aqt.mpsa.com

Issued by Amazon

About this certificate

This digital certificate with serial number 0c:9d:a9:40:28:f8:49:76:5e:61:8b:fc:70:7e:e7:e2 was issued on by Amazon.

With 6 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=aqt.mpsa.com

Amazon

Organization: Amazon
Organization unit: Server CA 1B
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 0c:9d:a9:40:28:f8:49:76:5e:61:8b:fc:70:7e:e7:e2
Serial Number (int): 16769359366713937370132377514119456738
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: 12:d3:6d:82:21:0a:cb:ad:cb:72:8c:13:0b:e7:db:6e:7b:61:a3:99
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0

Fingerprint (sha1): f7:09:b4:f7:11:ba:d8:f1:2f:0a:69:70:2c:c7:ff:24:1f:d8:bf:2b
Fingerprint (sha256): 1b:51:21:07:c2:b1:05:1d:8a:5d:32:27:52:a6:cc:46:5b:2b:3b:a7:49:a6:1b:d3:cf:e5:ea:3c:cf:01:fe:64

Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt

Revocation information

OCSP Server: http://ocsp.sca1b.amazontrust.com
CRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b.crl

Check the revocation status for certificate aqt.mpsa.com

6

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for aqt.mpsa.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

aqt.mpsa.com
*.development.aqt.mpsa.com
*.production.aqt.mpsa.com
*.recette.aqt.mpsa.com
*.preprod.aqt.mpsa.com
*.aqt.mpsa.com

Other certificates including the domain name mpsa.com

(limited to 100 certificates)
ican.mpsa.com
*.servicesgp.mpsa.com
*.jerome.mpsa.com
internetpcr.mpsa.com
*.auth.mpsa.com
e-invoice-test.services.mpsa.com
wapdev.mpsa.com
hybridexchsmtp.mpsa.com
*.servicesgp.mpsa.com
sip-hr.mpsa.com
sip-be.mpsa.com
sip-hr.mpsa.com
sip-be.mpsa.com
guest.mpsa.com
*.servicesgp.mpsa.com
sip-hr.mpsa.com
*.servicesgp.mpsa.com
wapprod.mpsa.com
hybridexchsmtp.mpsa.com
e-invoice-prod.services.mpsa.com
*.servicesgp.mpsa.com
sip-hr.mpsa.com
*.auth.mpsa.com
sip-be.mpsa.com
*.servicesgp.mpsa.com
sip-be.mpsa.com
*.servicesgp.mpsa.com
sip-hr.mpsa.com
*.servicesgp.mpsa.com
aqt.mpsa.com
*.mpsa.com
vpn-fr-preprod.mpsa.com
internetpcr.mpsa.com
*.mpsa.com
*.mpsa.com
*.mpsa.com
eu-est2-vpn.mpsa.com
sip-be.mpsa.com
dev.ucw.mpsa.com
guest.mpsa.com
wapprod.mpsa.com
wappreprod.mpsa.com
*.mpsa.com
idfed-preprod.mpsa.com
*.servicesgp.mpsa.com
sip-be.mpsa.com
preprod.ucw.mpsa.com
idfed.mpsa.com
e-invoice-prod.services.mpsa.com
sip-be.mpsa.com
sip.mpsa.com
guest.mpsa.com
*.auth.mpsa.com
*.mpsa.com
internetpcr.mpsa.com
Wappreprod.mpsa.com
testjerome.mpsa.com
itdealersupport.pre.mpsa.com
internetpcr.mpsa.com
wapprod.mpsa.com
ican.mpsa.com
sip-hr.mpsa.com
*.github.mpsa.com
*.mpsa.com
testDavid.mpsa.com
sip.mpsa.com
*.mpsa.com
mail1.mpsa.com
*.servicesgp.mpsa.com
ucw.mpsa.com
*.mpsa.com
guest.mpsa.com
internetpcr.mpsa.com
sip.mpsa.com
*.mpsa.com
sip-be.mpsa.com
fcagroup.com.br
e-invoice-prod.services.mpsa.com
wapprod.mpsa.com
sip-hr.mpsa.com
*.mpsa.com
*.testDavid.mpsa.com
sip.mpsa.com
sip-be.mpsa.com
wapprod.mpsa.com
*.servicesgp.mpsa.com
*.mpsa.com
guest.mpsa.com
e-invoice-prod.services.mpsa.com
sip-be.mpsa.com
*.github.mpsa.com
*.mpsa.com
psabox.mpsa.com
*.auth.mpsa.com
sip-be.mpsa.com
sip.mpsa.com
sip-hr.mpsa.com
mzppan03.mpsa.com
*.github.mpsa.com
wapdev.mpsa.com

Certificate

The complete raw certificate details for aqt.mpsa.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIF3DCCBMSgAwIBAgIQDJ2pQCj4SXZeYYv8cH7n4jANBgkqhkiG9w0BAQsFADBG
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg
Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0xOTA4MDgwMDAwMDBaFw0yMDA5MDgx
MjAwMDBaMBcxFTATBgNVBAMTDGFxdC5tcHNhLmNvbTCCASIwDQYJKoZIhvcNAQEB
BQADggEPADCCAQoCggEBAN+oawJ0bYgmhKK0zG/VFyXelC+J5ybe/ow+LL2arBtH
vai33HS+3FbCRVjXEfFu7WhmP1ww/5FaELq8aUPSWMngekxm7SegGsFkn6/CjZ3o
ZqFw5QU3oT8ijviXTZrqeBJaaYvWPSGrw0wS38Ry7zlocwPFH6c7mViC30MRdKpy
6zu8ZlYNSv+RYf5jCJRt0BA/q5iEEFCLDfpk/BNkrsY0aA6nS9jBHftQXm+7G0Ul
OG1Qo1TBOAy6eGooKdb9lwnMilywLrv+/QgskRXotBDRFoJ7H/6a2EArfZn1ihLk
i9tiE1oiym7jCyedYdJF2/SWuH3Ng45oVVhlhkYtJdECAwEAAaOCAvMwggLvMB8G
A1UdIwQYMBaAFFmkZgZSoHuVkjyjlAcnlnRb+T3QMB0GA1UdDgQWBBQS022CIQrL
rctyjBML59tue2GjmTCBkAYDVR0RBIGIMIGFggxhcXQubXBzYS5jb22CGiouZGV2
ZWxvcG1lbnQuYXF0Lm1wc2EuY29tghkqLnByb2R1Y3Rpb24uYXF0Lm1wc2EuY29t
ghYqLnJlY2V0dGUuYXF0Lm1wc2EuY29tghYqLnByZXByb2QuYXF0Lm1wc2EuY29t
gg4qLmFxdC5tcHNhLmNvbTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYB
BQUHAwEGCCsGAQUFBwMCMDsGA1UdHwQ0MDIwMKAuoCyGKmh0dHA6Ly9jcmwuc2Nh
MWIuYW1hem9udHJ1c3QuY29tL3NjYTFiLmNybDAgBgNVHSAEGTAXMAsGCWCGSAGG
/WwBAjAIBgZngQwBAgEwdQYIKwYBBQUHAQEEaTBnMC0GCCsGAQUFBzABhiFodHRw
Oi8vb2NzcC5zY2ExYi5hbWF6b250cnVzdC5jb20wNgYIKwYBBQUHMAKGKmh0dHA6
Ly9jcnQuc2NhMWIuYW1hem9udHJ1c3QuY29tL3NjYTFiLmNydDAMBgNVHRMBAf8E
AjAAMIIBBQYKKwYBBAHWeQIEAgSB9gSB8wDxAHcA7ku9t3XOYLrhQmkfq+GeZqMP
fl+wctiDAMR7iXqo/csAAAFscxgZswAABAMASDBGAiEAp0A20KUdYmHQJf5Ol2QW
mArn85uTJbGtjUpJh880NE8CIQCLweqoUEXpT1TPYhJOXEoMVLhAmQEr7ZlZNaHD
ewOqaQB2AId1v+dZfPiMQ5lfvfNu/1aNR1Y2/0q1YMG06v9eoIMPAAABbHMYGkAA
AAQDAEcwRQIgTBRtPd1ZVB2pPXLxkEgIx2JRgBRCxB032r70nOXVQJECIQCBPPKF
eHqOEPh9+cY5dLDbBGoLBwYhG1krNqXQyTvXnzANBgkqhkiG9w0BAQsFAAOCAQEA
RbP4cMJCRljdfkM09BWOiO4Q8PPR03D4KRcVeMdeUQiPwmRz55lnwSVaG3eJeADR
OIVTqVH6SKREM3DYuWvFPhX8Jc6wiJkcBivVfih9yZ648upB6/z7o9JfHwm0dGzJ
Iwc55YTvYJQMXi7grEtoQtbNZxdwXHYGHsr8xCczhUx9BS3VuU+nY6XB2lJMXdaa
LhTbpDLBDR+Kzw8t77SwkdVUaW5KhFfzRsHVgmSbWtVWJSkfdrJMoU2EnSn/olQ5
YUh0K+GyMcPyzCFUsZvjEbQscwE24G1GsahYSdqZc6U8AbUgqlM2FqO9pnolPhAL
C7H2gdbVsfIAvbknjOk2jA==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA36hrAnRtiCaEorTMb9UX
Jd6UL4nnJt7+jD4svZqsG0e9qLfcdL7cVsJFWNcR8W7taGY/XDD/kVoQurxpQ9JY
yeB6TGbtJ6AawWSfr8KNnehmoXDlBTehPyKO+JdNmup4Elppi9Y9IavDTBLfxHLv
OWhzA8UfpzuZWILfQxF0qnLrO7xmVg1K/5Fh/mMIlG3QED+rmIQQUIsN+mT8E2Su
xjRoDqdL2MEd+1Beb7sbRSU4bVCjVME4DLp4aigp1v2XCcyKXLAuu/79CCyRFei0
ENEWgnsf/prYQCt9mfWKEuSL22ITWiLKbuMLJ51h0kXb9Ja4fc2DjmhVWGWGRi0l
0QIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 16769359366713937370132377514119456738
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-08-08 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-09-08 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'aqt.mpsa.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 28234192021608270040924851082030940779225700103757942658490732433646549251814471357960542243370172754981733089914069608370571123334845071788009346562424121169399906969469865307930609658064018164061450870191177739232472579082891516672393380613209437639612991944755868483021431353225998346038784823577471428040618365525882626594536525836463873434618592010763026067673645690024888997777398717195682823955473820608465111463125054806221294729045688791689325294779298634754936645146154386038887156370476411908164087604771876619844971149417713653255344605556480831155870362903412384025077417115127785709021450970266598188497
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							12d36d82210acbadcb728c130be7db6e7b61a399
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (136 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'aqt.mpsa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.development.aqt.mpsa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.production.aqt.mpsa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.recette.aqt.mpsa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.preprod.aqt.mpsa.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.aqt.mpsa.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.2 (digiCertDVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes)
							00f1007700ee4bbdb775ce60bae142691fabe19e66a30f7e5fb072d88300c47b897aa8fdcb0000016c731819b30000040300483046022100a74036d0a51d6261d025fe4e976416980ae7f39b9325b1ad8d4a4987cf34344f0221008bc1eaa85045e94f54cf62124e5c4a0c54b84099012bed995935a1c37b03aa690076008775bfe7597cf88c43995fbdf36eff568d475636ff4ab560c1b4eaff5ea0830f0000016c73181a40000004030047304502204c146d3ddd59541da93d72f1904808c76251801442c41d37dabef49ce5d54091022100813cf285787a8e10f87df9c63974b0db046a0b0706211b592b36a5d0c93bd79f
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0045b3f870c2424658dd7e4334f4158e88ee10f0f3d1d370f829171578c75e51088fc26473e79967c1255a1b77897800d1388553a951fa48a4443370d8b96bc53e15fc25ceb088991c062bd57e287dc99eb8f2ea41ebfcfba3d25f1f09b4746cc9230739e584ef60940c5e2ee0ac4b6842d6cd6717705c76061ecafcc42733854c7d052dd5b94fa763a5c1da524c5dd69a2e14dba432c10d1f8acf0f2defb4b091d554696e4a8457f346c1d582649b5ad55625291f76b24ca14d849d29ffa254396148742be1b231c3f2cc2154b19be311b42c730136e06d46b1a85849da9973a53c01b520aa533616a3bda67a253e100b0bb1f681d6d5b1f200bdb9278ce9368c