appstream2.us-gov-west-1.aws.amazon.com
Issued by Amazon
About this certificate
This digital certificate with serial number 0c:48:ff:61:62:35:f8:f5:62:cf:03:ea:f8:c6:4f:c2 was issued on by Amazon.
With 5 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=appstream2.us-gov-west-1.aws.amazon.com
Amazon
Organization:
Amazon
Organization unit: Server CA 1B
Organization unit: Server CA 1B
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 0c:48:ff:61:62:35:f8:f5:62:cf:03:ea:f8:c6:4f:c2Serial Number (int): 16329761053208972828090089237677232066
Serial Number lenght: 124 bits, 16 octets
SubjectKeyId: 30:3d:85:6e:c7:4a:da:bf:dc:ba:6d:d5:a6:10:74:f6:a5:b3:17:c0
AuthorityKeyId: 59:a4:66:06:52:a0:7b:95:92:3c:a3:94:07:27:96:74:5b:f9:3d:d0
Fingerprint (sha1): 75:17:a9:9b:6d:1a:e0:af:17:a8:b6:c6:7a:f9:21:a6:4a:48:d1:c2
Fingerprint (sha256): 5b:85:a1:5d:e6:b1:3d:96:a9:73:cf:3b:6f:95:55:c5:cd:d0:41:ff:5f:0b:ac:42:6f:50:ec:9c:88:ee:17:e2
Issuing Certificate URL: http://crt.sca1b.amazontrust.com/sca1b.crt
Revocation information
OCSP Server: http://ocsp.sca1b.amazontrust.comCRL Distribution Point: http://crl.sca1b.amazontrust.com/sca1b.crl
Check the revocation status for certificate appstream2.us-gov-west-1.aws.amazon.com
5
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for appstream2.us-gov-west-1.aws.amazon.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
portal-appstream2.us-gov-west-1.amazonaws.com
*.appstream2.us-gov-west-1.amazonaws-us-gov.com
*.appstream2.us-gov-west-1.aws.amazon.com
appstream2.us-gov-west-1.aws.amazon.com
appstream2.us-gov-west-1.amazonaws-us-gov.com
*.appstream2.us-gov-west-1.amazonaws-us-gov.com
*.appstream2.us-gov-west-1.aws.amazon.com
appstream2.us-gov-west-1.aws.amazon.com
appstream2.us-gov-west-1.amazonaws-us-gov.com
Other certificates including the domain name amazon.com
(limited to 100 certificates)
fresh.amazon.com
aea-console-canary.aea.amazon.com
charlie-kernel-console-alpha.aws.amazon.com
ap-southeast-1.console.aws.amazon.com
routingtools-jlb-l-dub.dub.proxy.amazon.com
us-west-1.awsc-integ.aws.amazon.com
aea-console-canary.aea.amazon.com
d2ysdk431fhvtm.cloudfront.net
check.integ.aftx.amazon.com
iq-test.console.aws.amazon.com
forums.aws.amazon.com
aea-console-canary.aea.amazon.com
ldap.cpt.amazon.com
bom-s-orca.amazon.com
media-service-fe.amazon.com
aea-console-canary.aea.amazon.com
a4k.amazon.com
d336t989k2uvmt.cloudfront.net
*.stage-business.amazon.com
smartshelf-productfinder.amazon.com
brickviewer-gamma.corp.amazon.com
beta.amazongames.com
aea-console-canary.aea.amazon.com
aea-console-canary.aea.amazon.com
umass.amazon.com
rds-access-syd.corp.amazon.com
aea-console-canary.aea.amazon.com
readynow-agg-preprod-eu.amazon.com
locard-alpha.corp.amazon.com
lender-central-eu.dub.amazon.com
bitrium-na.amazon.com
emf-operator-console-prod-sin-cell2.corp.amazon.com
aea-console-canary.aea.amazon.com
kindlepublishing.amazon.com
mrwiz-nrt-prod.corp.amazon.com
accesspoints-api-na.amazon.com
harbor-cn.amazon.com
firs-ta-g7g-preprod.amazon.com
firmware.hkg.amazon.com
zappos-ask-na.amazon.com
mas-ext.amazon.com
aax-eu.amazon.com
aea-console-canary.aea.amazon.com
registrar-website-backend-gamma.amazon.com
fra-w-orca.amazon.com
otsms-na-master-extern.amazon.com
*.peg.a2z.com
sellercentral.amazon.com
tmga.aea.amazon.com
syd-g-orca.amazon.com
bob-dispatch-preprod-eu.amazon.com
cpt-b-orca.amazon.com
ap-east-1.signin.aws
grappler.corp.amazon.com
ap-southeast-1.signin.aws
match-visualsearch-it.amazon.com
rewrite-ssl.amazon.com
preview-flex-capacity-jp.amazon.com
echoheaders.amazon.com
occentral-preprod.integ.amazon.com
edge-customer-troubleshooting.amazon.com
pharmacy.amazon.com
fls-na.amazon.com
tmga.aea.amazon.com
foxhound.amazon.com
logistics-platform-preprod.amazon.com
aftlite-portal-eu.amazon.com
es-preprod-aw.amazon.com
shm.amazon.com
devicemessaging-preprod.us-east-1.amazon.com
daols-opf-eu.amazon.com
fctools.corp.amazon.com
recordprep-aftx.dub.amazon.com
paragon-eu.amazon.com
advertising-api-test.amazon.com
aea-console-canary.aea.amazon.com
org.amazon.com
sars-cn.amazon.com
aea-console-canary.aea.amazon.com
a.cdn.haileygu.console-alpha.aws-dev.amazon.com
ca-central-1.beta.acm-certificates.amazon.com
pay-api.amazon.com
match-visualsearch-in.amazon.com
warpspeed.eu-west-1.aws.amazon.com
dcs-envy-ui-gamma.corp.amazon.com
taapi-ui-alpha.corp.amazon.com
amp.aka.amazon.com
tmga.aea.amazon.com
merch-eu.amazon.com
glimpse-publish-eu.amazon.com
cde-ta-g7g.amazon.com
tmga.aea.amazon.com
flashui-alpha-na.integ.amazon.com
dp-rsm-preprod.amazon.com
emf-operator-console-prod-sin-cell3.corp.amazon.com
lab-central.amazon.com
cs-ext-eu-preprod.amazon.com
raven.studios.a2z.amazon.com
dp-rsm-prod.amazon.com
adg-order-eu.amazon.com
aea-console-canary.aea.amazon.com
charlie-kernel-console-alpha.aws.amazon.com
ap-southeast-1.console.aws.amazon.com
routingtools-jlb-l-dub.dub.proxy.amazon.com
us-west-1.awsc-integ.aws.amazon.com
aea-console-canary.aea.amazon.com
d2ysdk431fhvtm.cloudfront.net
check.integ.aftx.amazon.com
iq-test.console.aws.amazon.com
forums.aws.amazon.com
aea-console-canary.aea.amazon.com
ldap.cpt.amazon.com
bom-s-orca.amazon.com
media-service-fe.amazon.com
aea-console-canary.aea.amazon.com
a4k.amazon.com
d336t989k2uvmt.cloudfront.net
*.stage-business.amazon.com
smartshelf-productfinder.amazon.com
brickviewer-gamma.corp.amazon.com
beta.amazongames.com
aea-console-canary.aea.amazon.com
aea-console-canary.aea.amazon.com
umass.amazon.com
rds-access-syd.corp.amazon.com
aea-console-canary.aea.amazon.com
readynow-agg-preprod-eu.amazon.com
locard-alpha.corp.amazon.com
lender-central-eu.dub.amazon.com
bitrium-na.amazon.com
emf-operator-console-prod-sin-cell2.corp.amazon.com
aea-console-canary.aea.amazon.com
kindlepublishing.amazon.com
mrwiz-nrt-prod.corp.amazon.com
accesspoints-api-na.amazon.com
harbor-cn.amazon.com
firs-ta-g7g-preprod.amazon.com
firmware.hkg.amazon.com
zappos-ask-na.amazon.com
mas-ext.amazon.com
aax-eu.amazon.com
aea-console-canary.aea.amazon.com
registrar-website-backend-gamma.amazon.com
fra-w-orca.amazon.com
otsms-na-master-extern.amazon.com
*.peg.a2z.com
sellercentral.amazon.com
tmga.aea.amazon.com
syd-g-orca.amazon.com
bob-dispatch-preprod-eu.amazon.com
cpt-b-orca.amazon.com
ap-east-1.signin.aws
grappler.corp.amazon.com
ap-southeast-1.signin.aws
match-visualsearch-it.amazon.com
rewrite-ssl.amazon.com
preview-flex-capacity-jp.amazon.com
echoheaders.amazon.com
occentral-preprod.integ.amazon.com
edge-customer-troubleshooting.amazon.com
pharmacy.amazon.com
fls-na.amazon.com
tmga.aea.amazon.com
foxhound.amazon.com
logistics-platform-preprod.amazon.com
aftlite-portal-eu.amazon.com
es-preprod-aw.amazon.com
shm.amazon.com
devicemessaging-preprod.us-east-1.amazon.com
daols-opf-eu.amazon.com
fctools.corp.amazon.com
recordprep-aftx.dub.amazon.com
paragon-eu.amazon.com
advertising-api-test.amazon.com
aea-console-canary.aea.amazon.com
org.amazon.com
sars-cn.amazon.com
aea-console-canary.aea.amazon.com
a.cdn.haileygu.console-alpha.aws-dev.amazon.com
ca-central-1.beta.acm-certificates.amazon.com
pay-api.amazon.com
match-visualsearch-in.amazon.com
warpspeed.eu-west-1.aws.amazon.com
dcs-envy-ui-gamma.corp.amazon.com
taapi-ui-alpha.corp.amazon.com
amp.aka.amazon.com
tmga.aea.amazon.com
merch-eu.amazon.com
glimpse-publish-eu.amazon.com
cde-ta-g7g.amazon.com
tmga.aea.amazon.com
flashui-alpha-na.integ.amazon.com
dp-rsm-preprod.amazon.com
emf-operator-console-prod-sin-cell3.corp.amazon.com
lab-central.amazon.com
cs-ext-eu-preprod.amazon.com
raven.studios.a2z.amazon.com
dp-rsm-prod.amazon.com
adg-order-eu.amazon.com
Certificate
The complete raw certificate details for appstream2.us-gov-west-1.aws.amazon.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGVTCCBT2gAwIBAgIQDEj/YWI1+PVizwPq+MZPwjANBgkqhkiG9w0BAQsFADBG MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRUwEwYDVQQLEwxTZXJ2ZXIg Q0EgMUIxDzANBgNVBAMTBkFtYXpvbjAeFw0xOTExMTQwMDAwMDBaFw0yMDExMTQx MjAwMDBaMDIxMDAuBgNVBAMTJ2FwcHN0cmVhbTIudXMtZ292LXdlc3QtMS5hd3Mu YW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJxwOEm6 rut5kafLI4dJPC8bglaEBRdGAD2KwkazIvaEm2+tqyWw1TEYIw43/txYSOKJHX66 Pz5DpW7bBuMUx+RBeTf4I1hpjNMBlEOmt47zdlhytXbk2uDIfIjWb1/4PmiOT+wK mng6zVDvULj0QXTiJH0ZsIc7ILVYRHDVpKr8cicGLlvnoRh12inVrGFN1ugXvw1T wEnIzdEUUPlM2lCnCWZjLFV697knOscqnRzIO1+wxFJu4lhgFFxFxGXQ/BR1Nj6q MN8L960xFmmyfkBRrFW87Db29WGA4VQzmku1qVBZRG9uE6GDbGLXN7Q9DEIq8DlP P0xsQDYzRjV2VN8CAwEAAaOCA1EwggNNMB8GA1UdIwQYMBaAFFmkZgZSoHuVkjyj lAcnlnRb+T3QMB0GA1UdDgQWBBQwPYVux0rav9y6bdWmEHT2pbMXwDCB7gYDVR0R BIHmMIHjgi1wb3J0YWwtYXBwc3RyZWFtMi51cy1nb3Ytd2VzdC0xLmFtYXpvbmF3 cy5jb22CLyouYXBwc3RyZWFtMi51cy1nb3Ytd2VzdC0xLmFtYXpvbmF3cy11cy1n b3YuY29tgikqLmFwcHN0cmVhbTIudXMtZ292LXdlc3QtMS5hd3MuYW1hem9uLmNv bYInYXBwc3RyZWFtMi51cy1nb3Ytd2VzdC0xLmF3cy5hbWF6b24uY29tgi1hcHBz dHJlYW0yLnVzLWdvdi13ZXN0LTEuYW1hem9uYXdzLXVzLWdvdi5jb20wDgYDVR0P AQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA7BgNVHR8E NDAyMDCgLqAshipodHRwOi8vY3JsLnNjYTFiLmFtYXpvbnRydXN0LmNvbS9zY2Ex Yi5jcmwwIAYDVR0gBBkwFzALBglghkgBhv1sAQIwCAYGZ4EMAQIBMHUGCCsGAQUF BwEBBGkwZzAtBggrBgEFBQcwAYYhaHR0cDovL29jc3Auc2NhMWIuYW1hem9udHJ1 c3QuY29tMDYGCCsGAQUFBzAChipodHRwOi8vY3J0LnNjYTFiLmFtYXpvbnRydXN0 LmNvbS9zY2ExYi5jcnQwDAYDVR0TAQH/BAIwADCCAQUGCisGAQQB1nkCBAIEgfYE gfMA8QB3AKS5CZC0GFgUh7sTosxncAo8NZgE+RvfuON3zQ7IDdwQAAABbmslwRAA AAQDAEgwRgIhAILp7zyLn94XgvxDZ9OPIDjP7iBqdt1/COCtcV+Zf65OAiEAnVSA /S3a2XAKkfm+qIJPuKH13V6ufMGMbGwc4IYu9QwAdgCHdb/nWXz4jEOZX73zbv9W jUdWNv9KtWDBtOr/XqCDDwAAAW5rJcHvAAAEAwBHMEUCIQC1Ie09bAp9OT3SqiWp JJ4UHRwNihH632hSEiZktL9JqAIgRsQhSA9LtRDOPbokA16o+6L4OK3lQHS0FU5y 1bHwOSUwDQYJKoZIhvcNAQELBQADggEBAFlsLDllP373e6aj+E3nUEwaJ++yufXd toDAuKRcCWEQO/NMMvs0DFr6aIdEI6cje2o8nDoBb+6x3eLRw/SSvJKK5xUe6CEj kjr5/Awhl6MMUlXpjZt+TKHUE8li9IBe02OAHbrrRdMq+kAhA3hJhn0dJuRzzxzR eFLuILYc4doBdEdAzBco9cSKXtCi3X0Z7dbuDNcl5PqIVxbCl3ItSdmOnVyT0cGY pL5FyWpnYavaxMZ8RPelEcM+Fm4TqKMQ5ibkqb7fiNLdhLiy/v0NAB2rNZBZlJW/ wpE5W8jeh1JxJqya2IXqjznrwQNXvGib1yQKHP5dqOeV1DDLPCs5X+8= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnHA4Sbqu63mRp8sjh0k8 LxuCVoQFF0YAPYrCRrMi9oSbb62rJbDVMRgjDjf+3FhI4okdfro/PkOlbtsG4xTH 5EF5N/gjWGmM0wGUQ6a3jvN2WHK1duTa4Mh8iNZvX/g+aI5P7AqaeDrNUO9QuPRB dOIkfRmwhzsgtVhEcNWkqvxyJwYuW+ehGHXaKdWsYU3W6Be/DVPAScjN0RRQ+Uza UKcJZmMsVXr3uSc6xyqdHMg7X7DEUm7iWGAUXEXEZdD8FHU2Pqow3wv3rTEWabJ+ QFGsVbzsNvb1YYDhVDOaS7WpUFlEb24ToYNsYtc3tD0MQirwOU8/TGxANjNGNXZU 3wIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 16329761053208972828090089237677232066 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Server CA 1B' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-11-14 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2020-11-14 12:00:00 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'appstream2.us-gov-west-1.aws.amazon.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 19748513257540595353267105867921731140022965778223894177702355954921961541469279016011988140092471707216519535817171215378453237310427619425649316687117366474821716385416426070571880888247485029032334664973185385149944922554171301450336933909849867941159214286435644577903681594271350672629046349843432064855862140115314887022949860043580826628774528766156319158398124426368716713313920489753367088083609020756797278993218399534040553197028497559584880535835779612098591990938304049427267500273793326690914958928981076888130133099039837216877824795886808814094274640789839238957573826459661668370729601195137752782047 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 59a4660652a07b95923ca394072796745bf93dd0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) 303d856ec74adabfdcba6dd5a61074f6a5b317c0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (230 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'portal-appstream2.us-gov-west-1.amazonaws.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.appstream2.us-gov-west-1.amazonaws-us-gov.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.appstream2.us-gov-west-1.aws.amazon.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'appstream2.us-gov-west-1.aws.amazon.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'appstream2.us-gov-west-1.amazonaws-us-gov.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.sca1b.amazontrust.com/sca1b.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (25 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.2 (digiCertDVCert) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.sca1b.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.sca1b.amazontrust.com/sca1b.crt' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (246 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (243 bytes) 00f1007700a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc100000016e6b25c110000004030048304602210082e9ef3c8b9fde1782fc4367d38f2038cfee206a76dd7f08e0ad715f997fae4e0221009d5480fd2ddad9700a91f9bea8824fb8a1f5dd5eae7cc18c6c6c1ce0862ef50c0076008775bfe7597cf88c43995fbdf36eff568d475636ff4ab560c1b4eaff5ea0830f0000016e6b25c1ef0000040300473045022100b521ed3d6c0a7d393dd2aa25a9249e141d1c0d8a11fadf6852122664b4bf49a8022046c421480f4bb510ce3dba24035ea8fba2f838ade54074b4154e72d5b1f03925 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 00596c2c39653f7ef77ba6a3f84de7504c1a27efb2b9f5ddb680c0b8a45c0961103bf34c32fb340c5afa68874423a7237b6a3c9c3a016feeb1dde2d1c3f492bc928ae7151ee82123923af9fc0c2197a30c5255e98d9b7e4ca1d413c962f4805ed363801dbaeb45d32afa4021037849867d1d26e473cf1cd17852ee20b61ce1da01744740cc1728f5c48a5ed0a2dd7d19edd6ee0cd725e4fa885716c297722d49d98e9d5c93d1c198a4be45c96a6761abdac4c67c44f7a511c33e166e13a8a310e626e4a9bedf88d2dd84b8b2fefd0d001dab3590599495bfc291395bc8de87527126ac9ad885ea8f39ebc10357bc689bd7240a1cfe5da8e795d430cb3c2b395fef