*.ow-prod-app.wna.cloud

Issued by Amazon RSA 2048 M03

About this certificate

This digital certificate with serial number 0c:95:20:33:09:ca:49:fe:b8:34:12:de:88:f7:b6:56 was issued on by Amazon.

With 15 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=*.ow-prod-app.wna.cloud

Amazon

Organization: Amazon
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 0c:95:20:33:09:ca:49:fe:b8:34:12:de:88:f7:b6:56
Serial Number (int): 16725041262114202407885271926098605654
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: 87:8d:34:14:c4:a0:ba:c4:4e:73:74:6c:f5:11:1c:c7:28:a6:78:f4
AuthorityKeyId: 55:d9:18:5f:d2:1c:cc:01:e1:58:b4:be:ab:d9:55:42:01:d7:2e:02

Fingerprint (sha1): cb:09:39:c7:b8:49:0f:ab:be:30:1d:31:e4:12:85:3f:78:ea:57:81
Fingerprint (sha256): 38:42:eb:da:8e:9f:c5:15:91:95:37:b5:c7:f7:bf:84:c5:85:f6:5c:6f:27:5e:46:ec:78:0b:e6:fa:ed:45:9d

Issuing Certificate URL: http://crt.r2m03.amazontrust.com/r2m03.cer

Revocation information

OCSP Server: http://ocsp.r2m03.amazontrust.com
CRL Distribution Point: http://crl.r2m03.amazontrust.com/r2m03.crl

Check the revocation status for certificate *.ow-prod-app.wna.cloud

15

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for *.ow-prod-app.wna.cloud

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.ow-prod-app.wna.cloud
bi.owteam.com
*.aoacademy.com
wiki.owschools.com
*.ignitiaschools.com
rostering.odysseyware.com
*.sooschools.net
*.ignitiaschools.net
login.calverthomeschool.com
my.learnbest.com
lms.calvertacademy.com
*.sooschools.com
*.owschools.net
go.learnbest.com
*.owschools.com

Other certificates including the domain name wna.cloud

(limited to 100 certificates)
*.k8s.doolittle-dev2.us-west-2.aws.wna.cloud
*.cosmos-prod.edgenuityapp.com
media.wne-cdn.com
*.imlp-prod-app.wna.cloud
media.wne-cdn.com
*.doolittledev.wna.cloud
*.lmsadmin-prod.edgenuityapp.com
*.doolittle-dev2.us-west-2.aws.wna.cloud
*.dev.doolittle.us-west-2.aws.wna.cloud
*.lmsadmin-prod.edgenuityapp.com
*.assessment-prod.il-apps.com
*.doolittleprod.wna.cloud
*.doolittle-dev2.wna.cloud
*.ow-prod-app.wna.cloud
*.k8s.doolittle-production.us-west-2.aws.wna.cloud
*.rad-prod.edgenuityapp.com
*.ow-prod-app.wna.cloud
media-prod.wne-cdn.com
*.k8s.doolittle-dev2.us-west-2.aws.wna.cloud
*.k8s.doolittle-dev2.us-west-2.aws.wna.cloud
*.assessment-dev.il-apps.com
*.doolittle-dev2.wna.cloud
*.doolittle-nonprod.wna.cloud
*.rad-prod-app.wna.cloud
*.doolittle-dev5.wna.cloud
*.assessment-prod.il-apps.com
*.ow-prod-app.wna.cloud
*.wna.cloud
*.lmsadmin-qa.edgenuityapp.com
*.ow-qa.edgenuityapp.com
*.lmsadmin-dev.edgenuityapp.com
*.doolittle-prod-app.wna.cloud
*.rad-prod.edgenuityapp.com
media-nonprod.wne-cdn.com
*.armstrong-prod-app.wna.cloud
*.k8s.doolittle-nonprod.us-west-2.aws.wna.cloud
*.ow-prod.edgenuityapp.com
*.k8s.doolittle-dev3.us-west-2.aws.wna.cloud
*.imlp-prod.edgenuityapp.com
*.imlp-prod.edgenuityapp.com
*.imlp-prod-app.wna.cloud
*.doolittle-dev2.us-west-2.aws.wna.cloud
*.imlp-prod-app.wna.cloud
*.doolittle-dev4.wna.cloud
*.wna.cloud
*.ow-prod-app.wna.cloud
*.lmsadmin-qa-app.wna.cloud
*.wna.cloud
*.imlp-dev.edgenuityapp.com
*.cosmos-prod.edgenuityapp.com
media.wne-cdn.com
*.rad-prod-app.wna.cloud
*.doolittledev.wna.cloud
*.doolittle-nonprod.wna.cloud
*.lmsadmin-dev.edgenuityapp.com
*.doolittle-pnayak.wna.cloud
*.lmsadmin-prod-app.wna.cloud
*.imlp-prod-app.wna.cloud
*.k8s.ops.us-west-2.aws.wna.cloud
*.ops.wna.cloud
*.doolittle-dev6.wna.cloud
*.armstrong-prod-app.wna.cloud
*.rad-prod-app.wna.cloud
*.doolittle-dev3.wna.cloud
*.ow-prod.edgenuityapp.com
*.doolittle-production.wna.cloud
*.lmsadmin-prod.edgenuityapp.com
*.ow-prod.edgenuityapp.com
*.rad-prod-app.wna.cloud
*.doolittle-dev5.wna.cloud
*.lectura-staging.il-apps.com
*.k8s.doolittle-production.us-west-2.aws.wna.cloud
*.doolittle-dev-app.wna.cloud
*.doolittle-dev2.wna.cloud
*.ow-prod.edgenuityapp.com
*.doolittle-production.wna.cloud
*.doolittle-prod.il-apps.com
*.k8s.ops.us-west-2.aws.wna.cloud
*.k8s.doolittle-pnayak.us-west-2.aws.wna.cloud
*.assessment-prod.il-apps.com
*.doolittle-production.wna.cloud
*.ops.wna.cloud
*.doolittle-nonprod.wna.cloud
*.imlp-qa.edgenuityapp.com
*.lmsadmin-dev.edgenuityapp.com
*.intergalactic-prod.il-apps.com
*.doolittle-nonprod.wna.cloud
*.doolittledev.wna.cloud
*.ow-prod-app.wna.cloud
*.imlp-prod-app.wna.cloud
*.doolittle-production.wna.cloud
*.doolittle-dev6.wna.cloud
*.doolittle-nonprod.wna.cloud
*.doolittle-iam.wna.cloud
*.doolittle-production.wna.cloud
*.prod.ops.us-west-2.aws.wna.cloud
*.prod.doolittle.us-west-2.aws.wna.cloud
*.k8s.doolittle-dev6.us-west-2.aws.wna.cloud
*.doolittleprod.wna.cloud
*.doolittle-production.wna.cloud

Certificate

The complete raw certificate details for *.ow-prod-app.wna.cloud in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIG+TCCBeGgAwIBAgIQDJUgMwnKSf64NBLeiPe2VjANBgkqhkiG9w0BAQsFADA8
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g
UlNBIDIwNDggTTAzMB4XDTI0MDUwMTAwMDAwMFoXDTI1MDUzMTIzNTk1OVowIjEg
MB4GA1UEAwwXKi5vdy1wcm9kLWFwcC53bmEuY2xvdWQwggEiMA0GCSqGSIb3DQEB
AQUAA4IBDwAwggEKAoIBAQDJzFiPctTOo8Qm2+RgUbga9vbsxnq6NYQdDntBbYFq
0IPMfBp5/rKSYKjEkpm/0BPqurm0tMTUeZAvPVI9qNG40BGNfpM2+2o8ETrW1A8h
uU8kJGg66pz2WETKlWQNnBBS/5E731fuF8q8kopXcZC36Zm92lFABy+pF51M7UvV
WWaoR8caDrbMRMcyQOQKgrJV6pdbUqnQLd5fD7OZTQKWsCrGJvFhwgLdThgSlqw0
aP3wmY9tAMw7qkrHuLEX+9ji0o1ORyGARlTGtkD0Axrx+ikrWuuHYZPRVrx1jaYz
q1uiWX/h/l2nVyEdW2Hu2WTImHvepTyIPSRvkZDR4rrnAgMBAAGjggQPMIIECzAf
BgNVHSMEGDAWgBRV2Rhf0hzMAeFYtL6r2VVCAdcuAjAdBgNVHQ4EFgQUh400FMSg
usROc3Rs9REcxyimePQwggFABgNVHREEggE3MIIBM4IXKi5vdy1wcm9kLWFwcC53
bmEuY2xvdWSCDWJpLm93dGVhbS5jb22CDyouYW9hY2FkZW15LmNvbYISd2lraS5v
d3NjaG9vbHMuY29tghQqLmlnbml0aWFzY2hvb2xzLmNvbYIZcm9zdGVyaW5nLm9k
eXNzZXl3YXJlLmNvbYIQKi5zb29zY2hvb2xzLm5ldIIUKi5pZ25pdGlhc2Nob29s
cy5uZXSCG2xvZ2luLmNhbHZlcnRob21lc2Nob29sLmNvbYIQbXkubGVhcm5iZXN0
LmNvbYIWbG1zLmNhbHZlcnRhY2FkZW15LmNvbYIQKi5zb29zY2hvb2xzLmNvbYIP
Ki5vd3NjaG9vbHMubmV0ghBnby5sZWFybmJlc3QuY29tgg8qLm93c2Nob29scy5j
b20wEwYDVR0gBAwwCjAIBgZngQwBAgEwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQW
MBQGCCsGAQUFBwMBBggrBgEFBQcDAjA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8v
Y3JsLnIybTAzLmFtYXpvbnRydXN0LmNvbS9yMm0wMy5jcmwwdQYIKwYBBQUHAQEE
aTBnMC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5yMm0wMy5hbWF6b250cnVzdC5j
b20wNgYIKwYBBQUHMAKGKmh0dHA6Ly9jcnQucjJtMDMuYW1hem9udHJ1c3QuY29t
L3IybTAzLmNlcjAMBgNVHRMBAf8EAjAAMIIBfQYKKwYBBAHWeQIEAgSCAW0EggFp
AWcAdgDPEVbu1S58r/OHW9lpLpvpGnFnSrAX7KwB0lt3zsw7CAAAAY8yAGt8AAAE
AwBHMEUCIAVWYWka9Gyj9HFm89zoMkuqu9uDJ1f2bYPCfBoVU91zAiEAsigRSrpI
sSI1QPfIzK4rCCiR8RCTxpKCpMZPxOVogMUAdQB9WR4S4XgqexxhZ3xe/fjQh1wU
oE6VnrkDL9kOjC55uAAAAY8yAGufAAAEAwBGMEQCIGf102XKHenYCmgLHrhl+KmN
/t7JLgdI3QvgBaobk/dTAiANZYH4vd2pHxEg0XsAhuus7DR3+P5FnC7jxaF0OGNb
AwB2AObSMWNAd4zBEEEG13G5zsHSQPaWhIb7uocyHf0eN45QAAABjzIAa5gAAAQD
AEcwRQIhAMKPxT4CT+UuuPkk4CzuuNju5XyQ2RYZGNdHVyjXoioZAiBK8K3X6O9A
jKYG6MptzwQ40l31shdeSzeO5NiNwvEzOjANBgkqhkiG9w0BAQsFAAOCAQEAAX8K
ir58uqiayL/4EHftzooaXWKLEz9tbXU2/SXZKd8AvYumSB8z/tm+8AJGDfZwi51h
xLDwYnW7Q3WWr1eWT+h7eJ4z3JwNOKcyQOpdhtXpyZUFXoI/wma7Bm1TYltPWx7z
k+T0jgHg3YAkbEsECtCjhY999joBUQkSHb87wcOLT0UaFZnNxrcNpi7wjnMLF8hy
XTi6QHqZr3DCkM8193y6v9UJpcJyzT/7gq9Ot9MvwC1u5s1M8xy7zQQCYScYptlL
GnzlORygkEBBFOzWf0xu82UH823XPSTqlWpDMRs/Vex8O0Q3rQ5Yot2v0YyijLz4
JVdlqqL7i89arZzqfA==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAycxYj3LUzqPEJtvkYFG4
Gvb27MZ6ujWEHQ57QW2BatCDzHwaef6ykmCoxJKZv9AT6rq5tLTE1HmQLz1SPajR
uNARjX6TNvtqPBE61tQPIblPJCRoOuqc9lhEypVkDZwQUv+RO99X7hfKvJKKV3GQ
t+mZvdpRQAcvqRedTO1L1VlmqEfHGg62zETHMkDkCoKyVeqXW1Kp0C3eXw+zmU0C
lrAqxibxYcIC3U4YEpasNGj98JmPbQDMO6pKx7ixF/vY4tKNTkchgEZUxrZA9AMa
8fopK1rrh2GT0Va8dY2mM6tboll/4f5dp1chHVth7tlkyJh73qU8iD0kb5GQ0eK6
5wIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 16725041262114202407885271926098605654
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M03'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-01 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-05-31 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.ow-prod-app.wna.cloud'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25474666036253125566360294671635438146359117877354236397842061030954081161278887752158390581823958419608610883611920524053062671218174703383232118447688099146956841955381042912750926031901320758334251401258842741415426464338849099829177231747915197240958295581207904776046920445628307989264267070108148438484170603601115008419998926145772110009613591961077402128773163742952029569797327840172137532247623918406647430519281964173073916200458146322167966034218518486403689603085975373241225514922233725384464501256527707655889377751392791467066943551361158383186840602495501675263519145076753071224106007599651087366887
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 55d9185fd21ccc01e158b4beabd9554201d72e02
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							878d3414c4a0bac44e73746cf5111cc728a678f4
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (311 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.ow-prod-app.wna.cloud'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'bi.owteam.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.aoacademy.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'wiki.owschools.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.ignitiaschools.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rostering.odysseyware.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.sooschools.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.ignitiaschools.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'login.calverthomeschool.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'my.learnbest.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lms.calvertacademy.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.sooschools.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.owschools.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'go.learnbest.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.owschools.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m03.amazontrust.com/r2m03.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m03.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m03.amazontrust.com/r2m03.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes)
							0167007600cf1156eed52e7caff3875bd9692e9be91a71674ab017ecac01d25b77cecc3b080000018f32006b7c00000403004730450220055661691af46ca3f47166f3dce8324baabbdb832757f66d83c27c1a1553dd73022100b228114aba48b1223540f7c8ccae2b082891f11093c69282a4c64fc4e56880c50075007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b80000018f32006b9f0000040300463044022067f5d365ca1de9d80a680b1eb865f8a98dfedec92e0748dd0be005aa1b93f75302200d6581f8bddda91f1120d17b0086ebacec3477f8fe459c2ee3c5a17438635b03007600e6d2316340778cc1104106d771b9cec1d240f6968486fbba87321dfd1e378e500000018f32006b980000040300473045022100c28fc53e024fe52eb8f924e02ceeb8d8eee57c90d9161918d7475728d7a22a1902204af0add7e8ef408ca606e8ca6dcf0438d25df5b2175e4b378ee4d88dc2f1333a
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00017f0a8abe7cbaa89ac8bff81077edce8a1a5d628b133f6d6d7536fd25d929df00bd8ba6481f33fed9bef002460df6708b9d61c4b0f06275bb437596af57964fe87b789e33dc9c0d38a73240ea5d86d5e9c995055e823fc266bb066d53625b4f5b1ef393e4f48e01e0dd80246c4b040ad0a3858f7df63a015109121dbf3bc1c38b4f451a1599cdc6b70da62ef08e730b17c8725d38ba407a99af70c290cf35f77cbabfd509a5c272cd3ffb82af4eb7d32fc02d6ee6cd4cf31cbbcd0402612718a6d94b1a7ce5391ca090404114ecd67f4c6ef36507f36dd73d24ea956a43311b3f55ec7c3b4437ad0e58a2ddafd18ca28cbcf8255765aaa2fb8bcf5aad9cea7c