi.ap-northeast-1.es.amazonaws.com
*.cfnlaunchpadcanarytest.wcpyzy.c4.kafka.eu-west-1.amazonaws.com
s3.ca-central-1.amazonaws.com
s3.af-south-1.amazonaws.com
s3.us-west-2.amazonaws.com
75illtecsvqox63ith2tndwefy.eu-west-3.es.amazonaws.com
xbfwcx4qduhx25yb6chzuw4nni.ca-central-1.es.amazonaws.com
t3s2vk5yto255no6s4m7uc5pde.ap-northeast-1.es.amazonaws.com
*.cfnlaunchpadcanaryt.cbx9rj.c2.kafka.ca-central-1.amazonaws.com
*.canary-f22d3b00119a.oi5ic9.c2.kafka.ap-south-1.amazonaws.com
2unyopxibvxjbcdkcsruu4l45q.ap-south-1.es.amazonaws.com
6fgy56efefwkdeodtkmmwkdswe.us-east-1.es.amazonaws.com
*.canary-780e819e93d7.s22kq9.c1.kafka.us-west-2.amazonaws.com
*.cfnlaunchpadcanaryt.uveli7.c4.kafka.ca-central-1.amazonaws.com
swmuby362d5wtp5s63kelca7ii.eu-west-1.es.amazonaws.com
*.canary7a34ed13e7b2.8yk2jt.c5.kafka.us-west-2.amazonaws.com
*.canary-794dbee21039.jarqga.c3.kafka.eu-north-1.amazonaws.com
fqhhh775oulwnzldm2ritqslkq.ca-central-1.es.amazonaws.com
*.cfnlaunchpadcanarytest.witiix.c4.kafka.us-west-2.amazonaws.com
gi66xkoipe4iyd3xrf4h2fvpua.us-east-1.es.amazonaws.com
tibuxu36xjihnkqggn2ofga7y4.us-east-1.es.amazonaws.com
*.canary627ccb545bde.p1i713.c3.kafka.af-south-1.amazonaws.com
hwfsk72lrrbczq4xfsiky5xdr4.ap-northeast-1.es.amazonaws.com
*.mskcluster3adgsux.xy0lqw.c2.kafka.ap-southeast-2.amazonaws.com
s3.us-east-1.amazonaws.com
canary.s3.us-gov-west-1.vpce.amazonaws.com
epkq25frxidtqwzhpiu5na74ji.eu-west-1.es.amazonaws.com
*.cfnlaunchpadcanarytest.ljisga.c4.kafka.eu-west-1.amazonaws.com
mu4e5dcryibbx.mrap.accesspoint.s3-global.amazonaws.com
q5ijjqpusel73ebpkthu6edvka.ap-northeast-1.es.amazonaws.com
*.cfnlaunchpadcanar.d467s7.c4.kafka.ap-northeast-2.amazonaws.com
yehmxtgn2qc4poy4tsiwars6rq.sa-east-1.es.amazonaws.com
*.cfnlaunchpadcanarytest.0p17bp.c4.kafka.eu-west-2.amazonaws.com
jsfmlpyxlx5qdt3mvq6kb3zlzq.ap-south-1.es.amazonaws.com
canary.s3.ap-southeast-1.vpce.amazonaws.com
s3.eu-west-3.amazonaws.com
yn5tyh5p7kxvgl4j7ebsnumtzi.ap-south-1.es.amazonaws.com
s3.ap-southeast-2.amazonaws.com
*.cfnlaunchpadcanarytes.nt8ifz.c4.kafka.eu-north-1.amazonaws.com
ifcscxtvwwmh2twskdrbegweee.eu-west-1.es-staging.amazonaws.com
7564oq2vskmng3y3oqttk5u7r4.us-east-1.es.amazonaws.com
*.canary95a41d09dc37.4jrpr0.c4.kafka.eu-north-1.amazonaws.com
canary.s3.il-central-1.vpce.amazonaws.com
*.cfnlaunchpadcanarytest.v6677v.c4.kafka.eu-west-3.amazonaws.com
puqxh6d3qxzzp3nzqp667pf2sq.me-south-1.es.amazonaws.com
*.cfnlaunchpadcanarytest.cbepqo.c4.kafka.sa-east-1.amazonaws.com
*.cfnlaunchpadcanaryt.cdul2k.c4.kafka.ca-central-1.amazonaws.com
*.canary534ab9a795d.glqha6.c1.kafka.ap-northeast-2.amazonaws.com
*.cluster-cxnwqqspunxa.us-west-2.rds.amazonaws.com
canary.s3.us-east-1.vpce.amazonaws.com
*.cfnlaunchpadcanarytest.38r357.c4.kafka.eu-west-3.amazonaws.com
*.cfnlaunchpadcanar.vc86fp.c4.kafka.ap-northeast-1.amazonaws.com
s3.ca-central-1.amazonaws.com
*.replacementcanary-2.sod442.c1.kafka.eu-central-1.amazonaws.com
*.canary-38054043d9f7.poa07p.c2.kafka.ap-south-1.amazonaws.com
*.armupdateconfiga.6zw4yn.c1.kafka-gamma.us-west-2.amazonaws.com
tsf7epmr36d5w77wtdtluqtjc4.us-west-2.es.amazonaws.com
*.canary-47bc0dc98d40.qeyouk.c2.kafka.us-east-2.amazonaws.com
ardi-service-gamma.us-gov-west-1.amazonaws.com
ecs-a-1.us-gov-east-1.amazonaws.com
wayeyh3wow6shqh7dqvotirg3m.eu-west-1.es.amazonaws.com
*.kafkamskcluster.ha9iy3.c2.kafka.eu-west-1.amazonaws.com
*.canary89702d9857b6.ib6dn9.c1.kafka.me-south-1.amazonaws.com
*.canary7410f8f1880.y43lug.c2.kafka.ap-southeast-2.amazonaws.com
*.chrometbcreate17018877.12gtf9.c4.kafka.ap-east-1.amazonaws.com
*.cfnlaunchpadcanarytest.3p5lh7.c4.kafka.eu-west-3.amazonaws.com
*.ckfulidknuxh.us-east-1.redshift.amazonaws.com
*.cfnlaunchpadcanarytes.i4ii6f.c4.kafka.eu-south-1.amazonaws.com
*.cfnlaunchpadcanar.oxna9l.c4.kafka.ap-southeast-2.amazonaws.com
snowball.ap-southeast-2.amazonaws.com
y6kthvz2o2exgb7huojeacokwa.us-east-1.es.amazonaws.com
*.canary-db7a37281f6d.03742e.c4.kafka.eu-west-3.amazonaws.com
clpgted7o6ujv7oq6f452hbvcy.us-gov-west-1.es.amazonaws.com
*.canary3a1737a7b1d2.37xanb.c1.kafka.me-south-1.amazonaws.com
3beolxhz5fv46rccqqzl2rekii.us-west-2.es.amazonaws.com
*.gc-rc-sr-1583945003.r41xxd.c1.kafka.ca-central-1.amazonaws.com
o4plilfaz3tt375be2hjlgkufy.us-east-1.es-nexus.amazonaws.com
llzhr46qwljcelzqvmbyayg73e.us-west-2.es.amazonaws.com
5tyc74sxmxnynh7nelm4tgwdsy.us-east-1.es.amazonaws.com
s3.ap-northeast-2.amazonaws.com
33f3ybh43otnp6anbao4oldtii.us-west-2.es.amazonaws.com
qksouqticst5o7gnye3562zlha.us-east-1.es.amazonaws.com
6blwbm2sbvxdeqtjt2rgwiqz5u.ca-central-1.es.amazonaws.com
*.canaryc3ca7d961964.03tzzb.c3.kafka.us-west-1.amazonaws.com
*.canaryf7fe0b518e7.mm787h.c2.kafka.ap-southeast-4.amazonaws.com
ndn3w3adypi2bzgvcbd7kvyh5m.sa-east-1.es.amazonaws.com
6qboysqk6yo23za3vmtbymaop4.eu-west-1.es.amazonaws.com
canary.s3.ap-south-2.vpce.amazonaws.com
canary.s3.eu-south-1.vpce.amazonaws.com
*.replacementcanary-d.nwv4s1.c2.kafka.eu-central-1.amazonaws.com
bg6gskfoi6i54pe7i2accghmde.eu-south-1.es.amazonaws.com
yrv5npxs45wxbuzh6vmmx5czhi.eu-west-1.es.amazonaws.com
*.canary-0a91a417f712.nfwvus.c4.kafka.eu-west-2.amazonaws.com
6nznveo3kitfemggrairlto7mq.us-east-2.es.amazonaws.com
*.cfnlaunchpadcanarytest.cax14p.c4.kafka.us-west-2.amazonaws.com

Certificate

The complete raw certificate details for mu4e5dcryibbx.mrap.accesspoint.s3-global.amazonaws.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIEqzCCA5OgAwIBAgIQCnyYzh80JknomychMDSS/DANBgkqhkiG9w0BAQsFADA8
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g
UlNBIDIwNDggTTAzMB4XDTIzMTIwOTAwMDAwMFoXDTI1MDEwNzIzNTk1OVowQTE/
MD0GA1UEAxM2bXU0ZTVkY3J5aWJieC5tcmFwLmFjY2Vzc3BvaW50LnMzLWdsb2Jh
bC5hbWF6b25hd3MuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
nqec1aT7E9xiZxkYo0nKGM3NxxFd6T+5GleVhqmF3FXmsk54sWn7XRVbVdoYWYTs
iU9JBdSr5AUamqEKiupSMExdMWy5WnKRTa3IOHGRbR5waZOqb+Ym/JqmPDyeNh0T
LZ0GjCgVnPkJRhFC4Feshx31gFwpygLloV7MFEeAbSRXJ3YarAUFs3Jk8fNS0sFG
TTLcHR7UHkKuOfUQfYJK6Dtg1il+c/Xpa3u8WVz70W62oXORCwCeDn3X5tJ4V5Cs
w0rrVw5CXwimv4YsEOj8EavdFSx5LSXVbNCyvBvpPn88ltwLN583zoJwfrDyhdz4
urLSEu9dhGfc+Lub/Fs3qwIDAQABo4IBojCCAZ4wHwYDVR0jBBgwFoAUVdkYX9Ic
zAHhWLS+q9lVQgHXLgIwHQYDVR0OBBYEFOcbNm/E38tUTQam1M8mb47YRAFgMEEG
A1UdEQQ6MDiCNm11NGU1ZGNyeWliYngubXJhcC5hY2Nlc3Nwb2ludC5zMy1nbG9i
YWwuYW1hem9uYXdzLmNvbTATBgNVHSAEDDAKMAgGBmeBDAECATAOBgNVHQ8BAf8E
BAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMDsGA1UdHwQ0MDIw
MKAuoCyGKmh0dHA6Ly9jcmwucjJtMDMuYW1hem9udHJ1c3QuY29tL3IybTAzLmNy
bDB1BggrBgEFBQcBAQRpMGcwLQYIKwYBBQUHMAGGIWh0dHA6Ly9vY3NwLnIybTAz
LmFtYXpvbnRydXN0LmNvbTA2BggrBgEFBQcwAoYqaHR0cDovL2NydC5yMm0wMy5h
bWF6b250cnVzdC5jb20vcjJtMDMuY2VyMAwGA1UdEwEB/wQCMAAwEwYKKwYBBAHW
eQIEAwEB/wQCBQAwDQYJKoZIhvcNAQELBQADggEBAE0Ky415rxWaVa9dGI4FC+ro
2HKpqJGyKJLVXVgqLSJsQh0Zg0O02CL86M35UkU8QoGQOIPlVilQe/HArmydzyBQ
1FI3BLTUHX/29BUHczrK3Ish35FoCKGfFl1Y/0MzqJ8mT/10LCGKGbc/dXSr+Lvx
/813oZf9DieAiLG9+N5VkUy9h+4bEo8hoqujDImyS3C9BJaxnLYZY+Rr4eDySH+m
jLR3KGoW8DZtAjQvHO0558sc553SzV8OHNe/gYpqO47RRIq7aJGxhJAw3OdBTSPq
MFsvsNTE5bIvVcZAv1S77aKenvJsw8fV7mgAScpvqMHPOKJ6zbmywL0fvp38qfQ=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnqec1aT7E9xiZxkYo0nK
GM3NxxFd6T+5GleVhqmF3FXmsk54sWn7XRVbVdoYWYTsiU9JBdSr5AUamqEKiupS
MExdMWy5WnKRTa3IOHGRbR5waZOqb+Ym/JqmPDyeNh0TLZ0GjCgVnPkJRhFC4Fes
hx31gFwpygLloV7MFEeAbSRXJ3YarAUFs3Jk8fNS0sFGTTLcHR7UHkKuOfUQfYJK
6Dtg1il+c/Xpa3u8WVz70W62oXORCwCeDn3X5tJ4V5Csw0rrVw5CXwimv4YsEOj8
EavdFSx5LSXVbNCyvBvpPn88ltwLN583zoJwfrDyhdz4urLSEu9dhGfc+Lub/Fs3
qwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 13939224025225790607715194136429892348
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M03'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-09 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-07 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'mu4e5dcryibbx.mrap.accesspoint.s3-global.amazonaws.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20028305055448594853678765994612020179500332172387922328692164595376932117341161765792633280392447185290297899733432611424075260934041285834023554099046056606367296248997908598273369287412914147969316645555876701264758297574744296762183053494914842459905849473913674159218722331141790096351839659484244031729786184211356889033669556614527676945659244526674481979923973453198338701329316086727478228800041937432579649672831613243314921369343610807033132075592696856811646606914310832441355401884457735720016855054308099761177301380491217530553465518396732790926942886526038981623798698996440691768605414453555945486251
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 55d9185fd21ccc01e158b4beabd9554201d72e02
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							e71b366fc4dfcb544d06a6d4cf266f8ed8440160
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (58 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mu4e5dcryibbx.mrap.accesspoint.s3-global.amazonaws.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m03.amazontrust.com/r2m03.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m03.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m03.amazontrust.com/r2m03.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		004d0acb8d79af159a55af5d188e050beae8d872a9a891b22892d55d582a2d226c421d198343b4d822fce8cdf952453c4281903883e55629507bf1c0ae6c9dcf2050d4523704b4d41d7ff6f41507733acadc8b21df916808a19f165d58ff4333a89f264ffd742c218a19b73f7574abf8bbf1ffcd77a197fd0e278088b1bdf8de55914cbd87ee1b128f21a2aba30c89b24b70bd0496b19cb61963e46be1e0f2487fa68cb477286a16f0366d02342f1ced39e7cb1ce79dd2cd5f0e1cd7bf818a6a3b8ed1448abb6891b1849030dce7414d23ea305b2fb0d4c4e5b22f55c640bf54bbeda29e9ef26cc3c7d5ee680049ca6fa8c1cf38a27acdb9b2c0bd1fbe9dfca9f4