lwa.amazon.co.uk
Issued by Amazon RSA 2048 M01
About this certificate
This digital certificate with serial number 0d:18:51:89:62:34:40:74:0e:e8:dc:d4:fc:a9:3e:4c was issued on by Amazon.
With 7 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=lwa.amazon.co.uk
Amazon
Organization:
Amazon
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 0d:18:51:89:62:34:40:74:0e:e8:dc:d4:fc:a9:3e:4cSerial Number (int): 17406232829637601927816158716594044492
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: f8:66:af:94:c8:f2:9e:fd:76:5a:3c:19:f2:08:0c:0c:0e:62:b0:93
AuthorityKeyId: 81:b8:0e:63:8a:89:12:18:e5:fa:3b:3b:50:95:9f:e6:e5:90:13:85
Fingerprint (sha1): 4d:7c:87:16:06:60:52:2c:0d:a2:c7:bd:b2:95:c4:7c:d0:27:a6:90
Fingerprint (sha256): 00:99:ef:43:09:8c:77:af:f3:fd:ac:71:8f:e2:80:48:2a:69:e4:51:d7:a2:42:a6:66:37:1d:27:32:ac:97:f2
Issuing Certificate URL: http://crt.r2m01.amazontrust.com/r2m01.cer
Revocation information
OCSP Server: http://ocsp.r2m01.amazontrust.comCRL Distribution Point: http://crl.r2m01.amazontrust.com/r2m01.crl
Check the revocation status for certificate lwa.amazon.co.uk
7
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for lwa.amazon.co.uk
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
lwa.amazon.in
lwa.amazon.de
lwa.amazon.fr
lwa.amazon.it
lwa.amazon.es
lwa.amazon.nl
lwa.amazon.co.uk
lwa.amazon.de
lwa.amazon.fr
lwa.amazon.it
lwa.amazon.es
lwa.amazon.nl
lwa.amazon.co.uk
Other certificates including the domain name amazon.co.uk
(limited to 100 certificates)
aax-eu.amazon.com
*.peg.a2z.com
translate-acx.amazon.co.uk
lwa.amazon.co.uk
glimpse-publish-eu.amazon.com
cde-ta-g7g.amazon.com
smile.amazon.co.uk
skills-store-eu.amazon.com
securephotostorageservice-eu-external.amazon.com
dp-gw-na.amazon.com
content-drive.amazon.co.uk
vendorcentral.amazon.co.uk
internal-campfire-eu.amazon.com
services.amazon.co.uk
www.amazonmusic.es
gio-catalog-eu.amazon.com
vendorcentral.amazon.co.uk
authorize.payments-sandbox.amazon.co.uk
sdu.amazon.eu
logistics.amazon.com
api-amazondevices-eu.amazon.com
cscentral.amazon.co.uk
argileto.amazon.com
sdu.amazon.eu
luna.amazon.eu
af-mobile-api.amazon.co.uk
webservices.amazon.eu
*.peg.a2z.com
glimpse-publish-eu.amazon.com
shipping.amazon.co.uk
www.amazon.co.uk
accelerator.amazon.co.uk
fls-eu.amazon.com
www.amazon.co.uk
website-g7g.amazon.co.uk
membership.amazon.com
arap.amazon.co.uk
freight.amazon.co.uk
kindlestore-sha-proxy.amazon.com
arcus-www.amazon.co.uk
brandservices.amazon.com
gio-catalog-eu.amazon.com
ssofaast-aftx.amazon.co.uk
kep.amazon.com
alexa-skills-beta.amazon.com.au
kep.amazon.com
dp-gw-na.amazon.com
d16gars-eu.amazon.co.uk
r.amazon.co.uk
travel.amazon.co.uk
transportation.amazon.co.uk
api-preprod.amazon.co.uk
internal-campfire-eu.amazon.com
sellercentral.amazon.co.uk
www.amazonmusic.es
sharingservice.amazon.co.uk
primenow.amazon.co.uk
tschavari.de
sdu.amazon.eu
track.amazon.co.uk
carriercentral.amazon.eu
local-sfis.amazon.co.uk
account-status.amazon.co.uk
kep-eu.amazon.com
aws.amazon.co.uk
payments-sandbox.amazon.co.uk
ramp.amazon.com
cde-ta-g7g-sha-proxy-preprod.amazon.com
unagi-eu.amazon.com
cde-ta-g7g.amazon.com
gaming.amazon.eu
aax-eu-retail-direct.amazon-adsystem.com
kindle.amazon.com
amazon.is
account-p2k.amazon.com
api-sandbox.amazon.co.uk
www14.amazon.co.uk
kindle-store-proxy-endpoint-na.amazon.com
ddee-preprod-uk.amazon.co.uk
*.peg.a2z.com
skills-store-eu.amazon.com
endeavour.amazon.co.uk
logistics-platform.amazon.co.uk
brandregistry.amazon.co.uk
amzon.co.uk
read.amazon.co.uk
vpbs-eu.amazon.com
translate-acx.amazon.co.uk
ams.amazon.co.uk
skills-store-eu.amazon.com
identity.browserapps.amazon.co.uk
cscentral.amazon.co.uk
dl.amazon.co.uk
akamai-renew-cert-digicert-arcus-www.amazon.com
brandservices.amazon.com
hub.amazon.it
cde-ta-g7g-preprod.amazon.com
af-mobile-api.amazon.co.uk
d16gars-eu.amazon.co.uk
partnercentral.amazon.it
*.peg.a2z.com
translate-acx.amazon.co.uk
lwa.amazon.co.uk
glimpse-publish-eu.amazon.com
cde-ta-g7g.amazon.com
smile.amazon.co.uk
skills-store-eu.amazon.com
securephotostorageservice-eu-external.amazon.com
dp-gw-na.amazon.com
content-drive.amazon.co.uk
vendorcentral.amazon.co.uk
internal-campfire-eu.amazon.com
services.amazon.co.uk
www.amazonmusic.es
gio-catalog-eu.amazon.com
vendorcentral.amazon.co.uk
authorize.payments-sandbox.amazon.co.uk
sdu.amazon.eu
logistics.amazon.com
api-amazondevices-eu.amazon.com
cscentral.amazon.co.uk
argileto.amazon.com
sdu.amazon.eu
luna.amazon.eu
af-mobile-api.amazon.co.uk
webservices.amazon.eu
*.peg.a2z.com
glimpse-publish-eu.amazon.com
shipping.amazon.co.uk
www.amazon.co.uk
accelerator.amazon.co.uk
fls-eu.amazon.com
www.amazon.co.uk
website-g7g.amazon.co.uk
membership.amazon.com
arap.amazon.co.uk
freight.amazon.co.uk
kindlestore-sha-proxy.amazon.com
arcus-www.amazon.co.uk
brandservices.amazon.com
gio-catalog-eu.amazon.com
ssofaast-aftx.amazon.co.uk
kep.amazon.com
alexa-skills-beta.amazon.com.au
kep.amazon.com
dp-gw-na.amazon.com
d16gars-eu.amazon.co.uk
r.amazon.co.uk
travel.amazon.co.uk
transportation.amazon.co.uk
api-preprod.amazon.co.uk
internal-campfire-eu.amazon.com
sellercentral.amazon.co.uk
www.amazonmusic.es
sharingservice.amazon.co.uk
primenow.amazon.co.uk
tschavari.de
sdu.amazon.eu
track.amazon.co.uk
carriercentral.amazon.eu
local-sfis.amazon.co.uk
account-status.amazon.co.uk
kep-eu.amazon.com
aws.amazon.co.uk
payments-sandbox.amazon.co.uk
ramp.amazon.com
cde-ta-g7g-sha-proxy-preprod.amazon.com
unagi-eu.amazon.com
cde-ta-g7g.amazon.com
gaming.amazon.eu
aax-eu-retail-direct.amazon-adsystem.com
kindle.amazon.com
amazon.is
account-p2k.amazon.com
api-sandbox.amazon.co.uk
www14.amazon.co.uk
kindle-store-proxy-endpoint-na.amazon.com
ddee-preprod-uk.amazon.co.uk
*.peg.a2z.com
skills-store-eu.amazon.com
endeavour.amazon.co.uk
logistics-platform.amazon.co.uk
brandregistry.amazon.co.uk
amzon.co.uk
read.amazon.co.uk
vpbs-eu.amazon.com
translate-acx.amazon.co.uk
ams.amazon.co.uk
skills-store-eu.amazon.com
identity.browserapps.amazon.co.uk
cscentral.amazon.co.uk
dl.amazon.co.uk
akamai-renew-cert-digicert-arcus-www.amazon.com
brandservices.amazon.com
hub.amazon.it
cde-ta-g7g-preprod.amazon.com
af-mobile-api.amazon.co.uk
d16gars-eu.amazon.co.uk
partnercentral.amazon.it
Certificate
The complete raw certificate details for lwa.amazon.co.uk in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGJzCCBQ+gAwIBAgIQDRhRiWI0QHQO6NzU/Kk+TDANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAxMB4XDTI0MDQyNTAwMDAwMFoXDTI1MDQwMzIzNTk1OVowGzEZ MBcGA1UEAxMQbHdhLmFtYXpvbi5jby51azCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBALBkFY0uJ7NSLY//oAzVCRuhMIMuq4jBVBZRZCDxu+YYuEElneoy NZFlw/mrsPxMkKIgIdapxYhzYHdu0i8vKhMP4jN+d9tXsmi3urQVzfsF7qx6wrgO 8PqnUcm6LNifkNFtFimurCo/cemaP6hndBfxDSWUYiXNMx6x0DZdsnb5kPgMWr1m 3MSJg3t9lS4C3AN/EJW3surwDxBQI9TpsbUGu3PlD3dXbCZswVVjE87T0qC0tBgS X82YhpPi1dJj+c6rHYvyWwTxER89iscXjMpNV7TXOs+6RuiHpeK09gNXBOJbD7N8 EfCWwvNZSr9K5Tmj0gKh9YGLljka4+PAVsMCAwEAAaOCA0QwggNAMB8GA1UdIwQY MBaAFIG4DmOKiRIY5fo7O1CVn+blkBOFMB0GA1UdDgQWBBT4Zq+UyPKe/XZaPBny CAwMDmKwkzB1BgNVHREEbjBsgg1sd2EuYW1hem9uLmlugg1sd2EuYW1hem9uLmRl gg1sd2EuYW1hem9uLmZygg1sd2EuYW1hem9uLml0gg1sd2EuYW1hem9uLmVzgg1s d2EuYW1hem9uLm5sghBsd2EuYW1hem9uLmNvLnVrMBMGA1UdIAQMMAowCAYGZ4EM AQIBMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUH AwIwOwYDVR0fBDQwMjAwoC6gLIYqaHR0cDovL2NybC5yMm0wMS5hbWF6b250cnVz dC5jb20vcjJtMDEuY3JsMHUGCCsGAQUFBwEBBGkwZzAtBggrBgEFBQcwAYYhaHR0 cDovL29jc3AucjJtMDEuYW1hem9udHJ1c3QuY29tMDYGCCsGAQUFBzAChipodHRw Oi8vY3J0LnIybTAxLmFtYXpvbnRydXN0LmNvbS9yMm0wMS5jZXIwDAYDVR0TAQH/ BAIwADCCAX8GCisGAQQB1nkCBAIEggFvBIIBawFpAHYAzxFW7tUufK/zh1vZaS6b 6RpxZ0qwF+ysAdJbd87MOwgAAAGPEp0OQQAABAMARzBFAiEA8FmeVxs2vbzkrIuJ RJ/+vjoY1xoEx0xYE5IS7b3aN88CIBdNQ/W7YBCWuIdlw5sV+mnET3t4uWIoGrex L4dXQ03XAHYAfVkeEuF4KnscYWd8Xv340IdcFKBOlZ65Ay/ZDowuebgAAAGPEp0O RQAABAMARzBFAiEAn+5gCv+fAOQwQ2eyg3OqO8fglnRQM7y6HupmMDVrheYCIGwc FfQnyC6PZzULrYgEmCadrN9/4Pzr1x7jv/xlJ9BJAHcA5tIxY0B3jMEQQQbXcbnO wdJA9paEhvu6hzId/R43jlAAAAGPEp0OXAAABAMASDBGAiEAk+WvKje8vuAR/RHt BhAWMxEgTdgeyIviiBmYnqnisKUCIQDwmS/WAql/HMOx5QMDOB5bHx3rbrShxS5I oYbU0ydQdzANBgkqhkiG9w0BAQsFAAOCAQEAl1TQBAbV/sRBjnJ/qz3wZ45H1arw 1aIcCDXj7CB4GEUUwDFH1mf9JhwRwOUo+Jwom1nPCzshpmJRB2AxWdYu943UGaiO FON6bZEFh9wDlqDhWmfDsYnh/YqXRtK5GWSVIV7M1/ZwcJPC+Mf/Ev8DfZYckF9r 1hevsWf0ceR1hMYSxa97A/rjpZDI1oCgPMS4aEtuwAipAZpFJeIbYn6PlPLMiQnD z+P6eQsuk5KKJMbMSuawTW1cE/14/IASNtRKIYQeqOHhwwzW8CJyzCu3jOpXnUnY Eg6L6C2TIm/+UeZE4s7ZcShafBS3czjW7/ighx2eug9muZ4MewbWV4FSLg== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsGQVjS4ns1Itj/+gDNUJ G6Ewgy6riMFUFlFkIPG75hi4QSWd6jI1kWXD+auw/EyQoiAh1qnFiHNgd27SLy8q Ew/iM35321eyaLe6tBXN+wXurHrCuA7w+qdRybos2J+Q0W0WKa6sKj9x6Zo/qGd0 F/ENJZRiJc0zHrHQNl2ydvmQ+AxavWbcxImDe32VLgLcA38Qlbey6vAPEFAj1Omx tQa7c+UPd1dsJmzBVWMTztPSoLS0GBJfzZiGk+LV0mP5zqsdi/JbBPERHz2KxxeM yk1XtNc6z7pG6Iel4rT2A1cE4lsPs3wR8JbC81lKv0rlOaPSAqH1gYuWORrj48BW wwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 17406232829637601927816158716594044492 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M01' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-25 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-04-03 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'lwa.amazon.co.uk' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22267295025316184547239360973224654535001342036522255883989175096231416655486922049865703897722349813326808300980312205622334601464872099510543781593726999705089021559599882667805070691008498003190175942485984567230704628557536660075697402980356603313566503177770702414347021528290967570208557769299527730308761486006759625699682366008319025859568822140380117581796741180046194057806637469586411221088485358928087461294040513683244057410327218146921759689146620914544238082360465138673361982914827704861172514660914961133161487133643284916530712537964585908636756627474763848060619762332644758840005931803178445067971 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 81b80e638a891218e5fa3b3b50959fe6e5901385 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) f866af94c8f29efd765a3c19f2080c0c0e62b093 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (110 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lwa.amazon.in' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lwa.amazon.de' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lwa.amazon.fr' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lwa.amazon.it' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lwa.amazon.es' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lwa.amazon.nl' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lwa.amazon.co.uk' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m01.amazontrust.com/r2m01.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m01.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m01.amazontrust.com/r2m01.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes) 0169007600cf1156eed52e7caff3875bd9692e9be91a71674ab017ecac01d25b77cecc3b080000018f129d0e410000040300473045022100f0599e571b36bdbce4ac8b89449ffebe3a18d71a04c74c58139212edbdda37cf0220174d43f5bb601096b88765c39b15fa69c44f7b78b962281ab7b12f8757434dd70076007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b80000018f129d0e4500000403004730450221009fee600aff9f00e4304367b28373aa3bc7e096745033bcba1eea6630356b85e602206c1c15f427c82e8f67350bad880498269dacdf7fe0fcebd71ee3bffc6527d049007700e6d2316340778cc1104106d771b9cec1d240f6968486fbba87321dfd1e378e500000018f129d0e5c000004030048304602210093e5af2a37bcbee011fd11ed0610163311204dd81ec88be28819989ea9e2b0a5022100f0992fd602a97f1cc3b1e50303381e5b1f1deb6eb4a1c52e48a186d4d3275077 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 009754d00406d5fec4418e727fab3df0678e47d5aaf0d5a21c0835e3ec2078184514c03147d667fd261c11c0e528f89c289b59cf0b3b21a6625107603159d62ef78dd419a88e14e37a6d910587dc0396a0e15a67c3b189e1fd8a9746d2b9196495215eccd7f6707093c2f8c7ff12ff037d961c905f6bd617afb167f471e47584c612c5af7b03fae3a590c8d680a03cc4b8684b6ec008a9019a4525e21b627e8f94f2cc8909c3cfe3fa790b2e93928a24c6cc4ae6b04d6d5c13fd78fc801236d44a21841ea8e1e1c30cd6f02272cc2bb78cea579d49d8120e8be82d93226ffe51e644e2ced971285a7c14b77338d6eff8a0871d9eba0f66b99e0c7b06d65781522e