cdk-hackathon-api.service.test.spsapps.net

Issued by Amazon RSA 2048 M02

About this certificate

This digital certificate with serial number 07:c2:1a:c8:e2:d0:ff:e4:6b:f6:1c:20:dd:4b:09:23 was issued on by Amazon.

With 10 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=cdk-hackathon-api.service.test.spsapps.net

Amazon

Organization: Amazon
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 07:c2:1a:c8:e2:d0:ff:e4:6b:f6:1c:20:dd:4b:09:23
Serial Number (int): 10312444819528642673754152346407602467
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: b2:67:c5:8d:b6:4e:6a:a4:74:9c:1b:aa:66:e9:18:4f:8f:77:0e:fe
AuthorityKeyId: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2

Fingerprint (sha1): c4:20:16:5c:8f:5b:9c:a7:00:b8:c6:be:f9:e2:a9:95:ad:a7:72:4b
Fingerprint (sha256): 14:fb:3e:8e:1b:a6:50:87:0e:a0:0e:44:d0:0a:53:dd:de:63:f1:b5:97:02:79:8f:8a:7f:af:bc:c1:64:16:62

Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer

Revocation information

OCSP Server: http://ocsp.r2m02.amazontrust.com
CRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl

Check the revocation status for certificate cdk-hackathon-api.service.test.spsapps.net

10

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for cdk-hackathon-api.service.test.spsapps.net

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

cdk-hackathon-api.service.test.spsapps.net
commerce-translator-rest.service.test.spsapps.net
comms-nexus-integration-api.service.test.spsapps.net
company-aggregator-api.service.test.spsapps.net
corpsys-azp-test.service.test.spsapps.net
corpsys-azp-test.test.spsc.io
corpsys-nav2-ecs.service.test.spsapps.net
corpsys-gainsight-ecs.service.test.spsapps.net
corpsys-opportunity-processing.service.test.spsapps.net
corpsys-opportunity-processing.test.spsc.io

Other certificates including the domain name spsapps.net

(limited to 100 certificates)
sps-tech-registry-api.internal.sharedservicesdev.spsapps.net
api.dc4-proxy-pull-service.preprod.spsapps.net
api.pa-supplier-configuration.spsapps.net
sps-tech-registry-api.internal.sharedservices.spsapps.net
*.analytics-portal.test.spsapps.net
*.dev.spsapps.net
nonprod-us-east-2-jarocki-4r5t.integration.api.sps-internal.com
*.1screen.spsapps.net
api.dc4-proxy-pull-service.spsapps.net
*.mna.spsapps.net
*.swp.dev.spsapps.net
*.analytics.stage.spsapps.net
*.swp.spsapps.net
*.messaging-service.stage.spsapps.net
api.dc4-proxy-pull-service.test.spsapps.net
*.data-engine-transformation.stage.spsapps.net
transaction-tracker-api.service.prod.spsapps.net
catalog-gateway.service.test.spsapps.net
*.stage.spsapps.net
cdk-hackathon-api.service.test.spsapps.net
api.dc4-proxy-pull-service.preprod.spsapps.net
*.analytics.dev.spsapps.net
*.analytics.spsapps.net
*.1screen.spsapps.net
api.data-engine-command-center.spsapps.net
*.paca-interaction.preprod.spsapps.net
nonprod-us-east-2-jarocki-4r5t.integration.api.spscommerce.com
weekend.internal.sharedservices.spsapps.net
bus.fulfillment.spsapps.net
*.service.preprod.spsapps.net
1screen-prospace-converter.service.prod.spsapps.net
api.template.test.spsapps.net
*.api.dev.spsapps.net
parcel-service-heartbeat.service.preprod.spsapps.net
*.1screen.dev.spsapps.net
api.dc4-proxy-receiver.dev.spsapps.net
api.dc4-proxy-pull-service.preprod.spsapps.net
fulfillment-edi-automation.test.spsapps.net
as2-admin-api.service.prod.spsapps.net
*.stage.spsapps.net
1screen-prospace-converter.service.prod.spsapps.net
fi-top.service.prod.spsapps.net
*.analytics-portal.preprod.spsapps.net
api.messaging-service.spsapps.net
*.stage.spsapps.net
opal.prod.spsc.io
bus.fulfillment.spsapps.net
bus.fulfillment.spsapps.net
fi-top.service.test.spsapps.net
fi-top.service.prod.spsapps.net
nexus-graphql.service.test.spsapps.net
fulfillment-edi-automation.test.spsapps.net
*.mna.test.spsapps.net
api.messaging-service.spsapps.net
*.template.test.spsapps.net
*.devcenter.spsapps.net
*.spsapps.net
analytics-portal-api.service.preprod.spsapps.net
svram.spsapps.net
api.dc4-proxy-receiver.spsapps.net
transaction-tracker-api.service.test.spsapps.net
*.swp.dev.spsapps.net
*.paca-interaction.preprod.spsapps.net
*.swp.spsapps.net
*.messaging-service.spsapps.net
*.mna.stage.spsapps.net
api.pa-supplier-configuration.spsapps.net
setup-migrator-2-api.service.test.spsapps.net
analytics-snowflake-api.service.test.spsapps.net
*.swp.spsapps.net
api.profile-service.prod.spsc.io
*.messaging-service.stage.spsapps.net
opal.prod.spsc.io
*.devcenter.spsapps.net
auth.test.spsapps.net
api.messaging-service.spsapps.net
analytics-snowflake-api.service.prod.spsapps.net
1screen-prospace-converter.service.prod.spsapps.net
bus.fulfillment.spsapps.net
api.data-engine-command-center.test.spsapps.net
transaction-tracker-api.service.test.spsapps.net
analytics-snowflake-api.service.test.spsapps.net
api.fulfillment.spsc.io
*.paca-interaction.dev.spsapps.net
api.template.test.spsapps.net
*.data-engine-transformation.test.spsapps.net
acknowledgement-service-api.service.prod.spsapps.net
parcel-timeout-service.service.test.spsapps.net
api.pa-supplier-configuration.spsapps.net
*.analytics.preprod.spsapps.net
holodeck-api.service.prod.spsapps.net
api.mna.test.spsapps.net
analytics-portal-api.service.preprod.spsapps.net
api.dc4-proxy-receiver.preprod.spsapps.net
api.data-engine-ecs-adapter.stage.spsapps.net
api.data-engine-file-collection.spsapps.net
*.paca-interaction.dev.spsapps.net
*.messaging-service.stage.spsapps.net
*.api.spsapps.net
*.analytics-portal.preprod.spsapps.net

Certificate

The complete raw certificate details for cdk-hackathon-api.service.test.spsapps.net in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGPjCCBSagAwIBAgIQB8IayOLQ/+Rr9hwg3UsJIzANBgkqhkiG9w0BAQsFADA8
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g
UlNBIDIwNDggTTAyMB4XDTIzMDYxMDAwMDAwMFoXDTI0MDcwODIzNTk1OVowNTEz
MDEGA1UEAxMqY2RrLWhhY2thdGhvbi1hcGkuc2VydmljZS50ZXN0LnNwc2FwcHMu
bmV0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAocx2biocjemgiZar
OWgQb0q5OOSBJMvRUy/2MkJ62k5meBsknnM7JhNHaoGobOJ9VP2k4kqlVyRXn7Zr
dyMs7gDNNrprNG9obkIpXSBlKPWr1IxMv451Tf7sbd1xpqO4gljlRXUxmGUU/iTU
bmDUn92904Zipw/rkFhRn1GT9LRSptOaV43WyXJZm6z3e57p/dV3ivA9hi7icfv/
l/rofyomLeiyLfv0RV1Rvq3QqsQMUdkQuatPy+zA+BdYy10PNLZs/ghb7ZuXA5UU
R8rwW+WbcnIS76Y+aaJTdpr8HWhRGjVDthcnQh1b0DtHwj6/YRLctjyxNTQ6gDyt
imlgdQIDAQABo4IDQTCCAz0wHwYDVR0jBBgwFoAUwDFSzVpQw4J8dHHOy+mc+Xrr
guIwHQYDVR0OBBYEFLJnxY22TmqkdJwbqmbpGE+Pdw7+MIIB3gYDVR0RBIIB1TCC
AdGCKmNkay1oYWNrYXRob24tYXBpLnNlcnZpY2UudGVzdC5zcHNhcHBzLm5ldIIx
Y29tbWVyY2UtdHJhbnNsYXRvci1yZXN0LnNlcnZpY2UudGVzdC5zcHNhcHBzLm5l
dII0Y29tbXMtbmV4dXMtaW50ZWdyYXRpb24tYXBpLnNlcnZpY2UudGVzdC5zcHNh
cHBzLm5ldIIvY29tcGFueS1hZ2dyZWdhdG9yLWFwaS5zZXJ2aWNlLnRlc3Quc3Bz
YXBwcy5uZXSCKWNvcnBzeXMtYXpwLXRlc3Quc2VydmljZS50ZXN0LnNwc2FwcHMu
bmV0gh1jb3Jwc3lzLWF6cC10ZXN0LnRlc3Quc3BzYy5pb4IpY29ycHN5cy1uYXYy
LWVjcy5zZXJ2aWNlLnRlc3Quc3BzYXBwcy5uZXSCLmNvcnBzeXMtZ2FpbnNpZ2h0
LWVjcy5zZXJ2aWNlLnRlc3Quc3BzYXBwcy5uZXSCN2NvcnBzeXMtb3Bwb3J0dW5p
dHktcHJvY2Vzc2luZy5zZXJ2aWNlLnRlc3Quc3BzYXBwcy5uZXSCK2NvcnBzeXMt
b3Bwb3J0dW5pdHktcHJvY2Vzc2luZy50ZXN0LnNwc2MuaW8wDgYDVR0PAQH/BAQD
AgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA7BgNVHR8ENDAyMDCg
LqAshipodHRwOi8vY3JsLnIybTAyLmFtYXpvbnRydXN0LmNvbS9yMm0wMi5jcmww
EwYDVR0gBAwwCjAIBgZngQwBAgEwdQYIKwYBBQUHAQEEaTBnMC0GCCsGAQUFBzAB
hiFodHRwOi8vb2NzcC5yMm0wMi5hbWF6b250cnVzdC5jb20wNgYIKwYBBQUHMAKG
Kmh0dHA6Ly9jcnQucjJtMDIuYW1hem9udHJ1c3QuY29tL3IybTAyLmNlcjAMBgNV
HRMBAf8EAjAAMBMGCisGAQQB1nkCBAMBAf8EAgUAMA0GCSqGSIb3DQEBCwUAA4IB
AQCvMXBnHhiAW9WOVe+vuW89SiqfTZwtaG4e6t4Q86TwytwgoBvKLCweHGepr66n
B4EPCqhYmJePv018ZfiIuDe8P18DC4NZc3q+HROr94QJucUHs6AEXvvgdVIovAuR
GXxarYvnl+sXhNi4tjtJ1cfUR125/yqau6UqBvgWxJxBgCgvdhonDhdNvoooRi3Y
PQr3HKJVt6BbXuOPXAafPYXfWROWQsWBFjhyX6eBuqDYmq2SNbRRyAMQcvME8XK3
iWEwE+cGNIpG0DJFAH7ydYVl7xlruhGDU7tDamHncojXsQ72CIDWgb8xYiK0rTur
pDXbTejiwaS29yx0lrpmpcp2
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAocx2biocjemgiZarOWgQ
b0q5OOSBJMvRUy/2MkJ62k5meBsknnM7JhNHaoGobOJ9VP2k4kqlVyRXn7ZrdyMs
7gDNNrprNG9obkIpXSBlKPWr1IxMv451Tf7sbd1xpqO4gljlRXUxmGUU/iTUbmDU
n92904Zipw/rkFhRn1GT9LRSptOaV43WyXJZm6z3e57p/dV3ivA9hi7icfv/l/ro
fyomLeiyLfv0RV1Rvq3QqsQMUdkQuatPy+zA+BdYy10PNLZs/ghb7ZuXA5UUR8rw
W+WbcnIS76Y+aaJTdpr8HWhRGjVDthcnQh1b0DtHwj6/YRLctjyxNTQ6gDytimlg
dQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 10312444819528642673754152346407602467
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-06-10 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-07-08 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'cdk-hackathon-api.service.test.spsapps.net'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20425191374478556372848453300048271984475548406333588578601903456325785848279732248044880295176976210094730141877506056004008017684211615500959648611707784256902581229783206196341022762979008035044207084055522253230514685021069397753675234386483869057894880055540060226936976999708241384105549650316582333527683586630005371039181346584316171170318084526036835235631941221916469747514530400085122060489810174706056530275635999465010148823503443325156304043741772538946663798024075282831191990378159018333757000376156434702799224110542476813672573053511125886830327042676374451172233005353931029600334081024490023247989
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							b267c58db64e6aa4749c1baa66e9184f8f770efe
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (469 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cdk-hackathon-api.service.test.spsapps.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'commerce-translator-rest.service.test.spsapps.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'comms-nexus-integration-api.service.test.spsapps.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'company-aggregator-api.service.test.spsapps.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'corpsys-azp-test.service.test.spsapps.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'corpsys-azp-test.test.spsc.io'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'corpsys-nav2-ecs.service.test.spsapps.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'corpsys-gainsight-ecs.service.test.spsapps.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'corpsys-opportunity-processing.service.test.spsapps.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'corpsys-opportunity-processing.test.spsc.io'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00af3170671e18805bd58e55efafb96f3d4a2a9f4d9c2d686e1eeade10f3a4f0cadc20a01bca2c2c1e1c67a9afaea707810f0aa85898978fbf4d7c65f888b837bc3f5f030b8359737abe1d13abf78409b9c507b3a0045efbe0755228bc0b91197c5aad8be797eb1784d8b8b63b49d5c7d4475db9ff2a9abba52a06f816c49c4180282f761a270e174dbe8a28462dd83d0af71ca255b7a05b5ee38f5c069f3d85df59139642c5811638725fa781baa0d89aad9235b451c8031072f304f172b789613013e706348a46d03245007ef2758565ef196bba118353bb436a61e77288d7b10ef60880d681bf316222b4ad3baba435db4de8e2c1a4b6f72c7496ba66a5ca76