www.aquafin.net

Issued by Amazon RSA 2048 M03

About this certificate

This digital certificate with serial number 05:bf:e0:a3:20:93:e5:43:1e:21:5c:a0:f9:61:36:0e was issued on by Amazon.

With 2 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=www.aquafin.net

Amazon

Organization: Amazon
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 05:bf:e0:a3:20:93:e5:43:1e:21:5c:a0:f9:61:36:0e
Serial Number (int): 7642424862928754310624293149221139982
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: 42:25:12:de:b4:15:38:63:2a:af:c5:8d:a4:90:91:96:87:93:f9:c5
AuthorityKeyId: 55:d9:18:5f:d2:1c:cc:01:e1:58:b4:be:ab:d9:55:42:01:d7:2e:02

Fingerprint (sha1): 63:3d:29:8d:db:35:15:0b:93:55:44:35:4b:fc:b6:e2:92:cc:4c:8b
Fingerprint (sha256): 22:1b:00:87:72:e9:dd:3d:de:1b:32:01:1d:67:8f:d2:2f:c7:fa:a8:16:9b:7b:49:13:cf:a5:31:7e:5a:1b:3c

Issuing Certificate URL: http://crt.r2m03.amazontrust.com/r2m03.cer

Revocation information

OCSP Server: http://ocsp.r2m03.amazontrust.com
CRL Distribution Point: http://crl.r2m03.amazontrust.com/r2m03.crl

Check the revocation status for certificate www.aquafin.net

2

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for www.aquafin.net

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

www.aquafin.net
aquafin.net

Other certificates including the domain name aquafin.net

(limited to 100 certificates)
www.aquafin.net
www.aquafin.net
portal.aquafin.net
www.aquafin.net
www.aquafin.net
www.aquafin.net
www.aquafin.net
portal.aquafin.net

Certificate

The complete raw certificate details for www.aquafin.net in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIF1jCCBL6gAwIBAgIQBb/goyCT5UMeIVyg+WE2DjANBgkqhkiG9w0BAQsFADA8
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g
UlNBIDIwNDggTTAzMB4XDTIzMDkyODAwMDAwMFoXDTI0MTAyNTIzNTk1OVowGjEY
MBYGA1UEAxMPd3d3LmFxdWFmaW4ubmV0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAik/OAZEfpNabm9YaOaoy6DTOZ79GXQBFwM2gU1ZELzaRjJ6v6bih
fmHwNoWKyS0lREgqzm11OsdwbWSWgP6su+Mtqt3W4G72O/7h9qFmmL3ZmqGLqvcw
gFp+fvWP5pGKNpNr6uognGrSV/kMMl+auZudF2W/+RDhH+d5u1mT5Qkmmas5sI/n
gJjnQCnMvWt8BhKAV8gj44npWBrA4jw9A4pwls8ZpVID6asbiuUR2RLisc4wJJbY
iVEcJ9SeAWH63sdMxCM/lrEMN90RxsO7kBCyLn/UmQ65g6ReKRn2+ZAmxIeVjz2B
K3/i7rEQT84OmAdulwwLB7ZfPuHc2bMTPwIDAQABo4IC9DCCAvAwHwYDVR0jBBgw
FoAUVdkYX9IczAHhWLS+q9lVQgHXLgIwHQYDVR0OBBYEFEIlEt60FThjKq/FjaSQ
kZaHk/nFMCcGA1UdEQQgMB6CD3d3dy5hcXVhZmluLm5ldIILYXF1YWZpbi5uZXQw
EwYDVR0gBAwwCjAIBgZngQwBAgEwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQG
CCsGAQUFBwMBBggrBgEFBQcDAjA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8vY3Js
LnIybTAzLmFtYXpvbnRydXN0LmNvbS9yMm0wMy5jcmwwdQYIKwYBBQUHAQEEaTBn
MC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5yMm0wMy5hbWF6b250cnVzdC5jb20w
NgYIKwYBBQUHMAKGKmh0dHA6Ly9jcnQucjJtMDMuYW1hem9udHJ1c3QuY29tL3Iy
bTAzLmNlcjAMBgNVHRMBAf8EAjAAMIIBfQYKKwYBBAHWeQIEAgSCAW0EggFpAWcA
dQDuzdBk1dsazsVct520zROiModGfLzs3sNRSFlGcR+1mwAAAYrZKdvbAAAEAwBG
MEQCIE/Jh45GHyvuWCXW/NXCrC9RRjObyr5lYtMmsF8Fu5doAiA+zP5A0/PLpwnP
/HrI5Iw4pQkMg4ktvxwza4IBkf1pCAB2AEiw42vapkc0D+VqAvqdMOscUgHLVt0s
gdm7v6s52IRzAAABitkp3DAAAAQDAEcwRQIgFxeJ5O8iEq4dQCDi8jI0U/QzaWTu
0VrkrXPQ2m73O6YCIQDRvXA6hqyXNhrU1RPHYNchejijdUhf4LcjPd48JMn9fAB2
ANq2v2s/tbYin5vCu1xr6HCRcWy7UYSFNL2kPTBI1/urAAABitkp2/EAAAQDAEcw
RQIgXzuYgEqTotSSM9G/MELuq134O5skEO7/ll4hupUIvicCIQCtiXxczl2C4Ain
A64Vilrw2LCBZ+URBuHDSnD4fZgxMjANBgkqhkiG9w0BAQsFAAOCAQEANfevKRkm
UBsIn/j2kCYAHE3uPRe1+gn/RYv50Rp1AS63M7gFXuE33J/JMVDy/l9Kaw+AW5iR
p+nfpEuUaJXIqnPwwHXyqS/+qg/Ump6BoptfGTDecthZnz6z5ZK/pGJn4dXXIrW9
b6gzse03Bvb5fydTBzl+cWrT/i/2lLKojT4MoBTKeoqBhH3sr+rOavYREp4QSvGY
6Gp0pCEoY8xMLsMIDkzCOPoe6xz3IRu2fhdiCQ0TC8vUa71XBiOGr12C7FNlH8Pb
o6kjN4oIZElL8ISwRIgS7TqIbydeLxgsLcsrIupUHPak6XqEPBosNceA3ye3psdg
fdhcshyJhmCCjQ==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAik/OAZEfpNabm9YaOaoy
6DTOZ79GXQBFwM2gU1ZELzaRjJ6v6bihfmHwNoWKyS0lREgqzm11OsdwbWSWgP6s
u+Mtqt3W4G72O/7h9qFmmL3ZmqGLqvcwgFp+fvWP5pGKNpNr6uognGrSV/kMMl+a
uZudF2W/+RDhH+d5u1mT5Qkmmas5sI/ngJjnQCnMvWt8BhKAV8gj44npWBrA4jw9
A4pwls8ZpVID6asbiuUR2RLisc4wJJbYiVEcJ9SeAWH63sdMxCM/lrEMN90RxsO7
kBCyLn/UmQ65g6ReKRn2+ZAmxIeVjz2BK3/i7rEQT84OmAdulwwLB7ZfPuHc2bMT
PwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 7642424862928754310624293149221139982
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M03'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-28 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-10-25 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'www.aquafin.net'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 17460239255224512559422228215127984496326869308205028485187955157871371094657805347754704423076905050877713879535980639116862847462370706448475487833415087524459166895581671037802925084058937087096827834004194518021934774610180557955067275457179895422257634537232922224678911339089580908690808166685689364183890490466368228381057951164185979738562205875680692180688425834472237178928977567696384870918939264510621022162970738476656500109403124189596102391022731523929122083396001813842356532073791518755806732744564924738130559624063736444934985380215882552769737016058027618193229357436485525342913383367130488181567
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 55d9185fd21ccc01e158b4beabd9554201d72e02
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							422512deb41538632aafc58da49091968793f9c5
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.aquafin.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'aquafin.net'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m03.amazontrust.com/r2m03.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m03.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m03.amazontrust.com/r2m03.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes)
							0167007500eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018ad929dbdb000004030046304402204fc9878e461f2bee5825d6fcd5c2ac2f5146339bcabe6562d326b05f05bb976802203eccfe40d3f3cba709cffc7ac8e48c38a5090c83892dbf1c336b820191fd690800760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018ad929dc3000000403004730450220171789e4ef2212ae1d4020e2f2323453f4336964eed15ae4ad73d0da6ef73ba6022100d1bd703a86ac97361ad4d513c760d7217a38a375485fe0b7233dde3c24c9fd7c007600dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018ad929dbf1000004030047304502205f3b98804a93a2d49233d1bf3042eeab5df83b9b2410eeff965e21ba9508be27022100ad897c5cce5d82e008a703ae158a5af0d8b08167e51106e1c34a70f87d983132
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0035f7af291926501b089ff8f69026001c4dee3d17b5fa09ff458bf9d11a75012eb733b8055ee137dc9fc93150f2fe5f4a6b0f805b9891a7e9dfa44b946895c8aa73f0c075f2a92ffeaa0fd49a9e81a29b5f1930de72d8599f3eb3e592bfa46267e1d5d722b5bd6fa833b1ed3706f6f97f275307397e716ad3fe2ff694b2a88d3e0ca014ca7a8a81847decafeace6af611129e104af198e86a74a4212863cc4c2ec3080e4cc238fa1eeb1cf7211bb67e1762090d130bcbd46bbd57062386af5d82ec53651fc3dba3a923378a0864494bf084b0448812ed3a886f275e2f182c2dcb2b22ea541cf6a4e97a843c1a2c35c780df27b7a6c7607dd85cb21c898660828d