mes.ncdhhs.gov

Issued by Amazon RSA 2048 M02

About this certificate

This digital certificate with serial number 0b:e6:49:49:97:f1:7e:56:fe:38:7d:44:4b:56:2c:b5 was issued on by Amazon.

With 7 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=mes.ncdhhs.gov

Amazon

Organization: Amazon
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 0b:e6:49:49:97:f1:7e:56:fe:38:7d:44:4b:56:2c:b5
Serial Number (int): 15817222677678199298207076436325838005
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: b3:07:af:cf:6e:7b:84:70:86:05:c5:5e:41:12:12:72:06:2e:b3:f3
AuthorityKeyId: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2

Fingerprint (sha1): 73:8f:d6:bd:e9:09:d7:ce:a3:93:bf:31:23:d6:e5:37:aa:16:5a:45
Fingerprint (sha256): 23:68:d9:b2:fc:44:95:dc:55:b4:8f:64:2a:07:9e:d4:d5:75:46:a4:20:f5:79:41:1b:6e:f6:33:ef:06:0d:39

Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer

Revocation information

OCSP Server: http://ocsp.r2m02.amazontrust.com
CRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl

Check the revocation status for certificate mes.ncdhhs.gov

7

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for mes.ncdhhs.gov

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

mes.ncdhhs.gov
trn.mes.ncdhhs.gov
sit.mes.ncdhhs.gov
www.mes.ncdhhs.gov
uat.mes.ncdhhs.gov
mit.mes.ncdhhs.gov
ltpt.mes.ncdhhs.gov

Other certificates including the domain name ncdhhs.gov

(limited to 100 certificates)
files.nc.gov
www.ncdhhs.gov
injuryfreenc.ncdhhs.gov
files.nc.gov
vendor-wic.ncdhhs.gov
testsecurity.ncdhhs.gov
files.nc.gov
www.credentials.ncdhhs.gov
*.ncdhhs.gov
mit.api.sip.mes.ncdhhs.gov
tobaccopreventionandcontrol.ncdhhs.gov
files.nc.gov
files.nc.gov
ncdhhs.gov
policies-dev.ncdhhs.gov
www.eureka.ncdhhs.gov
injuryfreenc.ncdhhs.gov
files.nc.gov
*.ncdhhs.gov
*.ncdhhs.gov
*.ncdhhs.gov
files.nc.gov
files.nc.gov
test.mft-console.sip.mes.ncdhhs.gov
ncdhhs.gov
files.nc.gov
myncwic-uat.ncdhhs.gov
icam.mes.ncdhhs.gov
www.credentials.ncdhhs.gov
ncdhhs.gov
injuryfreenc.ncdhhs.gov
sni.cloudflaressl.com
*.ncdhhs.gov
*.ncdhhs.gov
files.nc.gov
wrtk.ncdhhs.gov
uat.sip.mes.ncdhhs.gov
www.bcccp.ncdhhs.gov
www2.ncdhhs.gov
ncdhhs.gov
*.dph.ncdhhs.gov
*.ncdhhs.gov
sni.cloudflaressl.com
*.ncdhhs.gov
www.ccr.ncdhhs.gov
*.ncdhhs.gov
sni.cloudflaressl.com
files.nc.gov
*.ncdhhs.gov
news.ncdhhs.gov
*.ncdhhs.gov
bcccp.ncdhhs.gov
ncdhhs.gov
view.sms.email.ncdhhs.gov
www.dma.ncdhhs.gov
files.nc.gov
*.ncdhhs.gov
ncdhhs.gov
socializesafer-uat.ncdhhs.gov
*.ncdhhs.gov
go.ncdhhs.gov
*.ncdhhs.gov
*.ncdhhs.gov
files.nc.gov
*.ncdhhs.gov
*.dph.ncdhhs.gov
files.nc.gov
files.nc.gov
mes.ncdhhs.gov
files.nc.gov
*.ncdhhs.gov
phpmyadmin-uat.ncdhhs.gov
ehids.eh.ncdhhs.gov
vendor-wic.ncdhhs.gov
jtcommunicationbulletins.ncdhhs.gov
outreach.ncdhhs.gov
www.credentials.ncdhhs.gov
*.dph.ncdhhs.gov
loginpp.eh.ncdhhs.gov
testhcbs.ncdhhs.gov
*.ncdhhs.gov
ehids.eh.ncdhhs.gov
files.nc.gov
ehidstest.eh.ncdhhs.gov
ncir-dev8.ncdhhs.gov
*.ncdhhs.gov
files.nc.gov
*.ncdhhs.gov
files.nc.gov
*.ncdhhs.gov
jtcommunicationbulletins.ncdhhs.gov
*.ncdhhs.gov
*.ncdhhs.gov
sni.cloudflaressl.com
ncfastappinvp.ncdhhs.gov
news.ncdhhs.gov
bcccp.ncdhhs.gov
*.ncdhhs.gov
*.dph.ncdhhs.gov
files.nc.gov

Certificate

The complete raw certificate details for mes.ncdhhs.gov in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIQC+ZJSZfxflb+OH1ES1YstTANBgkqhkiG9w0BAQsFADA8
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g
UlNBIDIwNDggTTAyMB4XDTIzMTIxNzAwMDAwMFoXDTI1MDExNDIzNTk1OVowGTEX
MBUGA1UEAxMObWVzLm5jZGhocy5nb3YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
ggEKAoIBAQC5US6cYz2azhJmhx598+LaMYDPPmHgKhxEtTrHMAkiF2CDbBVZDIxr
xTNg9IQKSJaS1250drFzqrcInXRsEuucpsYAD+YKxhnRSftRKrbqN/0CzVDBaDA7
GQcthdxfRTJxQNfMk7oHc77EzrC7/eWDM3XZbHRnH7/kcMmGaD8byY6ArAwkj/IM
HMpkW0zt7EN1q4DMdNCi2ZPLWIDInBritnJKZQ2D4/JqntguI+vZ6pY72Yb2v0ap
jzB5P76Hz683qYyRpz667dRg5I3JQY5cHwJsJHRd+e9QYqkA3T1bL6DJNrYf56iH
wAg+vjyh8QY9TfSFQNS0+VGpGENw2oKrAgMBAAGjggNiMIIDXjAfBgNVHSMEGDAW
gBTAMVLNWlDDgnx0cc7L6Zz5euuC4jAdBgNVHQ4EFgQUswevz257hHCGBcVeQRIS
cgYus/MwgZQGA1UdEQSBjDCBiYIObWVzLm5jZGhocy5nb3aCEnRybi5tZXMubmNk
aGhzLmdvdoISc2l0Lm1lcy5uY2RoaHMuZ292ghJ3d3cubWVzLm5jZGhocy5nb3aC
EnVhdC5tZXMubmNkaGhzLmdvdoISbWl0Lm1lcy5uY2RoaHMuZ292ghNsdHB0Lm1l
cy5uY2RoaHMuZ292MBMGA1UdIAQMMAowCAYGZ4EMAQIBMA4GA1UdDwEB/wQEAwIF
oDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwOwYDVR0fBDQwMjAwoC6g
LIYqaHR0cDovL2NybC5yMm0wMi5hbWF6b250cnVzdC5jb20vcjJtMDIuY3JsMHUG
CCsGAQUFBwEBBGkwZzAtBggrBgEFBQcwAYYhaHR0cDovL29jc3AucjJtMDIuYW1h
em9udHJ1c3QuY29tMDYGCCsGAQUFBzAChipodHRwOi8vY3J0LnIybTAyLmFtYXpv
bnRydXN0LmNvbS9yMm0wMi5jZXIwDAYDVR0TAQH/BAIwADCCAX0GCisGAQQB1nkC
BAIEggFtBIIBaQFnAHYATnWjJ1yaEMM4W2zU3z9S6x3w4I4bjWnAsfpksWKaOd8A
AAGMeQtPogAABAMARzBFAiEAixoemjXhHym+sWJqBZYWeAF2QQhP4Ib7jHFS4Jsp
qtACIBuyU3gR4UyIPqGId1uIJ1wqbAE5aaDyfna1nxQ7MEzqAHUAPxdLT9ciR1iU
HWUchL4NEu2QN38fhWrrwb8ohez4ZG4AAAGMeQtPeQAABAMARjBEAiBzLpGKikKe
J1rR7NmRqn2oiLJgOxWjjRW7D4sFpzu90wIgFRbQ+FnYJ6ggVuepmmMoYpgW/IfQ
EdgTJrFLc2b4ZDcAdgBVgdTCFpA2AUrqC5tXPFPwwOQ4eHAlCBcvo6odBxPTDAAA
AYx5C0/VAAAEAwBHMEUCIEjvNn6RgFFB4JYmDJzvCcwLb2rJ8OCpaZU9gTvS+NLi
AiEA2duAEOw6eYLcbXyQtsMOi5WdJj88bnN60uS0MllmN1EwDQYJKoZIhvcNAQEL
BQADggEBACau/wG11SZfe4CuptFEvxetfGrhfcS3UJl6zuRSVShhB4LzSkYeNHym
b3FDKpSFBX+jdjNbYOthYEKaBL3dQRVgUCk56foIQ1oAbuZw2uzQb8baZ1nXWtO5
dv1PWVuwZazTlL6qrStNOGOkq0jy3ATgH3Cvbz09yOaTiDtGo0NI7EEnGAxRYx+n
+eCKb/lQYB78koPaQSXKOgt4zjfs7UN+5ydbN/jc4MqHJremh4u4DuLpMJDuPiWD
/N6rBYxG+LrhgE+bmwVA6FeSuNjWUCbN00emFgTj0+gfTi02peJj3BwEtPvfIYeu
AukNMbWulrg+mU6yI0KVeoxSl0xQz8o=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuVEunGM9ms4SZoceffPi
2jGAzz5h4CocRLU6xzAJIhdgg2wVWQyMa8UzYPSECkiWktdudHaxc6q3CJ10bBLr
nKbGAA/mCsYZ0Un7USq26jf9As1QwWgwOxkHLYXcX0UycUDXzJO6B3O+xM6wu/3l
gzN12Wx0Zx+/5HDJhmg/G8mOgKwMJI/yDBzKZFtM7exDdauAzHTQotmTy1iAyJwa
4rZySmUNg+Pyap7YLiPr2eqWO9mG9r9GqY8weT++h8+vN6mMkac+uu3UYOSNyUGO
XB8CbCR0XfnvUGKpAN09Wy+gyTa2H+eoh8AIPr48ofEGPU30hUDUtPlRqRhDcNqC
qwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 15817222677678199298207076436325838005
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-17 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-14 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'mes.ncdhhs.gov'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 23394118791331828088107084533137920318248615028891117855041761985893140356171582649164358688113187040408491078022176543007646569180381169928044886291603877091294317521253807956445064761842734225651358894029937430933105085849594811356113479405414088596975688951507094150736088978049156838321139140904475582411050844736811847644641411593529513729901021159661527460996446499242476056401276840923614294750037181424114595966357370085482815889983173458585366610128261222870264335794750256572392061393770407933904374598554857781462561898579999659110697785930912557028084315454358578731000906445459113248066734362808301552299
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							b307afcf6e7b84708605c55e41121272062eb3f3
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (140 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mes.ncdhhs.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'trn.mes.ncdhhs.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'sit.mes.ncdhhs.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.mes.ncdhhs.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'uat.mes.ncdhhs.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mit.mes.ncdhhs.gov'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'ltpt.mes.ncdhhs.gov'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes)
							01670076004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018c790b4fa200000403004730450221008b1a1e9a35e11f29beb1626a05961678017641084fe086fb8c7152e09b29aad002201bb2537811e14c883ea188775b88275c2a6c013969a0f27e76b59f143b304cea0075003f174b4fd7224758941d651c84be0d12ed90377f1f856aebc1bf2885ecf8646e0000018c790b4f7900000403004630440220732e918a8a429e275ad1ecd991aa7da888b2603b15a38d15bb0f8b05a73bbdd302201516d0f859d827a82056e7a99a6328629816fc87d011d81326b14b7366f864370076005581d4c2169036014aea0b9b573c53f0c0e43878702508172fa3aa1d0713d30c0000018c790b4fd50000040300473045022048ef367e91805141e096260c9cef09cc0b6f6ac9f0e0a969953d813bd2f8d2e2022100d9db8010ec3a7982dc6d7c90b6c30e8b959d263f3c6e737ad2e4b43259663751
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0026aeff01b5d5265f7b80aea6d144bf17ad7c6ae17dc4b750997acee4525528610782f34a461e347ca66f71432a9485057fa376335b60eb6160429a04bddd411560502939e9fa08435a006ee670daecd06fc6da6759d75ad3b976fd4f595bb065acd394beaaad2b4d3863a4ab48f2dc04e01f70af6f3d3dc8e693883b46a34348ec4127180c51631fa7f9e08a6ff950601efc9283da4125ca3a0b78ce37eced437ee7275b37f8dce0ca8726b7a6878bb80ee2e93090ee3e2583fcdeab058c46f8bae1804f9b9b0540e85792b8d8d65026cdd347a61604e3d3e81f4e2d36a5e263dc1c04b4fbdf2187ae02e90d31b5ae96b83e994eb22342957a8c52974c50cfca