avakin.com
Issued by Amazon RSA 2048 M02
About this certificate
This digital certificate with serial number 08:7e:d1:03:a6:05:0b:16:0d:27:89:05:1d:f9:43:53 was issued on by Amazon.
With 16 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=avakin.com
Amazon
Organization:
Amazon
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 08:7e:d1:03:a6:05:0b:16:0d:27:89:05:1d:f9:43:53Serial Number (int): 11292292683126974618585829419425284947
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 3b:45:7b:8a:b6:21:00:88:67:39:f7:14:d4:41:9c:76:03:f3:bf:31
AuthorityKeyId: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2
Fingerprint (sha1): a3:ea:ce:74:6d:67:d0:af:23:62:b6:3a:8e:6d:5e:3e:a3:33:a6:9c
Fingerprint (sha256): 3d:44:56:07:34:b1:78:28:15:12:94:53:ed:5d:7a:3e:c5:2f:4e:51:fe:4e:ac:c0:d8:f8:6e:99:cc:6f:b1:e5
Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer
Revocation information
OCSP Server: http://ocsp.r2m02.amazontrust.comCRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl
Check the revocation status for certificate avakin.com
16
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for avakin.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
avakin.com
*.api.avkn.co
*.avkn.co
*.avakin.com
*.lockwood-publishing.com
lockwood-publishing.com
*.lkwd.net
*.lockwoodpublishing.com
*.api.avakin.com
*.staging.avkn.co
lockwoodpublishing.com
*.gdpr.avakin.life
*.dev.avakin.life
*.dev.avkn.co
*.dev.avakin.com
*.avakin.life
*.api.avkn.co
*.avkn.co
*.avakin.com
*.lockwood-publishing.com
lockwood-publishing.com
*.lkwd.net
*.lockwoodpublishing.com
*.api.avakin.com
*.staging.avkn.co
lockwoodpublishing.com
*.gdpr.avakin.life
*.dev.avakin.life
*.dev.avkn.co
*.dev.avakin.com
*.avakin.life
Other certificates including the domain name avakin.com
(limited to 100 certificates)
avakin.com
avakin.com
get.avakin.com
avakin.com
dev.avkn.co
lkwd-wmdash.data-prod.avakin.com
get.avakin.com
get.avakin.com
avkn.co
governor.data-staging.avakin.com
lkwd-wmdash.data-dev.avakin.com
*.avakin.life
avakin.com
grafana-prod.data-prod.avakin.com
avakin.com
crucible.data-dev.avakin.com
www.avakin.com
get.avakin.com
lkwd-wmdash-prod.data-prod.avakin.com
get.avakin.com
avakin.com
avakin.com
avakin.com
www.avakin.com
status.avakin.com
avkn.co
get.avakin.com
avakin.com
governor.data-dev.avakin.com
www.avakin.com
get.avakin.com
get.avakin.com
get.avakin.com
*.avakin.life
lkwd-wmdash.data-prod.avakin.com
backend02.avakin.com
get.avakin.com
avakin.com
status.avakin.com
lkwd-wmdash-dev.data-dev.avakin.com
status.avakin.com
avakin.com
get.avakin.com
governor.data-dev.avakin.com
avakin.com
insights-reader.data-staging.avakin.com
insights-writer.data-prod.avakin.com
ip2asn-api.data-dev.avakin.com
*.avakin.life
get.avakin.com
api.avakin.com
crucible-admin.data-dev.avakin.com
backend.avakin.com
*.avakin.life
avkn.co
www.dev.avakin.com
get.avakin.com
avakin.com
insights-reader.data-staging.avakin.com
avakin.com
avakin.com
backend.avakin.com
avakin.com
insights-writer.data-staging.avakin.com
ingestion.data-prod.avakin.com
www.dev.avakin.com
avkn.co
get.avakin.com
ingestion.data-prod.avakin.com
avakin.com
link.avakin.com
backend.avakin.com
get.avakin.com
*.avakin.com
get.avakin.com
lkwd-wmdash-prod.data-prod.avakin.com
get.avakin.com
*.avakin.com
*.avakin.life
avakin.com
insights-config.data-staging.avakin.com
get.avakin.com
avakin.com
governor.data-staging.avakin.com
avakin.com
avakin.com
get.avakin.com
governor.data-prod.avakin.com
*.avakin.com
lkwd-wmdash-dev.data-dev.avakin.com
avkn.co
get.avakin.com
avakin.com
ugc.prod.avakin.com
avakin.com
store.avakin.com
avakin.com
ingestion.data-dev.avakin.com
avakin.com
get.avakin.com
avakin.com
dev.avkn.co
lkwd-wmdash.data-prod.avakin.com
get.avakin.com
get.avakin.com
avkn.co
governor.data-staging.avakin.com
lkwd-wmdash.data-dev.avakin.com
*.avakin.life
avakin.com
grafana-prod.data-prod.avakin.com
avakin.com
crucible.data-dev.avakin.com
www.avakin.com
get.avakin.com
lkwd-wmdash-prod.data-prod.avakin.com
get.avakin.com
avakin.com
avakin.com
avakin.com
www.avakin.com
status.avakin.com
avkn.co
get.avakin.com
avakin.com
governor.data-dev.avakin.com
www.avakin.com
get.avakin.com
get.avakin.com
get.avakin.com
*.avakin.life
lkwd-wmdash.data-prod.avakin.com
backend02.avakin.com
get.avakin.com
avakin.com
status.avakin.com
lkwd-wmdash-dev.data-dev.avakin.com
status.avakin.com
avakin.com
get.avakin.com
governor.data-dev.avakin.com
avakin.com
insights-reader.data-staging.avakin.com
insights-writer.data-prod.avakin.com
ip2asn-api.data-dev.avakin.com
*.avakin.life
get.avakin.com
api.avakin.com
crucible-admin.data-dev.avakin.com
backend.avakin.com
*.avakin.life
avkn.co
www.dev.avakin.com
get.avakin.com
avakin.com
insights-reader.data-staging.avakin.com
avakin.com
avakin.com
backend.avakin.com
avakin.com
insights-writer.data-staging.avakin.com
ingestion.data-prod.avakin.com
www.dev.avakin.com
avkn.co
get.avakin.com
ingestion.data-prod.avakin.com
avakin.com
link.avakin.com
backend.avakin.com
get.avakin.com
*.avakin.com
get.avakin.com
lkwd-wmdash-prod.data-prod.avakin.com
get.avakin.com
*.avakin.com
*.avakin.life
avakin.com
insights-config.data-staging.avakin.com
get.avakin.com
avakin.com
governor.data-staging.avakin.com
avakin.com
avakin.com
get.avakin.com
governor.data-prod.avakin.com
*.avakin.com
lkwd-wmdash-dev.data-dev.avakin.com
avkn.co
get.avakin.com
avakin.com
ugc.prod.avakin.com
avakin.com
store.avakin.com
avakin.com
ingestion.data-dev.avakin.com
Certificate
The complete raw certificate details for avakin.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIG2zCCBcOgAwIBAgIQCH7RA6YFCxYNJ4kFHflDUzANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAyMB4XDTI0MDUyOTAwMDAwMFoXDTI1MDYyNzIzNTk1OVowFTET MBEGA1UEAxMKYXZha2luLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAIVRdvt/jWHW/jY5Q3K4tRBUxH8ANYpRytJSr2eQIkfsfiR6b6wXz2NSxJ3s q+jR7PUWsSFTFptz07rHEqMIy/tPHJ+fAKmWzHjOtYKV1HzQED5ftEdXvQxVmPBI X4WTDByKsqtQjdCD9rJ3hWYTZYb7A9AgJB6arOINNqskYNguncrBcAKzDpO+vC9i zVUEXDAeeqewK8fHeNAZ84+jtwTEDXAGsQEqSW3kMPGFrqR65EuRsxWg7cvSSzSb hNdqfpYTl0SYb3JtpCehbcVTVmaeYlQpscXvPFOskkqMtZgEPNQKLZzFmAvKETyY Esco2ij8kMlh9x9KKcNrbNkck/ECAwEAAaOCA/4wggP6MB8GA1UdIwQYMBaAFMAx Us1aUMOCfHRxzsvpnPl664LiMB0GA1UdDgQWBBQ7RXuKtiEAiGc59xTUQZx2A/O/ MTCCAS8GA1UdEQSCASYwggEiggphdmFraW4uY29tgg0qLmFwaS5hdmtuLmNvggkq LmF2a24uY2+CDCouYXZha2luLmNvbYIZKi5sb2Nrd29vZC1wdWJsaXNoaW5nLmNv bYIXbG9ja3dvb2QtcHVibGlzaGluZy5jb22CCioubGt3ZC5uZXSCGCoubG9ja3dv b2RwdWJsaXNoaW5nLmNvbYIQKi5hcGkuYXZha2luLmNvbYIRKi5zdGFnaW5nLmF2 a24uY2+CFmxvY2t3b29kcHVibGlzaGluZy5jb22CEiouZ2Rwci5hdmFraW4ubGlm ZYIRKi5kZXYuYXZha2luLmxpZmWCDSouZGV2LmF2a24uY2+CECouZGV2LmF2YWtp bi5jb22CDSouYXZha2luLmxpZmUwEwYDVR0gBAwwCjAIBgZngQwBAgEwDgYDVR0P AQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA7BgNVHR8E NDAyMDCgLqAshipodHRwOi8vY3JsLnIybTAyLmFtYXpvbnRydXN0LmNvbS9yMm0w Mi5jcmwwdQYIKwYBBQUHAQEEaTBnMC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5y Mm0wMi5hbWF6b250cnVzdC5jb20wNgYIKwYBBQUHMAKGKmh0dHA6Ly9jcnQucjJt MDIuYW1hem9udHJ1c3QuY29tL3IybTAyLmNlcjAMBgNVHRMBAf8EAjAAMIIBfQYK KwYBBAHWeQIEAgSCAW0EggFpAWcAdgBOdaMnXJoQwzhbbNTfP1LrHfDgjhuNacCx +mSxYpo53wAAAY/C6GwGAAAEAwBHMEUCIAiFAvf7or4kJcuua9C/tdzc71rvKs1c 1KI4hy1iwmikAiEArw5KQ1y2f4sFW+Q/7zxxvAuCL42j47J0657SSpcthSkAdQB9 WR4S4XgqexxhZ3xe/fjQh1wUoE6VnrkDL9kOjC55uAAAAY/C6GxGAAAEAwBGMEQC IGcUwFiKEeOSgVexiKoxfAfLZt+6c0hvg3IswT8xgZdgAiBYUYubNJZz7F9ehkJl GWSC8sqQC41N5WVbo3eK8ScOHwB2AObSMWNAd4zBEEEG13G5zsHSQPaWhIb7uocy Hf0eN45QAAABj8LobFoAAAQDAEcwRQIgEjkzqZ5EMMK7/L51XXxv2k11+99JRUDi IvKNgdTVfoECIQCExRFsn8VL7mtGc1xFF/EkSpaXgQS7Vfkq9b1EDHr6FjANBgkq hkiG9w0BAQsFAAOCAQEAbTh1qD/imDZrgfADGSWBXVERQZbzRBFSPNj4rp5QKuUs owh7ZFecAAsYEoHEIfJmFg7/tOx4DIMxVTc0FANup7+kok4hXeeRG07g0i6sDXkP tg6sD9TS66Zkw3tSmTditkM2bpr/FbyzLvB4TCu8IWhLMzRWx8WFxxtoj7N/VVlh 3hUgsGnSw/pqlxGWwrWNevWYOzVHb8EE6I7qRrzkjjMGOm3pHl1aNTUr3PWB6nn+ 7lmkZUjuJ61lrjBLRPIu1hlTE9mV7Z/EG256ylmN5o5j3T2NypXMjhZtEtI8Tx35 1ARrvLXSyxavI0FFeqHgo4ECRPkCxOmpmUB73qdEqA== -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhVF2+3+NYdb+NjlDcri1 EFTEfwA1ilHK0lKvZ5AiR+x+JHpvrBfPY1LEneyr6NHs9RaxIVMWm3PTuscSowjL +08cn58AqZbMeM61gpXUfNAQPl+0R1e9DFWY8EhfhZMMHIqyq1CN0IP2sneFZhNl hvsD0CAkHpqs4g02qyRg2C6dysFwArMOk768L2LNVQRcMB56p7Arx8d40Bnzj6O3 BMQNcAaxASpJbeQw8YWupHrkS5GzFaDty9JLNJuE12p+lhOXRJhvcm2kJ6FtxVNW Zp5iVCmxxe88U6ySSoy1mAQ81AotnMWYC8oRPJgSxyjaKPyQyWH3H0opw2ts2RyT 8QIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 11292292683126974618585829419425284947 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-29 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-06-27 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'avakin.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 16829866338289935235755554872358995528941828418198695389728597866685216640007120854067421236241183145875437659824209640586736578108048750130443733312311165180321502111088523905770765759964984758349269784451397697574245754915215227753665576195625662915556129570619896337864592508872714875350037694419870229660365069329417049302289674635931813424705904893195309979671232783652549321071640911387078218087101847361429333798437410904086327892660075240655673125766643504885365027034146956088003071996979885212062089839902198400279832721954555185797437419042698555139376827793312024132623617869498335999718476297164428186609 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 3b457b8ab62100886739f714d4419c7603f3bf31 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (294 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'avakin.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.api.avkn.co' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.avkn.co' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.avakin.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.lockwood-publishing.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lockwood-publishing.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.lkwd.net' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.lockwoodpublishing.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.api.avakin.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.staging.avkn.co' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'lockwoodpublishing.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.gdpr.avakin.life' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.dev.avakin.life' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.dev.avkn.co' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.dev.avakin.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.avakin.life' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes) 01670076004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018fc2e86c0600000403004730450220088502f7fba2be2425cbae6bd0bfb5dcdcef5aef2acd5cd4a238872d62c268a4022100af0e4a435cb67f8b055be43fef3c71bc0b822f8da3e3b274eb9ed24a972d85290075007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b80000018fc2e86c46000004030046304402206714c0588a11e3928157b188aa317c07cb66dfba73486f83722cc13f31819760022058518b9b349673ec5f5e864265196482f2ca900b8d4de5655ba3778af1270e1f007600e6d2316340778cc1104106d771b9cec1d240f6968486fbba87321dfd1e378e500000018fc2e86c5a00000403004730450220123933a99e4430c2bbfcbe755d7c6fda4d75fbdf494540e222f28d81d4d57e8102210084c5116c9fc54bee6b46735c4517f1244a96978104bb55f92af5bd440c7afa16 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 006d3875a83fe298366b81f0031925815d51114196f34411523cd8f8ae9e502ae52ca3087b64579c000b181281c421f266160effb4ec780c833155373414036ea7bfa4a24e215de7911b4ee0d22eac0d790fb60eac0fd4d2eba664c37b52993762b643366e9aff15bcb32ef0784c2bbc21684b333456c7c585c71b688fb37f555961de1520b069d2c3fa6a971196c2b58d7af5983b35476fc104e88eea46bce48e33063a6de91e5d5a35352bdcf581ea79feee59a46548ee27ad65ae304b44f22ed6195313d995ed9fc41b6e7aca598de68e63dd3d8dca95cc8e166d12d23c4f1df9d4046bbcb5d2cb16af2341457aa1e0a3810244f902c4e9a999407bdea744a8