equity-appapi.highbond.com
Issued by Amazon RSA 2048 M02
About this certificate
This digital certificate with serial number 05:11:4d:ab:5e:9b:4f:79:cc:6e:7f:f4:df:47:27:c6 was issued on by Amazon.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=equity-appapi.highbond.com
Amazon
Organization:
Amazon
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 05:11:4d:ab:5e:9b:4f:79:cc:6e:7f:f4:df:47:27:c6Serial Number (int): 6735984348354292291014161897269700550
Serial Number lenght: 123 bits, 16 octets
SubjectKeyId: 09:56:50:b8:f8:13:72:0a:e5:c9:42:37:86:b1:e4:07:2a:31:6c:fd
AuthorityKeyId: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2
Fingerprint (sha1): 59:94:ab:b0:ef:47:3a:21:b5:47:55:ab:68:85:36:df:d0:ae:c9:7e
Fingerprint (sha256): 06:ff:e4:f2:49:5e:ff:ea:e1:ad:66:58:d0:81:4f:4e:6d:6a:8f:d1:9a:92:b1:b6:8f:0d:6d:e6:81:b7:cd:29
Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer
Revocation information
OCSP Server: http://ocsp.r2m02.amazontrust.comCRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl
Check the revocation status for certificate equity-appapi.highbond.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for equity-appapi.highbond.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
equity-appapi.highbond.com
*.equity-appapi.highbond.com
*.equity-appapi.highbond.com
Other certificates including the domain name highbond.com
(limited to 100 certificates)
*.projects.highbond.com
api-status.360cities.net
api-status.360cities.net
andrei.sterda.com
*.extractor-sa.highbond.com
highbond-combined-eu.aclgrc.com
captable.highbond.com
api-status.360cities.net
api-status.360cities.net
*.hub-ap.highbond.com
*.asset-types-api-sa.highbond.com
contributor.be-importhub-eu.highbond.com
*.hub-ap.highbond.com
highbond-combined-au.aclgrc.com
boardeffect.highbond.com
*.hub-eu.highbond.com
risks-assets-api-jp.highbond.com
equity-appapi.highbond.com
*.web-components-af.highbond.com
api-status.360cities.net
be-manage-eu.highbond.com
sdk-toolkits-api-eu.highbond.com
au.be-wopi.highbond.com
*.hub-ca.highbond.com
gallery.highbond.com
sdk-toolkits-api-au.highbond.com
highbond-combined.aclgrc.com
api-status.360cities.net
andrei.sterda.com
api-status.360cities.net
andrei.sterda.com
*.projects-au.highbond.com
api-status.360cities.net
*.roles-configuration.highbond.com
andrei.sterda.com
api-status.360cities.net
notifications-email-api-us.highbond.com
*.static.highbond.com
eu.be-wopi.highbond.com
*.bulkimportercdk1.highbond.com
downloads.highbond.com
*.highbond.com
*.cdkbulkimporter-eu.highbond.com
equity-gateway.highbond.com
notifications-email-api-ca.highbond.com
*.results.highbond.com
audit-eu-api.highbond.com
importer-cdkgateway-eu.highbond.com
*.risks.highbond.com
*.highbond.com
*.hub-af.highbond.com
andrei.sterda.com
api-status.360cities.net
andrei.sterda.com
*.highbond.com
highbond-combined-eu.aclgrc.com
api-status.360cities.net
*.results-ca.highbond.com
*.cdkbulkimporter.highbond.com
api-status.360cities.net
*.email-configuration-sa.highbond.com
api-status.360cities.net
highbond-combined-eu.aclgrc.com
api-status.360cities.net
*.cdkbulkimporter-af.highbond.com
*.highbond.com
be-manage.highbond.com
equity-portal.highbond.com
api-status.360cities.net
*.web-components.highbond.com
*.robots-ap.highbond.com
api-status.360cities.net
*.hub-au.highbond.com
compliance-library-api-af.highbond.com
*.asset-inventory-af.highbond.com
importer-cdkgateway-au.highbond.com
gallery.highbond.com
integration-service-api-au.highbond.com
api.dmi.highbond.com
api-status.360cities.net
highbond-combined-eu.aclgrc.com
andrei.sterda.com
highbond-combined-au.aclgrc.com
api-status.360cities.net
highbond-combined-au.aclgrc.com
assessments-jp.highbond.com
*.highbond.com
equity-gateway.highbond.com
*.cdkbulkimporter-sa.highbond.com
audit-af-api.highbond.com
highbond-combined.aclgrc.com
*.cdkbulkimporter.highbond.com
api-status.360cities.net
andrei.sterda.com
be-manage-ca.highbond.com
highbond-combined.aclgrc.com
andrei.sterda.com
*.projects-ap.highbond.com
gallery.highbond.com
andrei.sterda.com
api-status.360cities.net
api-status.360cities.net
andrei.sterda.com
*.extractor-sa.highbond.com
highbond-combined-eu.aclgrc.com
captable.highbond.com
api-status.360cities.net
api-status.360cities.net
*.hub-ap.highbond.com
*.asset-types-api-sa.highbond.com
contributor.be-importhub-eu.highbond.com
*.hub-ap.highbond.com
highbond-combined-au.aclgrc.com
boardeffect.highbond.com
*.hub-eu.highbond.com
risks-assets-api-jp.highbond.com
equity-appapi.highbond.com
*.web-components-af.highbond.com
api-status.360cities.net
be-manage-eu.highbond.com
sdk-toolkits-api-eu.highbond.com
au.be-wopi.highbond.com
*.hub-ca.highbond.com
gallery.highbond.com
sdk-toolkits-api-au.highbond.com
highbond-combined.aclgrc.com
api-status.360cities.net
andrei.sterda.com
api-status.360cities.net
andrei.sterda.com
*.projects-au.highbond.com
api-status.360cities.net
*.roles-configuration.highbond.com
andrei.sterda.com
api-status.360cities.net
notifications-email-api-us.highbond.com
*.static.highbond.com
eu.be-wopi.highbond.com
*.bulkimportercdk1.highbond.com
downloads.highbond.com
*.highbond.com
*.cdkbulkimporter-eu.highbond.com
equity-gateway.highbond.com
notifications-email-api-ca.highbond.com
*.results.highbond.com
audit-eu-api.highbond.com
importer-cdkgateway-eu.highbond.com
*.risks.highbond.com
*.highbond.com
*.hub-af.highbond.com
andrei.sterda.com
api-status.360cities.net
andrei.sterda.com
*.highbond.com
highbond-combined-eu.aclgrc.com
api-status.360cities.net
*.results-ca.highbond.com
*.cdkbulkimporter.highbond.com
api-status.360cities.net
*.email-configuration-sa.highbond.com
api-status.360cities.net
highbond-combined-eu.aclgrc.com
api-status.360cities.net
*.cdkbulkimporter-af.highbond.com
*.highbond.com
be-manage.highbond.com
equity-portal.highbond.com
api-status.360cities.net
*.web-components.highbond.com
*.robots-ap.highbond.com
api-status.360cities.net
*.hub-au.highbond.com
compliance-library-api-af.highbond.com
*.asset-inventory-af.highbond.com
importer-cdkgateway-au.highbond.com
gallery.highbond.com
integration-service-api-au.highbond.com
api.dmi.highbond.com
api-status.360cities.net
highbond-combined-eu.aclgrc.com
andrei.sterda.com
highbond-combined-au.aclgrc.com
api-status.360cities.net
highbond-combined-au.aclgrc.com
assessments-jp.highbond.com
*.highbond.com
equity-gateway.highbond.com
*.cdkbulkimporter-sa.highbond.com
audit-af-api.highbond.com
highbond-combined.aclgrc.com
*.cdkbulkimporter.highbond.com
api-status.360cities.net
andrei.sterda.com
be-manage-ca.highbond.com
highbond-combined.aclgrc.com
andrei.sterda.com
*.projects-ap.highbond.com
gallery.highbond.com
andrei.sterda.com
Certificate
The complete raw certificate details for equity-appapi.highbond.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIEkTCCA3mgAwIBAgIQBRFNq16bT3nMbn/030cnxjANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAyMB4XDTIzMTIxMjAwMDAwMFoXDTI1MDEwOTIzNTk1OVowJTEj MCEGA1UEAxMaZXF1aXR5LWFwcGFwaS5oaWdoYm9uZC5jb20wggEiMA0GCSqGSIb3 DQEBAQUAA4IBDwAwggEKAoIBAQDZ2mnRDafZk6h/mT81kC1YxPXQlWKgaPpWAx8/ wHk3YNfRMOkqI1qTKOPQZj7lEmbpClWhHOY7nEQ8kWUcirtMmJHlJkbcWDYJUmlt t9NoPxjYuW57knSb5IedepA2vxkg4pzZSZRB1jzNjJxUHM6lXM83e+Xh1JWWh6Zf 9M1qyq8L5tnH/ClOQ5isN1yoRGN6uJgGMUaNmRcHP8lFktmLxgqpuReKwND58A0A lqNa5TfhmxyYL+T6RcUEGhFGxpdidF923ALAqBtqGsNaDJKbUe97hQdJS4J1t4Wh rorQTHf6rdP0ujmF1GT0+gAJGm/F0YOZiTN6dUOemAI2j2LzAgMBAAGjggGkMIIB oDAfBgNVHSMEGDAWgBTAMVLNWlDDgnx0cc7L6Zz5euuC4jAdBgNVHQ4EFgQUCVZQ uPgTcgrlyUI3hrHkByoxbP0wQwYDVR0RBDwwOoIaZXF1aXR5LWFwcGFwaS5oaWdo Ym9uZC5jb22CHCouZXF1aXR5LWFwcGFwaS5oaWdoYm9uZC5jb20wEwYDVR0gBAww CjAIBgZngQwBAgEwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMB BggrBgEFBQcDAjA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8vY3JsLnIybTAyLmFt YXpvbnRydXN0LmNvbS9yMm0wMi5jcmwwdQYIKwYBBQUHAQEEaTBnMC0GCCsGAQUF BzABhiFodHRwOi8vb2NzcC5yMm0wMi5hbWF6b250cnVzdC5jb20wNgYIKwYBBQUH MAKGKmh0dHA6Ly9jcnQucjJtMDIuYW1hem9udHJ1c3QuY29tL3IybTAyLmNlcjAM BgNVHRMBAf8EAjAAMBMGCisGAQQB1nkCBAMBAf8EAgUAMA0GCSqGSIb3DQEBCwUA A4IBAQBeINIxmIu2wuc9yv5LWr16jDAqyo7nmxLJVK0EvpzTNiFqlBVxRb6olux4 grsglCZR75rtBOOszj62AbrdEgc8+PiRnXXppSZEVzGlyWYTQJjRhbOGH4FMwYEl XhnBsBXnDL1AtmuE1lMDd14rzg8QCwHWvJg9/O+gDkqpAKBa8lSonBMNqnOJnQsm sN3cVR98XCv4NbSwi2cf6/ugN1Tnjyla9an0OSjB6BVwb0Ca1gXXLiKMea7yMdes B1iuw9uFrPU0XKt8L2pqZJ0TbEaXPNgcyjJ+GlyxWXG3gClkb9VbAdGGsS5HzB4T rgIK+pvkFQJsALCLwINJnZtGIlWR -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2dpp0Q2n2ZOof5k/NZAt WMT10JVioGj6VgMfP8B5N2DX0TDpKiNakyjj0GY+5RJm6QpVoRzmO5xEPJFlHIq7 TJiR5SZG3Fg2CVJpbbfTaD8Y2Llue5J0m+SHnXqQNr8ZIOKc2UmUQdY8zYycVBzO pVzPN3vl4dSVloemX/TNasqvC+bZx/wpTkOYrDdcqERjeriYBjFGjZkXBz/JRZLZ i8YKqbkXisDQ+fANAJajWuU34ZscmC/k+kXFBBoRRsaXYnRfdtwCwKgbahrDWgyS m1Hve4UHSUuCdbeFoa6K0Ex3+q3T9Lo5hdRk9PoACRpvxdGDmYkzenVDnpgCNo9i 8wIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 6735984348354292291014161897269700550 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-12 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-09 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'equity-appapi.highbond.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27501415812791162303932695967646032499708591752432395866594122831688965700194558554930851351826597573361879184636090360703012180493809625768600611567428912408899485437082893713467980973845187495305278181570528404505987145999104501550303728722833242977495819390612104049382105756227574717736212937883143029674187513795201979286289498154447981698088033986599629293182781568855603380873668060996386870356965343275652286750829287757431526099041397718244634896933916053111669440646978136655685952906348152099569415570704175941263080853721506115418444605699224496864038443010081994030851820685309637851364970365166329750259 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 095650b8f813720ae5c9423786b1e4072a316cfd . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (60 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'equity-appapi.highbond.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.equity-appapi.highbond.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 005e20d231988bb6c2e73dcafe4b5abd7a8c302aca8ee79b12c954ad04be9cd336216a94157145bea896ec7882bb20942651ef9aed04e3acce3eb601badd12073cf8f8919d75e9a526445731a5c966134098d185b3861f814cc181255e19c1b015e70cbd40b66b84d65303775e2bce0f100b01d6bc983dfcefa00e4aa900a05af254a89c130daa73899d0b26b0dddc551f7c5c2bf835b4b08b671febfba03754e78f295af5a9f43928c1e815706f409ad605d72e228c79aef231d7ac0758aec3db85acf5345cab7c2f6a6a649d136c46973cd81cca327e1a5cb15971b78029646fd55b01d186b12e47cc1e13ae020afa9be415026c00b08bc083499d9b46225591