api.prod.rallypoint.gso.amazon.dev

Issued by Amazon

About this certificate

This digital certificate with serial number 0c:45:a7:ae:c9:b9:58:99:67:a4:f3:0c:41:a7:44:40 was issued on by Amazon.

This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=api.prod.rallypoint.gso.amazon.dev

Amazon

Organization: Amazon
Organization unit: Server CA 1B
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 0c:45:a7:ae:c9:b9:58:99:67:a4:f3:0c:41:a7:44:40
Serial Number (int): 16312405443192537540959591771088045120
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: 7c:3c:7d:78:40:83:1d:8f:6e:a2:e6:b5:9a:04:ea:db:26:9d:7d:24
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0

Fingerprint (sha1): c8:08:95:ef:d3:6c:f2:9b:3f:76:ca:0f:37:2d:9c:ee:14:5d:56:e1
Fingerprint (sha256): 56:97:66:ad:b2:3e:c6:dd:06:ca:8d:04:1a:75:38:9b:a6:d7:b6:4e:e6:5e:1f:46:f1:c7:26:1a:28:51:b3:a9

Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt

Revocation information

OCSP Server: http://ocsp.sca1b.amazontrust.com
CRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b-1.crl

Check the revocation status for certificate api.prod.rallypoint.gso.amazon.dev

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for api.prod.rallypoint.gso.amazon.dev

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

api.prod.rallypoint.gso.amazon.dev

Other certificates including the domain name amazon.dev

(limited to 100 certificates)
employees.beta.api.talent-alchemy.hr.amazon.dev
regular.us-east-1.alpha.atta.kaspian.amazon.dev
air.lmaq.last-mile.amazon.dev.lmaq.last-mile.amazon.dev
sam-dev-laijonat-test.vovi.last-mile.amazon.dev
gamma.styleguides.leo.amazon.dev
sungyenl.alpha.console.materials.sustainability.amazon.dev
eu-west-1.beta.sblandingpageservice.advertising.amazon.dev
us-east-1.beta.messaging.ui.bsm.selling-partners.amazon.dev
cm-eu-gamma.flex-routing.last-mile.amazon.dev
*.timlawso.physical.advertising.amazon.dev
beta.supernova.amazon.dev
alpha.hitting-bullseye.zappos.amazon.dev
api.us-west-2.prod-jp.shopper-gateway.subs.f3.amazon.dev
us-east-1.prod.configurable-param.mbe.last-mile.amazon.dev
us.beta.itinerary-manager.onroad-execution.last-mile.amazon.dev
dev.celestia.noc.amazon.dev
lialx.test.attribution.privacy.amazon.dev
coredump-parser.eink.amazon.dev
auth.prototype.alps.music.amazon.dev
andrena.niksinn.icon.amazon.dev
workflow.api.chrisfll.batch.caspian.dccs.amazon.dev
metrics-rhhigg.distance-assistant.opstechit.amazon.dev
us-west-2.alpha.int.lab.dml.alexa.amazon.dev
aasthame.api.permissions.vector.advertising.amazon.dev
deeplink.prod.alps.music.amazon.dev
lifepi.timlawso.physical.advertising.amazon.dev
*.beta.psidr.payments-security.amazon.dev
turn.ring-mobility.devices.amazon.dev
us-west-2.prod.api.3d.music.amazon.dev
dev-1.pdx.nanobots.alexa.amazon.dev
jp.datastash-prod.pacman.last-mile.amazon.dev
fba-i2i-console.scot.amazon.dev
alpha-6ae1e725d9.netsparker.security.amazon.dev
ops.chimera-beta.mlo.advertising.amazon.dev
beta.cruzoliv.people.amazon.dev
beta.eu-west-1.tax-accessor.cmp.chroma.intech.amazon.dev
central.lmaq.last-mile.amazon.dev
vinoth.test.creative-report.calltoaction.advertising.amazon.dev
portal.transportation.amazon.dev
api.na.alpha.substitution-state-service.subs.f3.amazon.dev
us-west-2.beta.messaging.ui.bsm.selling-partners.amazon.dev
api.fcmap.swanwes.people.amazon.dev
alpha.mumblecore.kep.books.amazon.dev
beta.kaizer.graph.amazon.dev
beta.us-west-2.mdcs.mshop.amazon.dev
dpd-debug.devices.dev.rss.ring.amazon.dev
www.nickjmil.people.amazon.dev
ak-game-service.prod.iad.games.kids.amazon.dev
dub.beta.unicorn-phoenix.lending.payments.amazon.dev
scorecard.ads.amazon.dev
zhenzihu.dev.mmt-validation.people-engine.amazon.dev
bp.sdn.kuiper.amazon.dev
prod.luma.workshop.mathieud.people.amazon.dev
andrena.niksinn.icon.amazon.dev
beta.vse-fixer.tools.amazon.dev
fe.beta.tiago-ops-video.alexa.amazon.dev
ui.fe.stagewebsite-master.last-mile.amazon.dev
fpd.sumantbh.icon.amazon.dev
gamma.na.cms.physical.advertising.amazon.dev
aax.online-panel.advertising.amazon.dev
gulbt-failure-analysis.bsxqa.digital-books.amazon.dev
jp.problemsolve-gamma.dolphinprod.last-mile.amazon.dev
us-east-1.prod.api.uhd.music.amazon.dev
static.alpha.luma.workshop.mathieud.people.amazon.dev
cf.dc-ext.us-east-1.gateway.bids.physical-stores.amazon.dev
dashboard.beta.security-health-monitor.acs.amazon.dev
igl.search.inside.amazon.dev
*.beta.psidr.payments-security.amazon.dev
cdj.invite.prototype.alps.music.amazon.dev
beta.perm.immigration.amazon.dev
us-east-1.alpha.analysis-service.afn-fcp.promise.amazon.dev
prod.us-east-1.swa.last-mile.amazon.dev
ui.pvsin.last-mile.amazon.dev
virtual.opstechit.amazon.dev
beta.step-up-tool.rbs.amazon.dev
aelden.alpha.us-east-1.heartbeat.cs.amazon.dev
matbacic.search.inside.amazon.dev
user.prototype.alps.music.amazon.dev
webapi.stage.coco.scot.amazon.dev
*.alpha.mouse.payments-security.amazon.dev
beta.supernova-selfservice.amazon.dev
gamma.us-west-2.mdcs.mshop.amazon.dev
us-west-2.alpha.shbhvya.people.amazon.dev
avus-na-onebox.upsell.video.alexa.amazon.dev
api.eu.prod.landing.advantage.vendors.amazon.dev
prod.eu.grok.resolution.mbe.last-mile.amazon.dev
cloudauth.us-east-1.prod.tsv.alps.lamps.amazon.dev
*.search.acp.selling-partners.amazon.dev
dev4.cyclone.gdq.amazon.dev
api.na.prod.landing.advantage.vendors.amazon.dev
upload-flexsimwebapp.wwde.amazon.dev
*.rongzhou.people.amazon.dev
templates.leo.amazon.dev
us-west-2.beta.api.uhd.music.amazon.dev
us-west-2.alpha.lab.dml.alexa.amazon.dev
gamma.cubeout.grokalert.last-mile.amazon.dev
placement.proxy.gamma.us-east-1.zds.arc.hit.amazon.dev
abhisaha.rpmsui.cloudtune.amazon.dev
*.beta.pdps-events.payments.amazon.dev
api.beta.supernova-selfservice.amazon.dev

Certificate

The complete raw certificate details for api.prod.rallypoint.gso.amazon.dev in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIEjzCCA3egAwIBAgIQDEWnrsm5WJlnpPMMQadEQDANBgkqhkiG9w0BAQsFADBG
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg
Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0yMjEyMDMwMDAwMDBaFw0yNDAxMDEy
MzU5NTlaMC0xKzApBgNVBAMTImFwaS5wcm9kLnJhbGx5cG9pbnQuZ3NvLmFtYXpv
bi5kZXYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjiA3/qmQmG/er
7LFzAuCF57VpTzA4N82Hg0l9IOSE24O9Py+jYCXkSefvE8Ms3OIKYCxoVWBXhT/q
bYYZWFMqN0St6L5rqR2gOESxjcdbVd0e45TMXBuQg2gO5QRl6Xr5Ck37oiYP8zhS
y3zXv2hKACGqDo91wxXss3CxkntvIn6nS2rb9atKiFN91IB2WjxNIa2GKkFsAuGf
6fFUIpKxDijVXyKfPXI3nwQzKsMWydG1nN88Wmac8E7QMOXzrXer9tqWDbijZngC
slKMlchnXop/9AR8Y69+OaE2ny72Yq9SIi773EIS97z7TXW8oxXM37wikbIaLP5G
i5IebBXDAgMBAAGjggGQMIIBjDAfBgNVHSMEGDAWgBRZpGYGUqB7lZI8o5QHJ5Z0
W/k90DAdBgNVHQ4EFgQUfDx9eECDHY9uoua1mgTq2yadfSQwLQYDVR0RBCYwJIIi
YXBpLnByb2QucmFsbHlwb2ludC5nc28uYW1hem9uLmRldjAOBgNVHQ8BAf8EBAMC
BaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMD0GA1UdHwQ2MDQwMqAw
oC6GLGh0dHA6Ly9jcmwuc2NhMWIuYW1hem9udHJ1c3QuY29tL3NjYTFiLTEuY3Js
MBMGA1UdIAQMMAowCAYGZ4EMAQIBMHUGCCsGAQUFBwEBBGkwZzAtBggrBgEFBQcw
AYYhaHR0cDovL29jc3Auc2NhMWIuYW1hem9udHJ1c3QuY29tMDYGCCsGAQUFBzAC
hipodHRwOi8vY3J0LnNjYTFiLmFtYXpvbnRydXN0LmNvbS9zY2ExYi5jcnQwDAYD
VR0TAQH/BAIwADATBgorBgEEAdZ5AgQDAQH/BAIFADANBgkqhkiG9w0BAQsFAAOC
AQEADeU8XcU6n4mCilswMm9iCK//ADwPwbs2XL7csDbgDMoymIcVXGf7hF+Euv7Z
FjrVhYeWu2fZt1dGULX2/NgB5wbulrZEXa57VB0AWAEwnG1U3wfdAur3qzdqF5k5
KXPXsv3EBYc3DOoNwvKmY9j7nHoM9rCyPf57splAnWoze4TMGg0v8ZlgJKho0sNE
WgR+ZrqBlUtyRgvq1byCjLMrzdDlfPWwAaBfnrBZqRSAfxz9GTo2rK5RQ27xWW6/
XNfsbEqhVkqcYDqIviJXOgceFWYEINX+VFxt/9n7Cq+CALTkx0tMlxLcWHONbGYs
JIkrAYB6RmhdOycQF2qmNp0Vog==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4gN/6pkJhv3q+yxcwLg
hee1aU8wODfNh4NJfSDkhNuDvT8vo2Al5Enn7xPDLNziCmAsaFVgV4U/6m2GGVhT
KjdErei+a6kdoDhEsY3HW1XdHuOUzFwbkINoDuUEZel6+QpN+6ImD/M4Ust8179o
SgAhqg6PdcMV7LNwsZJ7byJ+p0tq2/WrSohTfdSAdlo8TSGthipBbALhn+nxVCKS
sQ4o1V8inz1yN58EMyrDFsnRtZzfPFpmnPBO0DDl8613q/balg24o2Z4ArJSjJXI
Z16Kf/QEfGOvfjmhNp8u9mKvUiIu+9xCEve8+011vKMVzN+8IpGyGiz+RouSHmwV
wwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 16312405443192537540959591771088045120
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2022-12-03 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-01 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'api.prod.rallypoint.gso.amazon.dev'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20643934773875887117516888612703526850116407702345781585349052951967797425255672385557524511968663128831968323269628815861403666348869241953448552335505243015037540453164898297554159491909401083183501166007171570669402965863310538222605889594313792077116420854715143703152405654549323258351730863795418130796603642392074932011119704675215148264178288139078090187602087014828653184165526548396858385254291409670004541566083748563533662043313604763784403208055747044807145133019607040066282533088629383108118337718781793358894225517475038692030823325297926176298023201894563043835178876351127487884545208694504831063491
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							7c3c7d7840831d8f6ea2e6b59a04eadb269d7d24
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (38 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api.prod.rallypoint.gso.amazon.dev'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (54 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b-1.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		000de53c5dc53a9f89828a5b30326f6208afff003c0fc1bb365cbedcb036e00cca329887155c67fb845f84bafed9163ad5858796bb67d9b7574650b5f6fcd801e706ee96b6445dae7b541d005801309c6d54df07dd02eaf7ab376a1799392973d7b2fdc40587370cea0dc2f2a663d8fb9c7a0cf6b0b23dfe7bb299409d6a337b84cc1a0d2ff1996024a868d2c3445a047e66ba81954b72460bead5bc828cb32bcdd0e57cf5b001a05f9eb059a914807f1cfd193a36acae51436ef1596ebf5cd7ec6c4aa1564a9c603a88be22573a071e15660420d5fe545c6dffd9fb0aaf8200b4e4c74b4c9712dc58738d6c662c24892b01807a46685d3b2710176aa6369d15a2