aws.manulife.com.kh
- Manulife Financial Corporation -
Issued by Sectigo RSA Organization Validation Secure Server CA
About this certificate
This digital certificate with serial number 77:57:49:16:d6:4a:44:df:7f:79:e8:ef:5e:75:bc:65 was issued on by Sectigo Limited.
With 7 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Manulife Financial Corporation
Organization:
Manulife Financial Corporation
State / Province:
Ontario
Country: CA
Country: CA
Sectigo Limited
Organization:
Sectigo Limited
State / Province:
Greater Manchester
Locality: Salford
Country: GB
Locality: Salford
Country: GB
This certificate will expire on
Certificate Details
Serial Number (hex): 77:57:49:16:d6:4a:44:df:7f:79:e8:ef:5e:75:bc:65Serial Number (int): 158631343750337738621141288430228323429
Serial Number lenght: 127 bits, 16 octets
SubjectKeyId: 68:3b:ee:ef:eb:f4:32:e2:c2:2d:e2:18:c0:d3:17:09:4d:34:94:9d
AuthorityKeyId: 17:d9:d6:25:27:67:f9:31:c2:49:43:d9:30:36:44:8c:6c:a9:4f:eb
Fingerprint (sha1): 75:df:20:f7:86:65:05:32:58:c9:ae:fc:d8:63:d3:7c:04:9f:1f:c9
Fingerprint (sha256): 30:a4:6d:b4:d1:03:9b:c6:a1:5a:3a:d1:30:d2:90:1b:d4:41:2e:85:b6:16:34:69:e7:b4:45:91:96:00:0c:79
Issuing Certificate URL: http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt
Revocation information
OCSP Server: http://ocsp.sectigo.comCRL Distribution Point: http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl
Check the revocation status for certificate aws.manulife.com.kh
7
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for aws.manulife.com.kh
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
aws.manulife.com.kh
azwappkhaws01.mfcgd.com
azwappkhaws02.mfcgd.com
azwappkhawsw01.mfcgd.com
azwappkhawsw02.mfcgd.com
khawsprd.ap.manulife.com
khawsprdweb.ap.manulife.com
azwappkhaws01.mfcgd.com
azwappkhaws02.mfcgd.com
azwappkhawsw01.mfcgd.com
azwappkhawsw02.mfcgd.com
khawsprd.ap.manulife.com
khawsprdweb.ap.manulife.com
Other certificates including the domain name manulife.com.kh
(limited to 100 certificates)
cws.manulife.com.kh
manulife.com
ptkuat.manulife.com.kh
manulife.com
manulife.com
ptk.manulife.com.kh
manulife.com
manulife.com
awsuat.manulife.com.kh
manulife.com.kh
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
cws.manulife.com.kh
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com.kh
manulife.com
manulife.com
manulife.com
new.manulife.com.kh
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com.kh
manulife.com
aws.manulife.com.kh
manulife.com
manulife.com.kh
manulife.com
manulife.com
manulife.com
manulife.com
aws.manulife.com.kh
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
www.manulife.com.kh
cws.manulife.com.kh
manulife.com
manulife.com
manulife.com
cws.manulife.com.kh
manulife.com
aws.manulife.com.kh
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
mail.manulife.com.kh
manulife.com
cws.manulife.com.kh
awsuat.manulife.com.kh
manulife.com
manulife.com
cws.manulife.com.kh
cws.manulife.com.kh
manulife.com
eclaim.manulife.com.kh
manulife.com
manulife.com
aws.manulife.com.kh
manulife.com
manulife.com
manulife.com
manulife.com
aws.manulife.com.kh
manulife.com.kh
manulife.com
aws.manulife.com.kh
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
ptkuat.manulife.com.kh
manulife.com
manulife.com
ptk.manulife.com.kh
manulife.com
manulife.com
awsuat.manulife.com.kh
manulife.com.kh
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
cws.manulife.com.kh
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com.kh
manulife.com
manulife.com
manulife.com
new.manulife.com.kh
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com.kh
manulife.com
aws.manulife.com.kh
manulife.com
manulife.com.kh
manulife.com
manulife.com
manulife.com
manulife.com
aws.manulife.com.kh
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
www.manulife.com.kh
cws.manulife.com.kh
manulife.com
manulife.com
manulife.com
cws.manulife.com.kh
manulife.com
aws.manulife.com.kh
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
manulife.com
mail.manulife.com.kh
manulife.com
cws.manulife.com.kh
awsuat.manulife.com.kh
manulife.com
manulife.com
cws.manulife.com.kh
cws.manulife.com.kh
manulife.com
eclaim.manulife.com.kh
manulife.com
manulife.com
aws.manulife.com.kh
manulife.com
manulife.com
manulife.com
manulife.com
aws.manulife.com.kh
manulife.com.kh
manulife.com
aws.manulife.com.kh
manulife.com
manulife.com
manulife.com
manulife.com
Certificate
The complete raw certificate details for aws.manulife.com.kh in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGEzCCBPugAwIBAgIQd1dJFtZKRN9/eejvXnW8ZTANBgkqhkiG9w0BAQsFADCB lTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G A1UEBxMHU2FsZm9yZDEYMBYGA1UEChMPU2VjdGlnbyBMaW1pdGVkMT0wOwYDVQQD EzRTZWN0aWdvIFJTQSBPcmdhbml6YXRpb24gVmFsaWRhdGlvbiBTZWN1cmUgU2Vy dmVyIENBMB4XDTIzMTEyMzAwMDAwMFoXDTI0MTEyMjIzNTk1OVowZjELMAkGA1UE BhMCQ0ExEDAOBgNVBAgTB09udGFyaW8xJzAlBgNVBAoTHk1hbnVsaWZlIEZpbmFu Y2lhbCBDb3Jwb3JhdGlvbjEcMBoGA1UEAxMTYXdzLm1hbnVsaWZlLmNvbS5raDCC ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK5U55m8YR3E7XzcdK/4//h3 xYOjpRAt8GSvpXpE4C+uqgVoRHfd7Wq1arj9BKSKt5pHSDGXQok3N7iHXxZ2FQgA dzfSrwujQLoodlHSZj/B1meGrN8DsAHSfEtUIcv/azP0bCbsXqHXDgWE6teHriBn wy8jYylDaMCEsqrhT9GJ53HDP8OSSVpJJBznMiWVgLFLXCSLqLBzaI+1quYJF2H8 vEw4MW8+FzK8T4dfnPyO/m527qzbDQ/gKZBiNIXOOLUflzpxT+2/JV8hbz5+4Puq g1mW2uy5ubt0BNcMqblCQrcgPPcq2+HvNqDIZ7BdRGLEDo0pPR3i9wD44+HvfFUC AwEAAaOCAoswggKHMB8GA1UdIwQYMBaAFBfZ1iUnZ/kxwklD2TA2RIxsqU/rMB0G A1UdDgQWBBRoO+7v6/Qy4sIt4hjA0xcJTTSUnTAOBgNVHQ8BAf8EBAMCBaAwDAYD VR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwSgYDVR0g BEMwQTA1BgwrBgEEAbIxAQIBAwQwJTAjBggrBgEFBQcCARYXaHR0cHM6Ly9zZWN0 aWdvLmNvbS9DUFMwCAYGZ4EMAQICMFoGA1UdHwRTMFEwT6BNoEuGSWh0dHA6Ly9j cmwuc2VjdGlnby5jb20vU2VjdGlnb1JTQU9yZ2FuaXphdGlvblZhbGlkYXRpb25T ZWN1cmVTZXJ2ZXJDQS5jcmwwgYoGCCsGAQUFBwEBBH4wfDBVBggrBgEFBQcwAoZJ aHR0cDovL2NydC5zZWN0aWdvLmNvbS9TZWN0aWdvUlNBT3JnYW5pemF0aW9uVmFs aWRhdGlvblNlY3VyZVNlcnZlckNBLmNydDAjBggrBgEFBQcwAYYXaHR0cDovL29j c3Auc2VjdGlnby5jb20wEwYKKwYBBAHWeQIEAwEB/wQCBQAwgb0GA1UdEQSBtTCB soITYXdzLm1hbnVsaWZlLmNvbS5raIIXYXp3YXBwa2hhd3MwMS5tZmNnZC5jb22C F2F6d2FwcGtoYXdzMDIubWZjZ2QuY29tghhhendhcHBraGF3c3cwMS5tZmNnZC5j b22CGGF6d2FwcGtoYXdzdzAyLm1mY2dkLmNvbYIYa2hhd3NwcmQuYXAubWFudWxp ZmUuY29tghtraGF3c3ByZHdlYi5hcC5tYW51bGlmZS5jb20wDQYJKoZIhvcNAQEL BQADggEBAG0eAvLjaRLyVFiP+sZBJuld8AXYA6a5mcxyFtyyCCE6v/dsSTfezLvO B+I2lev4kS8s85nGavmfEszU4viyfaMgjRyIqBZKFcYj38YH+hdh6FoHqH1UFLsi QkpSe89N2U/wzCUbu1dxComXL1U7TgCYVDxXhLKD6HbT+FP+L14jorFlIJHy2+/A QnpLcrgHeLrDVh0G2Id6dikU/6nqF/bp8UTeaAB8lB8pQiA2mwUEdRt46k5+Dw9k wRcgCxJivdZ+sl/av9HDNuoY7FGYcbSYIpx+ob8mri1FgTBUAZkfNwvnbNnr/jHM pJmhxia+YttYEZVYxwGfG2A98P3uc4c= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArlTnmbxhHcTtfNx0r/j/ +HfFg6OlEC3wZK+lekTgL66qBWhEd93tarVquP0EpIq3mkdIMZdCiTc3uIdfFnYV CAB3N9KvC6NAuih2UdJmP8HWZ4as3wOwAdJ8S1Qhy/9rM/RsJuxeodcOBYTq14eu IGfDLyNjKUNowISyquFP0YnnccM/w5JJWkkkHOcyJZWAsUtcJIuosHNoj7Wq5gkX Yfy8TDgxbz4XMrxPh1+c/I7+bnburNsND+ApkGI0hc44tR+XOnFP7b8lXyFvPn7g +6qDWZba7Lm5u3QE1wypuUJCtyA89yrb4e82oMhnsF1EYsQOjSk9HeL3APjj4e98 VQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 158631343750337738621141288430228323429 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'GB' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Greater Manchester' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Salford' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo Limited' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Sectigo RSA Organization Validation Secure Server CA' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-11-23 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-11-22 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'CA' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Ontario' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Manulife Financial Corporation' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'aws.manulife.com.kh' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22007333126966725095939848878112033506355891222454036200414791317471354717583346917408810834483257499749516875643523702069325329096358718184795584455079957285725556155881338070639704750044897709619233423290457136179131767457128658303418166566326503782016498914700182020443755583768793264139055568588741972831849043817691927985962762778323826011589495152926375543033080236264777363451695026059616634786004556886553397013169119506121264676641263775771186412608239731228577400273290300846553696094433803611057988770749327130862326985702397662920541294441305639722324243672991960495943287975336744317558735757911872470101 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 17d9d6252767f931c24943d93036448c6ca94feb . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 683beeefebf432e2c22de218c0d317094d34949d . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (67 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.6449.1.2.1.3.4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://sectigo.com/CPS' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (83 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (126 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sectigo.com/SectigoRSAOrganizationValidationSecureServerCA.crt' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sectigo.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (181 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'aws.manulife.com.kh' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'azwappkhaws01.mfcgd.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'azwappkhaws02.mfcgd.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'azwappkhawsw01.mfcgd.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'azwappkhawsw02.mfcgd.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'khawsprd.ap.manulife.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'khawsprdweb.ap.manulife.com' . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 006d1e02f2e36912f254588ffac64126e95df005d803a6b999cc7216dcb208213abff76c4937deccbbce07e23695ebf8912f2cf399c66af99f12ccd4e2f8b27da3208d1c88a8164a15c623dfc607fa1761e85a07a87d5414bb22424a527bcf4dd94ff0cc251bbb57710a89972f553b4e0098543c5784b283e876d3f853fe2f5e23a2b1652091f2dbefc0427a4b72b80778bac3561d06d8877a762914ffa9ea17f6e9f144de68007c941f294220369b0504751b78ea4e7e0f0f64c117200b1262bdd67eb25fdabfd1c336ea18ec519871b498229c7ea1bf26ae2d4581305401991f370be76cd9ebfe31cca499a1c626be62db58119558c7019f1b603df0fdee7387