au.affirm.com
Issued by Amazon RSA 2048 M02
About this certificate
This digital certificate with serial number 09:83:1f:55:0d:44:bd:eb:d4:34:ec:df:f2:71:f7:36 was issued on by Amazon.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=au.affirm.com
Amazon
Organization:
Amazon
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 09:83:1f:55:0d:44:bd:eb:d4:34:ec:df:f2:71:f7:36Serial Number (int): 12643878343730241150676103821087864630
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 94:e0:b9:bb:33:83:d8:56:2a:31:5a:75:99:56:ab:3e:f1:04:de:fb
AuthorityKeyId: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2
Fingerprint (sha1): fd:92:2e:e8:73:f0:f4:47:51:24:4c:c0:aa:33:93:c9:87:24:b8:af
Fingerprint (sha256): 0b:92:ea:ba:ef:fb:87:cc:1e:12:cf:01:7a:98:72:5e:ac:e2:59:a4:72:71:b1:80:60:42:a1:3d:e0:34:c3:9c
Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer
Revocation information
OCSP Server: http://ocsp.r2m02.amazontrust.comCRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl
Check the revocation status for certificate au.affirm.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for au.affirm.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Client Authentication
Server Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
au.affirm.com
*.au.affirm.com
*.au.affirm.com
Other certificates including the domain name affirm.com
(limited to 100 certificates)
statuspage.io
au.affirm.com
appstatus.dancecapsules.merce.broadleafclients.com
cloud.e.affirm.com
sales-demo.affirm.com
appstatus.dancecapsules.merce.broadleafclients.com
appstatus.dancecapsules.merce.broadleafclients.com
status.affirm.com
cdn1.affirm.com
prospective2.shared.global.fastly.net
cdn1.au.affirm.com
prospective2.shared.global.fastly.net
cwl.status.cloudsigma.com
prospective2.shared.global.fastly.net
prospective2.shared.global.fastly.net
mailer.shop.affirm.com
education.team.affirm.com
hello.affirm.com
image.comms.caredeliveryorganization.com
demo.affirm.com
fp.affirm.com
prospective2.shared.global.fastly.net
leapfrog-ssl-40.gcs-web.com
cdn1.affirm.com
statuspage.io
prospective2.shared.global.fastly.net
statuspage.io
statuspage.io
appstatus.dancecapsules.merce.broadleafclients.com
lp.affirm.com
appstatus.dancecapsules.merce.broadleafclients.com
statuspage.io
twittertest.plusplus.app
prospective2.shared.global.fastly.net
leapfrog-ssl-40.gcs-web.com
statuspage.io
statuspage.io
statuspage.io
fp.affirm.com
prospective2.shared.global.fastly.net
image.comms.caredeliveryorganization.com
appstatus.dancecapsules.merce.broadleafclients.com
image.comms.caredeliveryorganization.com
statuspage.io
prospective2.shared.global.fastly.net
prospective2.shared.global.fastly.net
statuspage.io
statuspage.io
statuspage.io
au.affirm.com
statuspage.io
leapfrog-ssl-40.gcs-web.com
m.affirm.com
appstatus.dancecapsules.merce.broadleafclients.com
leapfrog-ssl-40.gcs-web.com
san-4-s11.tlsprovisioning.exacttarget.com
leapfrog-ssl-40.gcs-web.com
prospective2.shared.global.fastly.net
phabricator.team.affirm.com
appstatus.dancecapsules.merce.broadleafclients.com
statuspage.io
statuspage.io
statuspage.io
click.e.affirm.com
statuspage.io
prospective2.shared.global.fastly.net
prospective2.shared.global.fastly.net
statuspage.io
statuspage.io
mhdocs.affirm.com
static-ip-mtls.affirm.com
static-ip-mtls.sandbox.affirm.com
freelancer.plusplus.app
mi.affirm.com
affirm.plusplus.app
appstatus.dancecapsules.merce.broadleafclients.com
*.affirm.com
image.comms.caredeliveryorganization.com
lp.affirm.com
hello.affirm.com
lp.affirm.com
statuspage.io
status.affirm.com
statuspage.io
appstatus.dancecapsules.merce.broadleafclients.com
prospective2.shared.global.fastly.net
appstatus.dancecapsules.merce.broadleafclients.com
okta.affirm.com
statuspage.io
m.affirm.com
prospective2.shared.global.fastly.net
statuspage.io
statuspage.io
statuspage.io
statuspage.io
*.global-sandbox.affirm.com
statuspage.io
global-stage.affirm.com
global.affirm.com
statuspage.io
au.affirm.com
appstatus.dancecapsules.merce.broadleafclients.com
cloud.e.affirm.com
sales-demo.affirm.com
appstatus.dancecapsules.merce.broadleafclients.com
appstatus.dancecapsules.merce.broadleafclients.com
status.affirm.com
cdn1.affirm.com
prospective2.shared.global.fastly.net
cdn1.au.affirm.com
prospective2.shared.global.fastly.net
cwl.status.cloudsigma.com
prospective2.shared.global.fastly.net
prospective2.shared.global.fastly.net
mailer.shop.affirm.com
education.team.affirm.com
hello.affirm.com
image.comms.caredeliveryorganization.com
demo.affirm.com
fp.affirm.com
prospective2.shared.global.fastly.net
leapfrog-ssl-40.gcs-web.com
cdn1.affirm.com
statuspage.io
prospective2.shared.global.fastly.net
statuspage.io
statuspage.io
appstatus.dancecapsules.merce.broadleafclients.com
lp.affirm.com
appstatus.dancecapsules.merce.broadleafclients.com
statuspage.io
twittertest.plusplus.app
prospective2.shared.global.fastly.net
leapfrog-ssl-40.gcs-web.com
statuspage.io
statuspage.io
statuspage.io
fp.affirm.com
prospective2.shared.global.fastly.net
image.comms.caredeliveryorganization.com
appstatus.dancecapsules.merce.broadleafclients.com
image.comms.caredeliveryorganization.com
statuspage.io
prospective2.shared.global.fastly.net
prospective2.shared.global.fastly.net
statuspage.io
statuspage.io
statuspage.io
au.affirm.com
statuspage.io
leapfrog-ssl-40.gcs-web.com
m.affirm.com
appstatus.dancecapsules.merce.broadleafclients.com
leapfrog-ssl-40.gcs-web.com
san-4-s11.tlsprovisioning.exacttarget.com
leapfrog-ssl-40.gcs-web.com
prospective2.shared.global.fastly.net
phabricator.team.affirm.com
appstatus.dancecapsules.merce.broadleafclients.com
statuspage.io
statuspage.io
statuspage.io
click.e.affirm.com
statuspage.io
prospective2.shared.global.fastly.net
prospective2.shared.global.fastly.net
statuspage.io
statuspage.io
mhdocs.affirm.com
static-ip-mtls.affirm.com
static-ip-mtls.sandbox.affirm.com
freelancer.plusplus.app
mi.affirm.com
affirm.plusplus.app
appstatus.dancecapsules.merce.broadleafclients.com
*.affirm.com
image.comms.caredeliveryorganization.com
lp.affirm.com
hello.affirm.com
lp.affirm.com
statuspage.io
status.affirm.com
statuspage.io
appstatus.dancecapsules.merce.broadleafclients.com
prospective2.shared.global.fastly.net
appstatus.dancecapsules.merce.broadleafclients.com
okta.affirm.com
statuspage.io
m.affirm.com
prospective2.shared.global.fastly.net
statuspage.io
statuspage.io
statuspage.io
statuspage.io
*.global-sandbox.affirm.com
statuspage.io
global-stage.affirm.com
global.affirm.com
statuspage.io
Certificate
The complete raw certificate details for au.affirm.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF1jCCBL6gAwIBAgIQCYMfVQ1EvevUNOzf8nH3NjANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAyMB4XDTIzMDkxMDAwMDAwMFoXDTI0MTAwOTIzNTk1OVowGDEW MBQGA1UEAxMNYXUuYWZmaXJtLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC AQoCggEBANgyQLxIace2aCaOqzq8nYjZ3G9kL0ik7dwfkKFiUTKVyXIvVgj/Q+3j uTXciRW7MfZZT688ASgl1wyHnM2bSZJcmRE3R4CVQNRG7s/IdeaydDbrex5akUcV yvtaELMFBk52wzTcUJdmJEuuJntXicknkIWLuAl1SrsTow96IkqcRp+bpOM2oUac 3lyhcVBmhVCf5j2DV/XP7NsYASwilMP7xSAgMoy0YKNXiF6x8/eQBvnjY9TjINeZ hFfhxMwvlpqUgBXXVeiGhHo6FvZcl6jpZYBv+eU7xWAUAmPL9hqjA4VFMU7P37oV XHIQ5dsLLJeTEMaq2ngd+fRiRFvGuiMCAwEAAaOCAvYwggLyMB8GA1UdIwQYMBaA FMAxUs1aUMOCfHRxzsvpnPl664LiMB0GA1UdDgQWBBSU4Lm7M4PYVioxWnWZVqs+ 8QTe+zApBgNVHREEIjAggg1hdS5hZmZpcm0uY29tgg8qLmF1LmFmZmlybS5jb20w EwYDVR0gBAwwCjAIBgZngQwBAgEwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQG CCsGAQUFBwMCBggrBgEFBQcDATA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8vY3Js LnIybTAyLmFtYXpvbnRydXN0LmNvbS9yMm0wMi5jcmwwdQYIKwYBBQUHAQEEaTBn MC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5yMm0wMi5hbWF6b250cnVzdC5jb20w NgYIKwYBBQUHMAKGKmh0dHA6Ly9jcnQucjJtMDIuYW1hem9udHJ1c3QuY29tL3Iy bTAyLmNlcjAMBgNVHRMBAf8EAjAAMIIBfQYKKwYBBAHWeQIEAgSCAW0EggFpAWcA dgB2/4g/Crb7lVHCYcz1h7o0tKTNuyncaEIKn+ZnTFo6dAAAAYp9OC65AAAEAwBH MEUCIQCLilwpJzcBVPYA333TsYMUyGLm67W2OfsJEErVbaUQoAIgdWfkwk2Z2Y/r DFBK3lhqT0YKS+Cddg9gBfOrtkoyS7gAdQBIsONr2qZHNA/lagL6nTDrHFIBy1bd LIHZu7+rOdiEcwAAAYp9OC6EAAAEAwBGMEQCIBiZ+jzQ2sQ8wq3ksYP2l9SXIQei kW/lv+kf9lq5abG3AiBM1WK1GWM1hyXpaGmh255g0iRHcLi0dMzl9isyUL3oOQB2 ANq2v2s/tbYin5vCu1xr6HCRcWy7UYSFNL2kPTBI1/urAAABin04LiQAAAQDAEcw RQIgFmKmtnvbQVdFG3nF0tA5uA6ThSqrPA7fR7nUiZlcNigCIQDkpQIgSJVFrSLq fHt5IXNgTGPCzB2zQqYhycsnonSeQzANBgkqhkiG9w0BAQsFAAOCAQEAbFm7t7nQ wYK/y6eRJjHzanEzE4x3EkU4WMcu8A/MHgQZbGLEhBC4ShYq9n5FTxFpC701zB9e /4PWMo2h1lAMnA0lFBfYn5MrbVdsDXgU8h9h/pX90mbMIQsiDbN/7XXDcfC0yH9D l69XniYsSLi5KAhyVRxzaUX64n25fgPodTMS2L6XKnCFqobPSQoXrYMjIysLr/wo Ye4tumiwpREKBixOCF+q20BdiKTa11JmUHjd3LwCpymEg3mB5uWTO176eqgV+jnP nbw85hLPwQ2d/bEjVQVHjodnj9oov9p6UPJkRdA5QH86ydZUqSqiqsHI/3tQ5YwV t/oXf5WZ3W4XXg== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2DJAvEhpx7ZoJo6rOryd iNncb2QvSKTt3B+QoWJRMpXJci9WCP9D7eO5NdyJFbsx9llPrzwBKCXXDIeczZtJ klyZETdHgJVA1Ebuz8h15rJ0Nut7HlqRRxXK+1oQswUGTnbDNNxQl2YkS64me1eJ ySeQhYu4CXVKuxOjD3oiSpxGn5uk4zahRpzeXKFxUGaFUJ/mPYNX9c/s2xgBLCKU w/vFICAyjLRgo1eIXrHz95AG+eNj1OMg15mEV+HEzC+WmpSAFddV6IaEejoW9lyX qOllgG/55TvFYBQCY8v2GqMDhUUxTs/fuhVcchDl2wssl5MQxqraeB359GJEW8a6 IwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 12643878343730241150676103821087864630 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-10 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-10-09 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'au.affirm.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27292254487915611605153898212387548534826855298643700898139756957954587665807510071081084490947296699495925390489353284108657675174256256605391101653192017903865311742188862839156996795780099240049555862062944458377934446175068806566837412547446901342211206537806317199297986048541524959770950715419919290230485448002147589080271186651107119810592210624112862871507566699578133129598973834266807581509290262521137368924366536039630187773124785946489464379322773098169411151753918181819231672851701791388463197809957186211321402356989512929827176314119518616941011098441928522553403216308295567011093665877487671228963 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 94e0b9bb3383d8562a315a759956ab3ef104defb . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (34 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'au.affirm.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.au.affirm.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes) 016700760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018a7d382eb900000403004730450221008b8a5c2927370154f600df7dd3b18314c862e6ebb5b639fb09104ad56da510a002207567e4c24d99d98feb0c504ade586a4f460a4be09d760f6005f3abb64a324bb800750048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018a7d382e84000004030046304402201899fa3cd0dac43cc2ade4b183f697d4972107a2916fe5bfe91ff65ab969b1b702204cd562b51963358725e96869a1db9e60d2244770b8b474cce5f62b3250bde839007600dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018a7d382e24000004030047304502201662a6b67bdb4157451b79c5d2d039b80e93852aab3c0edf47b9d489995c3628022100e4a50220489545ad22ea7c7b792173604c63c2cc1db342a621c9cb27a2749e43 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 006c59bbb7b9d0c182bfcba7912631f36a7133138c7712453858c72ef00fcc1e04196c62c48410b84a162af67e454f11690bbd35cc1f5eff83d6328da1d6500c9c0d251417d89f932b6d576c0d7814f21f61fe95fdd266cc210b220db37fed75c371f0b4c87f4397af579e262c48b8b9280872551c736945fae27db97e03e8753312d8be972a7085aa86cf490a17ad8323232b0baffc2861ee2dba68b0a5110a062c4e085faadb405d88a4dad752665078dddcbc02a72984837981e6e5933b5efa7aa815fa39cf9dbc3ce612cfc10d9dfdb1235505478e87678fda28bfda7a50f26445d039407f3ac9d654a92aa2aac1c8ff7b50e58c15b7fa177f9599dd6e175e