manulife.com

- Manulife Financial Corporation -

Issued by Sectigo RSA Organization Validation Secure Server CA

About this certificate

This digital certificate with serial number f2:66:61:e4:c7:77:0e:f6:ef:89:46:da:09:5e:2b:79 was issued on by Sectigo Limited.

With 63 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Manulife Financial Corporation

Organization: Manulife Financial Corporation
State / Province: Ontario
Country: CA

Sectigo Limited

Organization: Sectigo Limited
State / Province: Greater Manchester
Locality: Salford
Country: GB

This certificate will expire on

Certificate Details

Serial Number (hex): f2:66:61:e4:c7:77:0e:f6:ef:89:46:da:09:5e:2b:79
Serial Number (int): 322204774779004250920403530229571529593
Serial Number lenght: 128 bits, 16 octets

SubjectKeyId: d0:25:79:1c:59:71:57:de:0c:8c:10:74:e1:dd:98:fc:1c:20:ca:3f
AuthorityKeyId: 17:d9:d6:25:27:67:f9:31:c2:49:43:d9:30:36:44:8c:6c:a9:4f:eb

Fingerprint (sha1): f8:67:11:07:40:eb:8b:91:7c:59:d0:ed:d7:a2:0b:8e:ea:d9:c8:35
Fingerprint (sha256): 0c:a2:98:94:ad:ac:9c:c6:f3:70:ae:4e:39:88:e1:ca:e4:0a:7c:0c:44:7f:16:69:af:d0:7b:a2:4a:5a:20:10

Issuing Certificate URL: http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt

Revocation information

OCSP Server: http://ocsp.sectigo.com
CRL Distribution Point: http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl

Check the revocation status for certificate manulife.com

63

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for manulife.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

manulife.com
api.gb.manulife.com
asampuat.manulife.com
author-dev-ap.manulife.com
author-preprod-ap.manulife.com
author-sit-ap.manulife.com
author-stg-ap.manulife.com
cac-wsauth.ctxnsgslb.manulife.com
cae-wsauth.ctxnsgslb.manulife.com
dpcon.manulifesecurities.ca
dprc.manulifesecurities.ca
fasatexternal.manulife.ca
invite.manulifeghnw.com
jhapim-nonprod.dev.developer.manulife.com
jhapim-nonprod.dev.management.manulife.com
jhapim-nonprod.dev.portal.manulife.com
jhapim-nonprod.dev.scm.manulife.com
jhapim.dev.developer.manulife.com
jhapim.dev.management.manulife.com
jhapim.dev.portal.manulife.com
jhapim.dev.scm.manulife.com
manulife-wealth.ca
manulife-wealth.com
manulife-wealth.net
manulifeprivatewealth.com
manulifepromos.com
manulifewealth.ca
manulifewealth.com
manulifewealth.net
patrimoine-manuvie.ca
patrimoine-manuvie.com
patrimoine-manuvie.net
patrimoinemanuvie.ca
patrimoinemanuvie.net
portal-uat.manulife.com.vn
portal.manulife.com.vn
stage.invite.manulifeghnw.com
stg.manulifewealth.ca
test.invite.manulifeghnw.com
tokenize-ds-t1.manulife.com
tokenize-ds.manulife.com
uat.manulifetravel.ca
usc-wsauth.ctxnsgslb.manulife.com
use2-wsauth.ctxnsgslb.manulife.com
wsauth.ctxnsgslb.manulife.com
wsauth.manulife.com
wsauthdev.manulife.com
www-aem-prod.igp.manulife.ca
www-aem-stage.igp.manulife.ca
www-aem-stage.manulifetravel.manulife.ca
www.manulife-wealth.ca
www.manulife-wealth.com
www.manulife-wealth.net
www.manulifeprivatewealth.com
www.manulifepromos.com
www.manulifewealth.ca
www.manulifewealth.com
www.manulifewealth.net
www.patrimoine-manuvie.ca
www.patrimoine-manuvie.com
www.patrimoine-manuvie.net
www.patrimoinemanuvie.ca
www.patrimoinemanuvie.net

Other certificates including the domain name manulife.com

(limited to 100 certificates)
mlisxivg01.manulife.com
manulife.com
nasbfepool02.mfcgd.com
mfcentral.manulife.com
api1.np.ca.manulife.com
idwicrmapd01.mlijkt01.manulife.com
manulife.com
manulife.com
aidp.manulife.com
azalvedlwrkdp10.p01eaedl.manulife.com
manulife.com
client.manulifebank.com
rps.jhancock.com
manulife.com
sharepoint-externalpartner.uat.ap.manulife.com
hermes.manulife.com
manulife.com
clbs37841.manulife.com
internal.mesh.test.api.manulife.com
azcedlwrks003.s01caedl.manulife.com
manulife.com
cdcwvjhpwast21.americas.manulife.net
daily.manulife.com.vn
click.e.manulife.com
sft.institutional.manulife.com
johnhancock.com
manulife.com
sts.manulife.com
manulife.com
azslvedlmgtdd01.d01saedl.manulife.com
idwicrmapt21.mlijkt01.manulife.com
idwcasp.ap.manulife.com
mfcentral.manulife.com
manulife.com
view-e-ds.manulife.com
idwelems01.mlijkt01.manulife.com
druglookup-client.manulife.com
mfcentral.manulife.com
sharepoint-externalpartner.uat.ap.manulife.com
www-aem-prod.manulife.ca
insttrip.manulife.com
manulife.com
dbpartners.manulife.com
idwinetapt01.mlijkt01.manulife.com
asiacitrix.manulife.com
arrowonramp.manulife.com
manulife.com
qitsso-uat.manulife.com
manulife.com
sf.cac.internal.mesh.dev.api.manulife.com
manulife.com
giam-qa.manulife.com
manulife.com
cconprem.manulife.com
manulife.com
manulife.com
manulife.com
idp.grsportal.ca.manulife.com
manulife.com
insanalyticsdev01.manulife.com
awsuat.manulife.com.kh
idwiqmtapp01.mlijkt01.manulife.com
johnhancock.com
manulife.com
manulife.com
myasoaibp2.ap.manulife.com
remotejp2.manulife.com
johnhancock.com
sharepoint-int.ap.manulife.com
mlifs900g01.manulife.com
nasbaccess01.manulife.com
jhappsstaging-tst.aks.manulife.com
manulife.com
manulife.com
crverifyidentity-dev.johnhancock.com
manulife.com
jpnhoapt09.japan.corp.manulife.com
client.manulifebank.com
preprod.mtls.api.manulife.com
manulife.com
idwietsisft05.mlijkt01.manulife.com
remotehk.manulife.com
azcedledges001.s01caedl.manulife.com
idwcas4tap.ap.manulife.com
manulife.com
mlixnbarplzvnaca.manulife.com
manulife.com
manulife.com
druglookup-client.manulife.com
pcf.manulife.com
proxy.auw.my.underwriting.manulife.com
manulife.com
johnhancock.com
manulife.com
financeit.devsit202201.manulife.com
tw-ssg-fw1.manulife.com
advisor.manulife.ca
azwapnwasm01.mfcgd.com
azuedldbo01.p01usedl.manulife.com
edge.prod-ext.api.manulife.com

Certificate

The complete raw certificate details for manulife.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIINkjCCDHqgAwIBAgIRAPJmYeTHdw7274lG2gleK3kwDQYJKoZIhvcNAQELBQAw
gZUxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
BgNVBAcTB1NhbGZvcmQxGDAWBgNVBAoTD1NlY3RpZ28gTGltaXRlZDE9MDsGA1UE
AxM0U2VjdGlnbyBSU0EgT3JnYW5pemF0aW9uIFZhbGlkYXRpb24gU2VjdXJlIFNl
cnZlciBDQTAeFw0yNDA1MjgwMDAwMDBaFw0yNTA1MjgyMzU5NTlaMF8xCzAJBgNV
BAYTAkNBMRAwDgYDVQQIEwdPbnRhcmlvMScwJQYDVQQKEx5NYW51bGlmZSBGaW5h
bmNpYWwgQ29ycG9yYXRpb24xFTATBgNVBAMTDG1hbnVsaWZlLmNvbTCCASIwDQYJ
KoZIhvcNAQEBBQADggEPADCCAQoCggEBAJTqTinx0fTLJBudn/A646suJQSd2Zpy
WoPsHowpv+fKyx//VOeERVDIgURA8GMd2WglKd4oW//8FEnbDo+vVfE2jxCEmr0F
vdIcDzI5bMSWHrf7b4ciDwYWoYdJWZybeJkxbH1Wk+dsgbEOtBpSdrXWheCGRpJC
yx+FPLe0N/f0yB+CTabAenJKPp9J8Upwl2+JY/a+KxCHCv/tVdomIeP8qKUobg/I
4XKeF5AOyspZG4LtoruHn3dmKTPpN1X4AC+8ixfvI82e/L7Yhx2zyX4IkGWdvDgt
dRmakmabTF+lQghGEmO+HycvetAmqN69x5B/HYvSPJflZNC9s4fRffcCAwEAAaOC
ChAwggoMMB8GA1UdIwQYMBaAFBfZ1iUnZ/kxwklD2TA2RIxsqU/rMB0GA1UdDgQW
BBTQJXkcWXFX3gyMEHTh3Zj8HCDKPzAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/
BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwSgYDVR0gBEMwQTA1
BgwrBgEEAbIxAQIBAwQwJTAjBggrBgEFBQcCARYXaHR0cHM6Ly9zZWN0aWdvLmNv
bS9DUFMwCAYGZ4EMAQICMFoGA1UdHwRTMFEwT6BNoEuGSWh0dHA6Ly9jcmwuc2Vj
dGlnby5jb20vU2VjdGlnb1JTQU9yZ2FuaXphdGlvblZhbGlkYXRpb25TZWN1cmVT
ZXJ2ZXJDQS5jcmwwgYoGCCsGAQUFBwEBBH4wfDBVBggrBgEFBQcwAoZJaHR0cDov
L2NydC5zZWN0aWdvLmNvbS9TZWN0aWdvUlNBT3JnYW5pemF0aW9uVmFsaWRhdGlv
blNlY3VyZVNlcnZlckNBLmNydDAjBggrBgEFBQcwAYYXaHR0cDovL29jc3Auc2Vj
dGlnby5jb20wggGABgorBgEEAdZ5AgQCBIIBcASCAWwBagB3AM8RVu7VLnyv84db
2Wkum+kacWdKsBfsrAHSW3fOzDsIAAABj7/EONYAAAQDAEgwRgIhAOdnOvsHF6lM
x1giQPTo1MxjuM1sgv6jlj1c5Nu8wesiAiEAhj5nkKC4f1evIgiywM78ZCuUwbgf
SlgZy2ePQFj+ZQYAdgCi4wrkRe+9rZt+OO1HZ3dT14JbhJTXK14bLMS5UKRH5wAA
AY+/xDisAAAEAwBHMEUCIDOZcg44VuhBQET8KrFpvXHi9xe91vnM20a4AzAAXwiq
AiEAxvE51zIN3n3OXUus7ze8Hpfth7i4Jx+A8sU0d97ha2QAdwBOdaMnXJoQwzhb
bNTfP1LrHfDgjhuNacCx+mSxYpo53wAAAY+/xDisAAAEAwBIMEYCIQDahAsuyOJ4
F1TeKPx4iym9vsPbLLVbSeIcVAZzCcXwoQIhAKnOFwArRvwsGWrPdJBoT8EPOTAZ
5qHbFXeqrGDFR/AJMIIG0gYDVR0RBIIGyTCCBsWCDG1hbnVsaWZlLmNvbYITYXBp
LmdiLm1hbnVsaWZlLmNvbYIVYXNhbXB1YXQubWFudWxpZmUuY29tghphdXRob3It
ZGV2LWFwLm1hbnVsaWZlLmNvbYIeYXV0aG9yLXByZXByb2QtYXAubWFudWxpZmUu
Y29tghphdXRob3Itc2l0LWFwLm1hbnVsaWZlLmNvbYIaYXV0aG9yLXN0Zy1hcC5t
YW51bGlmZS5jb22CIWNhYy13c2F1dGguY3R4bnNnc2xiLm1hbnVsaWZlLmNvbYIh
Y2FlLXdzYXV0aC5jdHhuc2dzbGIubWFudWxpZmUuY29tghtkcGNvbi5tYW51bGlm
ZXNlY3VyaXRpZXMuY2GCGmRwcmMubWFudWxpZmVzZWN1cml0aWVzLmNhghlmYXNh
dGV4dGVybmFsLm1hbnVsaWZlLmNhghdpbnZpdGUubWFudWxpZmVnaG53LmNvbYIp
amhhcGltLW5vbnByb2QuZGV2LmRldmVsb3Blci5tYW51bGlmZS5jb22CKmpoYXBp
bS1ub25wcm9kLmRldi5tYW5hZ2VtZW50Lm1hbnVsaWZlLmNvbYImamhhcGltLW5v
bnByb2QuZGV2LnBvcnRhbC5tYW51bGlmZS5jb22CI2poYXBpbS1ub25wcm9kLmRl
di5zY20ubWFudWxpZmUuY29tgiFqaGFwaW0uZGV2LmRldmVsb3Blci5tYW51bGlm
ZS5jb22CImpoYXBpbS5kZXYubWFuYWdlbWVudC5tYW51bGlmZS5jb22CHmpoYXBp
bS5kZXYucG9ydGFsLm1hbnVsaWZlLmNvbYIbamhhcGltLmRldi5zY20ubWFudWxp
ZmUuY29tghJtYW51bGlmZS13ZWFsdGguY2GCE21hbnVsaWZlLXdlYWx0aC5jb22C
E21hbnVsaWZlLXdlYWx0aC5uZXSCGW1hbnVsaWZlcHJpdmF0ZXdlYWx0aC5jb22C
Em1hbnVsaWZlcHJvbW9zLmNvbYIRbWFudWxpZmV3ZWFsdGguY2GCEm1hbnVsaWZl
d2VhbHRoLmNvbYISbWFudWxpZmV3ZWFsdGgubmV0ghVwYXRyaW1vaW5lLW1hbnV2
aWUuY2GCFnBhdHJpbW9pbmUtbWFudXZpZS5jb22CFnBhdHJpbW9pbmUtbWFudXZp
ZS5uZXSCFHBhdHJpbW9pbmVtYW51dmllLmNhghVwYXRyaW1vaW5lbWFudXZpZS5u
ZXSCGnBvcnRhbC11YXQubWFudWxpZmUuY29tLnZughZwb3J0YWwubWFudWxpZmUu
Y29tLnZugh1zdGFnZS5pbnZpdGUubWFudWxpZmVnaG53LmNvbYIVc3RnLm1hbnVs
aWZld2VhbHRoLmNhghx0ZXN0Lmludml0ZS5tYW51bGlmZWdobncuY29tght0b2tl
bml6ZS1kcy10MS5tYW51bGlmZS5jb22CGHRva2VuaXplLWRzLm1hbnVsaWZlLmNv
bYIVdWF0Lm1hbnVsaWZldHJhdmVsLmNhgiF1c2Mtd3NhdXRoLmN0eG5zZ3NsYi5t
YW51bGlmZS5jb22CInVzZTItd3NhdXRoLmN0eG5zZ3NsYi5tYW51bGlmZS5jb22C
HXdzYXV0aC5jdHhuc2dzbGIubWFudWxpZmUuY29tghN3c2F1dGgubWFudWxpZmUu
Y29tghZ3c2F1dGhkZXYubWFudWxpZmUuY29tghx3d3ctYWVtLXByb2QuaWdwLm1h
bnVsaWZlLmNhgh13d3ctYWVtLXN0YWdlLmlncC5tYW51bGlmZS5jYYIod3d3LWFl
bS1zdGFnZS5tYW51bGlmZXRyYXZlbC5tYW51bGlmZS5jYYIWd3d3Lm1hbnVsaWZl
LXdlYWx0aC5jYYIXd3d3Lm1hbnVsaWZlLXdlYWx0aC5jb22CF3d3dy5tYW51bGlm
ZS13ZWFsdGgubmV0gh13d3cubWFudWxpZmVwcml2YXRld2VhbHRoLmNvbYIWd3d3
Lm1hbnVsaWZlcHJvbW9zLmNvbYIVd3d3Lm1hbnVsaWZld2VhbHRoLmNhghZ3d3cu
bWFudWxpZmV3ZWFsdGguY29tghZ3d3cubWFudWxpZmV3ZWFsdGgubmV0ghl3d3cu
cGF0cmltb2luZS1tYW51dmllLmNhghp3d3cucGF0cmltb2luZS1tYW51dmllLmNv
bYIad3d3LnBhdHJpbW9pbmUtbWFudXZpZS5uZXSCGHd3dy5wYXRyaW1vaW5lbWFu
dXZpZS5jYYIZd3d3LnBhdHJpbW9pbmVtYW51dmllLm5ldDANBgkqhkiG9w0BAQsF
AAOCAQEAN0uYZaM/ZvZZ6ERgAYjYhNVUCpPQCBXaJz16wMsGjmuBDlJRj2iDjUmJ
wVNDStCYmG8aBcGCXOvFvhWzkFc3JWYdWRVb4ba3mVTLX67wkWIV38XAvlN7/Yhm
0mfZk4LfsinJHd4vb9zC5lulnytkZ49IOM9OQYAoxsRWsb7uSHNXeE2D6oPVaUAZ
mBa2Fr9HesJVT2jdlk8qc0CXD5vQ1kEBGuyYjesckqLNw9JaD5Z30UEL8ez/K7+f
1WFDR31dBeaWaQQ2irVJZxLKfiVFaxYgdPazQobUnwo16qm0ffKZ8JJj+AGZZl90
XJ/YfGg5ZXKQqpnsxuLaHOhC/z1FxQ==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlOpOKfHR9MskG52f8Drj
qy4lBJ3ZmnJag+wejCm/58rLH/9U54RFUMiBREDwYx3ZaCUp3ihb//wUSdsOj69V
8TaPEISavQW90hwPMjlsxJYet/tvhyIPBhahh0lZnJt4mTFsfVaT52yBsQ60GlJ2
tdaF4IZGkkLLH4U8t7Q39/TIH4JNpsB6cko+n0nxSnCXb4lj9r4rEIcK/+1V2iYh
4/yopShuD8jhcp4XkA7Kylkbgu2iu4efd2YpM+k3VfgAL7yLF+8jzZ78vtiHHbPJ
fgiQZZ28OC11GZqSZptMX6VCCEYSY74fJy960Cao3r3HkH8di9I8l+Vk0L2zh9F9
9wIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 322204774779004250920403530229571529593
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo Limited'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo RSA Organization Validation Secure Server CA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-28 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-05-28 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CA'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ontario'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Manulife Financial Corporation'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'manulife.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 18798809398223321819362877180205501223877424761148147675474783031239104640545790224803121673740928467300957226481088494833380395185221604701661865923160555254411299409264763481403075445447214788062802824700485222887360431789086769659149327682758980121503972762002920579732198361883503459006811972210598630790053062702209310990914808633412548461830513601703330643209956505509999557120901929209793658466364037979592745062644158033807895099472872233311655652001540188642101154592905044998270633532516815795645160204026037388456781000154105083707796044228008734081506510092365624180002368886380085545009605385172475280887
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 17d9d6252767f931c24943d93036448c6ca94feb
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							d025791c597157de0c8c1074e1dd98fc1c20ca3f
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (67 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.1.3.4
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (83 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (126 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (368 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes)
							016a007700cf1156eed52e7caff3875bd9692e9be91a71674ab017ecac01d25b77cecc3b080000018fbfc438d60000040300483046022100e7673afb0717a94cc7582240f4e8d4cc63b8cd6c82fea3963d5ce4dbbcc1eb22022100863e6790a0b87f57af2208b2c0cefc642b94c1b81f4a5819cb678f4058fe6506007600a2e30ae445efbdad9b7e38ed47677753d7825b8494d72b5e1b2cc4b950a447e70000018fbfc438ac000004030047304502203399720e3856e8414044fc2ab169bd71e2f717bdd6f9ccdb46b80330005f08aa022100c6f139d7320dde7dce5d4bacef37bc1e97ed87b8b8271f80f2c53477dee16b640077004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018fbfc438ac0000040300483046022100da840b2ec8e2781754de28fc788b29bdbec3db2cb55b49e21c54067309c5f0a1022100a9ce17002b46fc2c196acf7490684fc10f393019e6a1db1577aaac60c547f009
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (1737 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api.gb.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'asampuat.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'author-dev-ap.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'author-preprod-ap.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'author-sit-ap.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'author-stg-ap.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cac-wsauth.ctxnsgslb.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cae-wsauth.ctxnsgslb.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dpcon.manulifesecurities.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'dprc.manulifesecurities.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'fasatexternal.manulife.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'invite.manulifeghnw.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhapim-nonprod.dev.developer.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhapim-nonprod.dev.management.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhapim-nonprod.dev.portal.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhapim-nonprod.dev.scm.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhapim.dev.developer.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhapim.dev.management.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhapim.dev.portal.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'jhapim.dev.scm.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'manulife-wealth.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'manulife-wealth.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'manulife-wealth.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'manulifeprivatewealth.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'manulifepromos.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'manulifewealth.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'manulifewealth.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'manulifewealth.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'patrimoine-manuvie.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'patrimoine-manuvie.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'patrimoine-manuvie.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'patrimoinemanuvie.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'patrimoinemanuvie.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'portal-uat.manulife.com.vn'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'portal.manulife.com.vn'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stage.invite.manulifeghnw.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'stg.manulifewealth.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'test.invite.manulifeghnw.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tokenize-ds-t1.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'tokenize-ds.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'uat.manulifetravel.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'usc-wsauth.ctxnsgslb.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'use2-wsauth.ctxnsgslb.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wsauth.ctxnsgslb.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wsauth.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wsauthdev.manulife.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-aem-prod.igp.manulife.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-aem-stage.igp.manulife.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www-aem-stage.manulifetravel.manulife.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.manulife-wealth.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.manulife-wealth.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.manulife-wealth.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.manulifeprivatewealth.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.manulifepromos.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.manulifewealth.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.manulifewealth.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.manulifewealth.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.patrimoine-manuvie.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.patrimoine-manuvie.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.patrimoine-manuvie.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.patrimoinemanuvie.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.patrimoinemanuvie.net'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00374b9865a33f66f659e844600188d884d5540a93d00815da273d7ac0cb068e6b810e52518f68838d4989c153434ad098986f1a05c1825cebc5be15b390573725661d59155be1b6b79954cb5faef0916215dfc5c0be537bfd8866d267d99382dfb229c91dde2f6fdcc2e65ba59f2b64678f4838cf4e418028c6c456b1beee487357784d83ea83d56940199816b616bf477ac2554f68dd964f2a7340970f9bd0d641011aec988deb1c92a2cdc3d25a0f9677d1410bf1ecff2bbf9fd56143477d5d05e6966904368ab5496712ca7e25456b162074f6b34286d49f0a35eaa9b47df299f09263f80199665f745c9fd87c6839657290aa99ecc6e2da1ce842ff3d45c5