rtn.amazon.com.cn

- Amazon.com, Inc. -

Issued by DigiCert Global CA G2

About this certificate

This digital certificate with serial number 0a:e6:15:b5:1a:72:07:e0:ba:14:a2:1a:b4:82:49:4d was issued on by DigiCert Inc.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Amazon.com, Inc.

Organization: Amazon.com, Inc.
State / Province: Washington
Locality: Seattle
Country: US

DigiCert Inc

Organization: DigiCert Inc
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 0a:e6:15:b5:1a:72:07:e0:ba:14:a2:1a:b4:82:49:4d
Serial Number (int): 14486948514395725851359704419643050317
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: 34:9a:dd:93:55:95:2e:4d:a6:6a:fc:5e:b0:7d:bf:3e:6a:5c:3f:22
AuthorityKeyId: 24:6e:2b:2d:d0:6a:92:51:51:25:69:01:aa:9a:47:a6:89:e7:40:20

Fingerprint (sha1): d5:26:d6:a4:a7:d5:c1:e6:0c:11:55:4f:d8:09:6f:11:4d:0c:eb:1b
Fingerprint (sha256): 5f:45:df:53:21:c5:ca:0f:fd:9a:d6:d2:38:b9:12:b9:b2:a4:06:1a:15:99:8c:67:37:3b:75:a1:0b:bf:86:27

Issuing Certificate URL: http://cacerts.digicert.com/DigiCertGlobalCAG2.crt

Revocation information

OCSP Server: http://ocsp.digicert.com
CRL Distribution Point: http://crl3.digicert.com/DigiCertGlobalCAG2.crl
CRL Distribution Point: http://crl4.digicert.com/DigiCertGlobalCAG2.crl

Check the revocation status for certificate rtn.amazon.com.cn

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for rtn.amazon.com.cn

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

rtn.amazon.com.cn

Other certificates including the domain name amazon.com.cn

(limited to 100 certificates)
rtn.amazon.com.cn
amzan.cc
rds.cn-northwest-1.amazon.com.cn
awsmp-financial-tools.cn-northwest-1.amazon.com.cn
rtn.amazon.com.cn
health.cn-northwest-1.amazonaws.com.cn
rds.cn-northwest-1.amazon.com.cn
rds.cn-northwest-1.amazon.com.cn
zhouyue.cn
amzan.cc
aws-factstoreservice-alpha.cn-northwest-1.amazon.com.cn
aws-factstoreservice-prod.cn-northwest-1.amazon.com.cn
amzan.cc
?.?.amazon.com.cn
rtn.amazon.com.cn
rtn.amazon.com.cn
iototamgr.internal.ota.iot.cn-north-1.amazonaws.com.cn
amzan.cc
rtn.amazon.com.cn
photon-portal-gamma.cn-northwest-1.aws.amazon.com.cn
appstream2.cn-northwest-1.aws.amazon.com.cn
aws-icpms.cn-north-1.amazon.com.cn
rtn.amazon.com.cn
website.marketplace.cn-northwest-1.amazon.com.cn
rtn.amazon.com.cn
awsmp-financial-tools.cn-northwest-1.amazon.com.cn
amzan.cc
aws-icpms.cn-north-1.amazon.com.cn
website.marketplace.cn-northwest-1.amazon.com.cn
appstream2.cn-northwest-1.aws.amazon.com.cn
rds.cn-northwest-1.amazon.com.cn
amzan.cc
appstream2.cn-northwest-1.aws.amazon.com.cn
amzan.cc

Certificate

The complete raw certificate details for rtn.amazon.com.cn in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGHDCCBQSgAwIBAgIQCuYVtRpyB+C6FKIatIJJTTANBgkqhkiG9w0BAQsFADBE
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMR4wHAYDVQQDExVE
aWdpQ2VydCBHbG9iYWwgQ0EgRzIwHhcNMTgxMTEyMDAwMDAwWhcNMTkxMDMxMTIw
MDAwWjBrMQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UE
BxMHU2VhdHRsZTEZMBcGA1UEChMQQW1hem9uLmNvbSwgSW5jLjEaMBgGA1UEAxMR
cnRuLmFtYXpvbi5jb20uY24wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCN3prB0Nt94X9fsZwHN54cCFO6Ox3Y2nidj4g5bN3h++Eo8bfONZpq63zEwPtq
MR6NLj5tZ8Kb1E/mS/FxaAF3t0wmKwjHeZeotOY4YUGLfR/1XQEeNlPJfxv+pGMu
Ozg+RhuLgOIg+4Q7Pz287889mTfb+a7+/7Fb0fC2fYkol2woANXTdW0KfABFSRy3
yyqMpgr83dVz6V+TzNXAG7FWk6C9ycEyroF7iqRHzuAprqb5wixxhjHiD0LgBHss
r5O5RFa2Fl4pVThsfzc/FZ9kF+zZZncLbvMjd87IPwPyJIAKiGWNkwCnK2+ub7Li
MV22ZWQdho1YELq5fbio/ExXAgMBAAGjggLhMIIC3TAfBgNVHSMEGDAWgBQkbist
0GqSUVElaQGqmkemiedAIDAdBgNVHQ4EFgQUNJrdk1WVLk2mavxesH2/PmpcPyIw
HAYDVR0RBBUwE4IRcnRuLmFtYXpvbi5jb20uY24wDgYDVR0PAQH/BAQDAgWgMB0G
A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjB3BgNVHR8EcDBuMDWgM6Axhi9o
dHRwOi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRHbG9iYWxDQUcyLmNybDA1
oDOgMYYvaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0R2xvYmFsQ0FH
Mi5jcmwwTAYDVR0gBEUwQzA3BglghkgBhv1sAQEwKjAoBggrBgEFBQcCARYcaHR0
cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAIBgZngQwBAgIwdAYIKwYBBQUHAQEE
aDBmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wPgYIKwYB
BQUHMAKGMmh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2Jh
bENBRzIuY3J0MAkGA1UdEwQCMAAwggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdQCk
uQmQtBhYFIe7E6LMZ3AKPDWYBPkb37jjd80OyA3cEAAAAWcKUDNNAAAEAwBGMEQC
IBmE4VqLGoBfPorllj6nuRiVVexJexUEPxEfyLtATjA5AiBtqUfxaPdSBRVYl3Ov
qhppdLovLJGtgkbSrYlzU2qCRgB3AId1v+dZfPiMQ5lfvfNu/1aNR1Y2/0q1YMG0
6v9eoIMPAAABZwpQNDMAAAQDAEgwRgIhAOy8RdoYijqXjpSJRtk9AjCF6uMKw4hg
Ue6E7nXV6OrMAiEA3A6l/OioF2wV7i0bdivT2bSbWqW1JgeTFAMsrDDUBlMwDQYJ
KoZIhvcNAQELBQADggEBAGyg3NR6WpDwZisZijrOzh7j32zDGIdD6IIW/CX9UTDf
884Xb6PDXVtE/aC1PtIl4JaspgZIHlyIL+7JrtJ+RRb/16vKBx6xNjmEgIn67Mid
mWFeLjWOy+HIQxylVI/z9xpOMUtmlHdXY3qrILAuCHUeaDlw8k+f+cA2vVl+nnIr
JVx3TJ+z1rQLPiFm6E6pcWrsF05Kkq80PtzpyfZDMVjXOlolDBuxd6Zr/DBvRVkc
vPraBfRSHZM6GQQ/hx3nGMk4WY96LNspxR2LURoUj1TIrgn1ODIV8C/jb0pr3ZTj
JtaEBFGbk8IseVlOM8DMRtVg4X9G1GtgmMGrgAOxlHs=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjd6awdDbfeF/X7GcBzee
HAhTujsd2Np4nY+IOWzd4fvhKPG3zjWaaut8xMD7ajEejS4+bWfCm9RP5kvxcWgB
d7dMJisIx3mXqLTmOGFBi30f9V0BHjZTyX8b/qRjLjs4PkYbi4DiIPuEOz89vO/P
PZk32/mu/v+xW9Hwtn2JKJdsKADV03VtCnwARUkct8sqjKYK/N3Vc+lfk8zVwBux
VpOgvcnBMq6Be4qkR87gKa6m+cIscYYx4g9C4AR7LK+TuURWthZeKVU4bH83PxWf
ZBfs2WZ3C27zI3fOyD8D8iSACohljZMApytvrm+y4jFdtmVkHYaNWBC6uX24qPxM
VwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 14486948514395725851359704419643050317
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Inc'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'DigiCert Global CA G2'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2018-11-12 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-10-31 12:00:00 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Washington'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Seattle'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon.com, Inc.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'rtn.amazon.com.cn'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 17909371380172657217663528000585983424921132111056610277576628686207716837313162468474431606849496761282266882949572273613551466260926343577446764404094428207987121562142317690893125171957484664681094387566155867555705304732977788580227077149270071608522635763390608426732758994457345624150784602897100114175241842789271738419472319823016998905005121898590515505650720667086245218595301227625680581640051377464025205124071344828255752006560366214102651628903457588016594786629101621206853682956292454758761623165359311604166381843472734485529132103956364316937769673447090648466273656420043406760421480344470140243031
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 246e2b2dd06a925151256901aa9a47a689e74020
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							349add9355952e4da66afc5eb07dbf3e6a5c3f22
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (21 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'rtn.amazon.com.cn'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (112 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl3.digicert.com/DigiCertGlobalCAG2.crl'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl4.digicert.com/DigiCertGlobalCAG2.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (69 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.16.840.1.114412.1.1 (digiCertOVCert)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'https://www.digicert.com/CPS'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.2 (Organization Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (104 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.digicert.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://cacerts.digicert.com/DigiCertGlobalCAG2.crt'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (245 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (242 bytes)
							00f0007500a4b90990b418581487bb13a2cc67700a3c359804f91bdfb8e377cd0ec80ddc10000001670a50334d000004030046304402201984e15a8b1a805f3e8ae5963ea7b9189555ec497b15043f111fc8bb404e303902206da947f168f7520515589773afaa1a6974ba2f2c91ad8246d2ad8973536a82460077008775bfe7597cf88c43995fbdf36eff568d475636ff4ab560c1b4eaff5ea0830f000001670a5034330000040300483046022100ecbc45da188a3a978e948946d93d023085eae30ac3886051ee84ee75d5e8eacc022100dc0ea5fce8a8176c15ee2d1b762bd3d9b49b5aa5b526079314032cac30d40653
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		006ca0dcd47a5a90f0662b198a3acece1ee3df6cc3188743e88216fc25fd5130dff3ce176fa3c35d5b44fda0b53ed225e096aca606481e5c882feec9aed27e4516ffd7abca071eb13639848089faecc89d99615e2e358ecbe1c8431ca5548ff3f71a4e314b66947757637aab20b02e08751e683970f24f9ff9c036bd597e9e722b255c774c9fb3d6b40b3e2166e84ea9716aec174e4a92af343edce9c9f6433158d73a5a250c1bb177a66bfc306f45591cbcfada05f4521d933a19043f871de718c938598f7a2cdb29c51d8b511a148f54c8ae09f5383215f02fe36f4a6bdd94e326d68404519b93c22c79594e33c0cc46d560e17f46d46b6098c1ab8003b1947b