vfw-ap.amazon-adsystem.com

Issued by Amazon RSA 2048 M01

About this certificate

This digital certificate with serial number 04:7f:48:b2:06:fd:c3:68:67:70:86:c5:b3:73:1d:8d was issued on by Amazon.

With 4 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=vfw-ap.amazon-adsystem.com

Amazon

Organization: Amazon
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 04:7f:48:b2:06:fd:c3:68:67:70:86:c5:b3:73:1d:8d
Serial Number (int): 5977808122441668138430937534982987149
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: 05:fe:50:b8:4f:0e:32:66:e1:20:0d:9f:25:d1:f5:3e:25:3b:c7:1e
AuthorityKeyId: 81:b8:0e:63:8a:89:12:18:e5:fa:3b:3b:50:95:9f:e6:e5:90:13:85

Fingerprint (sha1): 16:cb:e9:eb:f0:f1:ea:8b:bd:ff:15:1d:f9:77:3a:96:bb:18:d5:48
Fingerprint (sha256): 10:a8:f2:f2:99:58:79:0f:06:5a:9c:85:07:6c:9a:73:18:65:74:a0:94:af:ea:04:0a:d2:74:91:ab:dd:fd:22

Issuing Certificate URL: http://crt.r2m01.amazontrust.com/r2m01.cer

Revocation information

OCSP Server: http://ocsp.r2m01.amazontrust.com
CRL Distribution Point: http://crl.r2m01.amazontrust.com/r2m01.crl

Check the revocation status for certificate vfw-ap.amazon-adsystem.com

4

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for vfw-ap.amazon-adsystem.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

vfw-ap.amazon-adsystem.com
vfw.amazon-adsystem.com
ingest.vfw.prod.skywave.jetstream.advertising.a2z.com
ingest-dr.vfw.prod.skywave.jetstream.advertising.a2z.com

Other certificates including the domain name amazon-adsystem.com

(limited to 100 certificates)
aax-us-west.amazon-adsystem.com
rcm-fe.assoc-amazon.com
aax-us-east.amazon-adsystem.com
www.assoc-amazon.fr
aax-fe-retail-direct.amazon-adsystem.com
assoc-msdk-cn.amazon-adsystem.com
wms-eu.assoc-amazon.com
aax-fe.amazon-adsystem.com
www.assoc-amazon.ca
aax-vx-fe-us-west-2.amazon-adsystem.com
aax-us-pdx-rtb-adx.amazon-adsystem.com
aax-us-pdx-rtb-adx.amazon-adsystem.com
aax-us-east-test1.amazon-adsystem.com
rcm-na.assoc-amazon.com
aax-us-iad.amazon.com
aax-us-east-test6.amazon-adsystem.com
mads-eu.amazon.com
z-eu.amazon-adsystem.com
aax-eu-retail-direct.amazon-adsystem.com
www.assoc-amazon.ca
wms-eu.assoc-amazon.com
aax-vx-us-us-east-1.amazon-adsystem.com
aax-fe-sin.amazon-adsystem.com
aax.online-panel.advertising.amazon.dev
cdn-d.amazon-adsystem.com
rcm-fe.assoc-amazon.com
www.assoc-amazon.de
rcm-eu.assoc-amazon.com
s.amazon-adsystem.com
aax-us-pdx.amazon-adsystem.com
wms-na.assoc-amazon.com
v-eu.amazon-adsystem.com
aax-adx.ap-southeast.3px.axp.amazon-adsystem.com
rcm-fe.assoc-amazon.com
cdn-c.amazon-adsystem.com
aax-apse-dtb-web.amazon-adsystem.com
fls-na.amazon-adsystem.com
aax-eu.amazon-adsystem.com
wms-na.assoc-amazon.com
at-us-east.amazon-adsystem.com
aax-us-east-rtb-adx.amazon-adsystem.com
wms-na.assoc-amazon.com
ws-eu.assoc-amazon.com
aax-us-pdx.amazon-adsystem.com
z-eu.amazon-adsystem.com
aax-us-pdx.amazon-adsystem.com
fls-cn.amazon-adsystem.com
ws-fe.assoc-amazon.com
video-player.aps.amazon-adsystem.com
aax-eu.amazon-adsystem.com
wms-na.assoc-amazon.com
vq-eu-west-1.amazon-adsystem.com
assoc-msdk-eu.amazon-adsystem.com
aax-us-pdx-rtb-adx.amazon-adsystem.com
wms-na.assoc-amazon.com
aax-us-west.amazon-adsystem.com
www.assoc-amazon.fr
ws-fe.assoc-amazon.com
vaes.dub.amazon-adsystem.com
cell8002.pdx.spp.bid-na.ads.aps.amazon-adsystem.com
?.amazon-adsystem.com
mads.amazon.com
aax-us-east.amazon-adsystem.com
www.assoc-amazon.ca
mas-sdk.amazon.com
z-eu.amazon-adsystem.com
aax-us-pdx-rtb-adx.amazon-adsystem.com
imdb.amazon-adsystem.com
imdb.amazon-adsystem.com
aax-fe-retail-direct.amazon-adsystem.com
vq-test-us-east-1.amazon-adsystem.com
aax-vx-us-us-west-2.amazon-adsystem.com
aax-us-east-test1.amazon-adsystem.com
atue.amazon-adsystem.com
rcm-na.assoc-amazon.com
c.amazon-adsystem.com
assoc-msdk-metrics-us.amazon-adsystem.com
www.assoc-amazon.es
ws-eu.assoc-amazon.com
z-na.amazon-adsystem.com
vfw-ap.amazon-adsystem.com
mas-sdk.amazon.com
mobile-associates-service.amazon.com
rcm-eu.assoc-amazon.com
v-eu.amazon-adsystem.com
ws-cn.assoc-amazon.com
aax-fe.amazon-adsystem.com
aax-fe-sin-rtb-adx.amazon-adsystem.com
*.us-east-1.prod.3p.entry.video-ads.a2z.com
www.assoc-amazon.jp
aax-vx-us-iad.amazon-adsystem.com
www.assoc-amazon.de
v.amazon-adsystem.com
aax.online-panel.advertising.amazon.dev
fls-fe.amazon-adsystem.com
www.assoc-amazon.ca
rcm-fe.assoc-amazon.com
aax-us-pdx-rtb-adx.amazon-adsystem.com
aax-us-iad.amazon.com
cell7002.pdx.stv.bid-na.ads.aps.amazon-adsystem.com

Certificate

The complete raw certificate details for vfw-ap.amazon-adsystem.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGbTCCBVWgAwIBAgIQBH9Isgb9w2hncIbFs3MdjTANBgkqhkiG9w0BAQsFADA8
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g
UlNBIDIwNDggTTAxMB4XDTIzMTAxNjAwMDAwMFoXDTI0MDYyNDIzNTk1OVowJTEj
MCEGA1UEAxMadmZ3LWFwLmFtYXpvbi1hZHN5c3RlbS5jb20wggEiMA0GCSqGSIb3
DQEBAQUAA4IBDwAwggEKAoIBAQCyoZ4GLTxKEdf3MTkAGCL17+jPfOsLMGyIhIdU
9hiuBBWmYiM5W93UUJxFzlpc1+ch0DpzDs764N6RPUqgRiU/d0RL21NZ21sliufQ
KYYks0GllcHt+HS7QZND7EiBcdWq4k2WJmPj5WonacBei039H4+W9ie1xcMR50is
hvArmTE9N6rif1Ea59o/N3YsPcb7wCw0pHVrhFf9Wj/b/sM+2s9ciLebHlZc2siZ
yOB8CIiCbaFIU4Pk36DbUWeoC3qiuJe/Wc6Bc1tFlJZM0BRgu6BPM9YI3hQFjkZ1
cBXwqetV4mLw9J0xDxj/8KM3pfAeMfBpCfy1aTUld74YzoHpAgMBAAGjggOAMIID
fDAfBgNVHSMEGDAWgBSBuA5jiokSGOX6OztQlZ/m5ZAThTAdBgNVHQ4EFgQUBf5Q
uE8OMmbhIA2fJdH1PiU7xx4wgbEGA1UdEQSBqTCBpoIadmZ3LWFwLmFtYXpvbi1h
ZHN5c3RlbS5jb22CF3Zmdy5hbWF6b24tYWRzeXN0ZW0uY29tgjVpbmdlc3QudmZ3
LnByb2Quc2t5d2F2ZS5qZXRzdHJlYW0uYWR2ZXJ0aXNpbmcuYTJ6LmNvbYI4aW5n
ZXN0LWRyLnZmdy5wcm9kLnNreXdhdmUuamV0c3RyZWFtLmFkdmVydGlzaW5nLmEy
ei5jb20wEwYDVR0gBAwwCjAIBgZngQwBAgEwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud
JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA7BgNVHR8ENDAyMDCgLqAshipodHRw
Oi8vY3JsLnIybTAxLmFtYXpvbnRydXN0LmNvbS9yMm0wMS5jcmwwdQYIKwYBBQUH
AQEEaTBnMC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5yMm0wMS5hbWF6b250cnVz
dC5jb20wNgYIKwYBBQUHMAKGKmh0dHA6Ly9jcnQucjJtMDEuYW1hem9udHJ1c3Qu
Y29tL3IybTAxLmNlcjAMBgNVHRMBAf8EAjAAMIIBfgYKKwYBBAHWeQIEAgSCAW4E
ggFqAWgAdgB2/4g/Crb7lVHCYcz1h7o0tKTNuyncaEIKn+ZnTFo6dAAAAYs12VYL
AAAEAwBHMEUCIQDGW51PnojHmhsiXmdKO/IaqxMV6tzlgryOU3vEOBIMHQIgfrIR
MkPwb3aLqrfdU+xCJnhSt35m+CTPblHeMPAQ6t0AdgBIsONr2qZHNA/lagL6nTDr
HFIBy1bdLIHZu7+rOdiEcwAAAYs12VXiAAAEAwBHMEUCIB92WQ0nxjUVhDGsuoLS
wE2dst3/SZwLAr9bq/I8iTF8AiEAv/ozjE/dU+U3LiEaAzXfcx2Dv6jTgCMc5SL0
1MKhCUkAdgA7U3d1Pi25gE6LMFsG/kA7Z9hPw/THvQANLXJv4frUFwAAAYs12VYV
AAAEAwBHMEUCIAlf6qQ5kB7iIBKPAHrT1OSttjRQE82nWDFAxsxwJ4MYAiEAkmPT
/V0tfBlS9bcpK3hMfU7aP/P0e/JNAdFNhtCOEw0wDQYJKoZIhvcNAQELBQADggEB
ABXG4RkTWJLURRYghbreIbVZmVmoUZ2IxBJVftSuCa7UQ35jNc7MNyfu6zkx//HN
TIeNPpTztAE3e16UQ0CCwl2ARVuI95QbQfbMEUsCOOFVr5sekb7syKfCyWVOBVs/
jyWaOUrwgB6hpc5/SyTpEkwyPaNhJtnyW74x60xgSYDtyhreETPNft8gWrdDUMXw
o4PqXb2WPYV5qJDtluIjdf722lWZV8vdWIz/Dbbqzg0gj20dXAnWuRVKJ201poat
sjTy7AQrlFe0rhKV+C3024515wbWQ2aejUN4oG3notAtPJUL2o0RLWBbPdKwnHnq
ZHfIdOoPpQxDStNFOM9Akek=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsqGeBi08ShHX9zE5ABgi
9e/oz3zrCzBsiISHVPYYrgQVpmIjOVvd1FCcRc5aXNfnIdA6cw7O+uDekT1KoEYl
P3dES9tTWdtbJYrn0CmGJLNBpZXB7fh0u0GTQ+xIgXHVquJNliZj4+VqJ2nAXotN
/R+PlvYntcXDEedIrIbwK5kxPTeq4n9RGufaPzd2LD3G+8AsNKR1a4RX/Vo/2/7D
PtrPXIi3mx5WXNrImcjgfAiIgm2hSFOD5N+g21FnqAt6oriXv1nOgXNbRZSWTNAU
YLugTzPWCN4UBY5GdXAV8KnrVeJi8PSdMQ8Y//CjN6XwHjHwaQn8tWk1JXe+GM6B
6QIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 5977808122441668138430937534982987149
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M01'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-16 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-24 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'vfw-ap.amazon-adsystem.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22550114735916298953315107675298423096299650461861207984347237495024138227219643015276828634323122753614326957118542279923292087042270055473841913468624135194920825864816270608541176518962205684050401948187316665684043508590061103836707141512058858711486722422940340141700916552134488114341570034142432978162991242153450873526416898479031631734365737217968906207114832232196500201859957287834511437407407036568522670209150129910405825644762039641873800117554813678660341156380032696570681721706711110313619463762444638687725651082963839678891041098608412687103502556034054517076939824073554363467937777563403415355881
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 81b80e638a891218e5fa3b3b50959fe6e5901385
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							05fe50b84f0e3266e1200d9f25d1f53e253bc71e
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (169 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'vfw-ap.amazon-adsystem.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'vfw.amazon-adsystem.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ingest.vfw.prod.skywave.jetstream.advertising.a2z.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ingest-dr.vfw.prod.skywave.jetstream.advertising.a2z.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m01.amazontrust.com/r2m01.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m01.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m01.amazontrust.com/r2m01.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes)
							016800760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018b35d9560b0000040300473045022100c65b9d4f9e88c79a1b225e674a3bf21aab1315eadce582bc8e537bc438120c1d02207eb2113243f06f768baab7dd53ec42267852b77e66f824cf6e51de30f010eadd00760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018b35d955e2000004030047304502201f76590d27c635158431acba82d2c04d9db2ddff499c0b02bf5babf23c89317c022100bffa338c4fdd53e5372e211a0335df731d83bfa8d380231ce522f4d4c2a109490076003b5377753e2db9804e8b305b06fe403b67d84fc3f4c7bd000d2d726fe1fad4170000018b35d9561500000403004730450220095feaa439901ee220128f007ad3d4e4adb6345013cda7583140c6cc702783180221009263d3fd5d2d7c1952f5b7292b784c7d4eda3ff3f47bf24d01d14d86d08e130d
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0015c6e119135892d445162085bade21b5599959a8519d88c412557ed4ae09aed4437e6335cecc3727eeeb3931fff1cd4c878d3e94f3b401377b5e94434082c25d80455b88f7941b41f6cc114b0238e155af9b1e91beecc8a7c2c9654e055b3f8f259a394af0801ea1a5ce7f4b24e9124c323da36126d9f25bbe31eb4c604980edca1ade1133cd7edf205ab74350c5f0a383ea5dbd963d8579a890ed96e22375fef6da559957cbdd588cff0db6eace0d208f6d1d5c09d6b9154a276d35a686adb234f2ec042b9457b4ae1295f82df4db8e75e706d643669e8d4378a06de7a2d02d3c950bda8d112d605b3dd2b09c79ea6477c874ea0fa50c434ad34538cf4091e9