stage.aa.com

- American Airlines Inc. -

Issued by GeoTrust RSA CA 2018

About this certificate

This digital certificate with serial number 06:56:ab:21:40:ea:36:29:05:ea:af:c4:35:81:17:93 was issued on by DigiCert Inc.

With 68 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

American Airlines Inc.

Organization: American Airlines Inc.
Organization unit: Customer Technology
State / Province: Texas
Locality: Fort Worth
Country: US

DigiCert Inc

Organization: DigiCert Inc
Organization unit: www.digicert.com
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 06:56:ab:21:40:ea:36:29:05:ea:af:c4:35:81:17:93
Serial Number (int): 8425376431205262854730936593101690771
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: db:6e:aa:a0:66:91:9a:61:14:de:ac:e2:07:76:81:c3:67:6e:c4:b3
AuthorityKeyId: 90:58:ff:b0:9c:75:a8:51:54:77:b1:ed:f2:a3:43:16:38:9e:6c:c5

Fingerprint (sha1): 42:79:b5:29:8a:23:e3:79:58:44:a9:a9:a7:03:51:e1:e0:9b:79:2d
Fingerprint (sha256): 03:2c:39:e7:73:8a:c6:f6:c0:e9:1b:f8:86:2c:77:df:db:26:1d:7a:29:e5:cf:c2:02:70:41:3f:0e:74:58:57

Issuing Certificate URL: http://cacerts.geotrust.com/GeoTrustRSACA2018.crt

Revocation information

OCSP Server: http://status.geotrust.com
CRL Distribution Point: http://cdp.geotrust.com/GeoTrustRSACA2018.crl

Check the revocation status for certificate stage.aa.com

68

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for stage.aa.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

stage.aa.com
rlplus-test-pdc.qcorpaa.aa.com
privacyportal-test.aa.com
qasilo4.aa.com
tts-stg.aa.com
cdn.qa9.flyaa.aa.com
qasilo15.aa.com
qasilo7.aa.com
qasilo14.aa.com
qasilo10.aa.com
qasilo13.aa.com
stage.aavacations.com
qasilo12-4.flyaa.aa.com
qasilo12-6.flyaa.aa.com
qasilo17.aa.com
cdn.qa1.flyaa.aa.com
cdn.qa2.flyaa.aa.com
iqa.aa.com
cdn.qa5.flyaa.aa.com
privacyportal-stage.aa.com
qasilo12-5.flyaa.aa.com
privacyportaldpo-test.aa.com
cdn.qa4.flyaa.aa.com
kiosk-qa.aa.com
qasilo18.aa.com
wallet.stage.cne.aa.com
cdn.qa12.flyaa.aa.com
rlplus-test.qcorpaa.aa.com
qasilo8.aa.com
cdn.qa6.flyaa.aa.com
cdn.qa10.flyaa.aa.com
qasilo6.aa.com
qasilo12.aa.com
privacyportaldpo-stage.aa.com
stg.aacargo.com
cdn.qaiq1.flyaa.aa.com
mbp.stage.aa.com
kiosk-stage.aa.com
rlplus-test-cdc.qcorpaa.aa.com
premium.stage.americanairlines.com
premium.stage.aa.com
iqa2.aa.com
aasaleslink.stage.aa.com
drss-iqsilo19-sjc.aa.com
qasilo16.aa.com
mbp.qa.aa.com
qasilo12-1.flyaa.aa.com
cdn.iqa1.flyaa.aa.com
qasilo9.aa.com
qasilo3.aa.com
cdn.iqa2.flyaa.aa.com
qasilo12-3.flyaa.aa.com
cdn.qaiq2.flyaa.aa.com
qasilo12-7.flyaa.aa.com
cdn.qa3.flyaa.aa.com
nsms.cne.stage.aa.com
qasilo19.aa.com
cdn.qa7.flyaa.aa.com
ssc.stage.aa.com
cdn.qa8.flyaa.aa.com
cdn.qa11.flyaa.aa.com
analytics.pdc.aa.com
seatselect.stage.aa.com
stageuseaamiles.aavacations.com
qasilo11.aa.com
nsms.cne.qa.aa.com
qasilo5.aa.com
qasilo12-2.flyaa.aa.com

Other certificates including the domain name aa.com

(limited to 100 certificates)
psastage.aa.com
bc-stage.aa.com
boss-cdc.stage.aa.com
dtr.phx.aa.com
fos.aa.com
custhubmdm-grp1.tul.aa.com
mdmds.test.aa.com
aspectwfm.cdc.aa.com
nrsqa.test.qcorpaa.aa.com
mfa.aa.com
admin.aa.com
aemes.envoy.aa.com
loyaltypartnercitibenefit.stage.aa.com
pilotpbs-sb.aa.com
pilot-tts.aa.com
techopsk2.uat.corpaa.aa.com
smetrics.aa.com
americanwaymagazine.com
stage.aa.com
cass.qcorpaa.aa.com
apps.usairways.com
wb.etm.aa.com
yada-beta.stage.aa.com
fb-pdc.aa.com
mclastage.aa.com
cka.aa.com
*.apps.cpepaas.aa.com
owrcm.aa.com
airportal-pdc.aa.com
handpunch.aa.com
fapbsbvr-ws.aa.com
get.azpw.aa.com
itas.aa.com
admin.awarenessnetworks.com
tmscsurvey-test.aa.com
aacloud.qa.esoa.qcorpaa.aa.com
aaapac-expcluster-e01-hon1.aa.com
cass-stage.aa.com
checkfree-stage.aa.com
americaneagle.aa.com
spe-nonprod.aa.com
bw-a.pdc.aa.com
racf.stage.aa.com
lmo.me.aa.com
ifs.aa.com
salt-np.aa.com
scdfwappp1000001.corpaa.aa.com
aacs.stage.esoa.aa.com
pssi.stage.esoa.aa.com
aapilots.com
qa-cdn.flyaa.aa.com
aana-expcluster-e01-bv1.aa.com
cbjocaz.aa.com
newemployeetravel.test.aa.com
diversions-stg.lka.aa.com
res-keystar.stage.aa.com
aasales.dev.esoa.qcorpaa.aa.com
ssofedpdc.aa.com
aepp.jetnet.aa.com
airport360.aa.com
esdfwovp0000001.DFWD1.aa.com
app.aa.com
wb.etm.aa.com
smlogin.qtcorpaa.aa.com
eworkforce.aa.com
Aircraft-cdc.mx.techops.aa.com
uagzeusn.aa.com
premium.stage.aa.com
mercury-cert.aa.com
yada-beta.stage.aa.com
etqstage.aa.com
webref.stage.aa.com
ox-d.aa.com
isolve.aa.com
ltuappp04.corpaa.aa.com
www.aa.com
yada.aa.com
crewwatch-stg.ido.horizon.cherokee.aa.com
mopsmanager.qcorpaa.aa.com
concourse.ci.qcorpaa.aa.com
hub.aa.com
psa.qcorpaa.aa.com
sharedcontent1-stg.aa.com
rovrplus-gateway-east.aa.com
bc.aa.com
faroms-trng.aa.com
soa.apim.dev.sales.aa.com
sharedcontent1-stg-mg-cdc.aa.com
yada-beta.stage.aa.com
handpunch.aa.com
manuals-stage.aa.com
portal45.stage.jetnet.aa.com
*.apps.cpepaas.aa.com
ssc.stagereg.aa.com
fsa.aa.com
npportal-tmp.aa.com
americanwaymagazine.com
security.aa.com
atd.jetnet.aa.com
*.sr.prd.pdc.aa.com

Certificate

The complete raw certificate details for stage.aa.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIK1zCCCb+gAwIBAgIQBlarIUDqNikF6q/ENYEXkzANBgkqhkiG9w0BAQsFADBe
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMR0wGwYDVQQDExRHZW9UcnVzdCBSU0EgQ0EgMjAxODAe
Fw0xODAzMDcwMDAwMDBaFw0xOTAxMTIxMjAwMDBaMIGIMQswCQYDVQQGEwJVUzEO
MAwGA1UECBMFVGV4YXMxEzARBgNVBAcTCkZvcnQgV29ydGgxHzAdBgNVBAoTFkFt
ZXJpY2FuIEFpcmxpbmVzIEluYy4xHDAaBgNVBAsTE0N1c3RvbWVyIFRlY2hub2xv
Z3kxFTATBgNVBAMTDHN0YWdlLmFhLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBANLvzVCiwUXDBdNyiGjGHmIhkO8l88KnUNGyQBQ1hgauds4ZnQA8
5zoGHIA/1EUQI/QbY7f+AsEIjJkI825i/o8s1DDs+M89etsdRZC73C6HAb05gnnl
m5JgwFh6DN7Z+7SuQNLeXOOKmv2u2k/QwlUAq/AcsOxgFE0QtfkjYRDYyzV3vu3F
R3eY/qhEqw/ukG/CAB0CQk+njTAFb1tVGTrwYxTUlioCF2orvOSRv8+5rHKEb4Sj
rndw4tMbduF7pCQp19zx3kzJwOwi7ViJ1koNvGADo6AUCl5yTDtsx8RzmTEunUtT
c9aHrwj50nYmq2Rg1HlGhtzFIuo52we4ryUCAwEAAaOCB2QwggdgMB8GA1UdIwQY
MBaAFJBY/7CcdahRVHex7fKjQxY4nmzFMB0GA1UdDgQWBBTbbqqgZpGaYRTerOIH
doHDZ27EszCCBcgGA1UdEQSCBb8wggW7ggxzdGFnZS5hYS5jb22CHnJscGx1cy10
ZXN0LXBkYy5xY29ycGFhLmFhLmNvbYIZcHJpdmFjeXBvcnRhbC10ZXN0LmFhLmNv
bYIOcWFzaWxvNC5hYS5jb22CDnR0cy1zdGcuYWEuY29tghRjZG4ucWE5LmZseWFh
LmFhLmNvbYIPcWFzaWxvMTUuYWEuY29tgg5xYXNpbG83LmFhLmNvbYIPcWFzaWxv
MTQuYWEuY29tgg9xYXNpbG8xMC5hYS5jb22CD3Fhc2lsbzEzLmFhLmNvbYIVc3Rh
Z2UuYWF2YWNhdGlvbnMuY29tghdxYXNpbG8xMi00LmZseWFhLmFhLmNvbYIXcWFz
aWxvMTItNi5mbHlhYS5hYS5jb22CD3Fhc2lsbzE3LmFhLmNvbYIUY2RuLnFhMS5m
bHlhYS5hYS5jb22CFGNkbi5xYTIuZmx5YWEuYWEuY29tggppcWEuYWEuY29tghRj
ZG4ucWE1LmZseWFhLmFhLmNvbYIacHJpdmFjeXBvcnRhbC1zdGFnZS5hYS5jb22C
F3Fhc2lsbzEyLTUuZmx5YWEuYWEuY29tghxwcml2YWN5cG9ydGFsZHBvLXRlc3Qu
YWEuY29tghRjZG4ucWE0LmZseWFhLmFhLmNvbYIPa2lvc2stcWEuYWEuY29tgg9x
YXNpbG8xOC5hYS5jb22CF3dhbGxldC5zdGFnZS5jbmUuYWEuY29tghVjZG4ucWEx
Mi5mbHlhYS5hYS5jb22CGnJscGx1cy10ZXN0LnFjb3JwYWEuYWEuY29tgg5xYXNp
bG84LmFhLmNvbYIUY2RuLnFhNi5mbHlhYS5hYS5jb22CFWNkbi5xYTEwLmZseWFh
LmFhLmNvbYIOcWFzaWxvNi5hYS5jb22CD3Fhc2lsbzEyLmFhLmNvbYIdcHJpdmFj
eXBvcnRhbGRwby1zdGFnZS5hYS5jb22CD3N0Zy5hYWNhcmdvLmNvbYIWY2RuLnFh
aXExLmZseWFhLmFhLmNvbYIQbWJwLnN0YWdlLmFhLmNvbYISa2lvc2stc3RhZ2Uu
YWEuY29tgh5ybHBsdXMtdGVzdC1jZGMucWNvcnBhYS5hYS5jb22CInByZW1pdW0u
c3RhZ2UuYW1lcmljYW5haXJsaW5lcy5jb22CFHByZW1pdW0uc3RhZ2UuYWEuY29t
ggtpcWEyLmFhLmNvbYIYYWFzYWxlc2xpbmsuc3RhZ2UuYWEuY29tghhkcnNzLWlx
c2lsbzE5LXNqYy5hYS5jb22CD3Fhc2lsbzE2LmFhLmNvbYINbWJwLnFhLmFhLmNv
bYIXcWFzaWxvMTItMS5mbHlhYS5hYS5jb22CFWNkbi5pcWExLmZseWFhLmFhLmNv
bYIOcWFzaWxvOS5hYS5jb22CDnFhc2lsbzMuYWEuY29tghVjZG4uaXFhMi5mbHlh
YS5hYS5jb22CF3Fhc2lsbzEyLTMuZmx5YWEuYWEuY29tghZjZG4ucWFpcTIuZmx5
YWEuYWEuY29tghdxYXNpbG8xMi03LmZseWFhLmFhLmNvbYIUY2RuLnFhMy5mbHlh
YS5hYS5jb22CFW5zbXMuY25lLnN0YWdlLmFhLmNvbYIPcWFzaWxvMTkuYWEuY29t
ghRjZG4ucWE3LmZseWFhLmFhLmNvbYIQc3NjLnN0YWdlLmFhLmNvbYIUY2RuLnFh
OC5mbHlhYS5hYS5jb22CFWNkbi5xYTExLmZseWFhLmFhLmNvbYIUYW5hbHl0aWNz
LnBkYy5hYS5jb22CF3NlYXRzZWxlY3Quc3RhZ2UuYWEuY29tgh9zdGFnZXVzZWFh
bWlsZXMuYWF2YWNhdGlvbnMuY29tgg9xYXNpbG8xMS5hYS5jb22CEm5zbXMuY25l
LnFhLmFhLmNvbYIOcWFzaWxvNS5hYS5jb22CF3Fhc2lsbzEyLTIuZmx5YWEuYWEu
Y29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUH
AwIwPgYDVR0fBDcwNTAzoDGgL4YtaHR0cDovL2NkcC5nZW90cnVzdC5jb20vR2Vv
VHJ1c3RSU0FDQTIwMTguY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCowKAYI
KwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQIC
MHUGCCsGAQUFBwEBBGkwZzAmBggrBgEFBQcwAYYaaHR0cDovL3N0YXR1cy5nZW90
cnVzdC5jb20wPQYIKwYBBQUHMAKGMWh0dHA6Ly9jYWNlcnRzLmdlb3RydXN0LmNv
bS9HZW9UcnVzdFJTQUNBMjAxOC5jcnQwCQYDVR0TBAIwADATBgorBgEEAdZ5AgQD
AQH/BAIFADANBgkqhkiG9w0BAQsFAAOCAQEApsysi9zLVbST93H6DEnlQDjw14Fi
zJantyL0v+iWsaKZNx3GEO6h3ydfi3ffDtvcc56EDqdqxKFolnKc0qgbrBHsP285
lDB5QazxePb5lBenq9wMr/RqHbZCUvnSarB419KrKds6crXPO4PTXnRlHj9xAx1d
O9ydcsbqHPvtFqG07qqrJNXp1PK1H72OgNr0x+uCG5/4Gg66yWThwEji6teDFQg7
gz/vkofylqyvKN2o4VD4rbqM0WQibRc4SgDnp71CvcARaVMIvGKE3eXlLhL6EBS3
z+oMYDMX698R5NHjZ2bYzwP4eurdN8zuYwZlNf+IPLgnU13aiqqc65S6hQ==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0u/NUKLBRcMF03KIaMYe
YiGQ7yXzwqdQ0bJAFDWGBq52zhmdADznOgYcgD/URRAj9Btjt/4CwQiMmQjzbmL+
jyzUMOz4zz162x1FkLvcLocBvTmCeeWbkmDAWHoM3tn7tK5A0t5c44qa/a7aT9DC
VQCr8Byw7GAUTRC1+SNhENjLNXe+7cVHd5j+qESrD+6Qb8IAHQJCT6eNMAVvW1UZ
OvBjFNSWKgIXaiu85JG/z7mscoRvhKOud3Di0xt24XukJCnX3PHeTMnA7CLtWInW
Sg28YAOjoBQKXnJMO2zHxHOZMS6dS1Nz1oevCPnSdiarZGDUeUaG3MUi6jnbB7iv
JQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 8425376431205262854730936593101690771
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.digicert.com'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GeoTrust RSA CA 2018'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-03-07 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-01-12 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Texas'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Fort Worth'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'American Airlines Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Customer Technology'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'stage.aa.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26628294822085833111553307090141986255334255427498701922678744093675133054268655181588099421078914265552156785474005242943817087211000426624073848777606924489123935820047999292954952250280294664572989985581191980204795215314670515880219035985838158763818939375961851573296720245789117384523770248144748023856550816604173044957785043296502050968459383449303330359401552380964042784234248402902896533137155570077110514731834111504004821811501860975188843415318237035359143238633592434961486740232056470544244510128637937387781377305891906931992414075699328400738892553390979808881193538523641931224871753148575260389157
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 9058ffb09c75a8515477b1edf2a34316389e6cc5
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							db6eaaa066919a6114deace2077681c3676ec4b3
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (1471 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stage.aa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rlplus-test-pdc.qcorpaa.aa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'privacyportal-test.aa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'qasilo4.aa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tts-stg.aa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cdn.qa9.flyaa.aa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'qasilo15.aa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'qasilo7.aa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'qasilo14.aa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'qasilo10.aa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'qasilo13.aa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stage.aavacations.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'qasilo12-4.flyaa.aa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'qasilo12-6.flyaa.aa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'qasilo17.aa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cdn.qa1.flyaa.aa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cdn.qa2.flyaa.aa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iqa.aa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cdn.qa5.flyaa.aa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'privacyportal-stage.aa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'qasilo12-5.flyaa.aa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'privacyportaldpo-test.aa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cdn.qa4.flyaa.aa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kiosk-qa.aa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'qasilo18.aa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wallet.stage.cne.aa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cdn.qa12.flyaa.aa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rlplus-test.qcorpaa.aa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'qasilo8.aa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cdn.qa6.flyaa.aa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cdn.qa10.flyaa.aa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'qasilo6.aa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'qasilo12.aa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'privacyportaldpo-stage.aa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stg.aacargo.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cdn.qaiq1.flyaa.aa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mbp.stage.aa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kiosk-stage.aa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rlplus-test-cdc.qcorpaa.aa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'premium.stage.americanairlines.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'premium.stage.aa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'iqa2.aa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'aasaleslink.stage.aa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'drss-iqsilo19-sjc.aa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'qasilo16.aa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mbp.qa.aa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'qasilo12-1.flyaa.aa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cdn.iqa1.flyaa.aa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'qasilo9.aa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'qasilo3.aa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cdn.iqa2.flyaa.aa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'qasilo12-3.flyaa.aa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cdn.qaiq2.flyaa.aa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'qasilo12-7.flyaa.aa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cdn.qa3.flyaa.aa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nsms.cne.stage.aa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'qasilo19.aa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cdn.qa7.flyaa.aa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ssc.stage.aa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cdn.qa8.flyaa.aa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cdn.qa11.flyaa.aa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'analytics.pdc.aa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'seatselect.stage.aa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stageuseaamiles.aavacations.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'qasilo11.aa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'nsms.cne.qa.aa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'qasilo5.aa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'qasilo12-2.flyaa.aa.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cdp.geotrust.com/GeoTrustRSACA2018.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://status.geotrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.geotrust.com/GeoTrustRSACA2018.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00a6ccac8bdccb55b493f771fa0c49e54038f0d78162cc96a7b722f4bfe896b1a299371dc610eea1df275f8b77df0edbdc739e840ea76ac4a16896729cd2a81bac11ec3f6f3994307941acf178f6f99417a7abdc0caff46a1db64252f9d26ab078d7d2ab29db3a72b5cf3b83d35e74651e3f71031d5d3bdc9d72c6ea1cfbed16a1b4eeaaab24d5e9d4f2b51fbd8e80daf4c7eb821b9ff81a0ebac964e1c048e2ead78315083b833fef9287f296acaf28dda8e150f8adba8cd164226d17384a00e7a7bd42bdc011695308bc6284dde5e52e12fa1014b7cfea0c603317ebdf11e4d1e36766d8cf03f87aeadd37ccee63066535ff883cb827535dda8aaa9ceb94ba85