api.messaging-service.spsapps.net

Issued by Amazon RSA 2048 M02

About this certificate

This digital certificate with serial number 0b:e2:8d:fa:16:a0:88:1f:14:91:d0:78:5b:c7:24:14 was issued on by Amazon.

With 10 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=api.messaging-service.spsapps.net

Amazon

Organization: Amazon
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 0b:e2:8d:fa:16:a0:88:1f:14:91:d0:78:5b:c7:24:14
Serial Number (int): 15797846677460430259984808486285812756
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: 9d:d1:81:bd:39:35:06:bd:f4:dd:3f:7a:9e:40:5c:87:58:d7:78:07
AuthorityKeyId: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2

Fingerprint (sha1): 7a:1b:28:da:c4:2c:3b:7f:6a:2c:01:ac:4a:d5:12:f0:b3:89:be:70
Fingerprint (sha256): 46:ca:af:e5:18:5d:19:d1:9d:d2:78:53:ce:59:4b:66:f5:3f:ee:72:af:0e:bc:88:c1:96:6b:d5:66:fe:3f:1b

Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer

Revocation information

OCSP Server: http://ocsp.r2m02.amazontrust.com
CRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl

Check the revocation status for certificate api.messaging-service.spsapps.net

10

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for api.messaging-service.spsapps.net

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

api.messaging-service.spsapps.net
network-toolbox.service.prod.spsapps.net
label-ecs.service.prod.spsapps.net
mna-api.service.prod.spsapps.net
api.mna.spsapps.net
otm.api.spsc.io
network-toolbox.spsapps.net
label-service-api.service.prod.spsapps.net
paca-interaction-api.service.prod.spsapps.net
api.paca-interaction.spsapps.net

Other certificates including the domain name spsapps.net

(limited to 100 certificates)
sps-tech-registry-api.internal.sharedservicesdev.spsapps.net
api.dc4-proxy-pull-service.preprod.spsapps.net
api.pa-supplier-configuration.spsapps.net
sps-tech-registry-api.internal.sharedservices.spsapps.net
*.analytics-portal.test.spsapps.net
*.dev.spsapps.net
nonprod-us-east-2-jarocki-4r5t.integration.api.sps-internal.com
*.1screen.spsapps.net
api.dc4-proxy-pull-service.spsapps.net
*.mna.spsapps.net
*.swp.dev.spsapps.net
*.analytics.stage.spsapps.net
*.swp.spsapps.net
*.messaging-service.stage.spsapps.net
api.dc4-proxy-pull-service.test.spsapps.net
*.data-engine-transformation.stage.spsapps.net
transaction-tracker-api.service.prod.spsapps.net
catalog-gateway.service.test.spsapps.net
*.stage.spsapps.net
cdk-hackathon-api.service.test.spsapps.net
api.dc4-proxy-pull-service.preprod.spsapps.net
*.analytics.dev.spsapps.net
*.analytics.spsapps.net
*.1screen.spsapps.net
api.data-engine-command-center.spsapps.net
*.paca-interaction.preprod.spsapps.net
nonprod-us-east-2-jarocki-4r5t.integration.api.spscommerce.com
weekend.internal.sharedservices.spsapps.net
bus.fulfillment.spsapps.net
*.service.preprod.spsapps.net
1screen-prospace-converter.service.prod.spsapps.net
api.template.test.spsapps.net
*.api.dev.spsapps.net
parcel-service-heartbeat.service.preprod.spsapps.net
*.1screen.dev.spsapps.net
api.dc4-proxy-receiver.dev.spsapps.net
api.dc4-proxy-pull-service.preprod.spsapps.net
fulfillment-edi-automation.test.spsapps.net
as2-admin-api.service.prod.spsapps.net
*.stage.spsapps.net
1screen-prospace-converter.service.prod.spsapps.net
fi-top.service.prod.spsapps.net
*.analytics-portal.preprod.spsapps.net
api.messaging-service.spsapps.net
*.stage.spsapps.net
opal.prod.spsc.io
bus.fulfillment.spsapps.net
bus.fulfillment.spsapps.net
fi-top.service.test.spsapps.net
fi-top.service.prod.spsapps.net
nexus-graphql.service.test.spsapps.net
fulfillment-edi-automation.test.spsapps.net
*.mna.test.spsapps.net
api.messaging-service.spsapps.net
*.template.test.spsapps.net
*.devcenter.spsapps.net
*.spsapps.net
analytics-portal-api.service.preprod.spsapps.net
svram.spsapps.net
api.dc4-proxy-receiver.spsapps.net
transaction-tracker-api.service.test.spsapps.net
*.swp.dev.spsapps.net
*.paca-interaction.preprod.spsapps.net
*.swp.spsapps.net
*.messaging-service.spsapps.net
*.mna.stage.spsapps.net
api.pa-supplier-configuration.spsapps.net
setup-migrator-2-api.service.test.spsapps.net
analytics-snowflake-api.service.test.spsapps.net
*.swp.spsapps.net
api.profile-service.prod.spsc.io
*.messaging-service.stage.spsapps.net
opal.prod.spsc.io
*.devcenter.spsapps.net
auth.test.spsapps.net
api.messaging-service.spsapps.net
analytics-snowflake-api.service.prod.spsapps.net
1screen-prospace-converter.service.prod.spsapps.net
bus.fulfillment.spsapps.net
api.data-engine-command-center.test.spsapps.net
transaction-tracker-api.service.test.spsapps.net
analytics-snowflake-api.service.test.spsapps.net
api.fulfillment.spsc.io
*.paca-interaction.dev.spsapps.net
api.template.test.spsapps.net
*.data-engine-transformation.test.spsapps.net
acknowledgement-service-api.service.prod.spsapps.net
parcel-timeout-service.service.test.spsapps.net
api.pa-supplier-configuration.spsapps.net
*.analytics.preprod.spsapps.net
holodeck-api.service.prod.spsapps.net
api.mna.test.spsapps.net
analytics-portal-api.service.preprod.spsapps.net
api.dc4-proxy-receiver.preprod.spsapps.net
api.data-engine-ecs-adapter.stage.spsapps.net
api.data-engine-file-collection.spsapps.net
*.paca-interaction.dev.spsapps.net
*.messaging-service.stage.spsapps.net
*.api.spsapps.net
*.analytics-portal.preprod.spsapps.net

Certificate

The complete raw certificate details for api.messaging-service.spsapps.net in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHJTCCBg2gAwIBAgIQC+KN+hagiB8UkdB4W8ckFDANBgkqhkiG9w0BAQsFADA8
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g
UlNBIDIwNDggTTAyMB4XDTI0MDIwOTAwMDAwMFoXDTI1MDMwOTIzNTk1OVowLDEq
MCgGA1UEAxMhYXBpLm1lc3NhZ2luZy1zZXJ2aWNlLnNwc2FwcHMubmV0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkwE2sK2FrBZz1XASCKtILGnTFqIE
DFXLGXV3OxFz1TWjeTwZjgYJhESLUkJM3UYnGnzyOR+m0cd0ow6P5c0wHHzOwl6N
zVQIt7pVc2hHMbDq+bo+iktQZGwxIJY9ccxdUffPoxgU17kxTFrz88Z8quEtxqw4
g6rpXsuZzfjWmZ1BAF8o9tmS5UPIzWZ6hnhcvEiphz6R2ElJXqFEPIsyOjx4IWiv
yPYIgaySs/l3X+/aKnnO0U4NxGEtPu6g/o65WC0+0ktjVbAxu9wPG6A+f/f1gpAy
eoSk9k8tBrgwpB/NzJehz8g22G58iWE0Wy1TZnqjiGRkB+xOjsPAQQnCoQIDAQAB
o4IEMTCCBC0wHwYDVR0jBBgwFoAUwDFSzVpQw4J8dHHOy+mc+XrrguIwHQYDVR0O
BBYEFJ3Rgb05NQa99N0/ep5AXIdY13gHMIIBYAYDVR0RBIIBVzCCAVOCIWFwaS5t
ZXNzYWdpbmctc2VydmljZS5zcHNhcHBzLm5ldIIobmV0d29yay10b29sYm94LnNl
cnZpY2UucHJvZC5zcHNhcHBzLm5ldIIibGFiZWwtZWNzLnNlcnZpY2UucHJvZC5z
cHNhcHBzLm5ldIIgbW5hLWFwaS5zZXJ2aWNlLnByb2Quc3BzYXBwcy5uZXSCE2Fw
aS5tbmEuc3BzYXBwcy5uZXSCD290bS5hcGkuc3BzYy5pb4IbbmV0d29yay10b29s
Ym94LnNwc2FwcHMubmV0gipsYWJlbC1zZXJ2aWNlLWFwaS5zZXJ2aWNlLnByb2Qu
c3BzYXBwcy5uZXSCLXBhY2EtaW50ZXJhY3Rpb24tYXBpLnNlcnZpY2UucHJvZC5z
cHNhcHBzLm5ldIIgYXBpLnBhY2EtaW50ZXJhY3Rpb24uc3BzYXBwcy5uZXQwEwYD
VR0gBAwwCjAIBgZngQwBAgEwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsG
AQUFBwMBBggrBgEFBQcDAjA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8vY3JsLnIy
bTAyLmFtYXpvbnRydXN0LmNvbS9yMm0wMi5jcmwwdQYIKwYBBQUHAQEEaTBnMC0G
CCsGAQUFBzABhiFodHRwOi8vb2NzcC5yMm0wMi5hbWF6b250cnVzdC5jb20wNgYI
KwYBBQUHMAKGKmh0dHA6Ly9jcnQucjJtMDIuYW1hem9udHJ1c3QuY29tL3IybTAy
LmNlcjAMBgNVHRMBAf8EAjAAMIIBfwYKKwYBBAHWeQIEAgSCAW8EggFrAWkAdwBO
daMnXJoQwzhbbNTfP1LrHfDgjhuNacCx+mSxYpo53wAAAY2MddlCAAAEAwBIMEYC
IQDZZeNLSn0ixtoa8wed18P8qMMptOsmCUQNVPOTplBgEwIhALTWak7eKDljnLud
YrlfvQXNME7aF07N70lWDUSWdAViAHYAfVkeEuF4KnscYWd8Xv340IdcFKBOlZ65
Ay/ZDowuebgAAAGNjHXZgQAABAMARzBFAiBvQ65kyUnyhvEFpue0eJaTnAN2L3AQ
6AGBErI+7L8olAIhAP8w42TyIPoa63MWnKBK3Cht4pdXngW8mFyJoibWwVNZAHYA
5tIxY0B3jMEQQQbXcbnOwdJA9paEhvu6hzId/R43jlAAAAGNjHXZrwAABAMARzBF
AiEA7nDPJnDTeXiiOnCSgnn8NNF3Z3eYF3x+Dd64okYZIdECICsiW/0KF6L8iVQE
jv8HlrHpOQg1r1Ou8ozI/EPSHUadMA0GCSqGSIb3DQEBCwUAA4IBAQCzpTDBvOJ+
imF7kqDVbFoJey8D3TzvvhGUbNpf021+FcFPJcP/PbBAGo3n0/fl4WCYNHxQUL1d
B0GuHbRli6nWtvqFsBDPep+tDcDt8elXKh3EKTgjx1tMaQ3HzDqkw/O4GrbTe6qv
Gg5aQZrJUt8b8RwiMYXsWG+TmXEu4TNgQ4PTdB0yhP2fsO5Bk7c3Lbtpee5NkXLS
TVEtnTItZAotfqC6wpSS3Df1cn686glmVFmr7IE1PD+iDMk43DiWGzZfjPXioReQ
TE/ggTocdeP6Y/oKEvzRxJ4MaJ08v7rPxLQLQA+sSEHMvso+7bHzcBeWKcnHlI5X
sGW7D3OlysnI
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkwE2sK2FrBZz1XASCKtI
LGnTFqIEDFXLGXV3OxFz1TWjeTwZjgYJhESLUkJM3UYnGnzyOR+m0cd0ow6P5c0w
HHzOwl6NzVQIt7pVc2hHMbDq+bo+iktQZGwxIJY9ccxdUffPoxgU17kxTFrz88Z8
quEtxqw4g6rpXsuZzfjWmZ1BAF8o9tmS5UPIzWZ6hnhcvEiphz6R2ElJXqFEPIsy
Ojx4IWivyPYIgaySs/l3X+/aKnnO0U4NxGEtPu6g/o65WC0+0ktjVbAxu9wPG6A+
f/f1gpAyeoSk9k8tBrgwpB/NzJehz8g22G58iWE0Wy1TZnqjiGRkB+xOjsPAQQnC
oQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 15797846677460430259984808486285812756
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-02-09 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-03-09 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'api.messaging-service.spsapps.net'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 18557629294940123371756442272047918811327450285767758897028903581832340433073379689327030029597983280433117803499525381057369892932235946724736962483422838344244150053225271235175763540815529372925900756386038702496605606657695973557097893185462711513053869430311502353891539610562625343966729875814182344469004256367045782760433452736498739177267773808529914483021109992127382036244430449795786270624398711309350417076214307504189456058571212994000115241361644521606188154594118108110603754608595176971199210157917683514625424297657609338015413120606812727791839772423521475232185838252937085258541399948413454893729
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							9dd181bd393506bdf4dd3f7a9e405c8758d77807
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (343 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api.messaging-service.spsapps.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'network-toolbox.service.prod.spsapps.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'label-ecs.service.prod.spsapps.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mna-api.service.prod.spsapps.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api.mna.spsapps.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'otm.api.spsc.io'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'network-toolbox.spsapps.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'label-service-api.service.prod.spsapps.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'paca-interaction-api.service.prod.spsapps.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api.paca-interaction.spsapps.net'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (367 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (363 bytes)
							01690077004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018d8c75d9420000040300483046022100d965e34b4a7d22c6da1af3079dd7c3fca8c329b4eb2609440d54f393a6506013022100b4d66a4ede2839639cbb9d62b95fbd05cd304eda174ecdef49560d44967405620076007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b80000018d8c75d981000004030047304502206f43ae64c949f286f105a6e7b47896939c03762f7010e8018112b23eecbf2894022100ff30e364f220fa1aeb73169ca04adc286de297579e05bc985c89a226d6c15359007600e6d2316340778cc1104106d771b9cec1d240f6968486fbba87321dfd1e378e500000018d8c75d9af0000040300473045022100ee70cf2670d37978a23a70928279fc34d177677798177c7e0ddeb8a2461921d102202b225bfd0a17a2fc8954048eff0796b1e9390835af53aef28cc8fc43d21d469d
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00b3a530c1bce27e8a617b92a0d56c5a097b2f03dd3cefbe11946cda5fd36d7e15c14f25c3ff3db0401a8de7d3f7e5e16098347c5050bd5d0741ae1db4658ba9d6b6fa85b010cf7a9fad0dc0edf1e9572a1dc4293823c75b4c690dc7cc3aa4c3f3b81ab6d37baaaf1a0e5a419ac952df1bf11c223185ec586f9399712ee133604383d3741d3284fd9fb0ee4193b7372dbb6979ee4d9172d24d512d9d322d640a2d7ea0bac29492dc37f5727ebcea09665459abec81353c3fa20cc938dc38961b365f8cf5e2a117904c4fe0813a1c75e3fa63fa0a12fcd1c49e0c689d3cbfbacfc4b40b400fac4841ccbeca3eedb1f370179629c9c7948e57b065bb0f73a5cac9c8