lpm-redirect-api.dm.aws.gartner.com

Issued by Amazon RSA 2048 M01

About this certificate

This digital certificate with serial number 0d:32:71:b6:3c:38:e6:69:80:0c:2b:99:a4:77:23:86 was issued on by Amazon.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=lpm-redirect-api.dm.aws.gartner.com

Amazon

Organization: Amazon
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 0d:32:71:b6:3c:38:e6:69:80:0c:2b:99:a4:77:23:86
Serial Number (int): 17541885138579326489648473455136809862
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: b2:f1:9c:68:c1:2c:df:be:85:b5:e0:a5:0c:55:51:28:8a:4b:28:eb
AuthorityKeyId: 81:b8:0e:63:8a:89:12:18:e5:fa:3b:3b:50:95:9f:e6:e5:90:13:85

Fingerprint (sha1): a5:3d:00:f6:b9:ec:55:4b:9b:b8:38:e6:7f:40:de:56:2c:e9:2b:9b
Fingerprint (sha256): 0b:11:d7:05:13:18:c1:e8:a8:c8:2b:ed:18:15:c9:6c:57:58:c3:70:27:57:df:47:74:67:d8:aa:4c:22:e4:ec

Issuing Certificate URL: http://crt.r2m01.amazontrust.com/r2m01.cer

Revocation information

OCSP Server: http://ocsp.r2m01.amazontrust.com
CRL Distribution Point: http://crl.r2m01.amazontrust.com/r2m01.crl

Check the revocation status for certificate lpm-redirect-api.dm.aws.gartner.com

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for lpm-redirect-api.dm.aws.gartner.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

lpm-redirect-api.dm.aws.gartner.com
landing.capterra.com

Other certificates including the domain name gartner.com

(limited to 100 certificates)
rvpuser.rcddev.aws.gartner.com
planck.gartner.com
mdm.gartner.com
nav.lab.gartner.com
intranet-solr-sandbox.rcdsandbox.aws.gartner.com
gapapi.rcd.aws.gartner.com
ls.dm.aws.gartner.com
downloadmanager.gartner.com
g-recoengui.ssdqa.aws.gartner.com
pi.ssd.aws.gartner.com
vendor-admin-api.dmqa.aws.gartner.com
www.gartner.com
talentneuronplan.tnqa.aws.gartner.com
EDGEUSPOOL01.gartner.com
erds.ssdqa.aws.gartner.com
*.tnqa.aws.gartner.com
semaphore.rcdqa.aws.gartner.com
pubs.rcd.aws.gartner.com
evanta-survey.emtqa.aws.gartner.com
pcapi.dm.aws.gartner.com
scheduleserverviceqa.gartner.com
intnlpdv.gartner.com
consulting.ssdsandbox.aws.gartner.com
aa90rt.ssddev.aws.gartner.com
art.ssdqa.aws.gartner.com
canary.itioqa.aws.gartner.com
*.sa.aws.gartner.com
kideck.ssddev.aws.gartner.com
emtevr.gcom.cloud
apihub.cbsqa.aws.gartner.com
*.rcdsandbox.aws.gartner.com
ca-cc.dm.aws.gartner.com
ait.gartner.com
lipp.emt.aws.gartner.com
*.gartner.com
ssdexchangeapi.ssdqa.aws.gartner.com
ccoe.gartner.com
apihub.cbssandbox.aws.gartner.com
category-integration-api.dmqa.aws.gartner.com
reviews.apidevb.pdodev.aws.gartner.com
proposalreviewscheduler.rcdqa.aws.gartner.com
tnplan-locationanalyzer.tn.aws.gartner.com
events.gartner.com
cloudharmony.com
gdadev-adf-orchestration-01.d02.gc2.gartner.com
gvd2.gartner.com
*.tn.aws.gartner.com
pi.ssddev.aws.gartner.com
gca.reviews.dmdev.aws.gartner.com
tnplan-locationanalyzer.tn.aws.gartner.com
product-catalog-api.dm.aws.gartner.com
secure01.lithium.com
sugarcrm-app.emtdev.aws.gartner.com
external.pidevb.pdodev.aws.gartner.com
static.pdoqa.aws.gartner.com
static.pdosandbox.aws.gartner.com
apigw-ingproxy.pdodev.aws.gartner.com
grcdqa-florsapps-01.q03.gc2.gartner.com
gaw.api.internal.emtqa.conferences.aws.gartner.com
dns-vetting1k.map.fastly.net
dnbweb.cbsqa.aws.gartner.com
git.svc.aws.gartner.com
g-search-solr.rcd.aws.gartner.com
*.itiodev.aws.gartner.com
s2.shared.global.fastly.net
dm-localsites-assets.dmdev.aws.gartner.com
rest.gartner.com
*.pdosandbox.aws.gartner.com
casalpilot.ssdqa.aws.gartner.com
s3.gartner.com
reviews.api.gartner.com
invrsvp.ssd.aws.gartner.com
atoqa.gartner.com
myal.eks.ssddev.aws.gartner.com
blogs.gartner.com
external-gcom-v2-use1.pdoqa.aws.gartner.com
ui.reviews.dm.aws.gartner.com
g-emailapi-pdodev.gartner.com
static.gartner.com
dns-vetting1k.map.fastly.net
consulting.ssdsandbox.aws.gartner.com
casprioritypilot.ssddev.aws.gartner.com
external-offline-v2-use1.pdodev.aws.gartner.com
secure01.lithium.com
grcdprod-pulse-surveyeditor-01.p03.gc2.gartner.com
tnplan-locationanalyzer-qa.tnqa.aws.gartner.com
gssdev-global-fd-01.d00.gc2.gartner.com
external-gcom-v2-use1.pdodev.aws.gartner.com
gapadmin.rcdqa.aws.gartner.com
categoryadminapi.dm.aws.gartner.com
pubs.rcddev.aws.gartner.com
ui.reviews.dm.aws.gartner.com
jmeter.svcdev.aws.gartner.com
submissionhub.ssdqa.aws.gartner.com
servicehub-r.infinitydev.aws.gartner.com
catalogapi.dmdev.aws.gartner.com
secure01.preprod.lithium.com
agreements.gartner.com
cn.emt.aws.gartner.com
secure01.stage.lithium.com

Certificate

The complete raw certificate details for lpm-redirect-api.dm.aws.gartner.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGCDCCBPCgAwIBAgIQDTJxtjw45mmADCuZpHcjhjANBgkqhkiG9w0BAQsFADA8
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g
UlNBIDIwNDggTTAxMB4XDTIzMDcyNTAwMDAwMFoXDTI0MDgyMjIzNTk1OVowLjEs
MCoGA1UEAxMjbHBtLXJlZGlyZWN0LWFwaS5kbS5hd3MuZ2FydG5lci5jb20wggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCQA7gflMdwHGqw3mebm81b0GN2
7Tk2a/5Fiyi8TfmrKgBgeJziJi03haEI7ZPvktCBJUly2S4/6qXCfFwNTr0MPgcS
OmOMS51XfT1avDin0O9eS0/Ijoa1aZk+jBZ/duH2+GDbCZGgqvQBr4Rb7i6rgXLm
GEu5YrIKm6abBVvXGM2gZH8eIvhB7ezZ2KXxFFo3ebqa5Ry7n6a7bfh6s8W1tNzS
nKweJ7COkmRKDQpahiH+Thw5iJZBpgbs7+VsYoTLIUujx6Abh8byofpaSoYp3fxW
YKoK2ePkd8otsq7TfMw2gYGS0d0V3tKJe4hIktJ9p2L5/h2mIT6mFwC25MvRAgMB
AAGjggMSMIIDDjAfBgNVHSMEGDAWgBSBuA5jiokSGOX6OztQlZ/m5ZAThTAdBgNV
HQ4EFgQUsvGcaMEs376FteClDFVRKIpLKOswRAYDVR0RBD0wO4IjbHBtLXJlZGly
ZWN0LWFwaS5kbS5hd3MuZ2FydG5lci5jb22CFGxhbmRpbmcuY2FwdGVycmEuY29t
MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw
OwYDVR0fBDQwMjAwoC6gLIYqaHR0cDovL2NybC5yMm0wMS5hbWF6b250cnVzdC5j
b20vcjJtMDEuY3JsMBMGA1UdIAQMMAowCAYGZ4EMAQIBMHUGCCsGAQUFBwEBBGkw
ZzAtBggrBgEFBQcwAYYhaHR0cDovL29jc3AucjJtMDEuYW1hem9udHJ1c3QuY29t
MDYGCCsGAQUFBzAChipodHRwOi8vY3J0LnIybTAxLmFtYXpvbnRydXN0LmNvbS9y
Mm0wMS5jZXIwDAYDVR0TAQH/BAIwADCCAX4GCisGAQQB1nkCBAIEggFuBIIBagFo
AHcA7s3QZNXbGs7FXLedtM0TojKHRny87N7DUUhZRnEftZsAAAGJjA/SEwAABAMA
SDBGAiEAkvBqsBSznApzA8s/JMs5fypeqvy1dJ6nFDFyVZgT1RACIQD+yHPv+L2G
3pQU3LNWmfQ3ngR8+80tG4nyjHo9fSL34wB2AEiw42vapkc0D+VqAvqdMOscUgHL
Vt0sgdm7v6s52IRzAAABiYwP0gwAAAQDAEcwRQIhAJEFiWQ5xbTIZ0Wa3e3+CGNK
CqBbmXZlvW17+l9SeJHHAiAO/muMTVrkep9JpIepGJDPutlTQDNs7Pl6Qg6rZGBk
aAB1ANq2v2s/tbYin5vCu1xr6HCRcWy7UYSFNL2kPTBI1/urAAABiYwP0dIAAAQD
AEYwRAIgBAni4U2faK2TA6L+sTO+fxfz/0yJH/y3y/9V+Cbamb8CIFn05+vsamxd
2FPQbtNJhqgDOFxCvLnnrI+MIScCm9/rMA0GCSqGSIb3DQEBCwUAA4IBAQAOA4fJ
Ne3i1KZlmQEaHKQBwlOsXIuLWK8qVpkCLomjSun7ug82HP77ET+cZDTdN/aL6wi7
B2tSSMPnguz5Ke6tagba/N8D4v5Q8HD5lDgsbtuvY9PpQBVfUJep96fuKQjZP/3G
zRzS3itUzQVG5O1IJm4/Ivwj+LTCAPDdRO85+VJ4ba+IjmCQ4d1Lq6CqhLtWhmGm
GeuiWexRZnzZ3vyQvXiSEnWhVg3K6prLWn//Z2fAL0Ukyp5mBNEQI1tj6G7zachn
8iWmmO0pEgdVZZPFFMgyWeLcycAluFsEoTejXZ+Xgs8TVTCAj11l4CeHsL/FygS4
K4rcCbGe/ooYeMbl
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkAO4H5THcBxqsN5nm5vN
W9Bjdu05Nmv+RYsovE35qyoAYHic4iYtN4WhCO2T75LQgSVJctkuP+qlwnxcDU69
DD4HEjpjjEudV309Wrw4p9DvXktPyI6GtWmZPowWf3bh9vhg2wmRoKr0Aa+EW+4u
q4Fy5hhLuWKyCpummwVb1xjNoGR/HiL4Qe3s2dil8RRaN3m6muUcu5+mu234erPF
tbTc0pysHiewjpJkSg0KWoYh/k4cOYiWQaYG7O/lbGKEyyFLo8egG4fG8qH6WkqG
Kd38VmCqCtnj5HfKLbKu03zMNoGBktHdFd7SiXuISJLSfadi+f4dpiE+phcAtuTL
0QIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 17541885138579326489648473455136809862
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M01'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-07-25 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-08-22 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'lpm-redirect-api.dm.aws.gartner.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 18180149936712510899546362038377305497103656205895770262805664565192767746234529861374260728971998673951876426954803199058831485224587360397960235432842440637570907199014154648032640415478100211788966658878883308392759063638621305398436057083321416317567994778182032158983294010765057110139459725689864211339724913278411277744128166926788816029717803457763072160352133922279529744445520396204767683753048209553018097419490034546732405112836343305070681847851805391305479394719344460735183444279167206741027237746480998515828223020370483920554307951703024340133036412650973099664862880683741671642873333825771760045009
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 81b80e638a891218e5fa3b3b50959fe6e5901385
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							b2f19c68c12cdfbe85b5e0a50c5551288a4b28eb
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (61 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lpm-redirect-api.dm.aws.gartner.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'landing.capterra.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m01.amazontrust.com/r2m01.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m01.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m01.amazontrust.com/r2m01.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes)
							0168007700eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b000001898c0fd213000004030048304602210092f06ab014b39c0a7303cb3f24cb397f2a5eaafcb5749ea7143172559813d510022100fec873eff8bd86de9414dcb35699f4379e047cfbcd2d1b89f28c7a3d7d22f7e300760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d88473000001898c0fd20c00000403004730450221009105896439c5b4c867459addedfe08634a0aa05b997665bd6d7bfa5f527891c702200efe6b8c4d5ae47a9f49a487a91890cfbad95340336cecf97a420eab64606468007500dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab000001898c0fd1d2000004030046304402200409e2e14d9f68ad9303a2feb133be7f17f3ff4c891ffcb7cbff55f826da99bf022059f4e7ebec6a6c5dd853d06ed34986a803385c42bcb9e7ac8f8c2127029bdfeb
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		000e0387c935ede2d4a66599011a1ca401c253ac5c8b8b58af2a5699022e89a34ae9fbba0f361cfefb113f9c6434dd37f68beb08bb076b5248c3e782ecf929eead6a06dafcdf03e2fe50f070f994382c6edbaf63d3e940155f5097a9f7a7ee2908d93ffdc6cd1cd2de2b54cd0546e4ed48266e3f22fc23f8b4c200f0dd44ef39f952786daf888e6090e1dd4baba0aa84bb568661a619eba259ec51667cd9defc90bd78921275a1560dcaea9acb5a7fff6767c02f4524ca9e6604d110235b63e86ef369c867f225a698ed291207556593c514c83259e2dcc9c025b85b04a137a35d9f9782cf135530808f5d65e02787b0bfc5ca04b82b8adc09b19efe8a1878c6e5