highbond-combined.aclgrc.com

Issued by Amazon RSA 2048 M02

About this certificate

This digital certificate with serial number 02:9f:f5:05:e2:d3:40:c0:be:f1:18:ca:de:b7:0c:05 was issued on by Amazon.

With 15 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=highbond-combined.aclgrc.com

Amazon

Organization: Amazon
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 02:9f:f5:05:e2:d3:40:c0:be:f1:18:ca:de:b7:0c:05
Serial Number (int): 3489000848769577923870761774575193093
Serial Number lenght: 122 bits, 16 octets

SubjectKeyId: 41:14:74:ce:16:66:7a:31:07:11:01:e9:b9:16:8d:48:67:0c:dc:c1
AuthorityKeyId: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2

Fingerprint (sha1): 6b:2b:98:ac:b9:d8:83:a2:91:5c:22:af:60:13:16:d6:4e:6b:1c:d9
Fingerprint (sha256): 23:92:d1:2c:68:7c:ca:35:e4:83:72:75:5e:f5:e7:25:7a:fb:46:2b:eb:96:05:fa:f3:14:d9:cd:2e:a2:71:97

Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer

Revocation information

OCSP Server: http://ocsp.r2m02.amazontrust.com
CRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl

Check the revocation status for certificate highbond-combined.aclgrc.com

15

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for highbond-combined.aclgrc.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

highbond-combined.aclgrc.com
*.projects.aclgrc.com
*.accounts.aclgrc.com
*.reports.aclgrc.com
*.highbond.com
*.reports.highbond.com
*.projects.highbond.com
*.accounts.highbond.com
*.results.aclgrc.com
aclgrc.com
highbond.com
*.results.highbond.com
*.risks.highbond.com
*.risks.aclgrc.com
*.aclgrc.com

Other certificates including the domain name aclgrc.com

(limited to 100 certificates)
statuspage.io
status.aclgrc.com
statuspage.io
statuspage.io
*.risks-ap.aclgrc.com
statuspage.io
eu.status.grow.clio.com
statuspage.io
atlas-alerts.mit.edu
statuspage.io
statuspage.io
statuspage.io
*.results-ap.aclgrc.com
3down.mit.edu
highbond-combined-eu.aclgrc.com
statuspage.io
*.results-eu.aclgrc.com
atlas-alerts.mit.edu
statuspage.io
statuspage.io
eu.status.grow.clio.com
new-status.ucsd.edu
highbond-combined-au.aclgrc.com
statuspage.io
statuspage.io
*.results-ap.aclgrc.com
statuspage.io
*.results-au.aclgrc.com
*.risks-eu.aclgrc.com
eu.status.grow.clio.com
statuspage.io
statuspage.io
statuspage.io
atlas-alerts.mit.edu
statuspage.io
*.risks.aclgrc.com
statuspage.io
atlas-alerts.mit.edu
tardis.aclgrc.com
highbond-combined.aclgrc.com
tardis.aclgrc.com
statuspage.io
statuspage.io
statuspage.io
atlas-alerts.mit.edu
statuspage.io
statuspage.io
*.hub-au.aclgrc.com
accounts.aclgrc.com
statuspage.io
statuspage.io
statuspage.io
atlas-alerts.mit.edu
statuspage.io
new-status.ucsd.edu
statuspage.io
*.aclgrc.com
statuspage.io
statuspage.io
statuspage.io
statuspage.io
statuspage.io
atlas-alerts.mit.edu
downloads.highbond.com
statuspage.io
statuspage.io
statuspage.io
statuspage.io
caloes.status.rapiddeploy.com
atlas-alerts.mit.edu
statuspage.io
statuspage.io
new-status.ucsd.edu
atlas-alerts.mit.edu
atlas-alerts.mit.edu
atlas-alerts.mit.edu
new-status.ucsd.edu
statuspage.io
statuspage.io
*.projects-au.aclgrc.com
statuspage.io
statuspage.io
highbond-combined-eu.aclgrc.com
*.projects-eu.aclgrc.com
statuspage.io
atlas-alerts.mit.edu
*.aclgrc.com
highbond-combined-eu.aclgrc.com
statuspage.io
*.robots-eu.aclgrc.com
statuspage.io
*.results-ap.aclgrc.com
*.aclgrc.com
statuspage.io
*.hub-ap.aclgrc.com
statuspage.io
statuspage.io
statuspage.io
*.projects-eu.aclgrc.com
atlas-alerts.mit.edu

Certificate

The complete raw certificate details for highbond-combined.aclgrc.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHBzCCBe+gAwIBAgIQAp/1BeLTQMC+8RjK3rcMBTANBgkqhkiG9w0BAQsFADA8
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g
UlNBIDIwNDggTTAyMB4XDTIzMTAyNjAwMDAwMFoXDTI0MTEyMTIzNTk1OVowJzEl
MCMGA1UEAxMcaGlnaGJvbmQtY29tYmluZWQuYWNsZ3JjLmNvbTCCASIwDQYJKoZI
hvcNAQEBBQADggEPADCCAQoCggEBAMzPHulCGxw3fMEBUrd2Woqoth2Zss0AhtjN
6N7PkeBmOzEeCK5VvaAV8RBwGkvNaLXY7AMN+J9tHpbI5IjCDbaIQXgXvR1JgF9q
mQWTvAYGOETLqI341FU53G4y5x+Ha5FQ0s1LjSe0E7JHCi+4YyMkwpIgE6KPTCZi
O4fOdzTfz0Mv11PLtjkSWFyceaG7wsrzG4cK4jzSF6u22+Rx6gnWoLvsDycC0rm2
iOAn8waOVf/qxR4LfkqLQydaGFOhXSe07zsqRJAjvCLNmGVvQHWlOQwzGYZ0uUTY
IkD+QeF46kzZyEQUGBc3/6/0lsXiSJ+hrMKub/IH9ZiSi/z3gNMCAwEAAaOCBBgw
ggQUMB8GA1UdIwQYMBaAFMAxUs1aUMOCfHRxzsvpnPl664LiMB0GA1UdDgQWBBRB
FHTOFmZ6MQcRAem5Fo1IZwzcwTCCAUkGA1UdEQSCAUAwggE8ghxoaWdoYm9uZC1j
b21iaW5lZC5hY2xncmMuY29tghUqLnByb2plY3RzLmFjbGdyYy5jb22CFSouYWNj
b3VudHMuYWNsZ3JjLmNvbYIUKi5yZXBvcnRzLmFjbGdyYy5jb22CDiouaGlnaGJv
bmQuY29tghYqLnJlcG9ydHMuaGlnaGJvbmQuY29tghcqLnByb2plY3RzLmhpZ2hi
b25kLmNvbYIXKi5hY2NvdW50cy5oaWdoYm9uZC5jb22CFCoucmVzdWx0cy5hY2xn
cmMuY29tggphY2xncmMuY29tggxoaWdoYm9uZC5jb22CFioucmVzdWx0cy5oaWdo
Ym9uZC5jb22CFCoucmlza3MuaGlnaGJvbmQuY29tghIqLnJpc2tzLmFjbGdyYy5j
b22CDCouYWNsZ3JjLmNvbTATBgNVHSAEDDAKMAgGBmeBDAECATAOBgNVHQ8BAf8E
BAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMDsGA1UdHwQ0MDIw
MKAuoCyGKmh0dHA6Ly9jcmwucjJtMDIuYW1hem9udHJ1c3QuY29tL3IybTAyLmNy
bDB1BggrBgEFBQcBAQRpMGcwLQYIKwYBBQUHMAGGIWh0dHA6Ly9vY3NwLnIybTAy
LmFtYXpvbnRydXN0LmNvbTA2BggrBgEFBQcwAoYqaHR0cDovL2NydC5yMm0wMi5h
bWF6b250cnVzdC5jb20vcjJtMDIuY2VyMAwGA1UdEwEB/wQCMAAwggF9BgorBgEE
AdZ5AgQCBIIBbQSCAWkBZwB1AHb/iD8KtvuVUcJhzPWHujS0pM27KdxoQgqf5mdM
Wjp0AAABi2r0J78AAAQDAEYwRAIgdBirq0TwOyIyCol3CGkklgPulPl1EjgcJkoq
jVU4yoYCIEwlX1wac+bJtppVH43qD2csHYDInTNS03vbZQsivLI7AHYASLDja9qm
RzQP5WoC+p0w6xxSActW3SyB2bu/qznYhHMAAAGLavQnugAABAMARzBFAiB6RVIl
w7ZnQ+EDV67QuQhot3PVt1N45o6/QbJdMmM6NAIhAMf+DSc+k9aUKoWM4rJDzJe6
B4Cb9uUT7UF1f4Mov4+JAHYA2ra/az+1tiKfm8K7XGvocJFxbLtRhIU0vaQ9MEjX
+6sAAAGLavQnnQAABAMARzBFAiEAiE4/Q7gToPr/C7InOnTdhtgcRfWGgsE6gIBP
vXFnqMcCIExMqrlBfwS0ycafZHsItXw1V8dfzrdTGKL2HcEKsQUFMA0GCSqGSIb3
DQEBCwUAA4IBAQBn9+36mKKzHtqZR65TcEoycKY3wRUDeg2URfW2xghrabKykAuF
iJBZ//kWYmeqMmbCLOuh3gN8zrJYOTQEgr6TNG+1GT/y7rrZ8C/hbJFfVqykeKjf
thXRFlTyTFie6YuE6AaxtfO8HRL845HjUcme+2IrvToxmILOs0u7ktGOj8jlWxwz
TWwvvQZIO099FUTlBrptIaqwW/zfhuQ5CYjIkcDvPQ/evaPXM1EFtFmnjG4P9zae
ISYk7g6MzTAs9cxAmqy8A9nBsX9RaETIIux2Lhv8X9Z57gezjXeDNvkLxIndDCx2
j2Zk8+S7iNVBTLzm4fMngn4RphjD58RTGv+d
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzM8e6UIbHDd8wQFSt3Za
iqi2HZmyzQCG2M3o3s+R4GY7MR4IrlW9oBXxEHAaS81otdjsAw34n20elsjkiMIN
tohBeBe9HUmAX2qZBZO8BgY4RMuojfjUVTncbjLnH4drkVDSzUuNJ7QTskcKL7hj
IyTCkiAToo9MJmI7h853NN/PQy/XU8u2ORJYXJx5obvCyvMbhwriPNIXq7bb5HHq
Cdagu+wPJwLSubaI4CfzBo5V/+rFHgt+SotDJ1oYU6FdJ7TvOypEkCO8Is2YZW9A
daU5DDMZhnS5RNgiQP5B4XjqTNnIRBQYFzf/r/SWxeJIn6Gswq5v8gf1mJKL/PeA
0wIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 3489000848769577923870761774575193093
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-26 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-11-21 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'highbond-combined.aclgrc.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25854749259917827296399586579272182402612850689415899673235870158210088247354282928426457173728529741064779534153671641175938587439631751412773866764964389537301749555597243401248612195233816777918969584696314186945832726967902464046972790486120349839065463346041533378512938384966488777716750283930575700414201747061407249558310786100296443682568795190525671745567638112778441715545702046230021817375531507367308100372845346196243967502105768635499035369433253764164573343148761995948183761617763827103851664954051727334467547266415996451212283345338141253083600161902633476883949319552316396574485344665435842773203
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							411474ce16667a31071101e9b9168d48670cdcc1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (320 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'highbond-combined.aclgrc.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.projects.aclgrc.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.accounts.aclgrc.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.reports.aclgrc.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.highbond.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.reports.highbond.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.projects.highbond.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.accounts.highbond.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.results.aclgrc.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'aclgrc.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'highbond.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.results.highbond.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.risks.highbond.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.risks.aclgrc.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.aclgrc.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes)
							016700750076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018b6af427bf000004030046304402207418abab44f03b22320a89770869249603ee94f97512381c264a2a8d5538ca8602204c255f5c1a73e6c9b69a551f8dea0f672c1d80c89d3352d37bdb650b22bcb23b00760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018b6af427ba000004030047304502207a455225c3b66743e10357aed0b90868b773d5b75378e68ebf41b25d32633a34022100c7fe0d273e93d6942a858ce2b243cc97ba07809bf6e513ed41757f8328bf8f89007600dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018b6af4279d0000040300473045022100884e3f43b813a0faff0bb2273a74dd86d81c45f58682c13a80804fbd7167a8c702204c4caab9417f04b4c9c69f647b08b57c3557c75fceb75318a2f61dc10ab10505
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0067f7edfa98a2b31eda9947ae53704a3270a637c115037a0d9445f5b6c6086b69b2b2900b85889059fff9166267aa3266c22ceba1de037cceb25839340482be93346fb5193ff2eebad9f02fe16c915f56aca478a8dfb615d11654f24c589ee98b84e806b1b5f3bc1d12fce391e351c99efb622bbd3a319882ceb34bbb92d18e8fc8e55b1c334d6c2fbd06483b4f7d1544e506ba6d21aab05bfcdf86e4390988c891c0ef3d0fdebda3d7335105b459a78c6e0ff7369e212624ee0e8ccd302cf5cc409aacbc03d9c1b17f516844c822ec762e1bfc5fd679ee07b38d778336f90bc489dd0c2c768f6664f3e4bb88d5414cbce6e1f327827e11a618c3e7c4531aff9d