pied5cogslekda2zfo7ijsjnbq.ap-southeast-1.es.amazonaws.com

Issued by Amazon RSA 2048 M01

About this certificate

This digital certificate with serial number 06:da:20:0f:26:19:db:30:3f:5c:a3:e1:e4:13:df:7b was issued on by Amazon.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=pied5cogslekda2zfo7ijsjnbq.ap-southeast-1.es.amazonaws.com

Amazon

Organization: Amazon
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 06:da:20:0f:26:19:db:30:3f:5c:a3:e1:e4:13:df:7b
Serial Number (int): 9107938927191530834831767420758384507
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: b4:49:4b:bd:fc:28:13:ed:c5:54:6d:4a:93:d4:28:7f:d8:4b:c8:77
AuthorityKeyId: 81:b8:0e:63:8a:89:12:18:e5:fa:3b:3b:50:95:9f:e6:e5:90:13:85

Fingerprint (sha1): 23:9a:14:56:f3:0c:06:3d:c2:ac:9d:f7:a4:85:42:db:a0:42:26:a7
Fingerprint (sha256): 00:01:ca:73:58:ef:f0:5d:64:f3:9e:6e:dd:2e:26:56:b7:37:86:ed:4b:6a:06:35:c0:56:c3:22:01:35:1d:55

Issuing Certificate URL: http://crt.r2m01.amazontrust.com/r2m01.cer

Revocation information

OCSP Server: http://ocsp.r2m01.amazontrust.com
CRL Distribution Point: http://crl.r2m01.amazontrust.com/r2m01.crl

Check the revocation status for certificate pied5cogslekda2zfo7ijsjnbq.ap-southeast-1.es.amazonaws.com

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for pied5cogslekda2zfo7ijsjnbq.ap-southeast-1.es.amazonaws.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

pied5cogslekda2zfo7ijsjnbq.ap-southeast-1.es.amazonaws.com
*.ap-southeast-1.es.amazonaws.com

Other certificates including the domain name amazonaws.com

(limited to 100 certificates)
fd7q5ahpgwxzgzjeydx7ued3dy.ap-south-1.es.amazonaws.com
*.canary0410ddc89fc.0ivg9b.c1.kafka.ap-northeast-1.amazonaws.com
*.canary-705cb9c9ce.4vp3ak.c1.kafka.ap-southeast-1.amazonaws.com
3wmpdnfzuawkweauyeqwsz3sgq.us-west-2.es.amazonaws.com
*.canaryc0e5744bf8d.uoc6j4.c1.kafka.ap-northeast-1.amazonaws.com
sbk73gdfu64w3u3odwhm6dbuoq.eu-west-1.es.amazonaws.com
phgarilyufhxfvyv6rqey2igyu.us-east-1.es.amazonaws.com
f3goayqxx4fiacneubnhrs2cgq.eu-west-2.es.amazonaws.com
c7xnkrjzni2nspnmpruzcqwubm.us-east-2.es.amazonaws.com
*.canary7835b1affed0.feiwkl.c4.kafka.us-west-2.amazonaws.com
4sbm4svmdwc4hja5kjqsbsabaq.us-gov-west-1.es.amazonaws.com
*.canary38977f6d5fd.kv8cye.c2.kafka.ap-northeast-2.amazonaws.com
hcmsmyn7brxhvxc6zgbctvjh44.us-east-2.es.amazonaws.com
urnomx4z6o62opvpawsmrldfgi.ap-northeast-1.es.amazonaws.com
anwrzykp2vpsprhdokjkngddxa.ca-central-1.es.amazonaws.com
wszph7yr32vodaalq32pln2prm.ap-southeast-2.es.amazonaws.com
*.cfnlaunchpadcanarytest.wcpyzy.c4.kafka.eu-west-1.amazonaws.com
s3.ca-central-1.amazonaws.com
e5iadkz6kufmsrdnube75tyk5i.us-east-1.es.amazonaws.com
*.canary2fbbe3f61b0.2a500w.c3.kafka.ap-northeast-3.amazonaws.com
s3.af-south-1.amazonaws.com
tonu2tlhyv2hnvxxjjcljq4hse.eu-south-1.es.amazonaws.com
*.privatelinkcanary99.2y21fq.c1.kafka.me-central-1.amazonaws.com
s3.us-west-2.amazonaws.com
75illtecsvqox63ith2tndwefy.eu-west-3.es.amazonaws.com
ivieaesvmhx54vsi4vondj6pii.eu-west-1.es.amazonaws.com
xbfwcx4qduhx25yb6chzuw4nni.ca-central-1.es.amazonaws.com
t3s2vk5yto255no6s4m7uc5pde.ap-northeast-1.es.amazonaws.com
*.canary98fa3fe4e22.j417x5.c3.kafka.ap-northeast-3.amazonaws.com
*.canary14c480c2d0b0.grolaw.c1.kafka.me-south-1.amazonaws.com
*.cfnlaunchpadcanaryt.cbx9rj.c2.kafka.ca-central-1.amazonaws.com
*.canary-f22d3b00119a.oi5ic9.c2.kafka.ap-south-1.amazonaws.com
xqqjcyq6o3rc7hrs6ifusrns7u.us-east-1.es.amazonaws.com
vyjursg4ukjf5kznu7cve3pjyq.us-gov-west-1.es.amazonaws.com
2unyopxibvxjbcdkcsruu4l45q.ap-south-1.es.amazonaws.com
*.canaryd05eda50d241.ngnrw3.c1.kafka.eu-south-1.amazonaws.com
*.canarybc7767eb5f29.0b02sv.c3.kafka.eu-central-1.amazonaws.com
6fgy56efefwkdeodtkmmwkdswe.us-east-1.es.amazonaws.com
*.canary-780e819e93d7.s22kq9.c1.kafka.us-west-2.amazonaws.com
*.cfnlaunchpadcanaryt.uveli7.c4.kafka.ca-central-1.amazonaws.com
swmuby362d5wtp5s63kelca7ii.eu-west-1.es.amazonaws.com
*.canary7a34ed13e7b2.8yk2jt.c5.kafka.us-west-2.amazonaws.com
*.canary-794dbee21039.jarqga.c3.kafka.eu-north-1.amazonaws.com
fqhhh775oulwnzldm2ritqslkq.ca-central-1.es.amazonaws.com
*.cfnlaunchpadcanarytest.witiix.c4.kafka.us-west-2.amazonaws.com
s3.ap-northeast-1.amazonaws.com
canary.s3.eu-west-1.vpce.amazonaws.com
canary.s3.ap-east-1.vpce.amazonaws.com
gi66xkoipe4iyd3xrf4h2fvpua.us-east-1.es.amazonaws.com
*.canary71f0b6d9d316.7xg10s.c1.kafka.eu-north-1.amazonaws.com
*.crossaccountplcanary58.mjznox.c2.kafka.us-west-1.amazonaws.com
6cnaqybkcuth7uqc34ajchw6ka.eu-south-1.es.amazonaws.com
tibuxu36xjihnkqggn2ofga7y4.us-east-1.es.amazonaws.com
*.canary08a8ec26d9eb.wuy2me.c3.kafka.eu-west-2.amazonaws.com
et47rj34herpq75rm3eixepj5e.af-south-1.es.amazonaws.com
ef5as23rljk2mjo54xzzh5b7di.af-south-1.es.amazonaws.com
*.testcluster.kqyp1f.c1.kafka.eu-west-1.amazonaws.com
*.canary627ccb545bde.p1i713.c3.kafka.af-south-1.amazonaws.com
*.cfnlaunchpadcanar.kakne3.c2.kafka.ap-southeast-3.amazonaws.com
hwfsk72lrrbczq4xfsiky5xdr4.ap-northeast-1.es.amazonaws.com
*.privatelinkcanary.o7q1h1.c4.kafka.ap-northeast-2.amazonaws.com
*.mskcluster3adgsux.xy0lqw.c2.kafka.ap-southeast-2.amazonaws.com
*.canaryb6a73c05894.ek92py.c5.kafka.ap-southeast-2.amazonaws.com
of4277ngujbbpuzcronoz7wjlq.ca-central-1.es.amazonaws.com
s3.us-east-1.amazonaws.com
canary.s3.us-gov-west-1.vpce.amazonaws.com
utb3zgxrn2e7mnhv5qgyiesdca.ap-southeast-2.es.amazonaws.com
ked5qqiaknxppr2ptfyq2z2hde.us-east-1.es-staging.amazonaws.com
epkq25frxidtqwzhpiu5na74ji.eu-west-1.es.amazonaws.com
*.cfnlaunchpadcanarytest.ljisga.c4.kafka.eu-west-1.amazonaws.com
*.cfnlaunchpadcanar.ty6puv.c2.kafka.ap-northeast-1.amazonaws.com
mu4e5dcryibbx.mrap.accesspoint.s3-global.amazonaws.com
q5ijjqpusel73ebpkthu6edvka.ap-northeast-1.es.amazonaws.com
*.cfnlaunchpadcanar.d467s7.c4.kafka.ap-northeast-2.amazonaws.com
yehmxtgn2qc4poy4tsiwars6rq.sa-east-1.es.amazonaws.com
canary.s3.us-east-2.vpce.amazonaws.com
*.cfnlaunchpadcanarytest.0p17bp.c4.kafka.eu-west-2.amazonaws.com
*.canary1f27ad4e8b21.bygyhq.c12.kafka.us-west-2.amazonaws.com
x7wbdyq4xqtsrtdnlvlj4rx5gi.ap-southeast-1.es.amazonaws.com
aksq7v2h2fenvkvlrjkssmhq6e.ap-southeast-1.es.amazonaws.com
jsfmlpyxlx5qdt3mvq6kb3zlzq.ap-south-1.es.amazonaws.com
mdfexzp7737t7.mrap.accesspoint.s3-global.amazonaws.com
*.canaryc37b8d367289.e4esek.c1.kafka.me-central-1.amazonaws.com
canary.s3.ap-southeast-1.vpce.amazonaws.com
m3stir3x9kx5m.mrap.accesspoint.s3-global.amazonaws.com
canary-s3ccp.mrap.accesspoint.s3-global.amazonaws.com
s3.eu-west-3.amazonaws.com
yn5tyh5p7kxvgl4j7ebsnumtzi.ap-south-1.es.amazonaws.com
lv4nfgokzyyh5kz4o4rlyrrgue.ap-south-1.es.amazonaws.com
*.canary4b55750240dc.th0lsm.c3.kafka.eu-west-3.amazonaws.com
s3.ap-southeast-2.amazonaws.com
*.canaryfcf3b606202d.ecc8c4.c4.kafka.us-west-1.amazonaws.com
*.cfnlaunchpadcanarytes.nt8ifz.c4.kafka.eu-north-1.amazonaws.com
ifcscxtvwwmh2twskdrbegweee.eu-west-1.es-staging.amazonaws.com
v6lvvq543ktmo2r457edtbnh4m.us-west-2.es.amazonaws.com
*.canaryb57f1b7d6b29.ego5xb.c3.kafka.us-gov-east-1.amazonaws.com
7564oq2vskmng3y3oqttk5u7r4.us-east-1.es.amazonaws.com
*.canary95a41d09dc37.4jrpr0.c4.kafka.eu-north-1.amazonaws.com
canary.s3.il-central-1.vpce.amazonaws.com
yaggdu4bqrmbpikf5h7ff4e6oy.us-east-1.es.amazonaws.com

Certificate

The complete raw certificate details for pied5cogslekda2zfo7ijsjnbq.ap-southeast-1.es.amazonaws.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgIQBtogDyYZ2zA/XKPh5BPfezANBgkqhkiG9w0BAQsFADA8
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g
UlNBIDIwNDggTTAxMB4XDTIzMDYwMjAwMDAwMFoXDTI0MDYzMDIzNTk1OVowRTFD
MEEGA1UEAxM6cGllZDVjb2dzbGVrZGEyemZvN2lqc2puYnEuYXAtc291dGhlYXN0
LTEuZXMuYW1hem9uYXdzLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM40AzxYx49RDYimd6h8Xe0oD29oJkPSchf7Ku0JXzHDVhDpy+FkFB7obe3g
+DSolr1xrCJRvOm7rJOH4/eLkDl811wmGPk/XiVW+O9niR75ZsVv4+gccH/2+N2v
h6ehB6zdcS5aM5aPWSLJ1iGhXH9Ab1L8hTJY651PmVPF+FT1s+rZkoOjMEpmMcN3
EnRjbOlUqmQ35XlpFSlQ8CjOjQGZGEU01h242a+M1cHHtKCv8WbpoXD9Mvp6mrg9
GohXQO7XzSAKGYhXW2IWsjwYi45urMecQ0aE0SNjllwUOPWgkp1gvssxn1m3nxqO
84FsxSXWO4o9dKopKZAEnAtjLDUCAwEAAaOCAckwggHFMB8GA1UdIwQYMBaAFIG4
DmOKiRIY5fo7O1CVn+blkBOFMB0GA1UdDgQWBBS0SUu9/CgT7cVUbUqT1Ch/2EvI
dzBoBgNVHREEYTBfgjpwaWVkNWNvZ3NsZWtkYTJ6Zm83aWpzam5icS5hcC1zb3V0
aGVhc3QtMS5lcy5hbWF6b25hd3MuY29tgiEqLmFwLXNvdXRoZWFzdC0xLmVzLmFt
YXpvbmF3cy5jb20wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMB
BggrBgEFBQcDAjA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8vY3JsLnIybTAxLmFt
YXpvbnRydXN0LmNvbS9yMm0wMS5jcmwwEwYDVR0gBAwwCjAIBgZngQwBAgEwdQYI
KwYBBQUHAQEEaTBnMC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5yMm0wMS5hbWF6
b250cnVzdC5jb20wNgYIKwYBBQUHMAKGKmh0dHA6Ly9jcnQucjJtMDEuYW1hem9u
dHJ1c3QuY29tL3IybTAxLmNlcjAMBgNVHRMBAf8EAjAAMBMGCisGAQQB1nkCBAMB
Af8EAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQAP0dBeQU9icpsTw9eIgEK4ouMWGLAE
NGO4rYgBYjhxIF3ce0tH34NyvdJVTZ/6MFilkyPq0wXOdr7EyX03LH+ngzkxfjyj
tUUYOPSIZy35jTL209tuCwx2JIshX6aI8KnKP+cWVziPPtYZ2cP4y1Kx3vkOQsAK
NZJLT3DFjLTOPcghBvXQuwn3Ao+coQsADQboOjWkwMJWykp8Td70EivyNP6PV5XW
OLAQLhIXE+VHQXjww9ey1ttNNdsgSWYL8rzJnW5k71U9rFT0mEr4BwLG/T3MYWJ0
aBVJAWanEA1c/RMNKCw5yBJp9DXJAuvFS2syzD4/myafu8HgROI4N/wQ
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzjQDPFjHj1ENiKZ3qHxd
7SgPb2gmQ9JyF/sq7QlfMcNWEOnL4WQUHuht7eD4NKiWvXGsIlG86busk4fj94uQ
OXzXXCYY+T9eJVb472eJHvlmxW/j6Bxwf/b43a+Hp6EHrN1xLlozlo9ZIsnWIaFc
f0BvUvyFMljrnU+ZU8X4VPWz6tmSg6MwSmYxw3cSdGNs6VSqZDfleWkVKVDwKM6N
AZkYRTTWHbjZr4zVwce0oK/xZumhcP0y+nqauD0aiFdA7tfNIAoZiFdbYhayPBiL
jm6sx5xDRoTRI2OWXBQ49aCSnWC+yzGfWbefGo7zgWzFJdY7ij10qikpkAScC2Ms
NQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 9107938927191530834831767420758384507
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M01'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-06-02 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-30 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'pied5cogslekda2zfo7ijsjnbq.ap-southeast-1.es.amazonaws.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26030739211508088478817812046579287624090404993469722700665967527494484817847132471451045025052113546359526947258980442791299692856285198939227145159573440434011415816557543751545437730837351669166986372993733714145855436076351824707986154124227623033910723985210910295680770228461779803302981821626408526059033062531437862953131631680583566126304924798161732308923082560005231219543422094805827218096514693485935370259114398875258330553160320360136830581980044209824036115406860366160280879675466517264337140596648576810105777388835095031187153709442720468299402314813909735823754377799001149221449426956509442681909
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 81b80e638a891218e5fa3b3b50959fe6e5901385
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							b4494bbdfc2813edc5546d4a93d4287fd84bc877
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (97 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'pied5cogslekda2zfo7ijsjnbq.ap-southeast-1.es.amazonaws.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.ap-southeast-1.es.amazonaws.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m01.amazontrust.com/r2m01.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m01.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m01.amazontrust.com/r2m01.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		000fd1d05e414f62729b13c3d7888042b8a2e31618b0043463b8ad8801623871205ddc7b4b47df8372bdd2554d9ffa3058a59323ead305ce76bec4c97d372c7fa78339317e3ca3b5451838f488672df98d32f6d3db6e0b0c76248b215fa688f0a9ca3fe71657388f3ed619d9c3f8cb52b1def90e42c00a35924b4f70c58cb4ce3dc82106f5d0bb09f7028f9ca10b000d06e83a35a4c0c256ca4a7c4ddef4122bf234fe8f5795d638b0102e121713e5474178f0c3d7b2d6db4d35db2049660bf2bcc99d6e64ef553dac54f4984af80702c6fd3dcc6162746815490166a7100d5cfd130d282c39c81269f435c902ebc54b6b32cc3e3f9b269fbbc1e044e23837fc10