*.int.api.discomax.com

Issued by Amazon RSA 2048 M02

About this certificate

This digital certificate with serial number 0e:e5:72:05:4a:a1:aa:a8:c9:8c:69:80:7e:4f:75:dd was issued on by Amazon.

With 4 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=*.int.api.discomax.com

Amazon

Organization: Amazon
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 0e:e5:72:05:4a:a1:aa:a8:c9:8c:69:80:7e:4f:75:dd
Serial Number (int): 19800540535526260308952481962293949917
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: 4c:7a:8b:c9:3e:28:aa:98:43:93:f0:f5:b8:45:a4:f7:1b:18:d6:80
AuthorityKeyId: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2

Fingerprint (sha1): 76:7f:d3:25:13:15:f4:0c:54:a2:c1:ff:3e:e1:b2:57:f9:59:5f:29
Fingerprint (sha256): 1f:d3:fb:51:11:bc:b8:62:3b:26:db:c4:79:76:23:f9:89:9a:15:20:86:70:eb:4b:8c:be:11:5e:17:d9:9f:e7

Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer

Revocation information

OCSP Server: http://ocsp.r2m02.amazontrust.com
CRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl

Check the revocation status for certificate *.int.api.discomax.com

4

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for *.int.api.discomax.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.int.api.discomax.com
int.api.discomax.com
*.us-east-1.bolt.int.disco-api.com
*.use1.int.api.discomax.com

Other certificates including the domain name discomax.com

(limited to 100 certificates)
x1-experimental.ctv.prd.beam.discomax.com
*.beam-amer.euw1.stg.api.discomax.com
*.prd.api.discomax.com
*.prd.api.discomax.com
*.int.api.discomax.com
*.prd.api.discomax.com
int.api.discomax.com
webos.ctv.play-hbo.stg.beam.discomax.com
*.stg.api.discomax.com
*.br-amer.usw2.stg.api.discomax.com
*.prd.api.discomax.com
stg.api.discomax.com
*.stg.api.discomax.com
*.int.api.discomax.com
*.dev.api.discomax.com
*.prd.api.discomax.com
*.br-latam.stg.api.discomax.com
*.any-latam.prd.api.discomax.com
auth.stg.beam.discomax.com
*.prd.api.discomax.com
play-rc.stg.beam.discomax.com
*.stg.api.discomax.com
images.cdn.prd.api.discomax.com
*.private.euw1.stg.api.discomax.com
webos.ctv.play-hbo.dev.beam.discomax.com
*.stg.api.discomax.com
*.dev.api.discomax.com
*.stg.api.discomax.com
stg.api.discomax.com
xbox.ctv.dev.beam.discomax.com
*.any-amer.dev.api.discomax.com
*.any-amer.int.api.discomax.com
*.prod.api.discomax.com
*.any-amer.apne1.prd.api.discomax.com
stg.api.discomax.com
telenor.ctv.stg.beam.discomax.com
telia.ctv.prd.beam.discomax.com
stg.api.discomax.com
default.private-vpce.eun1.prd.api.discomax.com
*.prd.api.discomax.com
*.int.api.discomax.com
*.prd.api.discomax.com
prd.api.discomax.com
ps5.ctv.dev.beam.discomax.com
int.api.discomax.com
*.beam-apac.euw1.stg.api.discomax.com
*.any-amer.aps1.stg.api.discomax.com
*.prd.api.discomax.com
*.prd.api.discomax.com
*.any-amer.int.api.discomax.com
*.dev.api.discomax.com
*.prd.api.discomax.com
int.api.discomax.com
*.prd.api.discomax.com
*.prod.api.discomax.com
*.vodafonestb.sagemcom.ctv.dev.beam.discomax.com
ps4.ctv.prd.beam.discomax.com
*.beam-apac.euw1.stg.api.discomax.com
*.any-amer.dev.api.discomax.com
wbd-beam-typescript.dev.beam.discomax.com
prd.api.discomax.com
webos.ctv.play-hbo.int.beam.discomax.com
*.prod.api.discomax.com
*.prd.api.discomax.com
*.stg.api.discomax.com
*.private.eu.stg.api.discomax.com
webos.ctv.prd.beam.discomax.com
stg.api.discomax.com
cast.ctv.int.beam.discomax.com
*.dev.api.discomax.com
prd.api.discomax.com
int.discomax.discoveryplus.com
ziggo.ctv.prd.beam.discomax.com
memento.int.infra.api.discomax.com
*.stg.api.discomax.com
x1.ctv.stg.beam.discomax.com
*.ci-reports.dev.beam.discomax.com
*.int.api.discomax.com
vizio.ctv.dev.beam.discomax.com
int.api.discomax.com
*.any-amer.euc1.stg.api.discomax.com
*.int.api.discomax.com
webos.ctv.dev.beam.discomax.com
*.int.api.discomax.com
*.stg.api.discomax.com
tizen.ctv.dev.beam.discomax.com
int.api.discomax.com
*.any-amer.euc1.prd.api.discomax.com
*.use.dev.api.discomax.com
*.int.api.discomax.com
x1.ctv.prd.beam.discomax.com
dev.api.discomax.com
tizen.ctv.int.beam.discomax.com
*.dev.api.discomax.com
*.any-latam.prd.api.discomax.com
dev.api.discomax.com
*.prd.api.discomax.com
telenor-rc.ctv.stg.beam.discomax.com
*.prd.api.discomax.com
*.prd.api.discomax.com

Certificate

The complete raw certificate details for *.int.api.discomax.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGLjCCBRagAwIBAgIQDuVyBUqhqqjJjGmAfk913TANBgkqhkiG9w0BAQsFADA8
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g
UlNBIDIwNDggTTAyMB4XDTIzMTAxMjAwMDAwMFoXDTI0MTEwOTIzNTk1OVowITEf
MB0GA1UEAwwWKi5pbnQuYXBpLmRpc2NvbWF4LmNvbTCCASIwDQYJKoZIhvcNAQEB
BQADggEPADCCAQoCggEBANBHD2YPZ06ofxgxnYyaWOwQQ0MwljMzjTJlcmdLWNFF
MtZ4OuP0veXCoSj3K8zZhcU0zYRuEflPN+1mGCc+esfO5NNPgvFbdAjntI1iFJHc
4NqAhB5HSMW0f2KsD29GFasdKKgmpuaRJ8t2ezwI4Wpow67Yc+PJLOwq9MWxyiki
UdtxwHrAPDkAceZdmU0xpSf4hAKywvfk4o5n4xhDbXiHlBfojbHDuhi2Ub3OAbWs
7zRjhmDOfbazMxbDy84+7aCVOM0/AWI14sgXO3fzg2DTTEr7/N8q1L362oM6ImlH
GnJ9/QbGaYu6+CdqJ+avxUBK0n+diqCEleaAygDDtUMCAwEAAaOCA0UwggNBMB8G
A1UdIwQYMBaAFMAxUs1aUMOCfHRxzsvpnPl664LiMB0GA1UdDgQWBBRMeovJPiiq
mEOT8PW4RaT3GxjWgDB4BgNVHREEcTBvghYqLmludC5hcGkuZGlzY29tYXguY29t
ghRpbnQuYXBpLmRpc2NvbWF4LmNvbYIiKi51cy1lYXN0LTEuYm9sdC5pbnQuZGlz
Y28tYXBpLmNvbYIbKi51c2UxLmludC5hcGkuZGlzY29tYXguY29tMBMGA1UdIAQM
MAowCAYGZ4EMAQIBMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcD
AQYIKwYBBQUHAwIwOwYDVR0fBDQwMjAwoC6gLIYqaHR0cDovL2NybC5yMm0wMi5h
bWF6b250cnVzdC5jb20vcjJtMDIuY3JsMHUGCCsGAQUFBwEBBGkwZzAtBggrBgEF
BQcwAYYhaHR0cDovL29jc3AucjJtMDIuYW1hem9udHJ1c3QuY29tMDYGCCsGAQUF
BzAChipodHRwOi8vY3J0LnIybTAyLmFtYXpvbnRydXN0LmNvbS9yMm0wMi5jZXIw
DAYDVR0TAQH/BAIwADCCAX0GCisGAQQB1nkCBAIEggFtBIIBaQFnAHUAdv+IPwq2
+5VRwmHM9Ye6NLSkzbsp3GhCCp/mZ0xaOnQAAAGLIxm3KgAABAMARjBEAiAbImE5
bgtKIRDHfTC2Oi4J5mjcKudQ7D/fW0JS0xnb3QIgGWEsHHPsIBE5aEEFUm08OGxs
xz3HzUAnOEA9r58lO7EAdgBIsONr2qZHNA/lagL6nTDrHFIBy1bdLIHZu7+rOdiE
cwAAAYsjGbb7AAAEAwBHMEUCIH0mPMk8/An6RvaJKCZxJiIE9Cq078ExX82cZtrK
786nAiEA282esq/V5YOiLrYSDSS4h8pyre/sJ2D+8qHhFniG1HIAdgDatr9rP7W2
Ip+bwrtca+hwkXFsu1GEhTS9pD0wSNf7qwAAAYsjGbbeAAAEAwBHMEUCIQDp4x3g
DuzsQX1YnlU4bkKbqYPxG2NYkFqLzGQcSny6iAIgL4iRsyrqUtWRySi6vaEMmUc+
3GP6jRcIEoTRCIqQGz8wDQYJKoZIhvcNAQELBQADggEBAE6izFBgHmUcitgp2lvk
/deHfU+cNSamt96/mxO0+egZr/kjEnjabek0juaZPlv7DrkvNFe/vaoLi3qLROZD
NANoxl33gRd9KcsUAwYZDCI4PhlykQGpiYdkrXf/LKKjwMXGJyR5PKnXwP01iwpS
fUOzw5sOfFlmoV5op/UyTpUIVRFuDBJhNPZRe9uJl7rRR3h11yMuDN8L1iSlV8vp
wJ6lKxGs2ZzVPkHz69553+JhQvh2VbCTrhxszPaTTCzM0TgxXBe4QumYlWeuniu5
sh9HatIyGofY95M8R9jMfRYce+6rLXIZyLDfiX5S/3Li+rMKJrdqSQhvKDnDUVSo
iyQ=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0EcPZg9nTqh/GDGdjJpY
7BBDQzCWMzONMmVyZ0tY0UUy1ng64/S95cKhKPcrzNmFxTTNhG4R+U837WYYJz56
x87k00+C8Vt0COe0jWIUkdzg2oCEHkdIxbR/YqwPb0YVqx0oqCam5pEny3Z7PAjh
amjDrthz48ks7Cr0xbHKKSJR23HAesA8OQBx5l2ZTTGlJ/iEArLC9+TijmfjGENt
eIeUF+iNscO6GLZRvc4BtazvNGOGYM59trMzFsPLzj7toJU4zT8BYjXiyBc7d/OD
YNNMSvv83yrUvfragzoiaUcacn39BsZpi7r4J2on5q/FQErSf52KoISV5oDKAMO1
QwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 19800540535526260308952481962293949917
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-12 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-11-09 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.int.api.discomax.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26292608499428584336849966230528646977846485858261351149575969510417394059137256453675538824471159544319477917033081466252141504669071666151220465040856010802017383838298180290525402795484936685721277829108568609574337974615248279501276094954388874435137093494060352544904319596507618315306128624946888987673005569140386308775700263872302429021977191393080557031690084876066132231337265782922036655885336946329312848906265075187267068732079373681815531833930024504684990100233953158360395971303062300498127460725553893106854006343758278932152024043745697976167062050266304720282911743620862509884520172564784890492227
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							4c7a8bc93e28aa984393f0f5b845a4f71b18d680
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (113 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.int.api.discomax.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'int.api.discomax.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.us-east-1.bolt.int.disco-api.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.use1.int.api.discomax.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes)
							016700750076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018b2319b72a000004030046304402201b2261396e0b4a2110c77d30b63a2e09e668dc2ae750ec3fdf5b4252d319dbdd022019612c1c73ec201139684105526d3c386c6cc73dc7cd402738403daf9f253bb100760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018b2319b6fb000004030047304502207d263cc93cfc09fa46f689282671262204f42ab4efc1315fcd9c66dacaefcea7022100dbcd9eb2afd5e583a22eb6120d24b887ca72adefec2760fef2a1e1167886d472007600dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018b2319b6de0000040300473045022100e9e31de00eecec417d589e55386e429ba983f11b6358905a8bcc641c4a7cba8802202f8891b32aea52d591c928babda10c99473edc63fa8d17081284d1088a901b3f
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		004ea2cc50601e651c8ad829da5be4fdd7877d4f9c3526a6b7debf9b13b4f9e819aff9231278da6de9348ee6993e5bfb0eb92f3457bfbdaa0b8b7a8b44e643340368c65df781177d29cb140306190c22383e19729101a9898764ad77ff2ca2a3c0c5c62724793ca9d7c0fd358b0a527d43b3c39b0e7c5966a15e68a7f5324e950855116e0c126134f6517bdb8997bad1477875d7232e0cdf0bd624a557cbe9c09ea52b11acd99cd53e41f3ebde79dfe26142f87655b093ae1c6cccf6934c2cccd138315c17b842e9989567ae9e2bb9b21f476ad2321a87d8f7933c47d8cc7d161c7beeab2d7219c8b0df897e52ff72e2fab30a26b76a49086f2839c35154a88b24