photos.amazon.jp

Issued by Amazon

About this certificate

This digital certificate with serial number 0f:67:84:39:f5:a9:cb:ca:5a:e9:0c:6c:4c:36:8f:93 was issued on by Amazon.

With 5 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=photos.amazon.jp

Amazon

Organization: Amazon
Organization unit: Server CA 1B
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 0f:67:84:39:f5:a9:cb:ca:5a:e9:0c:6c:4c:36:8f:93
Serial Number (int): 20475908383304868915792471282956013459
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: f8:9a:36:25:f2:ed:5e:1c:b4:cb:46:2e:44:44:29:48:0e:ae:ed:17
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0

Fingerprint (sha1): e3:42:27:a4:63:50:8e:0c:38:d9:74:0c:d1:72:6d:d8:1d:1d:7f:c5
Fingerprint (sha256): 1f:17:85:b2:d3:70:d9:20:6a:f0:68:4a:ed:de:af:8b:70:9a:bb:02:12:26:45:74:d0:1e:a4:17:6e:58:79:5d

Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt

Revocation information

OCSP Server: http://ocsp.sca1b.amazontrust.com
CRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b-1.crl

Check the revocation status for certificate photos.amazon.jp

5

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for photos.amazon.jp

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

photos.amazon.jp
photos.amazon.com.au
photos.amazon.co.jp
photos-internal.aka.amazon.co.jp
photos-internal.aka.amazon.com.au

Other certificates including the domain name amazon.jp

(limited to 100 certificates)
*.peg.a2z.com
nonprofitcentral.amazon.com
dl.amazon.co.jp
aeswidget.amazon.jp
*.peg.a2z.com
amazonux.com
membership.amazon.com
www.amazon.co.jp
aeswidget.amazon.jp
*.peg.a2z.com
www.amazon.co.jp
*.peg.a2z.com
dpreview.in
www.amazon.co.jp
*.peg.a2z.com
membership.amazon.com
*.peg.a2z.com
amazonux.com
*.peg.a2z.com
www.amazon.co.jp
payments.amazon.co.jp
*.peg.a2z.com
pay-api.amazon.jp
dl.amazon.co.jp
credential-locker-service.amazon.jp
*.peg.a2z.com
www.amazonmusic.com
photos.amazon.jp
physicalstoretech.amazon.jp
jobfinder.amazon.com
relay.amazon.jp
*.peg.a2z.com
www.amazon.co.jp
www.amazonmusic.com
aeswidget.amazon.jp
api.relay.amazon.jp
forecasting-fe.amazon.com
dl.amazon.co.jp
photos.amazon.jp
aeswidget.amazon.jp
dl.amazon.co.jp
membership.amazon.com
www.amazon.co.jp
sdu.amazon.jp
www.amazon.co.jp
dl.amazon.co.jp
payments.amazon.co.jp
data-exchange.amazon.com
amazonux.com
regions-beta.corp.amazon.com
www.amazon.co.jp
photos.amazon.jp
www.amazon.co.jp
dl.amazon.co.jp
xb-node-report.amazon.jp
www.amazon.co.jp
membership.amazon.com
*.peg.a2z.com
www.amazonmusic.com
data-exchange.amazon.com
*.peg.a2z.com
aeswidget.amazon.jp
www.amazon.co.jp
www.amazon.co.jp
dl.amazon.co.jp
sdu.amazon.jp
edgeflow-dp.aero.4d5ad1d2b-frontier.amazon.co.jp
*.peg.a2z.com
payments.amazon.co.jp
nonprofitcentral.amazon.com
static.prime-apis.amazon.jp
aeswidgets.amazon.jp
www.amazon.co.jp
www.amazon.co.jp
aeswidget.amazon.jp
payments.amazon.co.jp
www.amazon.co.jp
www.amazon.co.jp
aeswidgets.amazon.jp
dl.amazon.co.jp
dl.amazon.co.jp
pay-api.amazon.jp
aeswidget.amazon.jp
dl.amazon.co.jp
sdu.amazon.jp
dl.amazon.co.jp
prime-apis.amazon.jp
www.amazon.co.jp
www.amazon.co.jp
nonprofitcentral.amazon.com
payments.amazon.co.jp
dl.amazon.co.jp
jobfinder.amazon.com
s1.amazon.co.jp
payments.amazon.co.jp
payments.amazon.co.jp
www.amazon.co.jp
edgeflow-dp.aero.4d5ad1d2b-frontier.amazon.co.jp
*.peg.a2z.com
*.peg.a2z.com

Certificate

The complete raw certificate details for photos.amazon.jp in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGSjCCBTKgAwIBAgIQD2eEOfWpy8pa6QxsTDaPkzANBgkqhkiG9w0BAQsFADBG
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg
Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0yMjAyMjYwMDAwMDBaFw0yMzAyMDMy
MzU5NTlaMBsxGTAXBgNVBAMTEHBob3Rvcy5hbWF6b24uanAwggEiMA0GCSqGSIb3
DQEBAQUAA4IBDwAwggEKAoIBAQDb3B+xFmfohUrR4kNVEVpaDOQHVZsgr3cMtUVo
kbyJkdq98eIIO9QBh/w8m7zx/YWjJzpzDuupqeI+jIVnuoXwSLRLKNjryTWVZD5w
Jp71j0d26N5S7pIWHbdTn3IEmZTqqYF0YNLuvZYXgDWPRhdMYtXJwFMwc6LOUz3e
zWK6DY0gyrXLe4d3nuOarQOWSxWcUnxjhY0ic3omjaWrXHZr8C0SAdLTSBP8bj3J
h5A1EYUM/tDh8Cmq2BjZkTR7odgwrq1vuoIBCtLPzQA3tJzjSNy8vGk8CFdOMgbo
RmU1gmeZ6A9tgrV9ptOf4ew34ZeHhAlhGXoUxZzz14pvWqw9AgMBAAGjggNdMIID
WTAfBgNVHSMEGDAWgBRZpGYGUqB7lZI8o5QHJ5Z0W/k90DAdBgNVHQ4EFgQU+Jo2
JfLtXhy0y0YuREQpSA6u7RcwgY0GA1UdEQSBhTCBgoIQcGhvdG9zLmFtYXpvbi5q
cIIUcGhvdG9zLmFtYXpvbi5jb20uYXWCE3Bob3Rvcy5hbWF6b24uY28uanCCIHBo
b3Rvcy1pbnRlcm5hbC5ha2EuYW1hem9uLmNvLmpwgiFwaG90b3MtaW50ZXJuYWwu
YWthLmFtYXpvbi5jb20uYXUwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsG
AQUFBwMBBggrBgEFBQcDAjA9BgNVHR8ENjA0MDKgMKAuhixodHRwOi8vY3JsLnNj
YTFiLmFtYXpvbnRydXN0LmNvbS9zY2ExYi0xLmNybDATBgNVHSAEDDAKMAgGBmeB
DAECATB1BggrBgEFBQcBAQRpMGcwLQYIKwYBBQUHMAGGIWh0dHA6Ly9vY3NwLnNj
YTFiLmFtYXpvbnRydXN0LmNvbTA2BggrBgEFBQcwAoYqaHR0cDovL2NydC5zY2Ex
Yi5hbWF6b250cnVzdC5jb20vc2NhMWIuY3J0MAwGA1UdEwEB/wQCMAAwggF9Bgor
BgEEAdZ5AgQCBIIBbQSCAWkBZwB2AOg+0No+9QY1MudXKLyJa8kD08vREWvs62nh
d31tBr1uAAABfzb/px0AAAQDAEcwRQIgXIB2iQhtnVMYUgfHEoaLIiy0qb+9+W1g
mcWar4ARviACIQDiw/yk8FBuGF/4zQSL8NAkbqFOUYj4+QrbVPhOkgNn1gB1ADXP
GRu/sWxXvw+tTG1Cy7u2JyAmUeo/4SrvqAPDO9ZMAAABfzb/pxkAAAQDAEYwRAIg
axvIxaUKOR3KCL7JZx2Dkl339/SAXnWuPGN+f64jriUCIAcSOzhazDfCYrgCl9EM
U8D1jBDPKdd9SqWXCB0n9NZiAHYAs3N3B+GEUPhjhtYFqdwRCUp5LbFnDAuH3PAD
Dnk2pZoAAAF/Nv+nNQAABAMARzBFAiEA3Qua2dyv6ktaR0pa9EabhzB6XzaClS3S
fYcid/7c5bkCIEgHBSZIifMeuNhIIrTDGdu7gzrYt9LLCv+fNdeRFRSSMA0GCSqG
SIb3DQEBCwUAA4IBAQBKp20OvCMbHRCIPZPTG5hhnZ4X3WMZfKFaJquNTbHqgeA7
MTsHWnSIAwiWfP0LvlgIFyjMFAkcxasEnr+Arx7/0dFFGw/FDA77/L8n4jDt7xZ7
iYcJSADJhmuABo5kAPrw3cbRFla14CsXeZpmDdDszGAnwIUq5pJKxuVI8PBb789+
aYNHDbMd1kA9UJTS0GJ+Sn3k+I2vXbsBxnjl81lToHqlJLMxgwVb4iSRsK6M+stU
EwY2djG528z0XVaZprl9mIU9CFO9iPhRChd1dRR3BnoAY2gm+JnTKzIlkIdTqgCB
A0N38gdmzrBfvVPS2cpiBgFmpJluzmxo44Ro/tb9
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA29wfsRZn6IVK0eJDVRFa
WgzkB1WbIK93DLVFaJG8iZHavfHiCDvUAYf8PJu88f2Foyc6cw7rqaniPoyFZ7qF
8Ei0SyjY68k1lWQ+cCae9Y9HdujeUu6SFh23U59yBJmU6qmBdGDS7r2WF4A1j0YX
TGLVycBTMHOizlM93s1iug2NIMq1y3uHd57jmq0DlksVnFJ8Y4WNInN6Jo2lq1x2
a/AtEgHS00gT/G49yYeQNRGFDP7Q4fApqtgY2ZE0e6HYMK6tb7qCAQrSz80AN7Sc
40jcvLxpPAhXTjIG6EZlNYJnmegPbYK1fabTn+HsN+GXh4QJYRl6FMWc89eKb1qs
PQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 20475908383304868915792471282956013459
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-02-26 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-02-03 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'photos.amazon.jp'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27754735876926192210807888201988788513544636591089186263665393609026605870432322377186440712191899885311035966139089034950233781798223680249080234340643978380076389144038294682353032614129609348838134026867580336349342637634765823842810268584084020281332145322873578771916211187202999025287418871547629681598645322110142248451342497170390536719786273390677689105790688475764034266315749224255988783332215948187440897866849024381476401388858235674585736417511479375266995440362116260598150685495961396692974177027931162126579707984085144771349817960842952910608784418276626697922497957683802676962419983047207985785917
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							f89a3625f2ed5e1cb4cb462e444429480eaeed17
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (133 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'photos.amazon.jp'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'photos.amazon.com.au'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'photos.amazon.co.jp'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'photos-internal.aka.amazon.co.jp'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'photos-internal.aka.amazon.com.au'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (54 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b-1.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes)
							0167007600e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e0000017f36ffa71d000004030047304502205c807689086d9d53185207c712868b222cb4a9bfbdf96d6099c59aaf8011be20022100e2c3fca4f0506e185ff8cd048bf0d0246ea14e5188f8f90adb54f84e920367d600750035cf191bbfb16c57bf0fad4c6d42cbbbb627202651ea3fe12aefa803c33bd64c0000017f36ffa719000004030046304402206b1bc8c5a50a391dca08bec9671d83925df7f7f4805e75ae3c637e7fae23ae25022007123b385acc37c262b80297d10c53c0f58c10cf29d77d4aa597081d27f4d662007600b3737707e18450f86386d605a9dc11094a792db1670c0b87dcf0030e7936a59a0000017f36ffa7350000040300473045022100dd0b9ad9dcafea4b5a474a5af4469b87307a5f3682952dd27d872277fedce5b90220480705264889f31eb8d84822b4c319dbbb833ad8b7d2cb0aff9f35d791151492
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		004aa76d0ebc231b1d10883d93d31b98619d9e17dd63197ca15a26ab8d4db1ea81e03b313b075a74880308967cfd0bbe58081728cc14091cc5ab049ebf80af1effd1d1451b0fc50c0efbfcbf27e230edef167b8987094800c9866b80068e6400faf0ddc6d11656b5e02b17799a660dd0eccc6027c0852ae6924ac6e548f0f05befcf7e6983470db31dd6403d5094d2d0627e4a7de4f88daf5dbb01c678e5f35953a07aa524b33183055be22491b0ae8cfacb541306367631b9dbccf45d5699a6b97d98853d0853bd88f8510a1775751477067a00636826f899d32b3225908753aa0081034377f20766ceb05fbd53d2d9ca62060166a4996ece6c68e38468fed6fd