origin.aji.production.k2.m1.brightspot.cloud
Issued by Amazon RSA 2048 M02
About this certificate
This digital certificate with serial number 04:1a:77:a3:f5:39:10:84:c2:bd:ff:27:f5:2d:d5:20 was issued on by Amazon.
With 14 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=origin.aji.production.k2.m1.brightspot.cloud
Amazon
Organization:
Amazon
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 04:1a:77:a3:f5:39:10:84:c2:bd:ff:27:f5:2d:d5:20Serial Number (int): 5454338298287707568638670521800447264
Serial Number lenght: 123 bits, 16 octets
SubjectKeyId: bc:79:e0:d6:4a:a1:62:34:cd:2b:e2:1a:d6:a2:20:71:bc:52:94:67
AuthorityKeyId: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2
Fingerprint (sha1): fa:f6:9e:5a:f7:60:9b:0e:ed:d3:3d:cf:28:63:b6:af:31:22:2c:f9
Fingerprint (sha256): 1d:1f:18:ed:71:83:d7:58:ec:b4:6d:9b:95:b6:8c:21:e6:cc:96:71:2c:56:4f:af:e1:ef:5d:56:3f:51:f5:d3
Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer
Revocation information
OCSP Server: http://ocsp.r2m02.amazontrust.comCRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl
Check the revocation status for certificate origin.aji.production.k2.m1.brightspot.cloud
14
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for origin.aji.production.k2.m1.brightspot.cloud
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
origin.aji.production.k2.m1.brightspot.cloud
static.aji.production.k2.m1.brightspot.cloud
verify.cms.aji.production.k2.m1.brightspot.cloud
*.origin.aji.production.k2.m1.brightspot.cloud
notus.news
notus.org
aji.production.k2.m1.brightspot.cloud
static.notus.org
*.cms.aji.production.k2.m1.brightspot.cloud
cms.notus.org
*.aji.production.k2.m1.brightspot.cloud
verify.origin.aji.production.k2.m1.brightspot.cloud
cms.aji.production.k2.m1.brightspot.cloud
www.notus.org
static.aji.production.k2.m1.brightspot.cloud
verify.cms.aji.production.k2.m1.brightspot.cloud
*.origin.aji.production.k2.m1.brightspot.cloud
notus.news
notus.org
aji.production.k2.m1.brightspot.cloud
static.notus.org
*.cms.aji.production.k2.m1.brightspot.cloud
cms.notus.org
*.aji.production.k2.m1.brightspot.cloud
verify.origin.aji.production.k2.m1.brightspot.cloud
cms.aji.production.k2.m1.brightspot.cloud
www.notus.org
Other certificates including the domain name brightspot.cloud
(limited to 100 certificates)
cst-qa.lower.chorus.brightspot.cloud
origin.ser.production.k1.amazon.brightspot.cloud
origin.uat.lower.google-marketing.brightspot.cloud
entertainment.production.k1.amazon.brightspot.cloud
origin.relay-qa.lower.k1.amazon.brightspot.cloud
biospace-qa.lower.k1.m1.brightspot.cloud
origin.kpbs.kpbs.production.k3.m1.brightspot.cloud
cms.6amcity.com
origin.ajga-uat.ajga.lower.k1.m1.brightspot.cloud
amazon-hvh.lower.k3.m1.brightspot.cloud
static.amazon-hvh.lower.k3.m1.brightspot.cloud
origin.acertus.production.k1.m1.brightspot.cloud
origin.cst-web.production.chorus.brightspot.cloud
origin.web.production.projectm.brightspot.cloud
origin.medtech.production.jnj.brightspot.cloud
origin.web.production.hca.brightspot.cloud
intsys.inter-systems.production.k2.m1.brightspot.cloud
origin.wwe-prod.production.k2.m1.brightspot.cloud
origin.jobs.production.amazon-jobs.brightspot.cloud
origin.berlin-2023-qa.berlin-2023.lower.k2.m1.brightspot.cloud
www.nbcsportsathletedirect.com
static.church-qa.church.lower.church.brightspot.cloud
origin.epe-uat.epe.lower.k2.m1.brightspot.cloud
lehigh-v.lehigh-valley.production.k1.m1.brightspot.cloud
origin.pitchbook-uat.lower.k2.m1.brightspot.cloud
fastmarkets.com
origin.deseret.production.chorus.brightspot.cloud
static.lexipol.lower.k1.m1.brightspot.cloud
origin.web.production.hca.brightspot.cloud
static.bwater-uat.bridgewater.lower.k2.m1.brightspot.cloud
static.farm-journal-qa.lower.k1.m1.brightspot.cloud
origin.web.production.hca.brightspot.cloud
origin.web.production.teaching-strategies.brightspot.cloud
origin.thecity.production.chorus.brightspot.cloud
origin.intsys.inter-systems.production.k2.m1.brightspot.cloud
amazon-last-mile.lower.k3.m1.brightspot.cloud
origin.vpm.production.k1.m1.brightspot.cloud
origin.foods.wholefoods.production.k1.amazon.brightspot.cloud
static.biospace.production.k1.m1.brightspot.cloud
bsp.elpais.com.uy
origin.vpm.production.k1.m1.brightspot.cloud
origin.carrick.production.k1.m1.brightspot.cloud
cms.6amcity.com
static.timothy-shriver-prod.production.k1.m1.brightspot.cloud
origin.chalkbeat.production.chorus.brightspot.cloud
origin.berlin-2023.berlin-2023.production.k2.m1.brightspot.cloud
acertus-qa.lower.k1.m1.brightspot.cloud
cms.6amcity.com
cms.6amcity.com
origin.marriott-news.production.k1.m1.brightspot.cloud
origin.ei.energy-intelligence.production.k1.m1.brightspot.cloud
origin.thecity.production.chorus.brightspot.cloud
origin.lehigh-v.lehigh-valley.production.k1.m1.brightspot.cloud
static.uat.lower.dispatch-health.brightspot.cloud
*.dispatchhealth.com
origin.chopra.chopra.production.k2.m1.brightspot.cloud
origin.web.production.hca.brightspot.cloud
static.uat.lower.amazon-sell.brightspot.cloud
static.notmusa.production.k3.m1.brightspot.cloud
static.aarp-states-uat.aarp.lower.k1.m1.brightspot.cloud
science-qa2.topics.lower.k1.amazon.brightspot.cloud
origin.im-qa.lower.jnj.brightspot.cloud
origin.uat.lower.dispatch-health.brightspot.cloud
sixam-city-uat.lower.k1.m1.brightspot.cloud
origin.rfdtv.k1.go.brightspot.cloud
static.web.production.forum-communications.brightspot.cloud
static.gbh.production.k1.m1.brightspot.cloud
origin.aji.production.k2.m1.brightspot.cloud
origin.notmusa.production.k3.m1.brightspot.cloud
origin.usnews-uat.lower.usnews.brightspot.cloud
verify.origin.prod-news.production.ap.brightspot.cloud
mattress-uat.mattress-firm.lower.k2.m1.brightspot.cloud
origin.qa-migration.lower.el-pais.brightspot.cloud
castle-qa.castle-connolly.lower.k2.m1.brightspot.cloud
origin.qa.lower.google-marketing.brightspot.cloud
sustainability.production.k1.amazon.brightspot.cloud
static.uat.lower.google-marketing.brightspot.cloud
origin.in-investor-qa2.lower.k2.m1.brightspot.cloud
static.acertus.production.k1.m1.brightspot.cloud
origin.lexis.production.ln-production.brightspot.cloud
origin.deseret-qa2.lower.chorus.brightspot.cloud
static.pay.production.k1.amazon.brightspot.cloud
origin.cst-web.production.chorus.brightspot.cloud
origin.lehigh-v.lehigh-valley.production.k1.m1.brightspot.cloud
origin.church-qa.church.lower.church.brightspot.cloud
static.epe.epe.production.k2.m1.brightspot.cloud
origin.pay.production.k1.amazon.brightspot.cloud
origin.sixam-city.production.k1.m1.brightspot.cloud
origin.realtymogul.k1.go.brightspot.cloud
epe-uat.epe.lower.k2.m1.brightspot.cloud
origin.web.production.projectm.brightspot.cloud
origin.farm-journal.production.k1.m1.brightspot.cloud
origin.torridon.production.k2.m1.brightspot.cloud
origin.church-perf.church.lower.church.brightspot.cloud
brightspot-design.brightspotcdn.com
costar-qa.costar.lower.k1.m1.brightspot.cloud
origin.cst-web.production.chorus.brightspot.cloud
fastmarkets.com
costar-uat.costar.lower.k1.m1.brightspot.cloud
origin.web.production.forum-communications.brightspot.cloud
origin.ser.production.k1.amazon.brightspot.cloud
origin.uat.lower.google-marketing.brightspot.cloud
entertainment.production.k1.amazon.brightspot.cloud
origin.relay-qa.lower.k1.amazon.brightspot.cloud
biospace-qa.lower.k1.m1.brightspot.cloud
origin.kpbs.kpbs.production.k3.m1.brightspot.cloud
cms.6amcity.com
origin.ajga-uat.ajga.lower.k1.m1.brightspot.cloud
amazon-hvh.lower.k3.m1.brightspot.cloud
static.amazon-hvh.lower.k3.m1.brightspot.cloud
origin.acertus.production.k1.m1.brightspot.cloud
origin.cst-web.production.chorus.brightspot.cloud
origin.web.production.projectm.brightspot.cloud
origin.medtech.production.jnj.brightspot.cloud
origin.web.production.hca.brightspot.cloud
intsys.inter-systems.production.k2.m1.brightspot.cloud
origin.wwe-prod.production.k2.m1.brightspot.cloud
origin.jobs.production.amazon-jobs.brightspot.cloud
origin.berlin-2023-qa.berlin-2023.lower.k2.m1.brightspot.cloud
www.nbcsportsathletedirect.com
static.church-qa.church.lower.church.brightspot.cloud
origin.epe-uat.epe.lower.k2.m1.brightspot.cloud
lehigh-v.lehigh-valley.production.k1.m1.brightspot.cloud
origin.pitchbook-uat.lower.k2.m1.brightspot.cloud
fastmarkets.com
origin.deseret.production.chorus.brightspot.cloud
static.lexipol.lower.k1.m1.brightspot.cloud
origin.web.production.hca.brightspot.cloud
static.bwater-uat.bridgewater.lower.k2.m1.brightspot.cloud
static.farm-journal-qa.lower.k1.m1.brightspot.cloud
origin.web.production.hca.brightspot.cloud
origin.web.production.teaching-strategies.brightspot.cloud
origin.thecity.production.chorus.brightspot.cloud
origin.intsys.inter-systems.production.k2.m1.brightspot.cloud
amazon-last-mile.lower.k3.m1.brightspot.cloud
origin.vpm.production.k1.m1.brightspot.cloud
origin.foods.wholefoods.production.k1.amazon.brightspot.cloud
static.biospace.production.k1.m1.brightspot.cloud
bsp.elpais.com.uy
origin.vpm.production.k1.m1.brightspot.cloud
origin.carrick.production.k1.m1.brightspot.cloud
cms.6amcity.com
static.timothy-shriver-prod.production.k1.m1.brightspot.cloud
origin.chalkbeat.production.chorus.brightspot.cloud
origin.berlin-2023.berlin-2023.production.k2.m1.brightspot.cloud
acertus-qa.lower.k1.m1.brightspot.cloud
cms.6amcity.com
cms.6amcity.com
origin.marriott-news.production.k1.m1.brightspot.cloud
origin.ei.energy-intelligence.production.k1.m1.brightspot.cloud
origin.thecity.production.chorus.brightspot.cloud
origin.lehigh-v.lehigh-valley.production.k1.m1.brightspot.cloud
static.uat.lower.dispatch-health.brightspot.cloud
*.dispatchhealth.com
origin.chopra.chopra.production.k2.m1.brightspot.cloud
origin.web.production.hca.brightspot.cloud
static.uat.lower.amazon-sell.brightspot.cloud
static.notmusa.production.k3.m1.brightspot.cloud
static.aarp-states-uat.aarp.lower.k1.m1.brightspot.cloud
science-qa2.topics.lower.k1.amazon.brightspot.cloud
origin.im-qa.lower.jnj.brightspot.cloud
origin.uat.lower.dispatch-health.brightspot.cloud
sixam-city-uat.lower.k1.m1.brightspot.cloud
origin.rfdtv.k1.go.brightspot.cloud
static.web.production.forum-communications.brightspot.cloud
static.gbh.production.k1.m1.brightspot.cloud
origin.aji.production.k2.m1.brightspot.cloud
origin.notmusa.production.k3.m1.brightspot.cloud
origin.usnews-uat.lower.usnews.brightspot.cloud
verify.origin.prod-news.production.ap.brightspot.cloud
mattress-uat.mattress-firm.lower.k2.m1.brightspot.cloud
origin.qa-migration.lower.el-pais.brightspot.cloud
castle-qa.castle-connolly.lower.k2.m1.brightspot.cloud
origin.qa.lower.google-marketing.brightspot.cloud
sustainability.production.k1.amazon.brightspot.cloud
static.uat.lower.google-marketing.brightspot.cloud
origin.in-investor-qa2.lower.k2.m1.brightspot.cloud
static.acertus.production.k1.m1.brightspot.cloud
origin.lexis.production.ln-production.brightspot.cloud
origin.deseret-qa2.lower.chorus.brightspot.cloud
static.pay.production.k1.amazon.brightspot.cloud
origin.cst-web.production.chorus.brightspot.cloud
origin.lehigh-v.lehigh-valley.production.k1.m1.brightspot.cloud
origin.church-qa.church.lower.church.brightspot.cloud
static.epe.epe.production.k2.m1.brightspot.cloud
origin.pay.production.k1.amazon.brightspot.cloud
origin.sixam-city.production.k1.m1.brightspot.cloud
origin.realtymogul.k1.go.brightspot.cloud
epe-uat.epe.lower.k2.m1.brightspot.cloud
origin.web.production.projectm.brightspot.cloud
origin.farm-journal.production.k1.m1.brightspot.cloud
origin.torridon.production.k2.m1.brightspot.cloud
origin.church-perf.church.lower.church.brightspot.cloud
brightspot-design.brightspotcdn.com
costar-qa.costar.lower.k1.m1.brightspot.cloud
origin.cst-web.production.chorus.brightspot.cloud
fastmarkets.com
costar-uat.costar.lower.k1.m1.brightspot.cloud
origin.web.production.forum-communications.brightspot.cloud
Certificate
The complete raw certificate details for origin.aji.production.k2.m1.brightspot.cloud in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHvTCCBqWgAwIBAgIQBBp3o/U5EITCvf8n9S3VIDANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAyMB4XDTIzMTIwNTAwMDAwMFoXDTI1MDEwMjIzNTk1OVowNzE1 MDMGA1UEAxMsb3JpZ2luLmFqaS5wcm9kdWN0aW9uLmsyLm0xLmJyaWdodHNwb3Qu Y2xvdWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPmTJhiMqCNZk9 KDSIn4MsT6l3umrqdXPfM/v6AaTSwkD6Zj8adPXgEnwAWuMvUZEVzBS62JOZyaeb fSShO78KdZ4IWb2vTZAXjUpSoX0CQtSSv7cVIGeKS2aFtEr6pN891e9a2wSZR2Ac GSeQizkOnW7tRLbTHeOqu6eQnnT0zKmwbf0Pnqef+KAFCDbad9Uq/B77jmzy28gv cg0KHtVcO5u68XOI9qiPb6dxctMXkhnrqhnjVQNWFrdMvwGbYdFnD+VVbRiFaGA4 WvaMbiIcwnFA5AdbUmN/3eXBpnggIpAKUqWWuXrhmwNXQDRUpZ+tSe1hRHZ+QNbr NkP8NliRAgMBAAGjggS+MIIEujAfBgNVHSMEGDAWgBTAMVLNWlDDgnx0cc7L6Zz5 euuC4jAdBgNVHQ4EFgQUvHng1kqhYjTNK+Ia1qIgcbxSlGcwggHvBgNVHREEggHm MIIB4oIsb3JpZ2luLmFqaS5wcm9kdWN0aW9uLmsyLm0xLmJyaWdodHNwb3QuY2xv dWSCLHN0YXRpYy5hamkucHJvZHVjdGlvbi5rMi5tMS5icmlnaHRzcG90LmNsb3Vk gjB2ZXJpZnkuY21zLmFqaS5wcm9kdWN0aW9uLmsyLm0xLmJyaWdodHNwb3QuY2xv dWSCLioub3JpZ2luLmFqaS5wcm9kdWN0aW9uLmsyLm0xLmJyaWdodHNwb3QuY2xv dWSCCm5vdHVzLm5ld3OCCW5vdHVzLm9yZ4IlYWppLnByb2R1Y3Rpb24uazIubTEu YnJpZ2h0c3BvdC5jbG91ZIIQc3RhdGljLm5vdHVzLm9yZ4IrKi5jbXMuYWppLnBy b2R1Y3Rpb24uazIubTEuYnJpZ2h0c3BvdC5jbG91ZIINY21zLm5vdHVzLm9yZ4In Ki5hamkucHJvZHVjdGlvbi5rMi5tMS5icmlnaHRzcG90LmNsb3VkgjN2ZXJpZnku b3JpZ2luLmFqaS5wcm9kdWN0aW9uLmsyLm0xLmJyaWdodHNwb3QuY2xvdWSCKWNt cy5hamkucHJvZHVjdGlvbi5rMi5tMS5icmlnaHRzcG90LmNsb3Vkgg13d3cubm90 dXMub3JnMBMGA1UdIAQMMAowCAYGZ4EMAQIBMA4GA1UdDwEB/wQEAwIFoDAdBgNV HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwOwYDVR0fBDQwMjAwoC6gLIYqaHR0 cDovL2NybC5yMm0wMi5hbWF6b250cnVzdC5jb20vcjJtMDIuY3JsMHUGCCsGAQUF BwEBBGkwZzAtBggrBgEFBQcwAYYhaHR0cDovL29jc3AucjJtMDIuYW1hem9udHJ1 c3QuY29tMDYGCCsGAQUFBzAChipodHRwOi8vY3J0LnIybTAyLmFtYXpvbnRydXN0 LmNvbS9yMm0wMi5jZXIwDAYDVR0TAQH/BAIwADCCAX0GCisGAQQB1nkCBAIEggFt BIIBaQFnAHYATnWjJ1yaEMM4W2zU3z9S6x3w4I4bjWnAsfpksWKaOd8AAAGMOYW0 lwAABAMARzBFAiBjuhGSo/3A2ZqNgu2Bd0Cdf10fxTHf+aCKwOO93bbRUQIhALz1 q/B2PIPzWu0Hn8t2mraEvvJGqZj/ot5EUtzHgnzFAHYAPxdLT9ciR1iUHWUchL4N Eu2QN38fhWrrwb8ohez4ZG4AAAGMOYW0gwAABAMARzBFAiATwa9lE7rzLzgGeBRY fDnSCOd9t92LsKt64FzfQyjWnwIhAIPJ4/pHpYZVCm7JWu7xG6PIpHzq4TZHxB/c R0fVAUdaAHUAfVkeEuF4KnscYWd8Xv340IdcFKBOlZ65Ay/ZDowuebgAAAGMOYW0 XwAABAMARjBEAiBqjzTyYqnXBUuAwqEEDkuQ0CDFj4T/DTSfMTxmogujYwIgZhnC lkbekZRkz1CgjlSE1lMP2d6vhp+HWsPKSVr0C+swDQYJKoZIhvcNAQELBQADggEB AIz7AT+yGCf/guQ1H9tlaaKMUBefS3y4Q0vQnLQnNZObBfgCW42ium2mpHUw/gsI hlhqCmVLaZuCy6VbeLEwQTqJfHTcNAJVfO/8VtrTFUCng1uJ/SMPPycT4Qah1r7m RTpB0l4WTzlYYXd/HtM3ROQd3LO6OjSJ9poRg9V1uBsymqCkpL7yHrv3pekyiMt7 R4N+sUSuYexk+wgBGq7UQD4TnapCCSUSR2QizY5HK+nckHlKDBIWJqH9/fNYY2SD ENwIuqtuaGghWRyNDa0mzvJs1weLNUxM1ExXLJamP6jACAdnaCW1+A6AqH/STD+F iKd1HbQX//R3XG5AUJ7mUaM= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz5kyYYjKgjWZPSg0iJ+D LE+pd7pq6nVz3zP7+gGk0sJA+mY/GnT14BJ8AFrjL1GRFcwUutiTmcmnm30koTu/ CnWeCFm9r02QF41KUqF9AkLUkr+3FSBniktmhbRK+qTfPdXvWtsEmUdgHBknkIs5 Dp1u7US20x3jqrunkJ509MypsG39D56nn/igBQg22nfVKvwe+45s8tvIL3INCh7V XDubuvFziPaoj2+ncXLTF5IZ66oZ41UDVha3TL8Bm2HRZw/lVW0YhWhgOFr2jG4i HMJxQOQHW1Jjf93lwaZ4ICKQClKllrl64ZsDV0A0VKWfrUntYUR2fkDW6zZD/DZY kQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 5454338298287707568638670521800447264 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-05 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-02 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'origin.aji.production.k2.m1.brightspot.cloud' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26206873285996206962174943974718767016357368134975534848794079537843123570610691535969294965604075655147158831589671256168587285705255861120881997019256891002092667026900337738229608253767521683375600047123335109981080600297691917718892832598403853121193942428046180573849672298555073409329029114421836191453065594298202508309772591723123477203241008654417422887208085847360085523637335510498376483752779739904271650533073230180234585006724673464450702960262438232445726277614989742331495200327041766440751636531737380341458434402580864309663223913883784838916342851349452982345546680442192135422392094923442789701777 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) bc79e0d64aa16234cd2be21ad6a22071bc529467 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (486 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'origin.aji.production.k2.m1.brightspot.cloud' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'static.aji.production.k2.m1.brightspot.cloud' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'verify.cms.aji.production.k2.m1.brightspot.cloud' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.origin.aji.production.k2.m1.brightspot.cloud' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'notus.news' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'notus.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'aji.production.k2.m1.brightspot.cloud' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'static.notus.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.cms.aji.production.k2.m1.brightspot.cloud' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cms.notus.org' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.aji.production.k2.m1.brightspot.cloud' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'verify.origin.aji.production.k2.m1.brightspot.cloud' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cms.aji.production.k2.m1.brightspot.cloud' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.notus.org' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes) 01670076004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018c3985b4970000040300473045022063ba1192a3fdc0d99a8d82ed8177409d7f5d1fc531dff9a08ac0e3bdddb6d151022100bcf5abf0763c83f35aed079fcb769ab684bef246a998ffa2de4452dcc7827cc50076003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e0000018c3985b4830000040300473045022013c1af6513baf32f38067814587c39d208e77db7dd8bb0ab7ae05cdf4328d69f02210083c9e3fa47a586550a6ec95aeef11ba3c8a47ceae13647c41fdc4747d501475a0075007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b80000018c3985b45f000004030046304402206a8f34f262a9d7054b80c2a1040e4b90d020c58f84ff0d349f313c66a20ba36302206619c29646de919464cf50a08e5484d6530fd9deaf869f875ac3ca495af40beb . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 008cfb013fb21827ff82e4351fdb6569a28c50179f4b7cb8434bd09cb42735939b05f8025b8da2ba6da6a47530fe0b0886586a0a654b699b82cba55b78b130413a897c74dc3402557ceffc56dad31540a7835b89fd230f3f2713e106a1d6bee6453a41d25e164f395861777f1ed33744e41ddcb3ba3a3489f69a1183d575b81b329aa0a4a4bef21ebbf7a5e93288cb7b47837eb144ae61ec64fb08011aaed4403e139daa42092512476422cd8e472be9dc90794a0c121626a1fdfdf35863648310dc08baab6e686821591c8d0dad26cef26cd7078b354c4cd44c572c96a63fa8c00807676825b5f80e80a87fd24c3f8588a7751db417fff4775c6e40509ee651a3