gp.prod.app.hsbcfts.com.cn

- The Hongkong and Shanghai Banking Corporation Limited -

Issued by Entrust Certification Authority - L1K

About this certificate

This digital certificate with serial number 18:26:b8:e7:b2:4d:94:ea:e7:3c:c4:1d:3f:30:5c:ec was issued on by Entrust, Inc..

With 31 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

The Hongkong and Shanghai Banking Corporation Limited

Organization: The Hongkong and Shanghai Banking Corporation Limited
Locality: Central District
Country: HK

Entrust, Inc.

Organization: Entrust, Inc.
Organization unit: See www.entrust.net/legal-terms
Organization unit: (c) 2012 Entrust, Inc. - for authorized use only
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 18:26:b8:e7:b2:4d:94:ea:e7:3c:c4:1d:3f:30:5c:ec
Serial Number (int): 32102529499717039381745253696375119084
Serial Number lenght: 125 bits, 16 octets

SubjectKeyId: c0:c7:5b:39:b5:d7:98:6a:f1:d6:26:2c:78:41:96:7d:f8:94:db:5b
AuthorityKeyId: 82:a2:70:74:dd:bc:53:3f:cf:7b:d4:f7:cd:7f:a7:60:c6:0a:4c:bf

Fingerprint (sha1): dc:91:6a:88:16:73:2b:48:53:8d:80:71:40:e9:d0:bf:be:15:81:64
Fingerprint (sha256): 48:49:d5:e1:dd:ea:16:61:d7:da:73:2a:d2:43:12:e6:e3:7a:32:8e:34:b5:6d:cb:36:aa:98:66:c2:a1:c8:8c

Issuing Certificate URL: http://aia.entrust.net/l1k-chain256.cer

Revocation information

OCSP Server: http://ocsp.entrust.net
CRL Distribution Point: http://crl.entrust.net/level1k.crl

Check the revocation status for certificate gp.prod.app.hsbcfts.com.cn

31

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for gp.prod.app.hsbcfts.com.cn

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

gp.prod.app.hsbcfts.com.cn
m.prod.app.hsbcfts.com.cn
m-static.prod.app.hsbcfts.com.cn
mw.prod.app.hsbcfts.com.cn
m-static-origin.prod.app.hsbcfts.com.cn
flex.prod.app.hsbcfts.com.cn
flex-mall-ui.prod.app.hsbcfts.com.cn
flex-admin-mall.prod.app.hsbcfts.com.cn
flex-passport-ui.prod.app.hsbcfts.com.cn
flex-mobile-portal-ui.prod.app.hsbcfts.com.cn
flex-annual-ui.prod.app.hsbcfts.com.cn
flex-gateway.prod.app.hsbcfts.com.cn
flex-health-ui.prod.app.hsbcfts.com.cn
flex-worksit-checkup-ui.prod.app.hsbcfts.com.cn
flex-hra-wealth-ui.prod.app.hsbcfts.com.cn
flex-hra-health-ui.prod.app.hsbcfts.com.cn
flex-trs-ui.prod.app.hsbcfts.com.cn
flex-static-api.prod.app.hsbcfts.com.cn
flex-pay-api.prod.app.hsbcfts.com.cn
flex-points-api.prod.app.hsbcfts.com.cn
flex-mall-api.prod.app.hsbcfts.com.cn
flex-aggpoints-api.prod.app.hsbcfts.com.cn
flex-pay-ui.prod.app.hsbcfts.com.cn
scrm.prod.app.hsbcfts.com.cn
socialcrm.hsbc.com.cn
user-growth.hsbc.com.cn
user-growth-static.hsbc.com.cn
user-growth.hsbcbroker.com.cn
user-growth-origin.hsbcbroker.com.cn
user-growth.hsbclifeservices.com.cn
user-growth-origin.hsbclifeservices.com.cn

Other certificates including the domain name hsbcfts.com.cn

(limited to 100 certificates)
scrm.mot.app.hsbcfts.com.cn
gp.oat.app.hsbcfts.com.cn
hsbcfts.com.cn
gp.uat.app.hsbcfts.com.cn
gp.sit.app.hsbcfts.com.cn
gp.prod.app.hsbcfts.com.cn
app.prod.dsp.hsbcfts.com.cn
mobile.mot.app.hsbcfts.com.cn
hsbcfts.com.cn
gp.prod.app.hsbcfts.com.cn
hsbcfts.com.cn

Certificate

The complete raw certificate details for gp.prod.app.hsbcfts.com.cn in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIILHDCCCgSgAwIBAgIQGCa457JNlOrnPMQdPzBc7DANBgkqhkiG9w0BAQsFADCB
ujELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsT
H1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAy
MDEyIEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEuMCwG
A1UEAxMlRW50cnVzdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEwxSzAeFw0y
NDAxMDQwOTIwMTRaFw0yNTAxMDMwOTIwMTJaMIGNMQswCQYDVQQGEwJISzEZMBcG
A1UEBxMQQ2VudHJhbCBEaXN0cmljdDE+MDwGA1UEChM1VGhlIEhvbmdrb25nIGFu
ZCBTaGFuZ2hhaSBCYW5raW5nIENvcnBvcmF0aW9uIExpbWl0ZWQxIzAhBgNVBAMT
GmdwLnByb2QuYXBwLmhzYmNmdHMuY29tLmNuMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA0eyfAS5gwtx0GdwOLhGYDHVZWVceqyxeEFOOnwjO+ouy2iU6
TmPRSeZe6nIpzBZlqiRL42j0/mOOx6rkLxcn0pMWqVJte+3LYIyhR/DUn8t8XYv8
yInl0Wf4OCwFYbZjxMbkesL5vUmUc3NGkrgPeWZKU+JV+bs/SM0TbJNBkFNq40g/
QUlt4iu8WkH+ycpdw8JW0oo4E6ulUusSaPSbQx3kWAaeE3N0fy49wlVC7nYG9X9f
BKWG+xM4/49ftkRrDyAnZ7CLs0YwPP98beyT8TxOaFUQQdt3oc/uznSNeGHRFty8
lCMg5uw8iEhxl+pZEBJjScTJ/WTEuv15nyPAjwIDAQABo4IHRzCCB0MwDAYDVR0T
AQH/BAIwADAdBgNVHQ4EFgQUwMdbObXXmGrx1iYseEGWffiU21swHwYDVR0jBBgw
FoAUgqJwdN28Uz/Pe9T3zX+nYMYKTL8waAYIKwYBBQUHAQEEXDBaMCMGCCsGAQUF
BzABhhdodHRwOi8vb2NzcC5lbnRydXN0Lm5ldDAzBggrBgEFBQcwAoYnaHR0cDov
L2FpYS5lbnRydXN0Lm5ldC9sMWstY2hhaW4yNTYuY2VyMDMGA1UdHwQsMCowKKAm
oCSGImh0dHA6Ly9jcmwuZW50cnVzdC5uZXQvbGV2ZWwxay5jcmwwggSJBgNVHREE
ggSAMIIEfIIaZ3AucHJvZC5hcHAuaHNiY2Z0cy5jb20uY26CGW0ucHJvZC5hcHAu
aHNiY2Z0cy5jb20uY26CIG0tc3RhdGljLnByb2QuYXBwLmhzYmNmdHMuY29tLmNu
ghptdy5wcm9kLmFwcC5oc2JjZnRzLmNvbS5jboInbS1zdGF0aWMtb3JpZ2luLnBy
b2QuYXBwLmhzYmNmdHMuY29tLmNughxmbGV4LnByb2QuYXBwLmhzYmNmdHMuY29t
LmNugiRmbGV4LW1hbGwtdWkucHJvZC5hcHAuaHNiY2Z0cy5jb20uY26CJ2ZsZXgt
YWRtaW4tbWFsbC5wcm9kLmFwcC5oc2JjZnRzLmNvbS5jboIoZmxleC1wYXNzcG9y
dC11aS5wcm9kLmFwcC5oc2JjZnRzLmNvbS5jboItZmxleC1tb2JpbGUtcG9ydGFs
LXVpLnByb2QuYXBwLmhzYmNmdHMuY29tLmNugiZmbGV4LWFubnVhbC11aS5wcm9k
LmFwcC5oc2JjZnRzLmNvbS5jboIkZmxleC1nYXRld2F5LnByb2QuYXBwLmhzYmNm
dHMuY29tLmNugiZmbGV4LWhlYWx0aC11aS5wcm9kLmFwcC5oc2JjZnRzLmNvbS5j
boIvZmxleC13b3Jrc2l0LWNoZWNrdXAtdWkucHJvZC5hcHAuaHNiY2Z0cy5jb20u
Y26CKmZsZXgtaHJhLXdlYWx0aC11aS5wcm9kLmFwcC5oc2JjZnRzLmNvbS5jboIq
ZmxleC1ocmEtaGVhbHRoLXVpLnByb2QuYXBwLmhzYmNmdHMuY29tLmNugiNmbGV4
LXRycy11aS5wcm9kLmFwcC5oc2JjZnRzLmNvbS5jboInZmxleC1zdGF0aWMtYXBp
LnByb2QuYXBwLmhzYmNmdHMuY29tLmNugiRmbGV4LXBheS1hcGkucHJvZC5hcHAu
aHNiY2Z0cy5jb20uY26CJ2ZsZXgtcG9pbnRzLWFwaS5wcm9kLmFwcC5oc2JjZnRz
LmNvbS5jboIlZmxleC1tYWxsLWFwaS5wcm9kLmFwcC5oc2JjZnRzLmNvbS5jboIq
ZmxleC1hZ2dwb2ludHMtYXBpLnByb2QuYXBwLmhzYmNmdHMuY29tLmNugiNmbGV4
LXBheS11aS5wcm9kLmFwcC5oc2JjZnRzLmNvbS5jboIcc2NybS5wcm9kLmFwcC5o
c2JjZnRzLmNvbS5jboIVc29jaWFsY3JtLmhzYmMuY29tLmNughd1c2VyLWdyb3d0
aC5oc2JjLmNvbS5jboIedXNlci1ncm93dGgtc3RhdGljLmhzYmMuY29tLmNugh11
c2VyLWdyb3d0aC5oc2JjYnJva2VyLmNvbS5jboIkdXNlci1ncm93dGgtb3JpZ2lu
LmhzYmNicm9rZXIuY29tLmNugiN1c2VyLWdyb3d0aC5oc2JjbGlmZXNlcnZpY2Vz
LmNvbS5jboIqdXNlci1ncm93dGgtb3JpZ2luLmhzYmNsaWZlc2VydmljZXMuY29t
LmNuMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUH
AwIwEwYDVR0gBAwwCjAIBgZngQwBAgIwggGBBgorBgEEAdZ5AgQCBIIBcQSCAW0B
awB3AObSMWNAd4zBEEEG13G5zsHSQPaWhIb7uocyHf0eN45QAAABjNPF8a0AAAQD
AEgwRgIhALmOgS3+s9Nmt8/yRwH/j0pMUF4lF1rHld8SuBgtrtttAiEA9h2kUdyP
gaV+df5gCRtTMSthK0WskPT8McipxAxLXvcAdwCi4wrkRe+9rZt+OO1HZ3dT14Jb
hJTXK14bLMS5UKRH5wAAAYzTxfG4AAAEAwBIMEYCIQDWuNnzFgoYR1q2Lh3IA4p+
3g+bMp5+nG8nyHbmITDIcQIhAPHPFbs91VP2WR1Isrzbe6+HbRoCR0H7mlOnC05F
XgO/AHcATnWjJ1yaEMM4W2zU3z9S6x3w4I4bjWnAsfpksWKaOd8AAAGM08Xx3AAA
BAMASDBGAiEArqfsKQLdWxtQmz6WC/isVtiUruXYTDQaQ9CSkFiFtMECIQCIyhPq
5NMy3vDGaXIDPbRs9YCZxtPSzSwec0bpUUKlajANBgkqhkiG9w0BAQsFAAOCAQEA
ETU/OHWoI0uAzyjR115sR29QvNpYHg5lNnn+/RAq5v9KGRHgmS1dAI5w57uf6oyp
N7liGfKiD7fnnufr6IrX48qFiJ4TeRrCbSjSnTPPgdvyJhaT7dsVKrH7Wtvbznyc
KXKaQmrEk8FedZ05HijlaRyb0DCcfV/B850opstlaJt8+UjxfKiSlfRS3hWN12ry
oqP6X7ddKfvqf180Wu1hamyNXRQ535sm8cLBlOmslfiyM61/DCUUWjqsEvuR61r9
RCXQnawRfG6g9MqgZIYiATEIcJS0fbrR/v4vc01ak7fDX9+c4/ORCMMiDB3pZ6Gx
8mcboNhT11r0uLATXCq27Q==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0eyfAS5gwtx0GdwOLhGY
DHVZWVceqyxeEFOOnwjO+ouy2iU6TmPRSeZe6nIpzBZlqiRL42j0/mOOx6rkLxcn
0pMWqVJte+3LYIyhR/DUn8t8XYv8yInl0Wf4OCwFYbZjxMbkesL5vUmUc3NGkrgP
eWZKU+JV+bs/SM0TbJNBkFNq40g/QUlt4iu8WkH+ycpdw8JW0oo4E6ulUusSaPSb
Qx3kWAaeE3N0fy49wlVC7nYG9X9fBKWG+xM4/49ftkRrDyAnZ7CLs0YwPP98beyT
8TxOaFUQQdt3oc/uznSNeGHRFty8lCMg5uw8iEhxl+pZEBJjScTJ/WTEuv15nyPA
jwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 32102529499717039381745253696375119084
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'See www.entrust.net/legal-terms'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString '(c) 2012 Entrust, Inc. - for authorized use only'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Entrust Certification Authority - L1K'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-04 09:20:14 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-03 09:20:12 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'HK'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Central District'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'The Hongkong and Shanghai Banking Corporation Limited'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'gp.prod.app.hsbcfts.com.cn'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 26500487956927441282399061016122255945639433739440986807598655806605005080580577174738633963417728133489797017300019181812465403540968730593042307903659196265233652667302551595415698927160834145925547005940504260598801180438106074693798385392290946756479201152166523192159946203014460412486073478953802763806038538851444062159327391732885984599607866654006043808587582967042683024811258343486602263017848525696682280520348487299032889578583735456702684406636292721932938921345208567902284615277702813820014333766792915298383107279068152500304119088217031588379273649075226656090165293404459945730086098122686584832143
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							c0c75b39b5d7986af1d6262c7841967df894db5b
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 82a27074ddbc533fcf7bd4f7cd7fa760c60a4cbf
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (92 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.entrust.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://aia.entrust.net/l1k-chain256.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (44 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.entrust.net/level1k.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (1152 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'gp.prod.app.hsbcfts.com.cn'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'm.prod.app.hsbcfts.com.cn'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'm-static.prod.app.hsbcfts.com.cn'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'mw.prod.app.hsbcfts.com.cn'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'm-static-origin.prod.app.hsbcfts.com.cn'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'flex.prod.app.hsbcfts.com.cn'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'flex-mall-ui.prod.app.hsbcfts.com.cn'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'flex-admin-mall.prod.app.hsbcfts.com.cn'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'flex-passport-ui.prod.app.hsbcfts.com.cn'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'flex-mobile-portal-ui.prod.app.hsbcfts.com.cn'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'flex-annual-ui.prod.app.hsbcfts.com.cn'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'flex-gateway.prod.app.hsbcfts.com.cn'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'flex-health-ui.prod.app.hsbcfts.com.cn'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'flex-worksit-checkup-ui.prod.app.hsbcfts.com.cn'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'flex-hra-wealth-ui.prod.app.hsbcfts.com.cn'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'flex-hra-health-ui.prod.app.hsbcfts.com.cn'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'flex-trs-ui.prod.app.hsbcfts.com.cn'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'flex-static-api.prod.app.hsbcfts.com.cn'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'flex-pay-api.prod.app.hsbcfts.com.cn'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'flex-points-api.prod.app.hsbcfts.com.cn'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'flex-mall-api.prod.app.hsbcfts.com.cn'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'flex-aggpoints-api.prod.app.hsbcfts.com.cn'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'flex-pay-ui.prod.app.hsbcfts.com.cn'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'scrm.prod.app.hsbcfts.com.cn'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'socialcrm.hsbc.com.cn'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'user-growth.hsbc.com.cn'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'user-growth-static.hsbc.com.cn'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'user-growth.hsbcbroker.com.cn'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'user-growth-origin.hsbcbroker.com.cn'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'user-growth.hsbclifeservices.com.cn'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'user-growth-origin.hsbclifeservices.com.cn'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (369 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes)
							016b007700e6d2316340778cc1104106d771b9cec1d240f6968486fbba87321dfd1e378e500000018cd3c5f1ad0000040300483046022100b98e812dfeb3d366b7cff24701ff8f4a4c505e25175ac795df12b8182daedb6d022100f61da451dc8f81a57e75fe60091b53312b612b45ac90f4fc31c8a9c40c4b5ef7007700a2e30ae445efbdad9b7e38ed47677753d7825b8494d72b5e1b2cc4b950a447e70000018cd3c5f1b80000040300483046022100d6b8d9f3160a18475ab62e1dc8038a7ede0f9b329e7e9c6f27c876e62130c871022100f1cf15bb3dd553f6591d48b2bcdb7baf876d1a024741fb9a53a70b4e455e03bf0077004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018cd3c5f1dc0000040300483046022100aea7ec2902dd5b1b509b3e960bf8ac56d894aee5d84c341a43d092905885b4c102210088ca13eae4d332def0c66972033db46cf58099c6d3d2cd2c1e7346e95142a56a
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0011353f3875a8234b80cf28d1d75e6c476f50bcda581e0e653679fefd102ae6ff4a1911e0992d5d008e70e7bb9fea8ca937b96219f2a20fb7e79ee7ebe88ad7e3ca85889e13791ac26d28d29d33cf81dbf2261693eddb152ab1fb5adbdbce7c9c29729a426ac493c15e759d391e28e5691c9bd0309c7d5fc1f39d28a6cb65689b7cf948f17ca89295f452de158dd76af2a2a3fa5fb75d29fbea7f5f345aed616a6c8d5d1439df9b26f1c2c194e9ac95f8b233ad7f0c25145a3aac12fb91eb5afd4425d09dac117c6ea0f4caa06486220131087094b47dbad1fefe2f734d5a93b7c35fdf9ce3f39108c3220c1de967a1b1f2671ba0d853d75af4b8b0135c2ab6ed