*.unicorn.cupdapp.com
- China Unionpay Data Services Co., Ltd -
Issued by CFCA OV OCA
About this certificate
This digital certificate with serial number 20:15:01:ba:b2:76:d2:c6:d3:22:4c:fd:cd:e9:32:b7 was issued on by China Financial Certification Authority.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
- The keyUsage extension SHOULD be critical (RFC 5280: 4.2.1.3)
China Unionpay Data Services Co., Ltd
Organization:
China Unionpay Data Services Co., Ltd
Organization unit: Innovation Business Dept.
Organization unit: Innovation Business Dept.
State / Province:
Shanghai
Locality: Shanghai
Country: CN
Locality: Shanghai
Country: CN
China Financial Certification Authority
Organization:
China Financial Certification Authority
Country:
CN
This certificate has expire since
Certificate Details
Serial Number (hex): 20:15:01:ba:b2:76:d2:c6:d3:22:4c:fd:cd:e9:32:b7Serial Number (int): 42644369173226350977502667538099155639
Serial Number lenght: 126 bits, 16 octets
SubjectKeyId: 8e:fc:75:4f:78:e3:0b:25:47:eb:d9:ff:f1:04:9e:ac:1e:7a:d8:6b
AuthorityKeyId: 66:b3:ef:fb:54:95:87:e9:ac:a5:96:56:ae:e6:7d:ed:3a:d0:43:d1
Fingerprint (sha1): d2:03:34:8d:3d:fb:26:06:14:5d:68:c9:da:e4:a3:8d:e9:06:7d:20
Fingerprint (sha256): 0f:42:c6:5e:a4:6d:54:d2:29:43:a7:95:00:da:8d:26:5a:16:39:ba:b4:cd:91:c7:fe:28:24:bf:76:92:14:88
Issuing Certificate URL: http://gtc.cfca.com.cn/ovoca/ovoca.cer
Revocation information
OCSP Server: http://ocsp.cfca.com.cn/ocspCRL Distribution Point: http://crl.cfca.com.cn/OVOCA/RSA/crl25.crl
Check the revocation status for certificate *.unicorn.cupdapp.com
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.unicorn.cupdapp.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Client Authentication
Server Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.unicorn.cupdapp.com
unicorn.cupdapp.com
unicorn.cupdapp.com
Other certificates including the domain name cupdapp.com
(limited to 100 certificates)
wechat.cupdapp.com
ws.cupdapp.net
ncoas.cupdapp.com
api.ws.cupdapp.net
stmt.cupdapp.com
ncoas.cupdapp.com
ncoas.cupdapp.com
wechat.cupdapp.com
ws.cupdapp.net
stmt.cupdapp.com
*.unicorn.cupdapp.com
ant.ccbillinst.cupdapp.com
ncoas.cupdapp.com
milkywaypage.cupdapp.com
xdzlar.cupdata.com
ncoas.cupdapp.com
ws.cupdapp.net
appsignsrc.cupdapp.com
ncoas.cupdapp.com
api.ws.cupdapp.net
*.static.cupdapp.com
ws.cupdapp.net
api.ws.cupdapp.net
app.cupdapp.com
ncoas.cupdapp.com
securityplus.cupdata.com
api.ws.cupdapp.net
ncoas.cupdapp.com
ncoas.cupdapp.com
directbank.cupdata.com
ws.cupdapp.net
perbank.cupdapp.com
apptranssign.cupdapp.com
stmt.cupdapp.com
ws.cupdapp.net
prepaidcard.leagcard.com
ncoas.cupdapp.com
ncoas.cupdapp.com
appsigndest.cupdapp.com
ncoas.cupdapp.com
stmt.cupdapp.com
ws.cupdapp.net
ncoas.cupdapp.com
ncoas.cupdapp.com
api.ws.cupdapp.net
api.ws.cupdapp.net
ncoas.cupdapp.com
app.cupdapp.com
ws.cupdapp.net
ncoas.cupdapp.com
milkywaypage.cupdapp.com
crbep.cupdapp.com
api.ws.cupdapp.net
ws.cupdapp.net
ws.cupdapp.net
stmt.cupdapp.com
app.cupdapp.com
appsigndest.cupdapp.com
ncoas.cupdapp.com
stmt.cupdapp.com
perbank.cupdapp.com
stmt.cupdapp.com
api.ws.cupdapp.net
ncoas.cupdapp.com
ncoas.cupdapp.com
ncoas.cupdapp.com
app.cupdapp.com
stmt.cupdapp.com
app.cupdapp.com
ncoas.cupdapp.com
ws.cupdapp.net
ncoas.cupdapp.com
ws.cupdapp.net
ncoas.cupdapp.com
ncoas.cupdapp.com
api.ws.cupdapp.net
ws.cupdapp.net
ws.cupdapp.net
ws.cupdapp.net
ncoas.cupdapp.com
ncoas.cupdapp.com
ncoas.cupdapp.com
app.cupdapp.com
ws.cupdapp.net
stmt.cupdapp.com
api.ws.cupdapp.net
app.cupdapp.com
stmt.cupdapp.com
stmt.cupdapp.com
ncoas.cupdapp.com
ncoas.cupdapp.com
wechat.cupdapp.com
stmt.cupdapp.com
stmt.cupdapp.com
ws.cupdapp.net
api.ws.cupdapp.net
stmt.cupdapp.com
stmt.cupdapp.com
api.ws.cupdapp.net
wx.cupdapp.com
ws.cupdapp.net
ncoas.cupdapp.com
api.ws.cupdapp.net
stmt.cupdapp.com
ncoas.cupdapp.com
ncoas.cupdapp.com
wechat.cupdapp.com
ws.cupdapp.net
stmt.cupdapp.com
*.unicorn.cupdapp.com
ant.ccbillinst.cupdapp.com
ncoas.cupdapp.com
milkywaypage.cupdapp.com
xdzlar.cupdata.com
ncoas.cupdapp.com
ws.cupdapp.net
appsignsrc.cupdapp.com
ncoas.cupdapp.com
api.ws.cupdapp.net
*.static.cupdapp.com
ws.cupdapp.net
api.ws.cupdapp.net
app.cupdapp.com
ncoas.cupdapp.com
securityplus.cupdata.com
api.ws.cupdapp.net
ncoas.cupdapp.com
ncoas.cupdapp.com
directbank.cupdata.com
ws.cupdapp.net
perbank.cupdapp.com
apptranssign.cupdapp.com
stmt.cupdapp.com
ws.cupdapp.net
prepaidcard.leagcard.com
ncoas.cupdapp.com
ncoas.cupdapp.com
appsigndest.cupdapp.com
ncoas.cupdapp.com
stmt.cupdapp.com
ws.cupdapp.net
ncoas.cupdapp.com
ncoas.cupdapp.com
api.ws.cupdapp.net
api.ws.cupdapp.net
ncoas.cupdapp.com
app.cupdapp.com
ws.cupdapp.net
ncoas.cupdapp.com
milkywaypage.cupdapp.com
crbep.cupdapp.com
api.ws.cupdapp.net
ws.cupdapp.net
ws.cupdapp.net
stmt.cupdapp.com
app.cupdapp.com
appsigndest.cupdapp.com
ncoas.cupdapp.com
stmt.cupdapp.com
perbank.cupdapp.com
stmt.cupdapp.com
api.ws.cupdapp.net
ncoas.cupdapp.com
ncoas.cupdapp.com
ncoas.cupdapp.com
app.cupdapp.com
stmt.cupdapp.com
app.cupdapp.com
ncoas.cupdapp.com
ws.cupdapp.net
ncoas.cupdapp.com
ws.cupdapp.net
ncoas.cupdapp.com
ncoas.cupdapp.com
api.ws.cupdapp.net
ws.cupdapp.net
ws.cupdapp.net
ws.cupdapp.net
ncoas.cupdapp.com
ncoas.cupdapp.com
ncoas.cupdapp.com
app.cupdapp.com
ws.cupdapp.net
stmt.cupdapp.com
api.ws.cupdapp.net
app.cupdapp.com
stmt.cupdapp.com
stmt.cupdapp.com
ncoas.cupdapp.com
ncoas.cupdapp.com
wechat.cupdapp.com
stmt.cupdapp.com
stmt.cupdapp.com
ws.cupdapp.net
api.ws.cupdapp.net
stmt.cupdapp.com
stmt.cupdapp.com
api.ws.cupdapp.net
wx.cupdapp.com
Certificate
The complete raw certificate details for *.unicorn.cupdapp.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIFQzCCBCugAwIBAgIQIBUBurJ20sbTIkz9zekytzANBgkqhkiG9w0BAQsFADBV MQswCQYDVQQGEwJDTjEwMC4GA1UECgwnQ2hpbmEgRmluYW5jaWFsIENlcnRpZmlj YXRpb24gQXV0aG9yaXR5MRQwEgYDVQQDDAtDRkNBIE9WIE9DQTAeFw0xOTEyMDMw ODU5MTVaFw0yMTEyMDMwODU5MTVaMIGnMQswCQYDVQQGEwJDTjERMA8GA1UECAwI U2hhbmdoYWkxETAPBgNVBAcMCFNoYW5naGFpMS4wLAYDVQQKDCVDaGluYSBVbmlv bnBheSBEYXRhIFNlcnZpY2VzIENvLiwgTHRkMSIwIAYDVQQLDBlJbm5vdmF0aW9u IEJ1c2luZXNzIERlcHQuMR4wHAYDVQQDDBUqLnVuaWNvcm4uY3VwZGFwcC5jb20w ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDwCnQBhrrsrzMdmEqlpNZQ +EC/M6VyvirI2AOD3M+e5VbsuFpWTXKSF2Kizk1ko2ABFDRrBCqT0FXgAqMZ1Obx +6PWWuS0hj9zlUJMqNRafV+lvdhRu4sxqtLaLCw1lbNtmHT8VNuN1jQ4evhVx5I7 7CsfNRNZYbvPtPcE7E5VYY0C1aGRSpX2/oxCRfczBzwLdW1uKazH4j5P3NTwmnSj DYhNA9n27k8pLifXuFZfuKA2z0LFkMdoqsQcHqISoyKWN0LyTm/pDGM6k+szmlXK Ukp4rGtWRlLY3LPaXocjG8KWIsufdb8F5TWDvNVJySVOwR8fAf9MymdL9G830lOP AgMBAAGjggG6MIIBtjAJBgNVHRMEAjAAMGwGCCsGAQUFBwEBBGAwXjAoBggrBgEF BQcwAYYcaHR0cDovL29jc3AuY2ZjYS5jb20uY24vb2NzcDAyBggrBgEFBQcwAoYm aHR0cDovL2d0Yy5jZmNhLmNvbS5jbi9vdm9jYS9vdm9jYS5jZXIwNQYDVR0RBC4w LIIVKi51bmljb3JuLmN1cGRhcHAuY29tghN1bmljb3JuLmN1cGRhcHAuY29tMAsG A1UdDwQEAwIFoDAdBgNVHQ4EFgQUjvx1T3jjCyVH69n/8QSerB562GswHQYDVR0l BBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMBMGCisGAQQB1nkCBAMBAf8EAgUAMB8G A1UdIwQYMBaAFGaz7/tUlYfprKWWVq7mfe060EPRMEYGA1UdIAQ/MD0wOwYGZ4EM AQICMDEwLwYIKwYBBQUHAgEWI2h0dHA6Ly93d3cuY2ZjYS5jb20uY24vdXMvdXMt MTIuaHRtMDsGA1UdHwQ0MDIwMKAuoCyGKmh0dHA6Ly9jcmwuY2ZjYS5jb20uY24v T1ZPQ0EvUlNBL2NybDI1LmNybDANBgkqhkiG9w0BAQsFAAOCAQEAvBk2MdZeF+GS 2oFWiKJI0SgLUddzxEDxPO/r1DL1kngkCDdha3LHhclTS4bC6JIAA4CzLuISYfNU EX71Ec2yGT7ZfW0mKzSNtWXuo3uQiewcgpD1sx9itB0PiM24X+h910nweoCVohna XrSyqvqRqF+8br7w6Tvn4uL4m6MhO7s54ezSOct6kgZRTvxOg1W4Glb1WX5kvDGF k3fHsYNljd+JwDgjw2LddotUU77llCuh+rJsenDpJxwtsN632MZst6sUHVgi3GdD 9+mAeC1JQlj9n3AJ4tlrwOk93vnxQ/bwmYsOVtoTEJtcey0vjH9LWLD8uLIP+AEM u6JwchiMPQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8Ap0AYa67K8zHZhKpaTW UPhAvzOlcr4qyNgDg9zPnuVW7LhaVk1ykhdios5NZKNgARQ0awQqk9BV4AKjGdTm 8fuj1lrktIY/c5VCTKjUWn1fpb3YUbuLMarS2iwsNZWzbZh0/FTbjdY0OHr4VceS O+wrHzUTWWG7z7T3BOxOVWGNAtWhkUqV9v6MQkX3Mwc8C3Vtbimsx+I+T9zU8Jp0 ow2ITQPZ9u5PKS4n17hWX7igNs9CxZDHaKrEHB6iEqMiljdC8k5v6QxjOpPrM5pV ylJKeKxrVkZS2Nyz2l6HIxvCliLLn3W/BeU1g7zVScklTsEfHwH/TMpnS/RvN9JT jwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 42644369173226350977502667538099155639 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CN' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'China Financial Certification Authority' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'CFCA OV OCA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-12-03 08:59:15 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-12-03 08:59:15 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CN' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Shanghai' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Shanghai' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'China Unionpay Data Services Co., Ltd' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'Innovation Business Dept.' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.unicorn.cupdapp.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 30302347831391586069764809221338839837713999803130748050530964725101247423657266669159332251437917875036989796641619782302232777023816161123973689563653435683340181044337153138985658763250891569732422675073746826528569700734184824010229278348487235684888995206576101937168903272278556630625679406498444860307588968672604050581085449530091744902052698150647596885434382013445903210132431243318520612851228739508245515058205246719159530504225150489553582857943979353464752495212223107073499244046010473724887284612955803215293816120281722114727881876001440918471704725959674753293357268669974270975437084850806305477519 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (96 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.cfca.com.cn/ocsp' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gtc.cfca.com.cn/ovoca/ovoca.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (46 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.unicorn.cupdapp.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'unicorn.cupdapp.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 8efc754f78e30b2547ebd9fff1049eac1e7ad86b . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 66b3effb549587e9aca59656aee67ded3ad043d1 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (63 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.cfca.com.cn/us/us-12.htm' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.cfca.com.cn/OVOCA/RSA/crl25.crl' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00bc193631d65e17e192da815688a248d1280b51d773c440f13cefebd432f59278240837616b72c785c9534b86c2e892000380b32ee21261f354117ef511cdb2193ed97d6d262b348db565eea37b9089ec1c8290f5b31f62b41d0f88cdb85fe87dd749f07a8095a219da5eb4b2aafa91a85fbc6ebef0e93be7e2e2f89ba3213bbb39e1ecd239cb7a9206514efc4e8355b81a56f5597e64bc31859377c7b183658ddf89c03823c362dd768b5453bee5942ba1fab26c7a70e9271c2db0deb7d8c66cb7ab141d5822dc6743f7e980782d494258fd9f7009e2d96bc0e93ddef9f143f6f0998b0e56da13109b5c7b2d2f8c7f4b58b0fcb8b20ff8010cbba27072188c3d