fedsso-rtx-ext.bankofamerica.com

- Bank of America Corporation -

Issued by Entrust Certification Authority - L1M

About this certificate

This digital certificate with serial number 38:64:8f:ea:a1:33:e1:f1:f4:e2:34:c5:fe:82:e9:a2 was issued on by Entrust, Inc..

With 29 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Bank of America Corporation

Company registration number: 2927442
Organization: Bank of America Corporation
State / Province: Illinois
Locality: Chicago
Country: US

Entrust, Inc.

Organization: Entrust, Inc.
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2014 Entrust, Inc. - for authorized use only
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 38:64:8f:ea:a1:33:e1:f1:f4:e2:34:c5:fe:82:e9:a2
Serial Number (int): 74958916423661930965998460256588589474
Serial Number lenght: 126 bits, 16 octets

SubjectKeyId: 95:48:4f:7f:12:68:98:e7:83:e0:5a:94:5e:54:f6:10:d7:fe:51:ea
AuthorityKeyId: c3:f7:d0:b5:2a:30:ad:af:0d:91:21:70:39:54:dd:bc:89:70:c7:3a

Fingerprint (sha1): 30:c3:c4:53:f1:34:2f:58:26:ed:9a:46:dd:d2:d6:1d:5d:fb:76:32
Fingerprint (sha256): 04:3f:6c:df:2c:2f:eb:06:23:7a:cd:a7:df:3c:fa:39:41:0c:02:89:ca:4d:c5:e2:df:c9:03:1f:d2:9a:cd:00

Issuing Certificate URL: http://aia.entrust.net/l1m-chain256.cer

Revocation information

OCSP Server: http://ocsp.entrust.net
CRL Distribution Point: http://crl.entrust.net/level1m.crl

Check the revocation status for certificate fedsso-rtx-ext.bankofamerica.com

29

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for fedsso-rtx-ext.bankofamerica.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

fedsso-rtx-ext.bankofamerica.com
fedsso.bankofamerica.com
sts-int-hk.asia.bankofamerica.com
fedsso-prd-wyn-ext.bankofamerica.com
fedsso-prd-rva-ext.bankofamerica.com
fedsso.ml.com
fedsso.baml.com
sts-int.bankofamerica.com
sts-int-wyn-vip.bankofamerica.com
sts-int-rve-vip.bankofamerica.com
sts-int-uk.emea.bankofamerica.com
fedsso-pf.bankofamerica.com
sts-int-hk0p.asia.bankofamerica.com
sts-int-hk5p.asia.bankofamerica.com
sts-int-cam.emea.bankofamerica.com
sts-int-rtx.bankofamerica.com
sts-int-rva.bankofamerica.com
sts-int-wgc.emea.bankofamerica.com
sts-int-sg0p.asia.bankofamerica.com
sts-int-sg0c.asia.bankofamerica.com
fedsso-rva-ext.bankofamerica.com
fedsso-cashpro.bankofamerica.com
sts-int-padc.bankofamerica.com
fedsso-pfp-cpo.bankofamerica.com
fedsso-pfp-cpo-rva-ext.bankofamerica.com
fedsso-pfp-cpo-rtx-ext.bankofamerica.com
sts-int-jpp.asia.bankofamerica.com
sts-int-jpc.asia.bankofamerica.com
fedsso-padc-ext.bankofamerica.com

Other certificates including the domain name bankofamerica.com

(limited to 100 certificates)
dcpr-apac.bankofamerica.com
b2bservice-dev4.ecnp.bankofamerica.com
elink-mbi-s.bankofamerica.com
atmhold-tt.bankofamerica.com
abwebpay-mbod.bankofamerica.com
webatm-test-dev1b-pipB.bankofamerica.com
webatm-test-cer1a-pipD.bankofamerica.com
fix-mtls-prod-out-ma-order.bankofamerica.com
CAPTIVESERVICE.BANKOFAMERICA.COM
mqt.qtjrchin.bankofamerica.com
secure.bankofamerica.com
travelcenter2.bankofamerica.com
69863-nonprod.bankofamerica.com
directsso.bankofamerica.com
gpx-discover-diners-pulse-lle-clientcert.ecnp.bankofamerica.com
testingNotifications-CertAdminPlzApprove.bankofamerica.com
origin-bac-assets-cert.ecnp.bankofamerica.com
sso-prd.bankofamerica.com
eib-vgs-sit1.bankofamerica.com
cpo-accelerate-websvcs-test2.bankofamerica.com
reporting-mymodelrisk.bankofamerica.com
usvarchvp2isa01.bankofamerica.com
ibsshopsafedev6.bankofamerica.com
rxserve-9H.bankofamerica.com
Standard_SSL_Digicert_CASpec.bankofamerica.com
globalcommissionpayments.bankofamerica.com
appb1.paymentsinvoicing.bankofamerica.com
secure-devps.ecnp.bankofamerica.com
mservice-qa5.ecnp.bankofamerica.com
mservice-qaps.ecnp.bankofamerica.com
bl-qip.emea.bankofamerica.com
cldirect.bankofamerica.com
fbrm-pssit.bankofamerica.com
sbbankers.ltngp2dev.bankofamerica.com
wmobile.bankofamerica.com
escrowonline-lt.bankofamerica.com
socialapp-pt1.ecnp.bankofamerica.com
MO8XCHRS002.bankofamerica.com
winsso-stg.sm.bankofamerica.com
oos0i.lbxatl.bankofamerica.com
CRDTCTR-70336-nCinoClientAuth-BFUAT.bankofamerica.com
outlookanywhere.bankofamerica.com
epass-uat.bankofamerica.com
eftx-pt1.ecnp.bankofamerica.com
NDM.9M33.bankofamerica.com
mqt.mub1chin.bankofamerica.com
ssologon-deveast.bankofamerica.com
finapp.allmyaccounts.test2.bankofamerica.com
boardvantage-uat.bankofamerica.com
portalb2b-rch.bankofamerica.com
ftp-vmsdf1.bankofamerica.com
uat-authorprimary-merch.bankofamerica.com
travelcenter.bankofamerica.com
cmbsi-uat1.bankofamerica.com
travelpaymentsystem.bankofamerica.com
winsso-prd.sm.bankofamerica.com
rvdealer-cit.bankofamerica.com
fbrm-sit1.bankofamerica.com
ftp-hbs.bankofamerica.com
safepass-cpo.bankofamerica.com
cictsc3a.9s.bankofamerica.com
secure-preview1.ecnp.bankofamerica.com
corp.bankofamerica.com
origin-bac-assets-dev.ecnp.bankofamerica.com
everest-qa.bankofamerica.com
racf-1R.bankofamerica.com
fbrm.bankofamerica.com
symphony-online-dr-vip.bankofamerica.com
rmbs.bankofamerica.com
WAS.prodeu01.bankofamerica.com
crm.fxqa.ml.com
corp.bankofamerica.com
ecsb.bankofamerica.com
elink-as2h8.bankofamerica.com
portal.bankofamerica.com
bofacapital-certs.bankofamerica.com
mqp.mqwxchin.bankofamerica.com
bofacapital-certs-pp.bankofamerica.com
viewinv-techtest.bankofamerica.com
cicpvx62.1s.bankofamerica.com
remotepc-us.bankofamerica.com
akamai-san10.exacttarget.com
tx8aiucm02403.bankofamerica.com
secure-review1.ecnp.bankofamerica.com
socialapp-devflex.ecnp.bankofamerica.com
mlqua400.bankofamerica.com
support-services.bankofamerica.com
ustxrdncu01aac0001.network.bankofamerica.com
soap-aci1.bankofamerica.com
mqp.qpc1chin.bankofamerica.com
ecds-uat.bankofamerica.com
mservice-dev2.ecnp.bankofamerica.com
ccpsbob.bankofamerica.com
cporms-test.bankofamerica.com
resfcmbs.bankofamerica.com
IMSPW3CA.1S.bankofamerica.com
globalroutingdirectory.bankofamerica.com
aeadmin.bankofamerica.com
fedsso.bankofamerica.com
rest-cert2.ecnp.bankofamerica.com

Certificate

The complete raw certificate details for fedsso-rtx-ext.bankofamerica.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIKzDCCCbSgAwIBAgIQOGSP6qEz4fH04jTF/oLpojANBgkqhkiG9w0BAQsFADCB
ujELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsT
H1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAy
MDE0IEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEuMCwG
A1UEAxMlRW50cnVzdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEwxTTAeFw0y
MzExMTQxNjA2MDVaFw0yNDEyMTQxNjA2MDRaMIHkMQswCQYDVQQGEwJVUzERMA8G
A1UECBMISWxsaW5vaXMxEDAOBgNVBAcTB0NoaWNhZ28xEzARBgsrBgEEAYI3PAIB
AxMCVVMxGTAXBgsrBgEEAYI3PAIBAhMIRGVsYXdhcmUxJDAiBgNVBAoTG0Jhbmsg
b2YgQW1lcmljYSBDb3Jwb3JhdGlvbjEdMBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6
YXRpb24xEDAOBgNVBAUTBzI5Mjc0NDIxKTAnBgNVBAMTIGZlZHNzby1ydHgtZXh0
LmJhbmtvZmFtZXJpY2EuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA42bDABR58O0JnIclerVe1zWVoO5SpgX80/acxsLaRtakdMZ6zvSY7A5zleUl
1cCFDDI+Va/sluVtBD6C0o8GtDWIqaWjv3xFMJ9rYnUvJPZg/yew6nI2QydI7T8e
ChMH/foG6hhwzmwL6nPEggHiUB3I8397RWsL2JZI7GnELrWORaAAF4GLekenuBBO
0H1tnp2z3s//aMbegX5leh7gbijScLnWGNSiHBATSaAhsAiQHXqyRt/2ZQxP8hEP
/gxOnzpnZSCPwHoeGGQSZh6uQRDuZ/L2QqpjEfaYvOrzq2Hm1+u2L3PQLGmRGK+C
HuQKTmk6qCJjWFKUf5Q4Ja2O8QIDAQABo4IGoDCCBpwwDAYDVR0TAQH/BAIwADAd
BgNVHQ4EFgQUlUhPfxJomOeD4FqUXlT2ENf+UeowHwYDVR0jBBgwFoAUw/fQtSow
ra8NkSFwOVTdvIlwxzowaAYIKwYBBQUHAQEEXDBaMCMGCCsGAQUFBzABhhdodHRw
Oi8vb2NzcC5lbnRydXN0Lm5ldDAzBggrBgEFBQcwAoYnaHR0cDovL2FpYS5lbnRy
dXN0Lm5ldC9sMW0tY2hhaW4yNTYuY2VyMDMGA1UdHwQsMCowKKAmoCSGImh0dHA6
Ly9jcmwuZW50cnVzdC5uZXQvbGV2ZWwxbS5jcmwwggPYBgNVHREEggPPMIIDy4Ig
ZmVkc3NvLXJ0eC1leHQuYmFua29mYW1lcmljYS5jb22CGGZlZHNzby5iYW5rb2Zh
bWVyaWNhLmNvbYIhc3RzLWludC1oay5hc2lhLmJhbmtvZmFtZXJpY2EuY29tgiRm
ZWRzc28tcHJkLXd5bi1leHQuYmFua29mYW1lcmljYS5jb22CJGZlZHNzby1wcmQt
cnZhLWV4dC5iYW5rb2ZhbWVyaWNhLmNvbYINZmVkc3NvLm1sLmNvbYIPZmVkc3Nv
LmJhbWwuY29tghlzdHMtaW50LmJhbmtvZmFtZXJpY2EuY29tgiFzdHMtaW50LXd5
bi12aXAuYmFua29mYW1lcmljYS5jb22CIXN0cy1pbnQtcnZlLXZpcC5iYW5rb2Zh
bWVyaWNhLmNvbYIhc3RzLWludC11ay5lbWVhLmJhbmtvZmFtZXJpY2EuY29tghtm
ZWRzc28tcGYuYmFua29mYW1lcmljYS5jb22CI3N0cy1pbnQtaGswcC5hc2lhLmJh
bmtvZmFtZXJpY2EuY29tgiNzdHMtaW50LWhrNXAuYXNpYS5iYW5rb2ZhbWVyaWNh
LmNvbYIic3RzLWludC1jYW0uZW1lYS5iYW5rb2ZhbWVyaWNhLmNvbYIdc3RzLWlu
dC1ydHguYmFua29mYW1lcmljYS5jb22CHXN0cy1pbnQtcnZhLmJhbmtvZmFtZXJp
Y2EuY29tgiJzdHMtaW50LXdnYy5lbWVhLmJhbmtvZmFtZXJpY2EuY29tgiNzdHMt
aW50LXNnMHAuYXNpYS5iYW5rb2ZhbWVyaWNhLmNvbYIjc3RzLWludC1zZzBjLmFz
aWEuYmFua29mYW1lcmljYS5jb22CIGZlZHNzby1ydmEtZXh0LmJhbmtvZmFtZXJp
Y2EuY29tgiBmZWRzc28tY2FzaHByby5iYW5rb2ZhbWVyaWNhLmNvbYIec3RzLWlu
dC1wYWRjLmJhbmtvZmFtZXJpY2EuY29tgiBmZWRzc28tcGZwLWNwby5iYW5rb2Zh
bWVyaWNhLmNvbYIoZmVkc3NvLXBmcC1jcG8tcnZhLWV4dC5iYW5rb2ZhbWVyaWNh
LmNvbYIoZmVkc3NvLXBmcC1jcG8tcnR4LWV4dC5iYW5rb2ZhbWVyaWNhLmNvbYIi
c3RzLWludC1qcHAuYXNpYS5iYW5rb2ZhbWVyaWNhLmNvbYIic3RzLWludC1qcGMu
YXNpYS5iYW5rb2ZhbWVyaWNhLmNvbYIhZmVkc3NvLXBhZGMtZXh0LmJhbmtvZmFt
ZXJpY2EuY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYI
KwYBBQUHAwIwIAYDVR0gBBkwFzAHBgVngQwBATAMBgpghkgBhvpsCgECMIIBfgYK
KwYBBAHWeQIEAgSCAW4EggFqAWgAdwA/F0tP1yJHWJQdZRyEvg0S7ZA3fx+FauvB
vyiF7PhkbgAAAYvOlS9ZAAAEAwBIMEYCIQDG2SmGVsqwqGCMVeVgm35YIsrKQxEq
qDjA1QeF5YsPrQIhALV2ONwoxVPfhtJmZ+1rXE1qZ4hBeyC8UIx2dEQyZymcAHUA
7s3QZNXbGs7FXLedtM0TojKHRny87N7DUUhZRnEftZsAAAGLzpUvxgAABAMARjBE
AiAMPsrlEIPULqbRPazfiAtzBvp1iuAbmTH7w6OXE/BUAwIgM+DwkJRheL3KH+ZJ
7BXn9VbYFLm/F+2XbkHSNz8hMHQAdgBIsONr2qZHNA/lagL6nTDrHFIBy1bdLIHZ
u7+rOdiEcwAAAYvOlTClAAAEAwBHMEUCIQD4/KV7s9/F8LVX7JOuP5m4CmRlgfZU
/IjzWxoPaMaNEQIgG+iQCNZ1oUKDUyikWY/6vVYreZQNWePirVZ1iWJn0Q8wDQYJ
KoZIhvcNAQELBQADggEBAJIwV7Wh9BDQbfx58pM1X95c7DSQSCbVFbxxHrY9tkDT
6/AMSZosDetDqn+YvW2KekjDSW8Kcxdfq6FRZUGHovnUFJKg9l7KcAXivwQwY1qn
/43u61wdIOhnfuL7Z364PsnuN0ZIv2mMYGL/D+T+uqVKtazFD5itoFZ/pRqCA8Bn
mF8mFcbJFneYu6YhjBYiRWFUBDM7bnbk5ciK/mAgpWFgi8CLHz93AIIcMv0QMPs4
E844QEScgFO2vEUPba55wzd5Ce1wlCKPYWsUfb5l1E3ybmUls6bMBM6SbupC7YNW
fF7o/t9+qMkxOlk13exbC2gtLxTNi6K9FsNtvM6ZBUM=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA42bDABR58O0JnIclerVe
1zWVoO5SpgX80/acxsLaRtakdMZ6zvSY7A5zleUl1cCFDDI+Va/sluVtBD6C0o8G
tDWIqaWjv3xFMJ9rYnUvJPZg/yew6nI2QydI7T8eChMH/foG6hhwzmwL6nPEggHi
UB3I8397RWsL2JZI7GnELrWORaAAF4GLekenuBBO0H1tnp2z3s//aMbegX5leh7g
bijScLnWGNSiHBATSaAhsAiQHXqyRt/2ZQxP8hEP/gxOnzpnZSCPwHoeGGQSZh6u
QRDuZ/L2QqpjEfaYvOrzq2Hm1+u2L3PQLGmRGK+CHuQKTmk6qCJjWFKUf5Q4Ja2O
8QIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 74958916423661930965998460256588589474
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'See www.entrust.net/legal-terms'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '(c) 2014 Entrust, Inc. - for authorized use only'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust Certification Authority - L1M'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-14 16:06:05 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-12-14 16:06:04 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Illinois'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Chicago'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.3 (jurisdictionOfIncorporationC)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.311.60.2.1.2 (jurisdictionOfIncorporationSP)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Delaware'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Bank of America Corporation'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.15 (businessCategory)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Private Organization'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.5 (serialNumber)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '2927442'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'fedsso-rtx-ext.bankofamerica.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28706768920047146090928973422297103903259785840260746582915909506117538967909137424286973733780987571443914191563347812547380597953151146354448381573673488035465923763213297448770935679762201345397317477672151493267572874389603908030515810476612332722719266555306433096913480916975391220795716280595355450738335211567611444781464212999827850007335053069893313281768817427370568271028482266807489011186168436351976976373446997055504259945819732389520933325935102412114118735287330456852262025291385736352480169251010949397155560076452924549090127790789990742491826332375443879640109093759588989154654947977317403430641
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							95484f7f126898e783e05a945e54f610d7fe51ea
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c3f7d0b52a30adaf0d9121703954ddbc8970c73a
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (92 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.entrust.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.entrust.net/l1m-chain256.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.entrust.net/level1m.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (975 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fedsso-rtx-ext.bankofamerica.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fedsso.bankofamerica.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sts-int-hk.asia.bankofamerica.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fedsso-prd-wyn-ext.bankofamerica.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fedsso-prd-rva-ext.bankofamerica.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fedsso.ml.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fedsso.baml.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sts-int.bankofamerica.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sts-int-wyn-vip.bankofamerica.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sts-int-rve-vip.bankofamerica.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sts-int-uk.emea.bankofamerica.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fedsso-pf.bankofamerica.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sts-int-hk0p.asia.bankofamerica.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sts-int-hk5p.asia.bankofamerica.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sts-int-cam.emea.bankofamerica.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sts-int-rtx.bankofamerica.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sts-int-rva.bankofamerica.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sts-int-wgc.emea.bankofamerica.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sts-int-sg0p.asia.bankofamerica.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sts-int-sg0c.asia.bankofamerica.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fedsso-rva-ext.bankofamerica.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fedsso-cashpro.bankofamerica.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sts-int-padc.bankofamerica.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fedsso-pfp-cpo.bankofamerica.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fedsso-pfp-cpo-rva-ext.bankofamerica.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fedsso-pfp-cpo-rtx-ext.bankofamerica.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sts-int-jpp.asia.bankofamerica.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sts-int-jpc.asia.bankofamerica.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fedsso-padc-ext.bankofamerica.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.1
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114028.10.1.2 (Entrust EV policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes)
							01680077003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e0000018bce952f590000040300483046022100c6d9298656cab0a8608c55e5609b7e5822caca43112aa838c0d50785e58b0fad022100b57638dc28c553df86d26667ed6b5c4d6a6788417b20bc508c7674443267299c007500eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018bce952fc6000004030046304402200c3ecae51083d42ea6d13dacdf880b7306fa758ae01b9931fbc3a39713f05403022033e0f090946178bdca1fe649ec15e7f556d814b9bf17ed976e41d2373f21307400760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018bce9530a50000040300473045022100f8fca57bb3dfc5f0b557ec93ae3f99b80a646581f654fc88f35b1a0f68c68d1102201be89008d675a142835328a4598ffabd562b79940d59e3e2ad5675896267d10f
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00923057b5a1f410d06dfc79f293355fde5cec34904826d515bc711eb63db640d3ebf00c499a2c0deb43aa7f98bd6d8a7a48c3496f0a73175faba151654187a2f9d41492a0f65eca7005e2bf0430635aa7ff8deeeb5c1d20e8677ee2fb677eb83ec9ee374648bf698c6062ff0fe4febaa54ab5acc50f98ada0567fa51a8203c067985f2615c6c9167798bba6218c162245615404333b6e76e4e5c88afe6020a561608bc08b1f3f7700821c32fd1030fb3813ce3840449c8053b6bc450f6dae79c3377909ed7094228f616b147dbe65d44df26e6525b3a6cc04ce926eea42ed83567c5ee8fedf7ea8c9313a5935ddec5b0b682d2f14cd8ba2bd16c36dbcce990543