aws.manulife.com.kh
- Manulife Financial Corporation -
Issued by Sectigo RSA Organization Validation Secure Server CA
About this certificate
This digital certificate with serial number 77:57:49:16:d6:4a:44:df:7f:79:e8:ef:5e:75:bc:65 was issued on by Sectigo Limited.
With 7 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Manulife Financial Corporation
Organization:
Manulife Financial Corporation
State / Province:
Ontario
Country: CA
Country: CA
Sectigo Limited
Organization:
Sectigo Limited
State / Province:
Greater Manchester
Locality: Salford
Country: GB
Locality: Salford
Country: GB
This certificate will expire on
Certificate Details
Serial Number (hex): 77:57:49:16:d6:4a:44:df:7f:79:e8:ef:5e:75:bc:65Serial Number (int): 158631343750337738621141288430228323429
Serial Number lenght: 127 bits, 16 octets
SubjectKeyId: 68:3b:ee:ef:eb:f4:32:e2:c2:2d:e2:18:c0:d3:17:09:4d:34:94:9d
AuthorityKeyId: 17:d9:d6:25:27:67:f9:31:c2:49:43:d9:30:36:44:8c:6c:a9:4f:eb
Fingerprint (sha1): ee:31:b4:b5:f5:c0:1e:be:42:db:3e:8d:70:90:36:28:b8:96:29:6a
Fingerprint (sha256): 22:17:ea:0e:f7:1b:2a:be:0f:d5:28:2a:a6:c7:0f:0e:c8:e2:d1:5f:37:72:1d:63:e4:4e:c1:da:27:a4:f7:2c
Issuing Certificate URL: http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt
Revocation information
OCSP Server: http://ocsp.sectigo.comCRL Distribution Point: http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl
Check the revocation status for certificate aws.manulife.com.kh
7
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for aws.manulife.com.kh
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
aws.manulife.com.kh
azwappkhaws01.mfcgd.com
azwappkhaws02.mfcgd.com
azwappkhawsw01.mfcgd.com
azwappkhawsw02.mfcgd.com
khawsprd.ap.manulife.com
khawsprdweb.ap.manulife.com
azwappkhaws01.mfcgd.com
azwappkhaws02.mfcgd.com
azwappkhawsw01.mfcgd.com
azwappkhawsw02.mfcgd.com
khawsprd.ap.manulife.com
khawsprdweb.ap.manulife.com
Other certificates including the domain name manulife.com.kh
(limited to 100 certificates)
cws.manulife.com.kh
manulife.com
ptkuat.manulife.com.kh
manulife.com
manulife.com
ptk.manulife.com.kh
manulife.com
manulife.com
awsuat.manulife.com.kh
manulife.com.kh
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
cws.manulife.com.kh
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com.kh
manulife.com
manulife.com
manulife.com
new.manulife.com.kh
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com.kh
manulife.com
aws.manulife.com.kh
manulife.com
manulife.com.kh
manulife.com
manulife.com
manulife.com
manulife.com
aws.manulife.com.kh
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
www.manulife.com.kh
cws.manulife.com.kh
manulife.com
manulife.com
manulife.com
cws.manulife.com.kh
manulife.com
aws.manulife.com.kh
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
mail.manulife.com.kh
manulife.com
cws.manulife.com.kh
awsuat.manulife.com.kh
manulife.com
manulife.com
cws.manulife.com.kh
cws.manulife.com.kh
manulife.com
eclaim.manulife.com.kh
manulife.com
manulife.com
aws.manulife.com.kh
manulife.com
manulife.com
manulife.com
manulife.com
aws.manulife.com.kh
manulife.com.kh
manulife.com
aws.manulife.com.kh
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
ptkuat.manulife.com.kh
manulife.com
manulife.com
ptk.manulife.com.kh
manulife.com
manulife.com
awsuat.manulife.com.kh
manulife.com.kh
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
cws.manulife.com.kh
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com.kh
manulife.com
manulife.com
manulife.com
new.manulife.com.kh
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com.kh
manulife.com
aws.manulife.com.kh
manulife.com
manulife.com.kh
manulife.com
manulife.com
manulife.com
manulife.com
aws.manulife.com.kh
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
www.manulife.com.kh
cws.manulife.com.kh
manulife.com
manulife.com
manulife.com
cws.manulife.com.kh
manulife.com
aws.manulife.com.kh
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
mail.manulife.com.kh
manulife.com
cws.manulife.com.kh
awsuat.manulife.com.kh
manulife.com
manulife.com
cws.manulife.com.kh
cws.manulife.com.kh
manulife.com
eclaim.manulife.com.kh
manulife.com
manulife.com
aws.manulife.com.kh
manulife.com
manulife.com
manulife.com
manulife.com
aws.manulife.com.kh
manulife.com.kh
manulife.com
aws.manulife.com.kh
manulife.com
manulife.com
manulife.com
manulife.com
Certificate
The complete raw certificate details for aws.manulife.com.kh in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIHfzCCBmegAwIBAgIQd1dJFtZKRN9/eejvXnW8ZTANBgkqhkiG9w0BAQsFADCB lTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G A1UEBxMHU2FsZm9yZDEYMBYGA1UEChMPU2VjdGlnbyBMaW1pdGVkMT0wOwYDVQQD EzRTZWN0aWdvIFJTQSBPcmdhbml6YXRpb24gVmFsaWRhdGlvbiBTZWN1cmUgU2Vy dmVyIENBMB4XDTIzMTEyMzAwMDAwMFoXDTI0MTEyMjIzNTk1OVowZjELMAkGA1UE BhMCQ0ExEDAOBgNVBAgTB09udGFyaW8xJzAlBgNVBAoTHk1hbnVsaWZlIEZpbmFu Y2lhbCBDb3Jwb3JhdGlvbjEcMBoGA1UEAxMTYXdzLm1hbnVsaWZlLmNvbS5raDCC ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK5U55m8YR3E7XzcdK/4//h3 xYOjpRAt8GSvpXpE4C+uqgVoRHfd7Wq1arj9BKSKt5pHSDGXQok3N7iHXxZ2FQgA dzfSrwujQLoodlHSZj/B1meGrN8DsAHSfEtUIcv/azP0bCbsXqHXDgWE6teHriBn wy8jYylDaMCEsqrhT9GJ53HDP8OSSVpJJBznMiWVgLFLXCSLqLBzaI+1quYJF2H8 vEw4MW8+FzK8T4dfnPyO/m527qzbDQ/gKZBiNIXOOLUflzpxT+2/JV8hbz5+4Puq g1mW2uy5ubt0BNcMqblCQrcgPPcq2+HvNqDIZ7BdRGLEDo0pPR3i9wD44+HvfFUC AwEAAaOCA/cwggPzMB8GA1UdIwQYMBaAFBfZ1iUnZ/kxwklD2TA2RIxsqU/rMB0G A1UdDgQWBBRoO+7v6/Qy4sIt4hjA0xcJTTSUnTAOBgNVHQ8BAf8EBAMCBaAwDAYD VR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwSgYDVR0g BEMwQTA1BgwrBgEEAbIxAQIBAwQwJTAjBggrBgEFBQcCARYXaHR0cHM6Ly9zZWN0 aWdvLmNvbS9DUFMwCAYGZ4EMAQICMFoGA1UdHwRTMFEwT6BNoEuGSWh0dHA6Ly9j cmwuc2VjdGlnby5jb20vU2VjdGlnb1JTQU9yZ2FuaXphdGlvblZhbGlkYXRpb25T ZWN1cmVTZXJ2ZXJDQS5jcmwwgYoGCCsGAQUFBwEBBH4wfDBVBggrBgEFBQcwAoZJ aHR0cDovL2NydC5zZWN0aWdvLmNvbS9TZWN0aWdvUlNBT3JnYW5pemF0aW9uVmFs aWRhdGlvblNlY3VyZVNlcnZlckNBLmNydDAjBggrBgEFBQcwAYYXaHR0cDovL29j c3Auc2VjdGlnby5jb20wggF9BgorBgEEAdZ5AgQCBIIBbQSCAWkBZwB2AHb/iD8K tvuVUcJhzPWHujS0pM27KdxoQgqf5mdMWjp0AAABi/rcZx8AAAQDAEcwRQIhAIoJ bo8y5QvqmLhWRnu+mhUZIvGXbY+VIAGwCzELuFc3AiAllF0cVxge1bR/UFdCoJRS NkL1GJplnvQveCUD16h/HAB1AD8XS0/XIkdYlB1lHIS+DRLtkDd/H4Vq68G/KIXs +GRuAAABi/rcZ7QAAAQDAEYwRAIgSDfMJP7bl9vE2MDWNVbbK9FeaXNNZbCggke1 CzqSDOICIFblEoL6cP5d2pKNksQVWEwA7mW9N8CM/ykVTFyGo3MAAHYA7s3QZNXb Gs7FXLedtM0TojKHRny87N7DUUhZRnEftZsAAAGL+txnSAAABAMARzBFAiBq9FMe 57FRiNwl3oyxGrqrOqUUnPdAOybiRmqATz/E+wIhAK3cLk/Ibcsk+KXboGEod5Kd sb6MepQprO7bi3cXngtPMIG9BgNVHREEgbUwgbKCE2F3cy5tYW51bGlmZS5jb20u a2iCF2F6d2FwcGtoYXdzMDEubWZjZ2QuY29tghdhendhcHBraGF3czAyLm1mY2dk LmNvbYIYYXp3YXBwa2hhd3N3MDEubWZjZ2QuY29tghhhendhcHBraGF3c3cwMi5t ZmNnZC5jb22CGGtoYXdzcHJkLmFwLm1hbnVsaWZlLmNvbYIba2hhd3NwcmR3ZWIu YXAubWFudWxpZmUuY29tMA0GCSqGSIb3DQEBCwUAA4IBAQAFH3St0fMhl4wgHYwv /ot/bzrjyPNZN+t6wJ/7FHAxzoTHMLK+Fez95DMc8jip7ugdVoNpiADmyjIsBdOy qv5Dxn8gWwLfes5io8VvFn/avBAqvX9StB4VVPnRkVIHVebtQGbW2W1TISnkRv+f yMojIGYvAjSKJ+JerF3Bx1FLHT2pH/48PN+oRHiBXG9NxCAPqb8KC/TkYHrvz0ba p8AWNoyJ6HY3sFEWDpeYCfNDBEvSr6US+iFSvkEDjawXd2ZHVDq0CWq8M4NUkvMk mlOWxFwwc0//ElRYqvYSo3KsunHHEVyit4Msy0OHibhwLvIoAIYWseTbYrj3jq0I fJhS -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArlTnmbxhHcTtfNx0r/j/ +HfFg6OlEC3wZK+lekTgL66qBWhEd93tarVquP0EpIq3mkdIMZdCiTc3uIdfFnYV CAB3N9KvC6NAuih2UdJmP8HWZ4as3wOwAdJ8S1Qhy/9rM/RsJuxeodcOBYTq14eu IGfDLyNjKUNowISyquFP0YnnccM/w5JJWkkkHOcyJZWAsUtcJIuosHNoj7Wq5gkX Yfy8TDgxbz4XMrxPh1+c/I7+bnburNsND+ApkGI0hc44tR+XOnFP7b8lXyFvPn7g +6qDWZba7Lm5u3QE1wypuUJCtyA89yrb4e82oMhnsF1EYsQOjSk9HeL3APjj4e98 VQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 158631343750337738621141288430228323429 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo Limited' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo RSA Organization Validation Secure Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-23 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-11-22 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CA' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ontario' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Manulife Financial Corporation' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'aws.manulife.com.kh' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22007333126966725095939848878112033506355891222454036200414791317471354717583346917408810834483257499749516875643523702069325329096358718184795584455079957285725556155881338070639704750044897709619233423290457136179131767457128658303418166566326503782016498914700182020443755583768793264139055568588741972831849043817691927985962762778323826011589495152926375543033080236264777363451695026059616634786004556886553397013169119506121264676641263775771186412608239731228577400273290300846553696094433803611057988770749327130862326985702397662920541294441305639722324243672991960495943287975336744317558735757911872470101 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 17d9d6252767f931c24943d93036448c6ca94feb . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 683beeefebf432e2c22de218c0d317094d34949d . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (67 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.1.3.4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (83 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (126 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes) 016700760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018bfadc671f00000403004730450221008a096e8f32e50bea98b856467bbe9a151922f1976d8f952001b00b310bb85737022025945d1c57181ed5b47f505742a094523642f5189a659ef42f782503d7a87f1c0075003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e0000018bfadc67b4000004030046304402204837cc24fedb97dbc4d8c0d63556db2bd15e69734d65b0a08247b50b3a920ce2022056e51282fa70fe5dda928d92c415584c00ee65bd37c08cff29154c5c86a37300007600eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018bfadc6748000004030047304502206af4531ee7b15188dc25de8cb11abaab3aa5149cf7403b26e2466a804f3fc4fb022100addc2e4fc86dcb24f8a5dba0612877929db1be8c7a9429aceedb8b77179e0b4f . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (181 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'aws.manulife.com.kh' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'azwappkhaws01.mfcgd.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'azwappkhaws02.mfcgd.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'azwappkhawsw01.mfcgd.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'azwappkhawsw02.mfcgd.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'khawsprd.ap.manulife.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'khawsprdweb.ap.manulife.com' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00051f74add1f321978c201d8c2ffe8b7f6f3ae3c8f35937eb7ac09ffb147031ce84c730b2be15ecfde4331cf238a9eee81d5683698800e6ca322c05d3b2aafe43c67f205b02df7ace62a3c56f167fdabc102abd7f52b41e1554f9d191520755e6ed4066d6d96d532129e446ff9fc8ca2320662f02348a27e25eac5dc1c7514b1d3da91ffe3c3cdfa84478815c6f4dc4200fa9bf0a0bf4e4607aefcf46daa7c016368c89e87637b051160e979809f343044bd2afa512fa2152be41038dac17776647543ab4096abc33835492f3249a5396c45c30734fff125458aaf612a372acba71c7115ca2b7832ccb438789b8702ef228008616b1e4db62b8f78ead087c9852