*.cupdata.com

- 银联数据服务有限公司 -

Issued by CFCA OV OCA

About this certificate

This digital certificate with serial number 20:15:01:f5:aa:9c:8e:6a:e3:6e:55:63:63:82:95:b3 was issued on by China Financial Certification Authority.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Basic Constraints extension is present (2.5.29.19) and marked as non-critical basicConstraints MAY appear in the certificate, and when it is included MUST be marked as critical (CA/Browser Forum BRs: 7.1.2.7.6)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

银联数据服务有限公司

Organization: 银联数据服务有限公司
State / Province: 上海
Locality: 上海
Country: CN

China Financial Certification Authority

Organization: China Financial Certification Authority
Country: CN

This certificate will expire on

Certificate Details

Serial Number (hex): 20:15:01:f5:aa:9c:8e:6a:e3:6e:55:63:63:82:95:b3
Serial Number (int): 42644373845257675604826213834110965171
Serial Number lenght: 126 bits, 16 octets

SubjectKeyId: 9d:6e:ad:54:ac:8e:8d:5e:52:11:eb:ba:0f:1a:b8:fa:17:33:34:f0
AuthorityKeyId: 66:b3:ef:fb:54:95:87:e9:ac:a5:96:56:ae:e6:7d:ed:3a:d0:43:d1

Fingerprint (sha1): 0d:43:4b:70:34:6e:9a:cc:af:bb:86:f9:73:3e:4d:a8:fe:77:80:07
Fingerprint (sha256): 12:61:4b:73:8f:d7:9b:39:77:99:60:e6:5c:0b:f1:98:51:e7:78:5d:f6:8b:7d:39:f6:03:d9:a8:30:60:51:7b

Issuing Certificate URL: http://gtc.cfca.com.cn/ovoca/ovoca.cer

Revocation information

OCSP Server: http://ocsp.cfca.com.cn/ocsp
CRL Distribution Point: http://crl.cfca.com.cn/OVOCA/RSA/crl297.crl

Check the revocation status for certificate *.cupdata.com

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for *.cupdata.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Client Authentication
Server Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.cupdata.com
cupdata.com

Other certificates including the domain name cupdata.com

(limited to 100 certificates)
web.cupdata.com
directbank.cupdata.com
wechat.cupdapp.com
web.cupdata.com
passort.leagcard.com
passort.leagcard.com
ncoas.cupdapp.com
ncoas.cupdapp.com
wlian.cupdata.com
resource.leagcard.com
resource.leagcard.com
web.cupdata.com
trip.cupdata.com
web.cupdata.com
citiweb.cupdata.com
wechat.cupdapp.com
resource.leagcard.com
directbank.cupdata.com
passort.leagcard.com
directbank.cupdata.com
ncoas.cupdapp.com
*.cupdata.com
wlian.cupdata.com
web.cupdata.com
securityplus.cupdata.com
mbank6.cupdata.com
directbank.cupdata.com
directbank.cupdata.com
www.cupdata.com
*.cupdata.com
passort.leagcard.com
resource.leagcard.com
xdzlar.cupdata.com
directbank.cupdata.com
ncoas.cupdapp.com
*.statictest.cupdata.com
web.cupdata.com
web.cupdata.com
resource.leagcard.com
web.cupdata.com
resource.leagcard.com
web.cupdata.com
passort.leagcard.com
web.cupdata.com
web.cupdata.com
resource.leagcard.com
3d.cupdata.com
web.cupdata.com
app.cupdapp.com
web.cupdata.com
trip.cupdata.com
ncoas.cupdapp.com
securityplus.cupdata.com
passort.leagcard.com
directbank.cupdata.com
passort.leagcard.com
www.cupdata.com
passort.leagcard.com
citiweb.cupdata.com
www.cupdata.com
directbank.cupdata.com
trip.cupdata.com
web.cupdata.com
www.cupdata.com
mbank6.cupdata.com
directbank.cupdata.com
www.cupdata.com
passort.leagcard.com
scbwxmnrecsign.cupdata.com
ncoas.cupdapp.com
resource.leagcard.com
web.cupdata.com
resource.leagcard.com
web.cupdata.com
directbank.cupdata.com
resource.leagcard.com
3d.cupdata.com
directbank.cupdata.com
intl.cupdata.com
directbank.cupdata.com
ncoas.cupdapp.com
directbank.cupdata.com
onlineuat.cupdata.com
trip.cupdata.com
onlineuat.cupdata.com
www.cupdata.com
passort.leagcard.com
passort.leagcard.com
3d.cupdata.com
mbank6.cupdata.com
app.cupdapp.com
mbank6.cupdata.com
resource.leagcard.com
scbwxmnrecsign.test.cupdata.com
passort.leagcard.com
passort.leagcard.com
*.test.cupdata.com
passort.leagcard.com
resource.leagcard.com
resource.leagcard.com

Certificate

The complete raw certificate details for *.cupdata.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHWzCCBkOgAwIBAgIQIBUB9aqcjmrjblVjY4KVszANBgkqhkiG9w0BAQsFADBV
MQswCQYDVQQGEwJDTjEwMC4GA1UECgwnQ2hpbmEgRmluYW5jaWFsIENlcnRpZmlj
YXRpb24gQXV0aG9yaXR5MRQwEgYDVQQDDAtDRkNBIE9WIE9DQTAeFw0yMzEwMTcw
OTA3MjhaFw0yNDEwMTcwOTA3MjdaMHAxCzAJBgNVBAYTAkNOMQ8wDQYDVQQIDAbk
uIrmtbcxDzANBgNVBAcMBuS4iua1tzEnMCUGA1UECgwe6ZO26IGU5pWw5o2u5pyN
5Yqh5pyJ6ZmQ5YWs5Y+4MRYwFAYDVQQDDA0qLmN1cGRhdGEuY29tMIIBIjANBgkq
hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAryudCRY9tO3EEg6n3vaCwDsnDHk+4KzM
04y9J8T0YSsjkB9I398rQXI8unLanQ6Htn5X8U8IG9+/sHPpt6djKEVwgsORtT4x
++zorVsC8iFVWWKr5HISNsWg1wUtPHOaH2qNRsIidyJP6hE7Dc3HqWsOymbPf3Y/
U5kH1Zfn6YPYsDUZdWSrWry8Gc4vIsG89Z0BV3frGWxY73M+sWI/gio3D9FesMxK
uk4uudeyViQELNCnxBWqrTyDdbvqc5GNnpBo5v/12L2+6fSGOfGt1fEgGkO+I6Ib
Jms6n6TSQ5cTLgPU8GWBpP9uC1IGGwrFKO6e3+8u3GTK9t3IHrx3iQIDAQABo4IE
CjCCBAYwCQYDVR0TBAIwADBsBggrBgEFBQcBAQRgMF4wKAYIKwYBBQUHMAGGHGh0
dHA6Ly9vY3NwLmNmY2EuY29tLmNuL29jc3AwMgYIKwYBBQUHMAKGJmh0dHA6Ly9n
dGMuY2ZjYS5jb20uY24vb3ZvY2Evb3ZvY2EuY2VyMCUGA1UdEQQeMByCDSouY3Vw
ZGF0YS5jb22CC2N1cGRhdGEuY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHQ4EFgQU
nW6tVKyOjV5SEeu6Dxq4+hczNPAwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUF
BwMBMIICbQYKKwYBBAHWeQIEAgSCAl0EggJZAlcAdgDatr9rP7W2Ip+bwrtca+hw
kXFsu1GEhTS9pD0wSNf7qwAAAYs84+LPAAAEAwBHMEUCIQD4FDdwm3x2wX4CtG5b
4FeZxn3HNGGAE7yAVsKxX7f6jwIgdrth3Sk8342DOsDnr70/Is07p3zkpbSvZpLv
kF9YZI4AdgDuzdBk1dsazsVct520zROiModGfLzs3sNRSFlGcR+1mwAAAYs84+L3
AAAEAwBHMEUCIQDFtVeFfH1xBiNS1XzrWZx+0OQedbAtVdWBJmTjwS78TwIgEhTn
hxTAJlFbHIFPbQsB4oLXHQobBJ0p6yz/wPkYCx0AdgBIsONr2qZHNA/lagL6nTDr
HFIBy1bdLIHZu7+rOdiEcwAAAYs84+OVAAAEAwBHMEUCIDShpCgKoWZBbM+nUPY7
yuooODTw7P/ueNveL74qBfD3AiEA24RNKEVgtXYj35F/jICSruScc391EWob1aaR
3xR+tg4AdgB2/4g/Crb7lVHCYcz1h7o0tKTNuyncaEIKn+ZnTFo6dAAAAYs84+Tv
AAAEAwBHMEUCIFxKnUgwCKum3XJhZ4ofXZ1arG7ub7IrMfBPtbRalFSeAiEAhjgq
8xwFtGmuPSgKJtR93LEZJW9Jz6yzzQ/ZPe1RQAIAdQBVgdTCFpA2AUrqC5tXPFPw
wOQ4eHAlCBcvo6odBxPTDAAAAYs84+ObAAAEAwBGMEQCIAz8vxGe/Cc0epOyVnnc
Pn1kFm63klCVqorEAZ5j0u4WAiA+GosY2MqIZplWImkJ/mg1jQuf83RtWGxCnLF6
2iFAdDAfBgNVHSMEGDAWgBRms+/7VJWH6aylllau5n3tOtBD0TBGBgNVHSAEPzA9
MDsGBmeBDAECAjAxMC8GCCsGAQUFBwIBFiNodHRwOi8vd3d3LmNmY2EuY29tLmNu
L3VzL3VzLTEyLmh0bTA8BgNVHR8ENTAzMDGgL6AthitodHRwOi8vY3JsLmNmY2Eu
Y29tLmNuL09WT0NBL1JTQS9jcmwyOTcuY3JsMA0GCSqGSIb3DQEBCwUAA4IBAQAq
nVz/ZxW7xn2i/dvNtxX7bW1w9HIh9lZFTWr93NLeHpFfS+JqlgRrES2fiba+eMyk
VdrXqcG+DaKSgRuTD0jeFYHn7YBQBic5h1cm9j5DiU6P7pYgliZZd6BzsWTkBOsg
iEFjQBMw8dC9rU4L29kpHtY7fEIunErkGD10kQNuhkSeb6mbiw6iQue9OrO4F/D9
ppgrpMvk1aoQUxV492Q48AN7BoRmZGpMfWDjCQO/WX50HSKLIKUccVykPVkXhcBg
gMTbj+QcTh6QI5+3hrMXzZViTmmPVjOiQvhRAYVcfjQvl+Vr3wE5ScmTZpcLTsrW
sZBTUavGcAMr5ADcUp59
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAryudCRY9tO3EEg6n3vaC
wDsnDHk+4KzM04y9J8T0YSsjkB9I398rQXI8unLanQ6Htn5X8U8IG9+/sHPpt6dj
KEVwgsORtT4x++zorVsC8iFVWWKr5HISNsWg1wUtPHOaH2qNRsIidyJP6hE7Dc3H
qWsOymbPf3Y/U5kH1Zfn6YPYsDUZdWSrWry8Gc4vIsG89Z0BV3frGWxY73M+sWI/
gio3D9FesMxKuk4uudeyViQELNCnxBWqrTyDdbvqc5GNnpBo5v/12L2+6fSGOfGt
1fEgGkO+I6IbJms6n6TSQ5cTLgPU8GWBpP9uC1IGGwrFKO6e3+8u3GTK9t3IHrx3
iQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 42644373845257675604826213834110965171
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CN'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'China Financial Certification Authority'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String 'CFCA OV OCA'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-17 09:07:28 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-10-17 09:07:27 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CN'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '上海'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '上海'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '银联数据服务有限公司'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.cupdata.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22113209947976474714083678644889409317197670603335171361052802596170319506085545304644518198507034181328200149031537209882633344021838073157473476656042052622346876731755191052382554260339265166603587343040580266092688122948529927740529568732693620702080150350639285596144790980936899384832770654663967131787033274825648690016620739332131477218920109744635963828510884159502754516264467169356805446509970133070729405862410396338675366789151671662818147042856251760830238404542972530708092768677483446488817868624294532213621246306420661875420043122580662598261490681356496379512579696154524296761230447765619572766601
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (96 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.cfca.com.cn/ocsp'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://gtc.cfca.com.cn/ovoca/ovoca.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (30 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.cupdata.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cupdata.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							9d6ead54ac8e8d5e5211ebba0f1ab8fa173334f0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (605 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (601 bytes)
							0257007600dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018b3ce3e2cf0000040300473045022100f81437709b7c76c17e02b46e5be05799c67dc734618013bc8056c2b15fb7fa8f022076bb61dd293cdf8d833ac0e7afbd3f22cd3ba77ce4a5b4af6692ef905f58648e007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018b3ce3e2f70000040300473045022100c5b557857c7d71062352d57ceb599c7ed0e41e75b02d55d5812664e3c12efc4f02201214e78714c026515b1c814f6d0b01e282d71d0a1b049d29eb2cffc0f9180b1d00760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018b3ce3e3950000040300473045022034a1a4280aa166416ccfa750f63bcaea283834f0ecffee78dbde2fbe2a05f0f7022100db844d284560b57623df917f8c8092aee49c737f75116a1bd5a691df147eb60e00760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018b3ce3e4ef000004030047304502205c4a9d483008aba6dd7261678a1f5d9d5aac6eee6fb22b31f04fb5b45a94549e02210086382af31c05b469ae3d280a26d47ddcb119256f49cfacb3cd0fd93ded5140020075005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c0000018b3ce3e39b000004030046304402200cfcbf119efc27347a93b25679dc3e7d64166eb7925095aa8ac4019e63d2ee1602203e1a8b18d8ca88669956226909fe68358d0b9ff3746d586c429cb17ada214074
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 66b3effb549587e9aca59656aee67ded3ad043d1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (63 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'http://www.cfca.com.cn/us/us-12.htm'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (53 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.cfca.com.cn/OVOCA/RSA/crl297.crl'
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		002a9d5cff6715bbc67da2fddbcdb715fb6d6d70f47221f656454d6afddcd2de1e915f4be26a96046b112d9f89b6be78cca455dad7a9c1be0da292811b930f48de1581e7ed8050062739875726f63e43894e8fee962096265977a073b164e404eb20884163401330f1d0bdad4e0bdbd9291ed63b7c422e9c4ae4183d7491036e86449e6fa99b8b0ea242e7bd3ab3b817f0fda6982ba4cbe4d5aa10531578f76438f0037b068466646a4c7d60e30903bf597e741d228b20a51c715ca43d591785c06080c4db8fe41c4e1e90239fb786b317cd95624e698f5633a242f85101855c7e342f97e56bdf013949c99366970b4ecad6b1905351abc670032be400dc529e7d