api.wh.geniussports.com

Issued by Amazon RSA 2048 M01

About this certificate

This digital certificate with serial number 0c:91:cd:5b:da:38:cb:76:21:27:b3:e9:9e:e1:f5:39 was issued on by Amazon.

With 4 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=api.wh.geniussports.com

Amazon

Organization: Amazon
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 0c:91:cd:5b:da:38:cb:76:21:27:b3:e9:9e:e1:f5:39
Serial Number (int): 16707784165174470677926780284923147577
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: 4f:7f:f5:f3:3c:1f:17:90:9d:51:98:a3:49:ff:65:da:a9:21:63:34
AuthorityKeyId: 81:b8:0e:63:8a:89:12:18:e5:fa:3b:3b:50:95:9f:e6:e5:90:13:85

Fingerprint (sha1): c2:43:06:c9:2c:cd:df:11:d3:85:f5:2e:94:19:86:82:61:44:5d:c5
Fingerprint (sha256): 2a:06:7e:5e:cc:c2:26:80:9b:c9:36:8b:64:0a:30:35:97:b4:25:ca:73:50:be:7d:09:f4:44:23:45:80:0a:a6

Issuing Certificate URL: http://crt.r2m01.amazontrust.com/r2m01.cer

Revocation information

OCSP Server: http://ocsp.r2m01.amazontrust.com
CRL Distribution Point: http://crl.r2m01.amazontrust.com/r2m01.crl

Check the revocation status for certificate api.wh.geniussports.com

4

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for api.wh.geniussports.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

api.wh.geniussports.com
statsengine-api.dcd-production.i.geniussports.com
api.rus.wh.geniussports.com
api.wh.sportingpulseinternational.com

Other certificates including the domain name geniussports.com

(limited to 100 certificates)
rabbit.geniusbet-7143.integration.geniussports.com
*.uat.webdev.geniussports.com
*.ci.opap.geniussports.com
graylog-ls-cixl.prod.aws.geniussports.com
support.sixsq.com
*.contentgraph-211883.perf.dev.aws.geniussports.com
*.ci.spt.geniussports.com
graylog-core.dev.aws.geniussports.com
*.ls.prod.aws.geniussports.com
support.wh.sportingpulseinternational.com
graylog-core.dev.aws.geniussports.com
eu-status.swrve.com
*.opap.uat.webdev.geniussports.com
*.ci.geniuslive.app.geniussports.com
fdus-35a.freshdesk.com
ci.media.api.geniussports.com
*.eu.f2p.media.geniussports.com
chronograf.tick.test.prod.aws.geniussports.com
prodwh-phpmyadmin.wh.geniussports.com
*.algotrading.ci.aws.geniussports.com
etp.status.akamai.com
*.tick.templates.prod.aws.geniussports.com
*.ci.sportsbook.app.geniussports.com
www.geniussports.com
design.geniussports.com
graylog-ls-cixl.prod.aws.geniussports.com
*.granularityconfigurator.otr.api.geniussports.com
support.wh.geniussports.com
*.uat.baseball.geniussports.com
competitions.geniussports.com
*.production.riskmanagement.app.geniussports.com
*.contentgraph-196169.perf.dev.aws.geniussports.com
fdus-35a.freshdesk.com
qa-jenkins.prod.aws.geniussports.com
*.uat.webdev.geniussports.com
*.gen.baseball.geniussports.com
etp.status.akamai.com
*.perf.prod.aws.geniussports.com
widget.wh.sportingpulseinternational.com
fdus-40.freshdesk.com
*.ci.webdev.geniussports.com
eu-status.swrve.com
*.uat.matchviewer.geniussports.com
*.geniussports.com
graylog-spt.spt.geniussports.com
www2.geniussports.com
*.h.logging.ci.riskmanagement.geniussports.com
smpp.ci.geniussports.com
se-prod-reports-api.wh.geniussports.com
*.contentgraph-211853.perf.dev.aws.geniussports.com
*.ci.aws.geniussports.com
fdus-40.freshdesk.com
graylog-core.dev.aws.geniussports.com
smpp.test.geniussports.com
eu-status.swrve.com
graylog-integration-cixl.ci.aws.geniussports.com
prodwh-ecs-cluster.wh.geniussports.com
support.sixsq.com
*.contentgraph-209475.perf.dev.aws.geniussports.com
graylog-ls-cixl.prod.aws.geniussports.com
fdus-40.freshdesk.com
*.uat.f2p.media.geniussports.com
eu-status.swrve.com
api.statistics.americanfootball.geniussports.com
betting.geniussports.com
*.uat.feed-monitor-controller.app.geniussports.com
graylog-spt.spt.geniussports.com
api.geniussports.com
eu-status.swrve.com
prod-re-phpmyadmin.wh.geniussports.com
eu-status.swrve.com
algotrading-graylog.ci.aws.geniussports.com
eu-status.swrve.com
fdus-35a.freshdesk.com
*.perf.prod.aws.geniussports.com
*.contentgraph-211929.perf.dev.aws.geniussports.com
*.da.gss-production.i.geniussports.com
*.contentgraph-191126.perf.dev.aws.geniussports.com
graylog-integration-cixl.ci.aws.geniussports.com
eu-status.swrve.com
uat.venuematches.matchmaker.api.geniussports.com
etp.status.akamai.com
graylog-otf.ci.aws.geniussports.com
*.ci.aws.geniussports.com
footballsupport.geniussports.com
*.ci.geniussports.com
eu-status.swrve.com
*.video-platform.ci.aws.geniussports.com
support.sixsq.com
*.volleyball.geniussports.com
*.sb3.prod.aws.geniussports.com
*.dev.aws.geniussports.com
*.dcd-uat.i.geniussports.com
competitions.geniussports.com
prodwh-phpmyadmin.wh.geniussports.com
ci.baseball-resulting.srt.geniussports.com
*.api.matchviewer.geniussports.com
etp.status.akamai.com
eu-status.swrve.com
*.sb1-external.production.sportsbook.app.geniussports.com

Certificate

The complete raw certificate details for api.wh.geniussports.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGVDCCBTygAwIBAgIQDJHNW9o4y3YhJ7PpnuH1OTANBgkqhkiG9w0BAQsFADA8
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g
UlNBIDIwNDggTTAxMB4XDTIzMDIxNDAwMDAwMFoXDTIzMDYxNzIzNTk1OVowIjEg
MB4GA1UEAxMXYXBpLndoLmdlbml1c3Nwb3J0cy5jb20wggEiMA0GCSqGSIb3DQEB
AQUAA4IBDwAwggEKAoIBAQDPOIbfbyJCs/r9PjscS1r2iR+Oygrm6IpP2GRPbjqf
vIUZ/gAReiDHT32DXllU4K3PKw9gE/ShwMTQXX4HYHZ386DNjO3WeLnqrI3qMov8
vFmZ8QHchozCBcYUGWiDytKtTtocV522CsvjD1cNcm612UhTjU7p5PQz/+nV3+dz
Cd8i4CjuRCQQs5OHe+PymFxjmbovnyZnC4jf9ybleTNi/355BVjK6tNmvH+xjV45
IXhPy+0s32zrgUNk9j+lTFUFYa8x+NlyFEb+DbO5+b0zIa/BITG8KOgVRx+2U9bS
De1oWKMBxoe/Evij1/nMRhOObBs2AJ7KtnJUnk2ttlT5AgMBAAGjggNqMIIDZjAf
BgNVHSMEGDAWgBSBuA5jiokSGOX6OztQlZ/m5ZAThTAdBgNVHQ4EFgQUT3/18zwf
F5CdUZijSf9l2qkhYzQwgZsGA1UdEQSBkzCBkIIXYXBpLndoLmdlbml1c3Nwb3J0
cy5jb22CMXN0YXRzZW5naW5lLWFwaS5kY2QtcHJvZHVjdGlvbi5pLmdlbml1c3Nw
b3J0cy5jb22CG2FwaS5ydXMud2guZ2VuaXVzc3BvcnRzLmNvbYIlYXBpLndoLnNw
b3J0aW5ncHVsc2VpbnRlcm5hdGlvbmFsLmNvbTAOBgNVHQ8BAf8EBAMCBaAwHQYD
VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMDsGA1UdHwQ0MDIwMKAuoCyGKmh0
dHA6Ly9jcmwucjJtMDEuYW1hem9udHJ1c3QuY29tL3IybTAxLmNybDATBgNVHSAE
DDAKMAgGBmeBDAECATB1BggrBgEFBQcBAQRpMGcwLQYIKwYBBQUHMAGGIWh0dHA6
Ly9vY3NwLnIybTAxLmFtYXpvbnRydXN0LmNvbTA2BggrBgEFBQcwAoYqaHR0cDov
L2NydC5yMm0wMS5hbWF6b250cnVzdC5jb20vcjJtMDEuY2VyMAwGA1UdEwEB/wQC
MAAwggF+BgorBgEEAdZ5AgQCBIIBbgSCAWoBaAB2AK33vvp8/xDIi509nB4+GGq0
Zyldz7EMJMqFhjTr3IKKAAABhk4aLi8AAAQDAEcwRQIhAKODt/HdZHVFRmS0bjwI
rcrw82b4sac9rf4fKR0lE7ixAiA4QT4SJhtoa1bfg4udCsjJN7yKda+5g7ienIMu
pHFnXwB1ALNzdwfhhFD4Y4bWBancEQlKeS2xZwwLh9zwAw55NqWaAAABhk4aLmMA
AAQDAEYwRAIgD4qbGlFfLu5s4eUmKBkHVR36ZulFEaNy8Zbz1bT0gksCIESlaP9b
eiKLdpF+J9El1Sxf2QYaDzG0pFY1bAbBTWcyAHcAtz77JN+cTbp18jnFulj0bF38
Qs96nzXEnh0JgSXttJkAAAGGThouGQAABAMASDBGAiEAvceCSBXYfWSodyeVehKk
G8B9k9N0CvnqKX7pb6ZLQhkCIQCugD1SMNKL1xREB+A+DyaTf4aL57hdkm7quRDE
Fw+b3TANBgkqhkiG9w0BAQsFAAOCAQEArlxkkD3xBLDajGHS7kKEic5ebeFlUSSp
er83Ns/wTXTM96KcY4GiWbIwwTZU2YffN+IPcmMl8GM9s+xABOzkv3CPmfgCVevs
UfB3dRPJgb5PgQtlRme5JJJWro5CWi+EW+RiFAiJ1fkejnkO+3qe/hwMr1mGJJxE
qidyIbPVtFdHmQMxGzdmqAivkeiFzPdUUwqqZxFCLX1yrdho0ydtfhKyKUtHYsKH
SjxEd1LP/m8MOuK85mgDVApUv2TwynzzK2zf0+LkFdxsLbRhhFG7N9TsPkJXG1uW
5uOv0x4PqqQwlIZwXxYHSvg3yNqpiYoe0/6IC44BwGhRmh8lRCR19A==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzziG328iQrP6/T47HEta
9okfjsoK5uiKT9hkT246n7yFGf4AEXogx099g15ZVOCtzysPYBP0ocDE0F1+B2B2
d/OgzYzt1ni56qyN6jKL/LxZmfEB3IaMwgXGFBlog8rSrU7aHFedtgrL4w9XDXJu
tdlIU41O6eT0M//p1d/ncwnfIuAo7kQkELOTh3vj8phcY5m6L58mZwuI3/cm5Xkz
Yv9+eQVYyurTZrx/sY1eOSF4T8vtLN9s64FDZPY/pUxVBWGvMfjZchRG/g2zufm9
MyGvwSExvCjoFUcftlPW0g3taFijAcaHvxL4o9f5zEYTjmwbNgCeyrZyVJ5NrbZU
+QIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 16707784165174470677926780284923147577
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M01'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-02-14 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-06-17 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'api.wh.geniussports.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26159203555042130592353696440948875409145068441912634650802221285243147307484213008523551290350347542407829025558884365372358527665518057633942494788373143873332908555870400302648864973896711918497704436179541990828635377554677605799948811868613282101394482395461281293446090756955602727501233852533595745098107099066111321869552557343445476862984135369079400685651666325036951511795939849573012679799804451804054128642445530025783995939523235720728169973693435039252836136911435471189361520942748044781719347483266872088150177777244427747713579933123981070477684703915494425990544328411047369107069654829083957548281
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 81b80e638a891218e5fa3b3b50959fe6e5901385
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							4f7ff5f33c1f17909d5198a349ff65daa9216334
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (147 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api.wh.geniussports.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'statsengine-api.dcd-production.i.geniussports.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api.rus.wh.geniussports.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api.wh.sportingpulseinternational.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m01.amazontrust.com/r2m01.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m01.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m01.amazontrust.com/r2m01.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes)
							0168007600adf7befa7cff10c88b9d3d9c1e3e186ab467295dcfb10c24ca858634ebdc828a000001864e1a2e2f0000040300473045022100a383b7f1dd6475454664b46e3c08adcaf0f366f8b1a73dadfe1f291d2513b8b1022038413e12261b686b56df838b9d0ac8c937bc8a75afb983b89e9c832ea471675f007500b3737707e18450f86386d605a9dc11094a792db1670c0b87dcf0030e7936a59a000001864e1a2e63000004030046304402200f8a9b1a515f2eee6ce1e526281907551dfa66e94511a372f196f3d5b4f4824b022044a568ff5b7a228b76917e27d125d52c5fd9061a0f31b4a456356c06c14d6732007700b73efb24df9c4dba75f239c5ba58f46c5dfc42cf7a9f35c49e1d098125edb499000001864e1a2e190000040300483046022100bdc7824815d87d64a87727957a12a41bc07d93d3740af9ea297ee96fa64b4219022100ae803d5230d28bd7144407e03e0f26937f868be7b85d926eeab910c4170f9bdd
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00ae5c64903df104b0da8c61d2ee428489ce5e6de1655124a97abf3736cff04d74ccf7a29c6381a259b230c13654d987df37e20f726325f0633db3ec4004ece4bf708f99f80255ebec51f0777513c981be4f810b654667b9249256ae8e425a2f845be462140889d5f91e8e790efb7a9efe1c0caf5986249c44aa277221b3d5b457479903311b3766a808af91e885ccf754530aaa6711422d7d72add868d3276d7e12b2294b4762c2874a3c447752cffe6f0c3ae2bce66803540a54bf64f0ca7cf32b6cdfd3e2e415dc6c2db4618451bb37d4ec3e42571b5b96e6e3afd31e0faaa4309486705f16074af837c8daa9898a1ed3fe880b8e01c068519a1f25442475f4