mmai-nvf-mmai-tst-272250.ets-mmai-nonprod.c.ets.org
Issued by Amazon RSA 2048 M03
About this certificate
This digital certificate with serial number 07:8c:9e:e2:7f:1b:ba:3e:2c:54:73:04:8e:5c:fa:69 was issued on by Amazon.
This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=mmai-nvf-mmai-tst-272250.ets-mmai-nonprod.c.ets.org
Amazon
Organization:
Amazon
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 07:8c:9e:e2:7f:1b:ba:3e:2c:54:73:04:8e:5c:fa:69Serial Number (int): 10034740096309508917486868253573446249
Serial Number lenght: 123 bits, 16 octets
SubjectKeyId: c3:0a:c3:ad:dc:9d:65:30:5d:08:05:e1:93:e2:cf:05:ba:12:52:a1
AuthorityKeyId: 55:d9:18:5f:d2:1c:cc:01:e1:58:b4:be:ab:d9:55:42:01:d7:2e:02
Fingerprint (sha1): 46:6f:73:50:ad:5b:ed:57:6a:3e:54:fb:d0:7e:25:79:96:ac:e7:5a
Fingerprint (sha256): 0a:6a:03:0c:54:1a:2e:f9:b7:24:2a:f9:9d:3f:e9:f1:f1:46:d8:5c:01:b9:7a:20:48:b8:4e:bd:46:05:29:b8
Issuing Certificate URL: http://crt.r2m03.amazontrust.com/r2m03.cer
Revocation information
OCSP Server: http://ocsp.r2m03.amazontrust.comCRL Distribution Point: http://crl.r2m03.amazontrust.com/r2m03.crl
Check the revocation status for certificate mmai-nvf-mmai-tst-272250.ets-mmai-nonprod.c.ets.org
1
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for mmai-nvf-mmai-tst-272250.ets-mmai-nonprod.c.ets.org
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
mmai-nvf-mmai-tst-272250.ets-mmai-nonprod.c.ets.org
Other certificates including the domain name ets.org
(limited to 100 certificates)
ibt2-cloud-util-test-prod.ets.org
isbd-cdn-test.ets.org
nlp-pilot.ets.org
elpac-help-preview.ets.org
ibt2tc-ts.ets.org
elpac-help-qc.ets.org
cahsee1.ets.org
ibtint-prod.ets.org
one-uat-batchservices-a.ets.org
v2.ereg.ets.org
ibis-ess-perf.ets.org
ereg.ets.org
stnmanager-uat.ets.org
isbd-matchmakerphp-dev.ets.org
ndecore.ets.org
cdd-dev-cft.ets.org
erater-new-test.ets.org
sparkle-0-8-2-prod-elb-tfd.ets-lltalab-swc-prod.c.ets.org
www.ets.org
ereg-ext.ets.org
rm.ets.org
eregweb-uat-ext.ets.org
cdd-test.ets.org
criterion28.ets.org
isr-stage.ets.org
eiassoaresponse-dvi.ets.org
erater-new-stage.ets.org
ibtprod-central.ets.org
facets-test.ets.org
fed11g-stg.ets.org
portal-stage.ets.org
cars-dev.ets.org
esc-dev-rest.ets.org
grediagnostic-dev.ets.org
etslnbz28.ets.org
skw.ets.org
toeicrts.ets.org
conda.nlplab-dev.c.ets.org
isr.ets.org
TOEFL-REGISTRATION.ETS.ORG
one-web-a.ets.org
toefl-registration-dev.ets.org
osnlbpi4.ets.org
hostedzone-demo.etstest-innovate001.c-test.ets.org
isbd-cdn-stage.ets.org
api.parcore-dev.ets.org
api.ibis-test.ets.org
rpm-ot.ets.org
store.ets.org
origin-cinnamon.m.ets-plalab-ghe-nonprod.c.ets.org
san.ets.org
etsvln160.etslan.org
mmai-conf-mmai-tst-dev.ets-mmai-nonprod.c.ets.org
ensr-web.ets.org
gatewaycps-stg.ets.org
www.ets.org
nlpservices-stage.ets.org
ensr-ssrs-web-60.ets.org
one-uat-web-a.ets.org
usndcssl3.ets.org
*.ets.org
v2-scoreload.ereg.ets.org
*.ets.org
texasassessment.ets.org
api.mmai-ccs-stg.ets-plalab-nonprod.c.ets.org
toefl.ereg.ets.org
gace-qc.ets.org
cert-1201-1.etstest-innovate001.c-test.ets.org
rptasys-stg.ets.org
*.ets.org
docs.ets-adatalake-nonprod.c.ets.org
title2.ets.org
sparkle-0-5-2-prod-elb-tfd.ets-lltalab-swc-prod.c.ets.org
sparklite.jr.ets-plalab-ghe-nonprod.c.ets.org
fed11g-stg.ets.org
cbmtd.ets.org
ibt2-speedtest.ets.org
san.ets.org
eias11g-stg.ets.org
authnsvcps3-tst.ets.org
isbd-portal-stage.ets.org
api.mmai-102531.ets-mmai-nonprod.c.ets.org
ssrs.ets.org
san.ets.org
vpn.ets.org
tcmservices-dev.ets.org
ibt2-cloud-util.ets.org
san.ets.org
api.parcore-test.ets.org
practice-new.ets.org
gace.more.ets.org
www.ets.org
stnres-int.ets.org
ibtsb.ets.org
conda.nlplab-dev.c.ets.org
origin-criterionng-stage.ets.org
mmai-nvf-mmai-tst-272250.ets-mmai-nonprod.c.ets.org
osn-wspx1.ets.org
api.mmai-102397.ets-mmai-nonprod.c.ets.org
acres-dev.ets-acres-nonprod.c.ets.org
isbd-cdn-test.ets.org
nlp-pilot.ets.org
elpac-help-preview.ets.org
ibt2tc-ts.ets.org
elpac-help-qc.ets.org
cahsee1.ets.org
ibtint-prod.ets.org
one-uat-batchservices-a.ets.org
v2.ereg.ets.org
ibis-ess-perf.ets.org
ereg.ets.org
stnmanager-uat.ets.org
isbd-matchmakerphp-dev.ets.org
ndecore.ets.org
cdd-dev-cft.ets.org
erater-new-test.ets.org
sparkle-0-8-2-prod-elb-tfd.ets-lltalab-swc-prod.c.ets.org
www.ets.org
ereg-ext.ets.org
rm.ets.org
eregweb-uat-ext.ets.org
cdd-test.ets.org
criterion28.ets.org
isr-stage.ets.org
eiassoaresponse-dvi.ets.org
erater-new-stage.ets.org
ibtprod-central.ets.org
facets-test.ets.org
fed11g-stg.ets.org
portal-stage.ets.org
cars-dev.ets.org
esc-dev-rest.ets.org
grediagnostic-dev.ets.org
etslnbz28.ets.org
skw.ets.org
toeicrts.ets.org
conda.nlplab-dev.c.ets.org
isr.ets.org
TOEFL-REGISTRATION.ETS.ORG
one-web-a.ets.org
toefl-registration-dev.ets.org
osnlbpi4.ets.org
hostedzone-demo.etstest-innovate001.c-test.ets.org
isbd-cdn-stage.ets.org
api.parcore-dev.ets.org
api.ibis-test.ets.org
rpm-ot.ets.org
store.ets.org
origin-cinnamon.m.ets-plalab-ghe-nonprod.c.ets.org
san.ets.org
etsvln160.etslan.org
mmai-conf-mmai-tst-dev.ets-mmai-nonprod.c.ets.org
ensr-web.ets.org
gatewaycps-stg.ets.org
www.ets.org
nlpservices-stage.ets.org
ensr-ssrs-web-60.ets.org
one-uat-web-a.ets.org
usndcssl3.ets.org
*.ets.org
v2-scoreload.ereg.ets.org
*.ets.org
texasassessment.ets.org
api.mmai-ccs-stg.ets-plalab-nonprod.c.ets.org
toefl.ereg.ets.org
gace-qc.ets.org
cert-1201-1.etstest-innovate001.c-test.ets.org
rptasys-stg.ets.org
*.ets.org
docs.ets-adatalake-nonprod.c.ets.org
title2.ets.org
sparkle-0-5-2-prod-elb-tfd.ets-lltalab-swc-prod.c.ets.org
sparklite.jr.ets-plalab-ghe-nonprod.c.ets.org
fed11g-stg.ets.org
cbmtd.ets.org
ibt2-speedtest.ets.org
san.ets.org
eias11g-stg.ets.org
authnsvcps3-tst.ets.org
isbd-portal-stage.ets.org
api.mmai-102531.ets-mmai-nonprod.c.ets.org
ssrs.ets.org
san.ets.org
vpn.ets.org
tcmservices-dev.ets.org
ibt2-cloud-util.ets.org
san.ets.org
api.parcore-test.ets.org
practice-new.ets.org
gace.more.ets.org
www.ets.org
stnres-int.ets.org
ibtsb.ets.org
conda.nlplab-dev.c.ets.org
origin-criterionng-stage.ets.org
mmai-nvf-mmai-tst-272250.ets-mmai-nonprod.c.ets.org
osn-wspx1.ets.org
api.mmai-102397.ets-mmai-nonprod.c.ets.org
acres-dev.ets-acres-nonprod.c.ets.org
Certificate
The complete raw certificate details for mmai-nvf-mmai-tst-272250.ets-mmai-nonprod.c.ets.org in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIEpTCCA42gAwIBAgIQB4ye4n8buj4sVHMEjlz6aTANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAzMB4XDTIzMTIwNDAwMDAwMFoXDTI1MDEwMTIzNTk1OVowPjE8 MDoGA1UEAxMzbW1haS1udmYtbW1haS10c3QtMjcyMjUwLmV0cy1tbWFpLW5vbnBy b2QuYy5ldHMub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAusYO iJriuWGawoAuSKFdPhj0QU9sp3TyIpunlx/ZKi7fzHSv3b+nYsPoqSGnfDE8Y3rm /ef7xdwxkeXX4eqH+hAaJGEVOhKOADA7hDuJYDwAiUVLZUhbTGPAV14RcGuIdY84 t2PULLZQN5vPyb6qycnm9OE7wATQzp+CSu80ZMQJNm4LlBTa7W53JSbmnLi0F1jz O8xLT8KcUgOA5uIKBXvIsDSGl3uicPxI+BGyhKYEoXqNwLoo1GYYradwEKtirD0p LJCDIlT6RvaBmXJ68jn5P1gbSl3Toikl2K4r0tSZzyviKFYC/W+VGdRIPcEXrmtT 0zqCMEGs6MiNSWIQgwIDAQABo4IBnzCCAZswHwYDVR0jBBgwFoAUVdkYX9IczAHh WLS+q9lVQgHXLgIwHQYDVR0OBBYEFMMKw63cnWUwXQgF4ZPizwW6ElKhMD4GA1Ud EQQ3MDWCM21tYWktbnZmLW1tYWktdHN0LTI3MjI1MC5ldHMtbW1haS1ub25wcm9k LmMuZXRzLm9yZzATBgNVHSAEDDAKMAgGBmeBDAECATAOBgNVHQ8BAf8EBAMCBaAw HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMDsGA1UdHwQ0MDIwMKAuoCyG Kmh0dHA6Ly9jcmwucjJtMDMuYW1hem9udHJ1c3QuY29tL3IybTAzLmNybDB1Bggr BgEFBQcBAQRpMGcwLQYIKwYBBQUHMAGGIWh0dHA6Ly9vY3NwLnIybTAzLmFtYXpv bnRydXN0LmNvbTA2BggrBgEFBQcwAoYqaHR0cDovL2NydC5yMm0wMy5hbWF6b250 cnVzdC5jb20vcjJtMDMuY2VyMAwGA1UdEwEB/wQCMAAwEwYKKwYBBAHWeQIEAwEB /wQCBQAwDQYJKoZIhvcNAQELBQADggEBAJlv1IsW+GpQGwc6ZKIZHQ0CqpHxIdzR mdl7NjPOCKFKFSqrPLYRWekqHngL8+92h5cvKXVYZCueTHhAmOFh/W6ZINyaRFAJ 5GDnfrk7y2dVW969gHzl0SwXKyqfpf4x247WWK8ZYe/A9l7tiQ507KJy1L6DWmxC Ox0Y3cYIN/ijbfZZ1V/GZdN7SfqyBFH2f7VzZ8qqVFwPUTWnCifsN0q+zkds5Wuu uM5JnWJVyw044RXuCPaUa6hU/M3X+4/h7AoqOGg5JsQ8I7y9aOJat2Am0sKCf4PO y5JpkhiW5fnENaWgtgFEZOs+QRzXUtiiuXoiJEIOEE2A4izC/9qfQK4= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAusYOiJriuWGawoAuSKFd Phj0QU9sp3TyIpunlx/ZKi7fzHSv3b+nYsPoqSGnfDE8Y3rm/ef7xdwxkeXX4eqH +hAaJGEVOhKOADA7hDuJYDwAiUVLZUhbTGPAV14RcGuIdY84t2PULLZQN5vPyb6q ycnm9OE7wATQzp+CSu80ZMQJNm4LlBTa7W53JSbmnLi0F1jzO8xLT8KcUgOA5uIK BXvIsDSGl3uicPxI+BGyhKYEoXqNwLoo1GYYradwEKtirD0pLJCDIlT6RvaBmXJ6 8jn5P1gbSl3Toikl2K4r0tSZzyviKFYC/W+VGdRIPcEXrmtT0zqCMEGs6MiNSWIQ gwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 10034740096309508917486868253573446249 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M03' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-04 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-01 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'mmai-nvf-mmai-tst-272250.ets-mmai-nonprod.c.ets.org' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23577990157964798379323828177900089333505288245135570039275201294776203884886907372789953052204591600732300606257447746893267733913583199022857017277713317877445750175958546860774305313424861764130312521525104465944466604538375876260727305139643855597454213218524308795063471416084109872564317084864391514706218514712789838541185441668048962430667418982159659663050049138096407198339736601584322888921175351188427829777276861150473606772670758790187283167116831876157209952493411170662182045437108592261466136447119736942510748323257907587162722043334326040848189551871893034744682655283641884720902023666780573143171 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 55d9185fd21ccc01e158b4beabd9554201d72e02 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) c30ac3addc9d65305d0805e193e2cf05ba1252a1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (55 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mmai-nvf-mmai-tst-272250.ets-mmai-nonprod.c.ets.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m03.amazontrust.com/r2m03.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m03.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m03.amazontrust.com/r2m03.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00996fd48b16f86a501b073a64a2191d0d02aa91f121dcd199d97b3633ce08a14a152aab3cb61159e92a1e780bf3ef7687972f297558642b9e4c784098e161fd6e9920dc9a445009e460e77eb93bcb67555bdebd807ce5d12c172b2a9fa5fe31db8ed658af1961efc0f65eed890e74eca272d4be835a6c423b1d18ddc60837f8a36df659d55fc665d37b49fab20451f67fb57367caaa545c0f5135a70a27ec374abece476ce56baeb8ce499d6255cb0d38e115ee08f6946ba854fccdd7fb8fe1ec0a2a38683926c43c23bcbd68e25ab76026d2c2827f83cecb9269921896e5f9c435a5a0b6014464eb3e411cd752d8a2b97a2224420e104d80e22cc2ffda9f40ae