ap-southeast-2.prodish.jwk.signin.aws

Issued by Amazon RSA 2048 M02

About this certificate

This digital certificate with serial number 05:07:ca:b3:b4:ca:4d:7b:b9:1e:06:46:ac:f3:a0:7c was issued on by Amazon.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=ap-southeast-2.prodish.jwk.signin.aws

Amazon

Organization: Amazon
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 05:07:ca:b3:b4:ca:4d:7b:b9:1e:06:46:ac:f3:a0:7c
Serial Number (int): 6686597341467221536572890904477802620
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: a1:51:7b:a4:71:ff:4d:7c:f7:f6:40:c4:77:c3:08:cc:5e:f0:5d:67
AuthorityKeyId: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2

Fingerprint (sha1): 30:41:be:22:27:12:c4:21:52:ca:d9:03:b8:8a:80:28:4b:00:90:b2
Fingerprint (sha256): 1c:ae:8c:84:65:c8:ca:25:41:7e:50:91:92:d8:66:d2:74:fe:38:32:f2:86:06:a0:f9:41:77:2c:b0:aa:2f:99

Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer

Revocation information

OCSP Server: http://ocsp.r2m02.amazontrust.com
CRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl

Check the revocation status for certificate ap-southeast-2.prodish.jwk.signin.aws

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for ap-southeast-2.prodish.jwk.signin.aws

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

ap-southeast-2.prodish.jwk.signin.aws

Other certificates including the domain name signin.aws

(limited to 100 certificates)
ap-east-1.signin.aws
ap-southeast-1.signin.aws
eu-central-1.signin.aws
eu-central-2.jwk.signin.aws
ap-southeast-4.prodish.jwk.signin.aws
ca-central-1.prodish.jwk.signin.aws
us-east-2.prodish.jwk.signin.aws
ap-east-1.alpha.dev.signin.aws
us-east-1.alpha.dev.signin.aws
eu-south-2.jwk.signin.aws
af-south-1.signin.aws
eu-north-1.jwk.signin.aws
eu-north-1.jwk.signin.aws
ap-northeast-2.prodish.signin.aws
ap-northeast-2.prodish.jwk.signin.aws
eu-north-1.jwk.signin.aws
ca-west-1.jwk.signin.aws
ap-south-2.jwk.signin.aws
eu-west-2.jwk.signin.aws
sa-east-1.jwk.signin.aws
eu-west-3.signin.aws
sa-east-1.signin.aws
credentials.beta.signin.aws
ap-northeast-2.signin.aws
eu-central-1.signin.aws
ap-south-2.prodish.jwk.signin.aws
us-west-2.alpha.dev.signin.aws
eu-west-3.signin.aws
ap-southeast-2.signin.aws
eu-west-1.prodish.jwk.signin.aws
eu-west-1.jwk.signin.aws
eu-south-2.prodish.signin.aws
ap-southeast-3.prodish.jwk.signin.aws
af-south-1.signin.aws
ca-central-1.signin.aws
us-east-2.prodish.signin.aws
us-west-1.prodish.jwk.signin.aws
eu-south-1.signin.aws
me-central-1.prodish.signin.aws
ap-southeast-3.prodish.signin.aws
ap-northeast-1.signin.aws
credentials.beta.signin.aws
ap-south-2.prodish.signin.aws
ca-central-1.prodish.signin.aws
us-east-1.signin.aws
eu-central-2.signin.aws
us-east-1.jwk.signin.aws
us-west-1.prodish.signin.aws
ap-southeast-1.jwk.signin.aws
eu-south-1.prodish.jwk.signin.aws
ap-south-2.prodish.signin.aws
eu-west-1.prodish.jwk.signin.aws
ca-central-1.prodish.jwk.signin.aws
ap-east-1.prodish.jwk.signin.aws
ap-southeast-2.jwk.signin.aws
ap-southeast-2.prodish.jwk.signin.aws
eu-central-2.signin.aws
ap-northeast-1.prodish.signin.aws
ap-northeast-1.jwk.signin.aws
ap-east-1.jwk.signin.aws
ca-central-1.signin.aws
ap-southeast-2.prodish.signin.aws
af-south-1.jwk.signin.aws
eu-south-1.prodish.jwk.signin.aws
eu-south-2.prodish.jwk.signin.aws
us-west-2.alpha.dev.signin.aws
eu-central-2.prodish.signin.aws
us-west-1.prodish.signin.aws
ap-northeast-1.prodish.jwk.signin.aws
eu-central-2.signin.aws
ap-south-2.jwk.signin.aws
us-east-1.alpha.dev.signin.aws
ca-central-1.signin.aws
us-west-2.jwk.signin.aws
us-west-2.signin.aws
eu-west-3.signin.aws
ap-southeast-2.prodish.jwk.signin.aws
ap-southeast-3.prodish.jwk.signin.aws
me-south-1.jwk.signin.aws
ap-southeast-3.signin.aws
eu-west-2.jwk.signin.aws
ap-southeast-1.jwk.signin.aws
us-east-1.prodish.jwk.signin.aws
eu-west-3.prodish.jwk.signin.aws
eu-west-1.signin.aws
me-south-1.prodish.jwk.signin.aws
us-west-1.signin.aws
ap-northeast-3.prodish.signin.aws
us-west-2.jwk.signin.aws
us-east-2.signin.aws
eu-north-1.prodish.signin.aws
us-east-2.jwk.signin.aws
ap-northeast-3.prodish.jwk.signin.aws
ap-south-1.signin.aws
us-east-2.prodish.signin.aws
ca-central-1.jwk.signin.aws
eu-west-3.prodish.signin.aws
us-east-1.signin.aws
me-central-1.prodish.signin.aws
eu-south-2.prodish.signin.aws

Certificate

The complete raw certificate details for ap-southeast-2.prodish.jwk.signin.aws in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIF9jCCBN6gAwIBAgIQBQfKs7TKTXu5HgZGrPOgfDANBgkqhkiG9w0BAQsFADA8
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g
UlNBIDIwNDggTTAyMB4XDTIzMDIxMDAwMDAwMFoXDTIzMTIxNTIzNTk1OVowMDEu
MCwGA1UEAxMlYXAtc291dGhlYXN0LTIucHJvZGlzaC5qd2suc2lnbmluLmF3czCC
ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALrk8sKNRaRfU2tyK3COR/pn
0YiCJYajVUvSvamxLJCEg0DhWGX8R0thZSmXw+AuW+bbvg5RqbzAu0h4mqTTJlby
sl8PLP+p/fo6u9RFKy8XHZ/NC2MHqvwmydwbdFXcNZd7oHWhUDTgtg3zLT8x9Nak
C3+9ruSHh1W29l6xT2szhhRwFC1aZlVtDicjzyHdCPhd2NCbuvf8SYoLpbQx13OA
3uszoG8ZL+TJmvRQ6KiK604EA5a+ZIo5f8khQWpLS52q36n76ar0FGsPOX/SoyhR
D/J2DIXU/Az4YHk6OPatONInrNXJfu9pAdl6jRLAfAwpDUkZmpppErElYcrBy2MC
AwEAAaOCAv4wggL6MB8GA1UdIwQYMBaAFMAxUs1aUMOCfHRxzsvpnPl664LiMB0G
A1UdDgQWBBShUXukcf9NfPf2QMR3wwjMXvBdZzAwBgNVHREEKTAngiVhcC1zb3V0
aGVhc3QtMi5wcm9kaXNoLmp3ay5zaWduaW4uYXdzMA4GA1UdDwEB/wQEAwIFoDAd
BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwOwYDVR0fBDQwMjAwoC6gLIYq
aHR0cDovL2NybC5yMm0wMi5hbWF6b250cnVzdC5jb20vcjJtMDIuY3JsMBMGA1Ud
IAQMMAowCAYGZ4EMAQIBMHUGCCsGAQUFBwEBBGkwZzAtBggrBgEFBQcwAYYhaHR0
cDovL29jc3AucjJtMDIuYW1hem9udHJ1c3QuY29tMDYGCCsGAQUFBzAChipodHRw
Oi8vY3J0LnIybTAyLmFtYXpvbnRydXN0LmNvbS9yMm0wMi5jZXIwDAYDVR0TAQH/
BAIwADCCAX4GCisGAQQB1nkCBAIEggFuBIIBagFoAHYA6D7Q2j71BjUy51covIlr
yQPTy9ERa+zraeF3fW0GvW4AAAGGO/VKeAAABAMARzBFAiEApq6JKqXi47sjNrPb
0/Owx+pGbVKZXnk5r408AuPA3oECICUeLSPf5GESrYooSoBn9+4Z14Vzkdb+ZzhK
Cut3t7QrAHYAs3N3B+GEUPhjhtYFqdwRCUp5LbFnDAuH3PADDnk2pZoAAAGGO/VK
ogAABAMARzBFAiBwE1VYA1KY5KQXZ7pySkyk88LRvNIFCLezCvrrQnrphQIhALFn
eUgq0hdXnhoqZ8/MTGxKrHGi23elFAK2fOxr0QxeAHYAtz77JN+cTbp18jnFulj0
bF38Qs96nzXEnh0JgSXttJkAAAGGO/VKcAAABAMARzBFAiEAumn+vDSLXy2odXPR
HnFtcef/fBRJTJjbm8/jGb6W1aoCIH5pwivoiS9m7Pz0L/cTHQgbnQjiLPUx5z06
yZ0rrABFMA0GCSqGSIb3DQEBCwUAA4IBAQBRQYXaPNewI7fJp1EI4Rpf0lSKNKg7
fmIqILHhEpSQvfXJQwVtdklB1emWvxYGF5G6+Hp3nLOoeUCSc14qy/m8i2Io63hl
vLtz2DdfmTSS0Ka6tbgKpfN63ggoJ34fqkWucDey1EISwzZzvZxH/oJmaEORm3+p
BXMAAxiWcuDS3pvY9CQGmF/Jk+xhnrlHu4uIRvC06KzuDwMMRn08LiyHvt4+Rrmp
JS62pjwclH1tvSEHuU7YZRKI1A9yIYHQqx0283p2FR7JL8OedcJwmlj94xXJa+/c
j35N3EFTx/Ym3x4IhS5Vrk049qt8tzn67CYUEdg65oa4KgOULPgoe9Le
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuuTywo1FpF9Ta3IrcI5H
+mfRiIIlhqNVS9K9qbEskISDQOFYZfxHS2FlKZfD4C5b5tu+DlGpvMC7SHiapNMm
VvKyXw8s/6n9+jq71EUrLxcdn80LYweq/CbJ3Bt0Vdw1l3ugdaFQNOC2DfMtPzH0
1qQLf72u5IeHVbb2XrFPazOGFHAULVpmVW0OJyPPId0I+F3Y0Ju69/xJigultDHX
c4De6zOgbxkv5Mma9FDoqIrrTgQDlr5kijl/ySFBaktLnarfqfvpqvQUaw85f9Kj
KFEP8nYMhdT8DPhgeTo49q040ies1cl+72kB2XqNEsB8DCkNSRmammkSsSVhysHL
YwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 6686597341467221536572890904477802620
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-02-10 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-15 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'ap-southeast-2.prodish.jwk.signin.aws'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23593223328898551525149292583063315412935546230382448299017609460964979113047353967154706226084100038958221120150576679439475654563510472475102201868044975779200321438647551437385307827470529552361067394330576356920052867741971223005025598248104374763568777817980427968401490560223381998180799221309229083884625162823982601128568498219183867246648952845591845408844867227082316068601874986537386032426455715763709913427147882233026869286114954593371683190317539090561854005903476712630931961789044651300400488196251491037623276452936650289998881134582907356813634849928161634222194364737044981795741214235545007410019
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							a1517ba471ff4d7cf7f640c477c308cc5ef05d67
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (41 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ap-southeast-2.prodish.jwk.signin.aws'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes)
							0168007600e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e000001863bf54a780000040300473045022100a6ae892aa5e2e3bb2336b3dbd3f3b0c7ea466d52995e7939af8d3c02e3c0de810220251e2d23dfe46112ad8a284a8067f7ee19d7857391d6fe67384a0aeb77b7b42b007600b3737707e18450f86386d605a9dc11094a792db1670c0b87dcf0030e7936a59a000001863bf54aa20000040300473045022070135558035298e4a41767ba724a4ca4f3c2d1bcd20508b7b30afaeb427ae985022100b16779482ad217579e1a2a67cfcc4c6c4aac71a2db77a51402b67cec6bd10c5e007600b73efb24df9c4dba75f239c5ba58f46c5dfc42cf7a9f35c49e1d098125edb499000001863bf54a700000040300473045022100ba69febc348b5f2da87573d11e716d71e7ff7c14494c98db9bcfe319be96d5aa02207e69c22be8892f66ecfcf42ff7131d081b9d08e22cf531e73d3ac99d2bac0045
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00514185da3cd7b023b7c9a75108e11a5fd2548a34a83b7e622a20b1e1129490bdf5c943056d764941d5e996bf16061791baf87a779cb3a8794092735e2acbf9bc8b6228eb7865bcbb73d8375f993492d0a6bab5b80aa5f37ade0828277e1faa45ae7037b2d44212c33673bd9c47fe82666843919b7fa905730003189672e0d2de9bd8f42406985fc993ec619eb947bb8b8846f0b4e8acee0f030c467d3c2e2c87bede3e46b9a9252eb6a63c1c947d6dbd2107b94ed8651288d40f722181d0ab1d36f37a76151ec92fc39e75c2709a58fde315c96befdc8f7e4ddc4153c7f626df1e08852e55ae4d38f6ab7cb739faec261411d83ae686b82a03942cf8287bd2de