www.aquafin.net
Issued by Amazon RSA 2048 M03
About this certificate
This digital certificate with serial number 05:bf:e0:a3:20:93:e5:43:1e:21:5c:a0:f9:61:36:0e was issued on by Amazon.
With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=www.aquafin.net
Amazon
Organization:
Amazon
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 05:bf:e0:a3:20:93:e5:43:1e:21:5c:a0:f9:61:36:0eSerial Number (int): 7642424862928754310624293149221139982
Serial Number lenght: 123 bits, 16 octets
SubjectKeyId: 42:25:12:de:b4:15:38:63:2a:af:c5:8d:a4:90:91:96:87:93:f9:c5
AuthorityKeyId: 55:d9:18:5f:d2:1c:cc:01:e1:58:b4:be:ab:d9:55:42:01:d7:2e:02
Fingerprint (sha1): 63:3d:29:8d:db:35:15:0b:93:55:44:35:4b:fc:b6:e2:92:cc:4c:8b
Fingerprint (sha256): 22:1b:00:87:72:e9:dd:3d:de:1b:32:01:1d:67:8f:d2:2f:c7:fa:a8:16:9b:7b:49:13:cf:a5:31:7e:5a:1b:3c
Issuing Certificate URL: http://crt.r2m03.amazontrust.com/r2m03.cer
Revocation information
OCSP Server: http://ocsp.r2m03.amazontrust.comCRL Distribution Point: http://crl.r2m03.amazontrust.com/r2m03.crl
Check the revocation status for certificate www.aquafin.net
2
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for www.aquafin.net
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
www.aquafin.net
aquafin.net
aquafin.net
Other certificates including the domain name aquafin.net
(limited to 100 certificates)
Certificate
The complete raw certificate details for www.aquafin.net in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIF1jCCBL6gAwIBAgIQBb/goyCT5UMeIVyg+WE2DjANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAzMB4XDTIzMDkyODAwMDAwMFoXDTI0MTAyNTIzNTk1OVowGjEY MBYGA1UEAxMPd3d3LmFxdWFmaW4ubmV0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A MIIBCgKCAQEAik/OAZEfpNabm9YaOaoy6DTOZ79GXQBFwM2gU1ZELzaRjJ6v6bih fmHwNoWKyS0lREgqzm11OsdwbWSWgP6su+Mtqt3W4G72O/7h9qFmmL3ZmqGLqvcw gFp+fvWP5pGKNpNr6uognGrSV/kMMl+auZudF2W/+RDhH+d5u1mT5Qkmmas5sI/n gJjnQCnMvWt8BhKAV8gj44npWBrA4jw9A4pwls8ZpVID6asbiuUR2RLisc4wJJbY iVEcJ9SeAWH63sdMxCM/lrEMN90RxsO7kBCyLn/UmQ65g6ReKRn2+ZAmxIeVjz2B K3/i7rEQT84OmAdulwwLB7ZfPuHc2bMTPwIDAQABo4IC9DCCAvAwHwYDVR0jBBgw FoAUVdkYX9IczAHhWLS+q9lVQgHXLgIwHQYDVR0OBBYEFEIlEt60FThjKq/FjaSQ kZaHk/nFMCcGA1UdEQQgMB6CD3d3dy5hcXVhZmluLm5ldIILYXF1YWZpbi5uZXQw EwYDVR0gBAwwCjAIBgZngQwBAgEwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQG CCsGAQUFBwMBBggrBgEFBQcDAjA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8vY3Js LnIybTAzLmFtYXpvbnRydXN0LmNvbS9yMm0wMy5jcmwwdQYIKwYBBQUHAQEEaTBn MC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5yMm0wMy5hbWF6b250cnVzdC5jb20w NgYIKwYBBQUHMAKGKmh0dHA6Ly9jcnQucjJtMDMuYW1hem9udHJ1c3QuY29tL3Iy bTAzLmNlcjAMBgNVHRMBAf8EAjAAMIIBfQYKKwYBBAHWeQIEAgSCAW0EggFpAWcA dQDuzdBk1dsazsVct520zROiModGfLzs3sNRSFlGcR+1mwAAAYrZKdvbAAAEAwBG MEQCIE/Jh45GHyvuWCXW/NXCrC9RRjObyr5lYtMmsF8Fu5doAiA+zP5A0/PLpwnP /HrI5Iw4pQkMg4ktvxwza4IBkf1pCAB2AEiw42vapkc0D+VqAvqdMOscUgHLVt0s gdm7v6s52IRzAAABitkp3DAAAAQDAEcwRQIgFxeJ5O8iEq4dQCDi8jI0U/QzaWTu 0VrkrXPQ2m73O6YCIQDRvXA6hqyXNhrU1RPHYNchejijdUhf4LcjPd48JMn9fAB2 ANq2v2s/tbYin5vCu1xr6HCRcWy7UYSFNL2kPTBI1/urAAABitkp2/EAAAQDAEcw RQIgXzuYgEqTotSSM9G/MELuq134O5skEO7/ll4hupUIvicCIQCtiXxczl2C4Ain A64Vilrw2LCBZ+URBuHDSnD4fZgxMjANBgkqhkiG9w0BAQsFAAOCAQEANfevKRkm UBsIn/j2kCYAHE3uPRe1+gn/RYv50Rp1AS63M7gFXuE33J/JMVDy/l9Kaw+AW5iR p+nfpEuUaJXIqnPwwHXyqS/+qg/Ump6BoptfGTDecthZnz6z5ZK/pGJn4dXXIrW9 b6gzse03Bvb5fydTBzl+cWrT/i/2lLKojT4MoBTKeoqBhH3sr+rOavYREp4QSvGY 6Gp0pCEoY8xMLsMIDkzCOPoe6xz3IRu2fhdiCQ0TC8vUa71XBiOGr12C7FNlH8Pb o6kjN4oIZElL8ISwRIgS7TqIbydeLxgsLcsrIupUHPak6XqEPBosNceA3ye3psdg fdhcshyJhmCCjQ== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAik/OAZEfpNabm9YaOaoy 6DTOZ79GXQBFwM2gU1ZELzaRjJ6v6bihfmHwNoWKyS0lREgqzm11OsdwbWSWgP6s u+Mtqt3W4G72O/7h9qFmmL3ZmqGLqvcwgFp+fvWP5pGKNpNr6uognGrSV/kMMl+a uZudF2W/+RDhH+d5u1mT5Qkmmas5sI/ngJjnQCnMvWt8BhKAV8gj44npWBrA4jw9 A4pwls8ZpVID6asbiuUR2RLisc4wJJbYiVEcJ9SeAWH63sdMxCM/lrEMN90RxsO7 kBCyLn/UmQ65g6ReKRn2+ZAmxIeVjz2BK3/i7rEQT84OmAdulwwLB7ZfPuHc2bMT PwIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 7642424862928754310624293149221139982 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M03' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-28 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-10-25 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.aquafin.net' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 17460239255224512559422228215127984496326869308205028485187955157871371094657805347754704423076905050877713879535980639116862847462370706448475487833415087524459166895581671037802925084058937087096827834004194518021934774610180557955067275457179895422257634537232922224678911339089580908690808166685689364183890490466368228381057951164185979738562205875680692180688425834472237178928977567696384870918939264510621022162970738476656500109403124189596102391022731523929122083396001813842356532073791518755806732744564924738130559624063736444934985380215882552769737016058027618193229357436485525342913383367130488181567 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 55d9185fd21ccc01e158b4beabd9554201d72e02 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 422512deb41538632aafc58da49091968793f9c5 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.aquafin.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'aquafin.net' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m03.amazontrust.com/r2m03.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m03.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m03.amazontrust.com/r2m03.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes) 0167007500eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018ad929dbdb000004030046304402204fc9878e461f2bee5825d6fcd5c2ac2f5146339bcabe6562d326b05f05bb976802203eccfe40d3f3cba709cffc7ac8e48c38a5090c83892dbf1c336b820191fd690800760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018ad929dc3000000403004730450220171789e4ef2212ae1d4020e2f2323453f4336964eed15ae4ad73d0da6ef73ba6022100d1bd703a86ac97361ad4d513c760d7217a38a375485fe0b7233dde3c24c9fd7c007600dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018ad929dbf1000004030047304502205f3b98804a93a2d49233d1bf3042eeab5df83b9b2410eeff965e21ba9508be27022100ad897c5cce5d82e008a703ae158a5af0d8b08167e51106e1c34a70f87d983132 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 0035f7af291926501b089ff8f69026001c4dee3d17b5fa09ff458bf9d11a75012eb733b8055ee137dc9fc93150f2fe5f4a6b0f805b9891a7e9dfa44b946895c8aa73f0c075f2a92ffeaa0fd49a9e81a29b5f1930de72d8599f3eb3e592bfa46267e1d5d722b5bd6fa833b1ed3706f6f97f275307397e716ad3fe2ff694b2a88d3e0ca014ca7a8a81847decafeace6af611129e104af198e86a74a4212863cc4c2ec3080e4cc238fa1eeb1cf7211bb67e1762090d130bcbd46bbd57062386af5d82ec53651fc3dba3a923378a0864494bf084b0448812ed3a886f275e2f182c2dcb2b22ea541cf6a4e97a843c1a2c35c780df27b7a6c7607dd85cb21c898660828d