api-bops.xform-dev-2.xformative.cloud

Issued by Amazon RSA 2048 M03

About this certificate

This digital certificate with serial number 05:89:04:d6:2e:77:92:cd:a4:a6:0a:2b:99:49:b1:54 was issued on by Amazon.

With 8 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=api-bops.xform-dev-2.xformative.cloud

Amazon

Organization: Amazon
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 05:89:04:d6:2e:77:92:cd:a4:a6:0a:2b:99:49:b1:54
Serial Number (int): 7357582747389909292146883668430401876
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: ba:18:01:38:70:ed:a1:19:7c:9a:84:93:29:7a:61:5d:a5:80:01:f5
AuthorityKeyId: 55:d9:18:5f:d2:1c:cc:01:e1:58:b4:be:ab:d9:55:42:01:d7:2e:02

Fingerprint (sha1): 2c:3c:23:d0:a7:62:61:83:42:1a:57:13:bd:8d:ca:5d:5b:e3:ba:3e
Fingerprint (sha256): 66:7a:50:0d:e9:fc:b0:7b:3f:79:8f:45:fc:f4:73:f8:9a:6b:f8:50:e8:cc:8f:60:69:16:82:22:e2:4a:48:d6

Issuing Certificate URL: http://crt.r2m03.amazontrust.com/r2m03.cer

Revocation information

OCSP Server: http://ocsp.r2m03.amazontrust.com
CRL Distribution Point: http://crl.r2m03.amazontrust.com/r2m03.crl

Check the revocation status for certificate api-bops.xform-dev-2.xformative.cloud

8

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for api-bops.xform-dev-2.xformative.cloud

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

api-bops.xform-dev-2.xformative.cloud
api-organization.xform-dev-2.xformative.cloud
api-simulator.xform-dev-2.xformative.cloud
api-dops.xform-dev-2.xformative.cloud
api-payment.xform-dev-2.xformative.cloud
api-card.xform-dev-2.xformative.cloud
api-ledger.xform-dev-2.xformative.cloud
api-program.xform-dev-2.xformative.cloud

Other certificates including the domain name xformative.cloud

(limited to 100 certificates)
suporte.controladoria.digital
suporte.controladoria.digital
support.xformative.cloud
ajuda.receitadigital.com
helpdesk.yourtekpro.com
ajuda.receitadigital.com
suporte.controladoria.digital
support.strident.uk.com
soporte.masin.co
suporte.escritax.com.br
suporte.controladoria.digital
api-card.talon-stg.xformative.cloud
support.strident.uk.com
suporte.controladoria.digital
ajuda.receitadigital.com
suporte.controladoria.digital
api-client.xps-tasc-stg.xformative.cloud
api-report.talon-stg.xformative.cloud
bops.xform-dev.xformative.cloud
support.mindsize.com
api-individual.xps-tasc-stg.xformative.cloud
suporte.escritax.com.br
api-dops.xps-tasc-stg.xformative.cloud
soporte.masin.co
tasc-transaction.xps-tasc-stg.xformative.cloud
support.mindsize.com
suporte.controladoria.digital
api-individual.xform-dev.xformative.cloud
api-bops.xform-dev.xformative.cloud
api-payment.talon-stg.xformative.cloud
tasc-test.xps-tasc-stg.xformative.cloud
api-bops.xps-tasc-stg.xformative.cloud
helpdesk.yourtekpro.com
soporte.peruapps.com.pe
api-simulator.xform-dev.xformative.cloud
suporte.controladoria.digital
suporte.controladoria.digital
ajuda.receitadigital.com
suporte.controladoria.digital
suporte.controladoria.digital
ajuda.receitadigital.com
suporte.controladoria.digital
ajuda.receitadigital.com
support.lumenave.com
suporte.controladoria.digital
dops.xform-dev.xformative.cloud
suporte.controladoria.digital
helpdesk.bhamtastic.com
support.zilmoney.com
ajuda.receitadigital.com
suporte.controladoria.digital
suporte.controladoria.digital
api-ledger.xform-dev.xformative.cloud
api-bops.xform-dev-2.xformative.cloud
soporte.masin.co
suporte.controladoria.digital
api-dops.xform-dev.xformative.cloud
soporte.peruapps.com.pe
care.toucango.net
care.toucango.net
support.lumenave.com
support.mindsize.com
support.mindsize.com
suporte.controladoria.digital
suporte.controladoria.digital
soporte.peruapps.com.pe
suporte.controladoria.digital
api-organization.xform-dev.xformative.cloud
helpdesk.yourtekpro.com
api-program.xps-tasc-stg.xformative.cloud
api-fops.xform-dev.xformative.cloud
care.toucango.net
suporte.controladoria.digital
suporte.escritax.com.br
ajuda.receitadigital.com
suporte.controladoria.digital
tasc-platform.xps-tasc-stg.xformative.cloud
api-simulator.talon-stg.xformative.cloud
suporte.escritax.com.br
api-program.xform-dev.xformative.cloud
support.zilmoney.com
api-report.xps-tasc-stg.xformative.cloud
tasc-user.xps-tasc-stg.xformative.cloud
helpdesk.bhamtastic.com
suporte.controladoria.digital
api-simulator.xps-tasc-stg.xformative.cloud
ajuda.receitadigital.com
api-dops.talon-stg.xformative.cloud
helpdesk.avvaiyarpadasalai.org
suporte.controladoria.digital
api-card.xps-tasc-stg.xformative.cloud
support.lumenave.com
ajuda.receitadigital.com
ajuda.receitadigital.com
suporte.controladoria.digital
ajuda.receitadigital.com
support.strident.uk.com
api-organization.talon-stg.xformative.cloud
tasc-configuration.xps-tasc-stg.xformative.cloud
helpdesk.yourtekpro.com

Certificate

The complete raw certificate details for api-bops.xform-dev-2.xformative.cloud in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIFtTCCBJ2gAwIBAgIQBYkE1i53ks2kpgormUmxVDANBgkqhkiG9w0BAQsFADA8
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g
UlNBIDIwNDggTTAzMB4XDTI0MDYwNjAwMDAwMFoXDTI1MDcwNjIzNTk1OVowMDEu
MCwGA1UEAxMlYXBpLWJvcHMueGZvcm0tZGV2LTIueGZvcm1hdGl2ZS5jbG91ZDCC
ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKC93CnlREqLydLGH41zva5Y
RtdquazPrQzCjr6A+TDr9zd5DoxDBBIx9X+cEc71TKVdfCIo623Yw51IziLKaI5k
sWtvSt42YmE4zfGXLDtXT4as/kZB/XKHyp7lc5YK/6lu+Uv/X1MVxSPq3Ju4sMY8
xcmS1O2/qp6RC5Sej4TCQQhQzfnWU2t86w4kPus+vFcskDaUhAEgNydidwGIcuSV
l0GgKtMKMjKhQq2pt6CRWQQOSXk8B4Jwycl10nS4drdT/O+rHEHI0TA27LyBBHXJ
pRVrfLt4j8lSzF5qh2rsD4wYZ55IUAklL9z1JXXMIoDFbQ1jL+8LDaEpD2hi3WkC
AwEAAaOCAr0wggK5MB8GA1UdIwQYMBaAFFXZGF/SHMwB4Vi0vqvZVUIB1y4CMB0G
A1UdDgQWBBS6GAE4cO2hGXyahJMpemFdpYAB9TCCAVoGA1UdEQSCAVEwggFNgiVh
cGktYm9wcy54Zm9ybS1kZXYtMi54Zm9ybWF0aXZlLmNsb3Vkgi1hcGktb3JnYW5p
emF0aW9uLnhmb3JtLWRldi0yLnhmb3JtYXRpdmUuY2xvdWSCKmFwaS1zaW11bGF0
b3IueGZvcm0tZGV2LTIueGZvcm1hdGl2ZS5jbG91ZIIlYXBpLWRvcHMueGZvcm0t
ZGV2LTIueGZvcm1hdGl2ZS5jbG91ZIIoYXBpLXBheW1lbnQueGZvcm0tZGV2LTIu
eGZvcm1hdGl2ZS5jbG91ZIIlYXBpLWNhcmQueGZvcm0tZGV2LTIueGZvcm1hdGl2
ZS5jbG91ZIInYXBpLWxlZGdlci54Zm9ybS1kZXYtMi54Zm9ybWF0aXZlLmNsb3Vk
gihhcGktcHJvZ3JhbS54Zm9ybS1kZXYtMi54Zm9ybWF0aXZlLmNsb3VkMBMGA1Ud
IAQMMAowCAYGZ4EMAQIBMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEF
BQcDAQYIKwYBBQUHAwIwOwYDVR0fBDQwMjAwoC6gLIYqaHR0cDovL2NybC5yMm0w
My5hbWF6b250cnVzdC5jb20vcjJtMDMuY3JsMHUGCCsGAQUFBwEBBGkwZzAtBggr
BgEFBQcwAYYhaHR0cDovL29jc3AucjJtMDMuYW1hem9udHJ1c3QuY29tMDYGCCsG
AQUFBzAChipodHRwOi8vY3J0LnIybTAzLmFtYXpvbnRydXN0LmNvbS9yMm0wMy5j
ZXIwDAYDVR0TAQH/BAIwADATBgorBgEEAdZ5AgQDAQH/BAIFADANBgkqhkiG9w0B
AQsFAAOCAQEAjQHm5sx6F5B7MRdy2FbzTXe+HpXT/qi7lIcy/KALpemDmzyJA4w6
LgjglCWJo387QqGvQkAqeqzgpRFXDoIyM02caYoqzxpW5ImFzrpn3PFevXgqqbKl
nbFmDOVYxkEcJuNK19uRsoZm8EGOvfRfXb7b5uPehied8VzX8/Ysw5eejZHMweAD
HPxOQOlzBTwrm1LEOGap0KgGkQY2IQ84d2CtFZf4MyW0mGHhjQjNlI3/EnOyb3Tq
ME4H8rfYY/rbx2iPoSpMA8MAkHnEzw5MyYZLDSBk8RVnEiNir/jz7uBStInkUimr
VhupV4kbFlGFqTNiQJbnBBX0EQw6p2Xzdg==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoL3cKeVESovJ0sYfjXO9
rlhG12q5rM+tDMKOvoD5MOv3N3kOjEMEEjH1f5wRzvVMpV18IijrbdjDnUjOIspo
jmSxa29K3jZiYTjN8ZcsO1dPhqz+RkH9cofKnuVzlgr/qW75S/9fUxXFI+rcm7iw
xjzFyZLU7b+qnpELlJ6PhMJBCFDN+dZTa3zrDiQ+6z68VyyQNpSEASA3J2J3AYhy
5JWXQaAq0woyMqFCram3oJFZBA5JeTwHgnDJyXXSdLh2t1P876scQcjRMDbsvIEE
dcmlFWt8u3iPyVLMXmqHauwPjBhnnkhQCSUv3PUldcwigMVtDWMv7wsNoSkPaGLd
aQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 7357582747389909292146883668430401876
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M03'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-06-06 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-07-06 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'api-bops.xform-dev-2.xformative.cloud'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 20291752257002965566087550267757740089361952236628299376968546572194715545308157972133800620260831810313660453350348274777446049130887345774758516424787273319270207194333171205617765819685142845774465806757355634542137088096732051503887113885590007178409191284712927385465025887010063871026354492684261360201106737163948620450340467296012190579272477928677505001183863376327633874265204832714670307627322340424391567815021887769256148333265743991429302979308503115370398649314515576442294879747938372476902773425731435744749511963279092658359136136859117715595886352240995615844105996717533318158142228680546717982057
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 55d9185fd21ccc01e158b4beabd9554201d72e02
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							ba18013870eda1197c9a8493297a615da58001f5
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (337 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api-bops.xform-dev-2.xformative.cloud'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api-organization.xform-dev-2.xformative.cloud'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api-simulator.xform-dev-2.xformative.cloud'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api-dops.xform-dev-2.xformative.cloud'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api-payment.xform-dev-2.xformative.cloud'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api-card.xform-dev-2.xformative.cloud'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api-ledger.xform-dev-2.xformative.cloud'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'api-program.xform-dev-2.xformative.cloud'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m03.amazontrust.com/r2m03.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m03.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m03.amazontrust.com/r2m03.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.3 (CT Precertificate Poison)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		008d01e6e6cc7a17907b311772d856f34d77be1e95d3fea8bb948732fca00ba5e9839b3c89038c3a2e08e0942589a37f3b42a1af42402a7aace0a511570e8232334d9c698a2acf1a56e48985ceba67dcf15ebd782aa9b2a59db1660ce558c6411c26e34ad7db91b28666f0418ebdf45f5dbedbe6e3de86279df15cd7f3f62cc3979e8d91ccc1e0031cfc4e40e973053c2b9b52c43866a9d0a806910636210f387760ad1597f83325b49861e18d08cd948dff1273b26f74ea304e07f2b7d863fadbc7688fa12a4c03c3009079c4cf0e4cc9864b0d2064f11567122362aff8f3eee052b489e45229ab561ba957891b165185a933624096e70415f4110c3aa765f376