s3.eu-west-1.amazonaws.com

Issued by Amazon RSA 2048 M02

About this certificate

This digital certificate with serial number 07:79:71:3d:a7:f1:55:09:89:5c:cf:86:ce:25:10:d8 was issued on by Amazon.

With 24 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=s3.eu-west-1.amazonaws.com

Amazon

Organization: Amazon
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 07:79:71:3d:a7:f1:55:09:89:5c:cf:86:ce:25:10:d8
Serial Number (int): 9935160687556000602022845673690697944
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: d6:dd:91:64:64:1b:82:45:70:29:bb:8b:73:b6:c8:a9:cc:11:49:bd
AuthorityKeyId: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2

Fingerprint (sha1): 02:e5:c8:42:42:3f:2c:be:1c:bd:24:7b:77:21:9d:c7:74:f5:69:97
Fingerprint (sha256): 00:01:e7:db:29:35:96:ae:53:92:cf:98:5a:9c:ff:71:b5:09:06:f8:65:e3:c4:be:97:6d:df:e9:1c:2f:4d:2d

Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer

Revocation information

OCSP Server: http://ocsp.r2m02.amazontrust.com
CRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl

Check the revocation status for certificate s3.eu-west-1.amazonaws.com

24

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for s3.eu-west-1.amazonaws.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

s3.eu-west-1.amazonaws.com
bucket.vpce-027f8e94ea5110090-dnmopax2-eu-west-1a.s3.eu-west-1.vpce.amazonaws.com
*.accesspoint.vpce-027f8e94ea5110090-dnmopax2-eu-west-1b.s3.eu-west-1.vpce.amazonaws.com
*.bucket.vpce-027f8e94ea5110090-dnmopax2-eu-west-1c.s3.eu-west-1.vpce.amazonaws.com
*.accesspoint.vpce-027f8e94ea5110090-dnmopax2.s3.eu-west-1.vpce.amazonaws.com
*.s3-control.eu-west-1.amazonaws.com
*.control.vpce-027f8e94ea5110090-dnmopax2-eu-west-1c.s3.eu-west-1.vpce.amazonaws.com
bucket.vpce-027f8e94ea5110090-dnmopax2-eu-west-1b.s3.eu-west-1.vpce.amazonaws.com
*.bucket.vpce-027f8e94ea5110090-dnmopax2-eu-west-1a.s3.eu-west-1.vpce.amazonaws.com
*.accesspoint.vpce-027f8e94ea5110090-dnmopax2-eu-west-1d.s3.eu-west-1.vpce.amazonaws.com
*.bucket.vpce-027f8e94ea5110090-dnmopax2-eu-west-1d.s3.eu-west-1.vpce.amazonaws.com
*.control.vpce-027f8e94ea5110090-dnmopax2-eu-west-1d.s3.eu-west-1.vpce.amazonaws.com
*.control.vpce-027f8e94ea5110090-dnmopax2.s3.eu-west-1.vpce.amazonaws.com
bucket.vpce-027f8e94ea5110090-dnmopax2-eu-west-1c.s3.eu-west-1.vpce.amazonaws.com
*.bucket.vpce-027f8e94ea5110090-dnmopax2.s3.eu-west-1.vpce.amazonaws.com
*.control.vpce-027f8e94ea5110090-dnmopax2-eu-west-1a.s3.eu-west-1.vpce.amazonaws.com
*.accesspoint.vpce-027f8e94ea5110090-dnmopax2-eu-west-1c.s3.eu-west-1.vpce.amazonaws.com
*.accesspoint.vpce-027f8e94ea5110090-dnmopax2-eu-west-1a.s3.eu-west-1.vpce.amazonaws.com
bucket.vpce-027f8e94ea5110090-dnmopax2.s3.eu-west-1.vpce.amazonaws.com
*.s3.eu-west-1.amazonaws.com
bucket.vpce-027f8e94ea5110090-dnmopax2-eu-west-1d.s3.eu-west-1.vpce.amazonaws.com
*.s3-accesspoint.eu-west-1.amazonaws.com
*.bucket.vpce-027f8e94ea5110090-dnmopax2-eu-west-1b.s3.eu-west-1.vpce.amazonaws.com
*.control.vpce-027f8e94ea5110090-dnmopax2-eu-west-1b.s3.eu-west-1.vpce.amazonaws.com

Other certificates including the domain name amazonaws.com

(limited to 100 certificates)
fd7q5ahpgwxzgzjeydx7ued3dy.ap-south-1.es.amazonaws.com
*.canary0410ddc89fc.0ivg9b.c1.kafka.ap-northeast-1.amazonaws.com
*.canary-705cb9c9ce.4vp3ak.c1.kafka.ap-southeast-1.amazonaws.com
3wmpdnfzuawkweauyeqwsz3sgq.us-west-2.es.amazonaws.com
*.canaryc0e5744bf8d.uoc6j4.c1.kafka.ap-northeast-1.amazonaws.com
sbk73gdfu64w3u3odwhm6dbuoq.eu-west-1.es.amazonaws.com
phgarilyufhxfvyv6rqey2igyu.us-east-1.es.amazonaws.com
f3goayqxx4fiacneubnhrs2cgq.eu-west-2.es.amazonaws.com
c7xnkrjzni2nspnmpruzcqwubm.us-east-2.es.amazonaws.com
*.canary7835b1affed0.feiwkl.c4.kafka.us-west-2.amazonaws.com
4sbm4svmdwc4hja5kjqsbsabaq.us-gov-west-1.es.amazonaws.com
*.canary38977f6d5fd.kv8cye.c2.kafka.ap-northeast-2.amazonaws.com
hcmsmyn7brxhvxc6zgbctvjh44.us-east-2.es.amazonaws.com
urnomx4z6o62opvpawsmrldfgi.ap-northeast-1.es.amazonaws.com
anwrzykp2vpsprhdokjkngddxa.ca-central-1.es.amazonaws.com
wszph7yr32vodaalq32pln2prm.ap-southeast-2.es.amazonaws.com
*.cfnlaunchpadcanarytest.wcpyzy.c4.kafka.eu-west-1.amazonaws.com
s3.ca-central-1.amazonaws.com
e5iadkz6kufmsrdnube75tyk5i.us-east-1.es.amazonaws.com
*.canary2fbbe3f61b0.2a500w.c3.kafka.ap-northeast-3.amazonaws.com
s3.af-south-1.amazonaws.com
tonu2tlhyv2hnvxxjjcljq4hse.eu-south-1.es.amazonaws.com
*.privatelinkcanary99.2y21fq.c1.kafka.me-central-1.amazonaws.com
s3.us-west-2.amazonaws.com
75illtecsvqox63ith2tndwefy.eu-west-3.es.amazonaws.com
ivieaesvmhx54vsi4vondj6pii.eu-west-1.es.amazonaws.com
xbfwcx4qduhx25yb6chzuw4nni.ca-central-1.es.amazonaws.com
t3s2vk5yto255no6s4m7uc5pde.ap-northeast-1.es.amazonaws.com
*.canary98fa3fe4e22.j417x5.c3.kafka.ap-northeast-3.amazonaws.com
*.canary14c480c2d0b0.grolaw.c1.kafka.me-south-1.amazonaws.com
*.cfnlaunchpadcanaryt.cbx9rj.c2.kafka.ca-central-1.amazonaws.com
*.canary-f22d3b00119a.oi5ic9.c2.kafka.ap-south-1.amazonaws.com
xqqjcyq6o3rc7hrs6ifusrns7u.us-east-1.es.amazonaws.com
vyjursg4ukjf5kznu7cve3pjyq.us-gov-west-1.es.amazonaws.com
2unyopxibvxjbcdkcsruu4l45q.ap-south-1.es.amazonaws.com
*.canaryd05eda50d241.ngnrw3.c1.kafka.eu-south-1.amazonaws.com
*.canarybc7767eb5f29.0b02sv.c3.kafka.eu-central-1.amazonaws.com
6fgy56efefwkdeodtkmmwkdswe.us-east-1.es.amazonaws.com
*.canary-780e819e93d7.s22kq9.c1.kafka.us-west-2.amazonaws.com
*.cfnlaunchpadcanaryt.uveli7.c4.kafka.ca-central-1.amazonaws.com
swmuby362d5wtp5s63kelca7ii.eu-west-1.es.amazonaws.com
*.canary7a34ed13e7b2.8yk2jt.c5.kafka.us-west-2.amazonaws.com
*.canary-794dbee21039.jarqga.c3.kafka.eu-north-1.amazonaws.com
fqhhh775oulwnzldm2ritqslkq.ca-central-1.es.amazonaws.com
*.cfnlaunchpadcanarytest.witiix.c4.kafka.us-west-2.amazonaws.com
s3.ap-northeast-1.amazonaws.com
canary.s3.eu-west-1.vpce.amazonaws.com
canary.s3.ap-east-1.vpce.amazonaws.com
gi66xkoipe4iyd3xrf4h2fvpua.us-east-1.es.amazonaws.com
*.canary71f0b6d9d316.7xg10s.c1.kafka.eu-north-1.amazonaws.com
*.crossaccountplcanary58.mjznox.c2.kafka.us-west-1.amazonaws.com
6cnaqybkcuth7uqc34ajchw6ka.eu-south-1.es.amazonaws.com
tibuxu36xjihnkqggn2ofga7y4.us-east-1.es.amazonaws.com
*.canary08a8ec26d9eb.wuy2me.c3.kafka.eu-west-2.amazonaws.com
et47rj34herpq75rm3eixepj5e.af-south-1.es.amazonaws.com
ef5as23rljk2mjo54xzzh5b7di.af-south-1.es.amazonaws.com
*.testcluster.kqyp1f.c1.kafka.eu-west-1.amazonaws.com
*.canary627ccb545bde.p1i713.c3.kafka.af-south-1.amazonaws.com
*.cfnlaunchpadcanar.kakne3.c2.kafka.ap-southeast-3.amazonaws.com
hwfsk72lrrbczq4xfsiky5xdr4.ap-northeast-1.es.amazonaws.com
*.privatelinkcanary.o7q1h1.c4.kafka.ap-northeast-2.amazonaws.com
*.mskcluster3adgsux.xy0lqw.c2.kafka.ap-southeast-2.amazonaws.com
*.canaryb6a73c05894.ek92py.c5.kafka.ap-southeast-2.amazonaws.com
of4277ngujbbpuzcronoz7wjlq.ca-central-1.es.amazonaws.com
s3.us-east-1.amazonaws.com
canary.s3.us-gov-west-1.vpce.amazonaws.com
utb3zgxrn2e7mnhv5qgyiesdca.ap-southeast-2.es.amazonaws.com
ked5qqiaknxppr2ptfyq2z2hde.us-east-1.es-staging.amazonaws.com
epkq25frxidtqwzhpiu5na74ji.eu-west-1.es.amazonaws.com
*.cfnlaunchpadcanarytest.ljisga.c4.kafka.eu-west-1.amazonaws.com
*.cfnlaunchpadcanar.ty6puv.c2.kafka.ap-northeast-1.amazonaws.com
mu4e5dcryibbx.mrap.accesspoint.s3-global.amazonaws.com
q5ijjqpusel73ebpkthu6edvka.ap-northeast-1.es.amazonaws.com
*.cfnlaunchpadcanar.d467s7.c4.kafka.ap-northeast-2.amazonaws.com
yehmxtgn2qc4poy4tsiwars6rq.sa-east-1.es.amazonaws.com
canary.s3.us-east-2.vpce.amazonaws.com
*.cfnlaunchpadcanarytest.0p17bp.c4.kafka.eu-west-2.amazonaws.com
*.canary1f27ad4e8b21.bygyhq.c12.kafka.us-west-2.amazonaws.com
x7wbdyq4xqtsrtdnlvlj4rx5gi.ap-southeast-1.es.amazonaws.com
aksq7v2h2fenvkvlrjkssmhq6e.ap-southeast-1.es.amazonaws.com
jsfmlpyxlx5qdt3mvq6kb3zlzq.ap-south-1.es.amazonaws.com
mdfexzp7737t7.mrap.accesspoint.s3-global.amazonaws.com
*.canaryc37b8d367289.e4esek.c1.kafka.me-central-1.amazonaws.com
canary.s3.ap-southeast-1.vpce.amazonaws.com
m3stir3x9kx5m.mrap.accesspoint.s3-global.amazonaws.com
canary-s3ccp.mrap.accesspoint.s3-global.amazonaws.com
s3.eu-west-3.amazonaws.com
yn5tyh5p7kxvgl4j7ebsnumtzi.ap-south-1.es.amazonaws.com
lv4nfgokzyyh5kz4o4rlyrrgue.ap-south-1.es.amazonaws.com
*.canary4b55750240dc.th0lsm.c3.kafka.eu-west-3.amazonaws.com
s3.ap-southeast-2.amazonaws.com
*.canaryfcf3b606202d.ecc8c4.c4.kafka.us-west-1.amazonaws.com
*.cfnlaunchpadcanarytes.nt8ifz.c4.kafka.eu-north-1.amazonaws.com
ifcscxtvwwmh2twskdrbegweee.eu-west-1.es-staging.amazonaws.com
v6lvvq543ktmo2r457edtbnh4m.us-west-2.es.amazonaws.com
*.canaryb57f1b7d6b29.ego5xb.c3.kafka.us-gov-east-1.amazonaws.com
7564oq2vskmng3y3oqttk5u7r4.us-east-1.es.amazonaws.com
*.canary95a41d09dc37.4jrpr0.c4.kafka.eu-north-1.amazonaws.com
canary.s3.il-central-1.vpce.amazonaws.com
yaggdu4bqrmbpikf5h7ff4e6oy.us-east-1.es.amazonaws.com

Certificate

The complete raw certificate details for s3.eu-west-1.amazonaws.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIILczCCClugAwIBAgIQB3lxPafxVQmJXM+GziUQ2DANBgkqhkiG9w0BAQsFADA8
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g
UlNBIDIwNDggTTAyMB4XDTIzMTIxNjAwMDAwMFoXDTI1MDExNDIzNTk1OVowJTEj
MCEGA1UEAxMaczMuZXUtd2VzdC0xLmFtYXpvbmF3cy5jb20wggEiMA0GCSqGSIb3
DQEBAQUAA4IBDwAwggEKAoIBAQDEKmTe6FkeFwn9Vlo/oySlsgPEKDnxId8KY8Pv
pFuEiiqsHVOUGh8cgmyVVoAcKZY6ojierrvGKKD9tg9i2lzu6BSQyGS+zWEXoW7a
Rsw5sPLTqxru8HEEYaIGTBMqdNgPWjHLlvZkZ1ini2zwwx2tzr9bfQxMIUD4IGVb
VI1QTKNACk36fBU+WfLeK5tNDFZHAQwg1fm0jRrPRb4qyLRake9TIFRNMpT3VN/F
OmbOgN5ZtY3ptY2o6g8BYayHPzWEyPrDMDtoBscuFwRPMqojV/0v7rg0AM/e39FK
6oAotUWXiCkl2odBCOq+7w7xilBpiZdvN7W1P4aQ9n4rS05XAgMBAAGjggiGMIII
gjAfBgNVHSMEGDAWgBTAMVLNWlDDgnx0cc7L6Zz5euuC4jAdBgNVHQ4EFgQU1t2R
ZGQbgkVwKbuLc7bIqcwRSb0wggcjBgNVHREEggcaMIIHFoIaczMuZXUtd2VzdC0x
LmFtYXpvbmF3cy5jb22CUWJ1Y2tldC52cGNlLTAyN2Y4ZTk0ZWE1MTEwMDkwLWRu
bW9wYXgyLWV1LXdlc3QtMWEuczMuZXUtd2VzdC0xLnZwY2UuYW1hem9uYXdzLmNv
bYJYKi5hY2Nlc3Nwb2ludC52cGNlLTAyN2Y4ZTk0ZWE1MTEwMDkwLWRubW9wYXgy
LWV1LXdlc3QtMWIuczMuZXUtd2VzdC0xLnZwY2UuYW1hem9uYXdzLmNvbYJTKi5i
dWNrZXQudnBjZS0wMjdmOGU5NGVhNTExMDA5MC1kbm1vcGF4Mi1ldS13ZXN0LTFj
LnMzLmV1LXdlc3QtMS52cGNlLmFtYXpvbmF3cy5jb22CTSouYWNjZXNzcG9pbnQu
dnBjZS0wMjdmOGU5NGVhNTExMDA5MC1kbm1vcGF4Mi5zMy5ldS13ZXN0LTEudnBj
ZS5hbWF6b25hd3MuY29tgiQqLnMzLWNvbnRyb2wuZXUtd2VzdC0xLmFtYXpvbmF3
cy5jb22CVCouY29udHJvbC52cGNlLTAyN2Y4ZTk0ZWE1MTEwMDkwLWRubW9wYXgy
LWV1LXdlc3QtMWMuczMuZXUtd2VzdC0xLnZwY2UuYW1hem9uYXdzLmNvbYJRYnVj
a2V0LnZwY2UtMDI3ZjhlOTRlYTUxMTAwOTAtZG5tb3BheDItZXUtd2VzdC0xYi5z
My5ldS13ZXN0LTEudnBjZS5hbWF6b25hd3MuY29tglMqLmJ1Y2tldC52cGNlLTAy
N2Y4ZTk0ZWE1MTEwMDkwLWRubW9wYXgyLWV1LXdlc3QtMWEuczMuZXUtd2VzdC0x
LnZwY2UuYW1hem9uYXdzLmNvbYJYKi5hY2Nlc3Nwb2ludC52cGNlLTAyN2Y4ZTk0
ZWE1MTEwMDkwLWRubW9wYXgyLWV1LXdlc3QtMWQuczMuZXUtd2VzdC0xLnZwY2Uu
YW1hem9uYXdzLmNvbYJTKi5idWNrZXQudnBjZS0wMjdmOGU5NGVhNTExMDA5MC1k
bm1vcGF4Mi1ldS13ZXN0LTFkLnMzLmV1LXdlc3QtMS52cGNlLmFtYXpvbmF3cy5j
b22CVCouY29udHJvbC52cGNlLTAyN2Y4ZTk0ZWE1MTEwMDkwLWRubW9wYXgyLWV1
LXdlc3QtMWQuczMuZXUtd2VzdC0xLnZwY2UuYW1hem9uYXdzLmNvbYJJKi5jb250
cm9sLnZwY2UtMDI3ZjhlOTRlYTUxMTAwOTAtZG5tb3BheDIuczMuZXUtd2VzdC0x
LnZwY2UuYW1hem9uYXdzLmNvbYJRYnVja2V0LnZwY2UtMDI3ZjhlOTRlYTUxMTAw
OTAtZG5tb3BheDItZXUtd2VzdC0xYy5zMy5ldS13ZXN0LTEudnBjZS5hbWF6b25h
d3MuY29tgkgqLmJ1Y2tldC52cGNlLTAyN2Y4ZTk0ZWE1MTEwMDkwLWRubW9wYXgy
LnMzLmV1LXdlc3QtMS52cGNlLmFtYXpvbmF3cy5jb22CVCouY29udHJvbC52cGNl
LTAyN2Y4ZTk0ZWE1MTEwMDkwLWRubW9wYXgyLWV1LXdlc3QtMWEuczMuZXUtd2Vz
dC0xLnZwY2UuYW1hem9uYXdzLmNvbYJYKi5hY2Nlc3Nwb2ludC52cGNlLTAyN2Y4
ZTk0ZWE1MTEwMDkwLWRubW9wYXgyLWV1LXdlc3QtMWMuczMuZXUtd2VzdC0xLnZw
Y2UuYW1hem9uYXdzLmNvbYJYKi5hY2Nlc3Nwb2ludC52cGNlLTAyN2Y4ZTk0ZWE1
MTEwMDkwLWRubW9wYXgyLWV1LXdlc3QtMWEuczMuZXUtd2VzdC0xLnZwY2UuYW1h
em9uYXdzLmNvbYJGYnVja2V0LnZwY2UtMDI3ZjhlOTRlYTUxMTAwOTAtZG5tb3Bh
eDIuczMuZXUtd2VzdC0xLnZwY2UuYW1hem9uYXdzLmNvbYIcKi5zMy5ldS13ZXN0
LTEuYW1hem9uYXdzLmNvbYJRYnVja2V0LnZwY2UtMDI3ZjhlOTRlYTUxMTAwOTAt
ZG5tb3BheDItZXUtd2VzdC0xZC5zMy5ldS13ZXN0LTEudnBjZS5hbWF6b25hd3Mu
Y29tgigqLnMzLWFjY2Vzc3BvaW50LmV1LXdlc3QtMS5hbWF6b25hd3MuY29tglMq
LmJ1Y2tldC52cGNlLTAyN2Y4ZTk0ZWE1MTEwMDkwLWRubW9wYXgyLWV1LXdlc3Qt
MWIuczMuZXUtd2VzdC0xLnZwY2UuYW1hem9uYXdzLmNvbYJUKi5jb250cm9sLnZw
Y2UtMDI3ZjhlOTRlYTUxMTAwOTAtZG5tb3BheDItZXUtd2VzdC0xYi5zMy5ldS13
ZXN0LTEudnBjZS5hbWF6b25hd3MuY29tMBMGA1UdIAQMMAowCAYGZ4EMAQIBMA4G
A1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwOwYD
VR0fBDQwMjAwoC6gLIYqaHR0cDovL2NybC5yMm0wMi5hbWF6b250cnVzdC5jb20v
cjJtMDIuY3JsMHUGCCsGAQUFBwEBBGkwZzAtBggrBgEFBQcwAYYhaHR0cDovL29j
c3AucjJtMDIuYW1hem9udHJ1c3QuY29tMDYGCCsGAQUFBzAChipodHRwOi8vY3J0
LnIybTAyLmFtYXpvbnRydXN0LmNvbS9yMm0wMi5jZXIwDAYDVR0TAQH/BAIwADAT
BgorBgEEAdZ5AgQDAQH/BAIFADANBgkqhkiG9w0BAQsFAAOCAQEAltQSjBmttg1x
MJNweKCPwZMCBG6OGWoA86GSlzSmKz5V3IXu0J05FonNRgQk+Yc2WVn6Pu8tcaG2
fSuI3Znoc1xwNFpw0uAe7xdCGNQTDgtuAoRNTHLQ4kyQ8DSABkxGV6263sD7TCdq
n5os5f55HFAKj2BaTal9e/ky9Qdj6bXL4mkzAYcvUtHCLUhjeEKulB4ouG9D9fGs
HmfTMlcEq3b+reDL1XM71ySpJpu3qYBxH5XihpUkyLgqcx9Tn8knfYK5nuYz7wmX
nonn9TUEagHzKhVjU51nCf2jg/OECoucHaiebkaHi2JuJzYIyLPFB7iXwVKeSWzZ
MVIysEli8w==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxCpk3uhZHhcJ/VZaP6Mk
pbIDxCg58SHfCmPD76RbhIoqrB1TlBofHIJslVaAHCmWOqI4nq67xiig/bYPYtpc
7ugUkMhkvs1hF6Fu2kbMObDy06sa7vBxBGGiBkwTKnTYD1oxy5b2ZGdYp4ts8MMd
rc6/W30MTCFA+CBlW1SNUEyjQApN+nwVPlny3iubTQxWRwEMINX5tI0az0W+Ksi0
WpHvUyBUTTKU91TfxTpmzoDeWbWN6bWNqOoPAWGshz81hMj6wzA7aAbHLhcETzKq
I1f9L+64NADP3t/RSuqAKLVFl4gpJdqHQQjqvu8O8YpQaYmXbze1tT+GkPZ+K0tO
VwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 9935160687556000602022845673690697944
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-16 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-14 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 's3.eu-west-1.amazonaws.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24763613046866332154335982669685486999542972597719827523280944472213752299664526613493506362897022647921559192532160355576562551471237692781405532629281929526766726780322960826528442642080568255659815916456233836820485279331449831660067685921010060923940902078135378493922896451980081681464828861863253480856777985541067676340299173274036764244636215576284798190833277381798204812543823873648285147847471727215601717430663902107720897637074182858085077670681670890818428096376245456626009225681614468695303041655971175837255968007725754859693931818270174230523579447027933955557920277874691481466559073251192019308119
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							d6dd9164641b82457029bb8b73b6c8a9cc1149bd
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (1818 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 's3.eu-west-1.amazonaws.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bucket.vpce-027f8e94ea5110090-dnmopax2-eu-west-1a.s3.eu-west-1.vpce.amazonaws.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.accesspoint.vpce-027f8e94ea5110090-dnmopax2-eu-west-1b.s3.eu-west-1.vpce.amazonaws.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.bucket.vpce-027f8e94ea5110090-dnmopax2-eu-west-1c.s3.eu-west-1.vpce.amazonaws.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.accesspoint.vpce-027f8e94ea5110090-dnmopax2.s3.eu-west-1.vpce.amazonaws.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.s3-control.eu-west-1.amazonaws.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.control.vpce-027f8e94ea5110090-dnmopax2-eu-west-1c.s3.eu-west-1.vpce.amazonaws.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bucket.vpce-027f8e94ea5110090-dnmopax2-eu-west-1b.s3.eu-west-1.vpce.amazonaws.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.bucket.vpce-027f8e94ea5110090-dnmopax2-eu-west-1a.s3.eu-west-1.vpce.amazonaws.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.accesspoint.vpce-027f8e94ea5110090-dnmopax2-eu-west-1d.s3.eu-west-1.vpce.amazonaws.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.bucket.vpce-027f8e94ea5110090-dnmopax2-eu-west-1d.s3.eu-west-1.vpce.amazonaws.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.control.vpce-027f8e94ea5110090-dnmopax2-eu-west-1d.s3.eu-west-1.vpce.amazonaws.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.control.vpce-027f8e94ea5110090-dnmopax2.s3.eu-west-1.vpce.amazonaws.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bucket.vpce-027f8e94ea5110090-dnmopax2-eu-west-1c.s3.eu-west-1.vpce.amazonaws.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.bucket.vpce-027f8e94ea5110090-dnmopax2.s3.eu-west-1.vpce.amazonaws.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.control.vpce-027f8e94ea5110090-dnmopax2-eu-west-1a.s3.eu-west-1.vpce.amazonaws.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.accesspoint.vpce-027f8e94ea5110090-dnmopax2-eu-west-1c.s3.eu-west-1.vpce.amazonaws.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.accesspoint.vpce-027f8e94ea5110090-dnmopax2-eu-west-1a.s3.eu-west-1.vpce.amazonaws.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bucket.vpce-027f8e94ea5110090-dnmopax2.s3.eu-west-1.vpce.amazonaws.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.s3.eu-west-1.amazonaws.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bucket.vpce-027f8e94ea5110090-dnmopax2-eu-west-1d.s3.eu-west-1.vpce.amazonaws.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.s3-accesspoint.eu-west-1.amazonaws.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.bucket.vpce-027f8e94ea5110090-dnmopax2-eu-west-1b.s3.eu-west-1.vpce.amazonaws.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.control.vpce-027f8e94ea5110090-dnmopax2-eu-west-1b.s3.eu-west-1.vpce.amazonaws.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0096d4128c19adb60d7130937078a08fc19302046e8e196a00f3a1929734a62b3e55dc85eed09d391689cd460424f987365959fa3eef2d71a1b67d2b88dd99e8735c70345a70d2e01eef174218d4130e0b6e02844d4c72d0e24c90f03480064c4657adbadec0fb4c276a9f9a2ce5fe791c500a8f605a4da97d7bf932f50763e9b5cbe2693301872f52d1c22d48637842ae941e28b86f43f5f1ac1e67d3325704ab76feade0cbd5733bd724a9269bb7a980711f95e2869524c8b82a731f539fc9277d82b99ee633ef09979e89e7f535046a01f32a1563539d6709fda383f3840a8b9c1da89e6e46878b626e273608c8b3c507b897c1529e496cd9315232b04962f3