highbond-combined-au.aclgrc.com

Issued by Amazon RSA 2048 M03

About this certificate

This digital certificate with serial number 07:67:c4:4f:01:b4:e8:00:bc:9d:6b:52:0d:b6:78:9f was issued on by Amazon.

With 13 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=highbond-combined-au.aclgrc.com

Amazon

Organization: Amazon
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 07:67:c4:4f:01:b4:e8:00:bc:9d:6b:52:0d:b6:78:9f
Serial Number (int): 9843384158758839970318195423593265311
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: 65:3d:75:c8:71:a1:bd:9a:ae:fd:92:1f:dd:50:54:ef:14:2a:4f:13
AuthorityKeyId: 55:d9:18:5f:d2:1c:cc:01:e1:58:b4:be:ab:d9:55:42:01:d7:2e:02

Fingerprint (sha1): bf:a2:18:61:0e:12:fa:b0:05:4d:e1:93:41:a6:66:7c:59:f0:ae:97
Fingerprint (sha256): 20:07:10:cb:25:97:a2:c9:bf:f1:48:72:66:9d:72:33:19:f0:34:06:e6:32:ae:9d:6a:f3:e3:85:90:b9:16:50

Issuing Certificate URL: http://crt.r2m03.amazontrust.com/r2m03.cer

Revocation information

OCSP Server: http://ocsp.r2m03.amazontrust.com
CRL Distribution Point: http://crl.r2m03.amazontrust.com/r2m03.crl

Check the revocation status for certificate highbond-combined-au.aclgrc.com

13

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for highbond-combined-au.aclgrc.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

highbond-combined-au.aclgrc.com
*.reports-au.highbond.com
*.projects-au.highbond.com
*.reports-au.aclgrc.com
*.results-au.highbond.com
*.risks-au.aclgrc.com
*.highbond.com
*.results-au.aclgrc.com
*.risks-au.highbond.com
aclgrc.com
highbond.com
*.projects-au.aclgrc.com
*.aclgrc.com

Other certificates including the domain name aclgrc.com

(limited to 100 certificates)
statuspage.io
status.aclgrc.com
statuspage.io
statuspage.io
*.risks-ap.aclgrc.com
statuspage.io
eu.status.grow.clio.com
statuspage.io
atlas-alerts.mit.edu
statuspage.io
statuspage.io
statuspage.io
*.results-ap.aclgrc.com
3down.mit.edu
highbond-combined-eu.aclgrc.com
statuspage.io
*.results-eu.aclgrc.com
atlas-alerts.mit.edu
statuspage.io
statuspage.io
eu.status.grow.clio.com
new-status.ucsd.edu
highbond-combined-au.aclgrc.com
statuspage.io
statuspage.io
*.results-ap.aclgrc.com
statuspage.io
*.results-au.aclgrc.com
*.risks-eu.aclgrc.com
eu.status.grow.clio.com
statuspage.io
statuspage.io
statuspage.io
atlas-alerts.mit.edu
statuspage.io
*.risks.aclgrc.com
statuspage.io
atlas-alerts.mit.edu
tardis.aclgrc.com
highbond-combined.aclgrc.com
tardis.aclgrc.com
statuspage.io
statuspage.io
statuspage.io
atlas-alerts.mit.edu
statuspage.io
statuspage.io
*.hub-au.aclgrc.com
accounts.aclgrc.com
statuspage.io
statuspage.io
statuspage.io
atlas-alerts.mit.edu
statuspage.io
new-status.ucsd.edu
statuspage.io
*.aclgrc.com
statuspage.io
statuspage.io
statuspage.io
statuspage.io
statuspage.io
atlas-alerts.mit.edu
downloads.highbond.com
statuspage.io
statuspage.io
statuspage.io
statuspage.io
caloes.status.rapiddeploy.com
atlas-alerts.mit.edu
statuspage.io
statuspage.io
new-status.ucsd.edu
atlas-alerts.mit.edu
atlas-alerts.mit.edu
atlas-alerts.mit.edu
new-status.ucsd.edu
statuspage.io
statuspage.io
*.projects-au.aclgrc.com
statuspage.io
statuspage.io
highbond-combined-eu.aclgrc.com
*.projects-eu.aclgrc.com
statuspage.io
atlas-alerts.mit.edu
*.aclgrc.com
highbond-combined-eu.aclgrc.com
statuspage.io
*.robots-eu.aclgrc.com
statuspage.io
*.results-ap.aclgrc.com
*.aclgrc.com
statuspage.io
*.hub-ap.aclgrc.com
statuspage.io
statuspage.io
statuspage.io
*.projects-eu.aclgrc.com
atlas-alerts.mit.edu

Certificate

The complete raw certificate details for highbond-combined-au.aclgrc.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIG9TCCBd2gAwIBAgIQB2fETwG06AC8nWtSDbZ4nzANBgkqhkiG9w0BAQsFADA8
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g
UlNBIDIwNDggTTAzMB4XDTIzMTAyNjAwMDAwMFoXDTI0MTEyMTIzNTk1OVowKjEo
MCYGA1UEAxMfaGlnaGJvbmQtY29tYmluZWQtYXUuYWNsZ3JjLmNvbTCCASIwDQYJ
KoZIhvcNAQEBBQADggEPADCCAQoCggEBAKr4PMTccF4kXT8QOzZ8UsqEetpWwx3E
d8MXASStRoGZV694ETdlD2HIRrRxDTdDI/CMZPU3mZPgwHXFM2JEWfH/lLCfrL4F
8UxxiCS/AsDC1gmXVGjpbvpp0PtJEIj4P/sAc21xvDnLx5hgrk8cxFENvaniuzm/
ZokYu8OjKRf+CP4/5w1NpweqKzyvd6hVPvi0v7N1lO9HpIK33UXxCNLqzxquus51
n52049K8E+D2fSCXp4NIbsHrEPaMwHMHXuthFrRPTdlx+Si2jFzMJDUy7xdrBDCj
MGUUOMruJQA9jagZUGMyrjq+d8WmZoZuzKccb9pumGrJVvXBC6vK1oECAwEAAaOC
BAMwggP/MB8GA1UdIwQYMBaAFFXZGF/SHMwB4Vi0vqvZVUIB1y4CMB0GA1UdDgQW
BBRlPXXIcaG9mq79kh/dUFTvFCpPEzCCATQGA1UdEQSCASswggEngh9oaWdoYm9u
ZC1jb21iaW5lZC1hdS5hY2xncmMuY29tghkqLnJlcG9ydHMtYXUuaGlnaGJvbmQu
Y29tghoqLnByb2plY3RzLWF1LmhpZ2hib25kLmNvbYIXKi5yZXBvcnRzLWF1LmFj
bGdyYy5jb22CGSoucmVzdWx0cy1hdS5oaWdoYm9uZC5jb22CFSoucmlza3MtYXUu
YWNsZ3JjLmNvbYIOKi5oaWdoYm9uZC5jb22CFyoucmVzdWx0cy1hdS5hY2xncmMu
Y29tghcqLnJpc2tzLWF1LmhpZ2hib25kLmNvbYIKYWNsZ3JjLmNvbYIMaGlnaGJv
bmQuY29tghgqLnByb2plY3RzLWF1LmFjbGdyYy5jb22CDCouYWNsZ3JjLmNvbTAT
BgNVHSAEDDAKMAgGBmeBDAECATAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYI
KwYBBQUHAwEGCCsGAQUFBwMCMDsGA1UdHwQ0MDIwMKAuoCyGKmh0dHA6Ly9jcmwu
cjJtMDMuYW1hem9udHJ1c3QuY29tL3IybTAzLmNybDB1BggrBgEFBQcBAQRpMGcw
LQYIKwYBBQUHMAGGIWh0dHA6Ly9vY3NwLnIybTAzLmFtYXpvbnRydXN0LmNvbTA2
BggrBgEFBQcwAoYqaHR0cDovL2NydC5yMm0wMy5hbWF6b250cnVzdC5jb20vcjJt
MDMuY2VyMAwGA1UdEwEB/wQCMAAwggF9BgorBgEEAdZ5AgQCBIIBbQSCAWkBZwB2
AHb/iD8KtvuVUcJhzPWHujS0pM27KdxoQgqf5mdMWjp0AAABi2sXBVwAAAQDAEcw
RQIhANVBbYyZ7eB3gbQbS96nvGyEx274+F4nNHQu+0fv3V/KAiB2l2z3TXkuB+kp
iW7AsCO4OUTqb+dOFaNkNM/6/PoL3QB2AEiw42vapkc0D+VqAvqdMOscUgHLVt0s
gdm7v6s52IRzAAABi2sXBVcAAAQDAEcwRQIhAJ1cCWP4dycrSTrGDGh7MCcpVXO5
fZka1gI7RkeIvvbOAiA6v9G9FSrEZbmg24EnAbBkPTkdeBD1TJupWtvxC8t+dgB1
ANq2v2s/tbYin5vCu1xr6HCRcWy7UYSFNL2kPTBI1/urAAABi2sXBTkAAAQDAEYw
RAIgAdQk1rerj2hnaB6qG92nyGObiDpw7ZcV8OUFWSWv6LoCIB6VtDcP+4cai6xB
Cu8WPnsLh7cjazW/CaiKpJPI7dbQMA0GCSqGSIb3DQEBCwUAA4IBAQBSwPJSApl2
hWIeAa2xORSuFR1f6yqepYT/sNHayrW6kOAQhbEpG8LWC/FaSZBQ+sKbxr5SwSE2
6BInwlAhbg16afuU3WMBUzc56DhRgoLgrIekjEa/4fvciyIQl7Sx1NKg5v9KD8xN
9C5ZgrJNNbhQcqRdWqkzuGEw133nUxgmyF213NOybRlZeva5LNoJBcHxsDBx5uoS
fGKy2tI02wX7VypA8++hniGmaDvbyh4SKoEYKmQEpph+99RSEcNlzZ/RRz2FJKQu
thPDV38iEJnqILnwCICBtcnkiOK1WK3a2kn0bE3rCX135KC16BfGiZ8KO9EDVbkN
Ti3eZMD+ka5g
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvg8xNxwXiRdPxA7NnxS
yoR62lbDHcR3wxcBJK1GgZlXr3gRN2UPYchGtHENN0Mj8Ixk9TeZk+DAdcUzYkRZ
8f+UsJ+svgXxTHGIJL8CwMLWCZdUaOlu+mnQ+0kQiPg/+wBzbXG8OcvHmGCuTxzE
UQ29qeK7Ob9miRi7w6MpF/4I/j/nDU2nB6orPK93qFU++LS/s3WU70ekgrfdRfEI
0urPGq66znWfnbTj0rwT4PZ9IJeng0huwesQ9ozAcwde62EWtE9N2XH5KLaMXMwk
NTLvF2sEMKMwZRQ4yu4lAD2NqBlQYzKuOr53xaZmhm7Mpxxv2m6YaslW9cELq8rW
gQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 9843384158758839970318195423593265311
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M03'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-26 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-11-21 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'highbond-combined-au.aclgrc.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21582922258045341126913790896816714116957600922939342301831349044250144880554219747547886569436795898036613246305477818963905204335444789612499060071102948722623385389765286489375325588557417973673212664028463107783383307558792410868198280250419484984771099915593099017102190722542284843346674431103491461855270445142599678773500994955627506407800340168690573378396196524032752865772964711965605736219807166820248286415776233590487860938596707399225395867408141284261268101440098241300141049696490055039723878768941149594071314905624668179496236264856295071997658323667614979751822986563230922589962902428095806625409
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 55d9185fd21ccc01e158b4beabd9554201d72e02
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							653d75c871a1bd9aaefd921fdd5054ef142a4f13
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (299 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'highbond-combined-au.aclgrc.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.reports-au.highbond.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.projects-au.highbond.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.reports-au.aclgrc.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.results-au.highbond.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.risks-au.aclgrc.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.highbond.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.results-au.aclgrc.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.risks-au.highbond.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'aclgrc.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'highbond.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.projects-au.aclgrc.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.aclgrc.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m03.amazontrust.com/r2m03.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m03.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m03.amazontrust.com/r2m03.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes)
							016700760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018b6b17055c0000040300473045022100d5416d8c99ede07781b41b4bdea7bc6c84c76ef8f85e2734742efb47efdd5fca022076976cf74d792e07e929896ec0b023b83944ea6fe74e15a36434cffafcfa0bdd00760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018b6b17055700000403004730450221009d5c0963f877272b493ac60c687b3027295573b97d991ad6023b464788bef6ce02203abfd1bd152ac465b9a0db812701b0643d391d7810f54c9ba95adbf10bcb7e76007500dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018b6b1705390000040300463044022001d424d6b7ab8f6867681eaa1bdda7c8639b883a70ed9715f0e5055925afe8ba02201e95b4370ffb871a8bac410aef163e7b0b87b7236b35bf09a88aa493c8edd6d0
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0052c0f25202997685621e01adb13914ae151d5feb2a9ea584ffb0d1dacab5ba90e01085b1291bc2d60bf15a499050fac29bc6be52c12136e81227c250216e0d7a69fb94dd6301533739e838518282e0ac87a48c46bfe1fbdc8b221097b4b1d4d2a0e6ff4a0fcc4df42e5982b24d35b85072a45d5aa933b86130d77de7531826c85db5dcd3b26d19597af6b92cda0905c1f1b03071e6ea127c62b2dad234db05fb572a40f3efa19e21a6683bdbca1e122a81182a6404a6987ef7d45211c365cd9fd1473d8524a42eb613c3577f221099ea20b9f0088081b5c9e488e2b558addada49f46c4deb097d77e4a0b5e817c6899f0a3bd10355b90d4e2dde64c0fe91ae60