education.nsw.gov.au

Issued by Amazon RSA 2048 M02

About this certificate

This digital certificate with serial number 0c:a2:50:64:e2:33:3e:03:13:14:68:0e:a6:94:c3:ec was issued on by Amazon.

With 10 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=education.nsw.gov.au

Amazon

Organization: Amazon
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 0c:a2:50:64:e2:33:3e:03:13:14:68:0e:a6:94:c3:ec
Serial Number (int): 16793518626091736390596640220426585068
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: 80:c0:df:2f:97:3f:86:58:5c:f5:e8:6a:ad:50:ac:38:07:cb:1e:b1
AuthorityKeyId: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2

Fingerprint (sha1): 2d:24:d6:3f:15:df:2a:b8:f3:e6:a6:b7:f4:99:d6:93:e8:3b:ac:92
Fingerprint (sha256): 70:cf:e1:a0:bb:b0:b7:a8:6e:dc:2f:05:34:c1:a2:28:87:f5:c0:c0:89:4a:9a:40:0e:6c:ec:11:1a:78:6a:7e

Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer

Revocation information

OCSP Server: http://ocsp.r2m02.amazontrust.com
CRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl

Check the revocation status for certificate education.nsw.gov.au

10

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for education.nsw.gov.au

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

education.nsw.gov.au
careers.nsw.gov.au
naplanreview.com.au
*.schoolinfrastructure.nsw.gov.au
teach.nsw.edu.au
*.sws.schools.nsw.gov.au
www.naplanreview.com.au
*.teach.nsw.edu.au
*.education.nsw.gov.au
*.schools.nsw.gov.au

Other certificates including the domain name nsw.gov.au

(limited to 100 certificates)
glc-lyncfe.glc-dom.greatlakes.nsw.gov.au
wnswlhd.health.nsw.gov.au
virtela.simpplr.com
sni192047.cloudflaressl.com
helpdesk.regionalhousing.org.au
webpac.sutherlandshire.nsw.gov.au
*.sopa.nsw.gov.au
rsc.cdn77.org
test.cadastre.nsw.gov.au
support.licence.nsw.gov.au
incapsula.com
incapsula.com
search.det.nsw.edu.au
vsp.schn.health.nsw.gov.au
www.goulburn.nsw.gov.au
live.artgallery.nsw.gov.au
citrix.service.nsw.gov.au
ehub.enrol.education.nsw.gov.au
www.heti.nsw.gov.au
incapsula.com
archivemanager.health.nsw.gov.au
vpn.hawkesbury.nsw.gov.au
*.finance.nsw.gov.au
www.careforacarer.nsw.gov.au
ictsd.sureservegroup.co.uk
www.kogarah.nsw.gov.au
ictsd.sureservegroup.co.uk
pra.community.nsw.gov.au
PCS-PDS263.tmc.rta.nsw.gov.au
vmoirs.health.nsw.gov.au
objective-dev.transport.nsw.gov.au
employment.midwestern.nsw.gov.au
*.audit.nsw.gov.au
mpa.nsw.gov.au
mailsync.narrandera.nsw.gov.au
incapsula.com
*.int.smprimavera.aws.hosting.transport.nsw.gov.au
skypool1.det.nsw.edu.au
ssl758952.cloudflaressl.com
mhrt.nsw.gov.au
intranet.transport.nsw.gov.au
m.artgallery.nsw.gov.au
policingactivity.bocsar.nsw.gov.au
eventshub.nsw.gov.au
pointtopoint.nsw.gov.au
macroc.nsw.gov.au
oacciwtrn.oci.dcj.nsw.gov.au
ssl758953.cloudflaressl.com
www.energy.nsw.gov.au
cims-sit.hbcf.nsw.gov.au
fncw.nsw.gov.au
wollongong.nsw.gov.au
accessedge1.nswgov.ucfx.com
crl.nsw.gov.au
gitlab.service.nsw.gov.au
ssl375654.cloudflaressl.com
alpha.portal.data.nsw.gov.au
www.victimsservices.justice.nsw.gov.au
sni203116.cloudflaressl.com
www.pexa.osr.nsw.gov.au
msa.dev.education.nsw.gov.au
sni183646.cloudflaressl.com
5676582576324608-fe3.pantheonsite.io
sni183646.cloudflaressl.com
citrix.lb.rta.nsw.gov.au
sni192047.cloudflaressl.com
*.icac.nsw.gov.au
imperva.com
failover.graftongallery.nsw.gov.au
whatsonhelp.cityofsydney.nsw.gov.au
5638916786880512-fe1.pantheonsite.io
tmf-dashboard.icare.nsw.gov.au
uat.emos.nsw.gov.au
www.otsi.nsw.gov.au
events.energysaver.nsw.gov.au
*.unify.service.nsw.gov.au
www.kyogle.nsw.gov.au
web-workflow.sl.nsw.gov.au
camden.nsw.gov.au
cloud.comms.service.nsw.gov.au
sni192050.cloudflaressl.com
governor.nsw.gov.au
*.wls.dpi.nsw.gov.au
tools.dev.justconnect.justice.nsw.gov.au
api.uat01.onlineregistry.justice.nsw.gov.au
incapsula.com
locale-distro.morpht.com
apt-apigee-devs-profile-user-images-prod.cf.g.service.nsw.gov.au
imperva.com
eservices.byron.nsw.gov.au
snswlhd.health.nsw.gov.au
maritimemanagement.transport.nsw.gov.au
tst.smartandskilled.nsw.gov.au
www.hay.nsw.gov.au
*.audit.nsw.gov.au
incapsula.com
*.upperhunter.nsw.gov.au
sni.cloudflaressl.com
mail.yass.nsw.gov.au
archives.nsw.gov.au

Certificate

The complete raw certificate details for education.nsw.gov.au in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGrDCCBZSgAwIBAgIQDKJQZOIzPgMTFGgOppTD7DANBgkqhkiG9w0BAQsFADA8
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g
UlNBIDIwNDggTTAyMB4XDTIzMDIxMzAwMDAwMFoXDTIzMDkwNzIzNTk1OVowHzEd
MBsGA1UEAxMUZWR1Y2F0aW9uLm5zdy5nb3YuYXUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCIviDLRW8RZnuebMIbWlOgM45QFnd+4534eL9rV+IPbsS5
cETGd4f6lYULEK+uaYu2z/ihyCS5nIwPSxshXG8TtB/B0KlC8XlZjLzld3IMPoc7
Rw+Py25ag1ipI7qRNph+YK5OAcj5EdOCXMZ0dflRgwNeW+aAI/snevY0Wkd1nW9t
nsYDM3adbMayBoBtKnXXYryZAouYyyynVeJWTi/S2g7ufUKwQWPbAAb7AeMjm+0X
DOeVpmmqFS8D4K9uX8v6baOdoUvbC5aIP8NDG0RD/k+kZdn2RKC3E0w1Y2G7b4gf
fyCEQVIS2OteCl6A2CB6VaADnBNPe4ewhlBcW0fLAgMBAAGjggPFMIIDwTAfBgNV
HSMEGDAWgBTAMVLNWlDDgnx0cc7L6Zz5euuC4jAdBgNVHQ4EFgQUgMDfL5c/hlhc
9ehqrVCsOAfLHrEwgfQGA1UdEQSB7DCB6YIUZWR1Y2F0aW9uLm5zdy5nb3YuYXWC
EmNhcmVlcnMubnN3Lmdvdi5hdYITbmFwbGFucmV2aWV3LmNvbS5hdYIhKi5zY2hv
b2xpbmZyYXN0cnVjdHVyZS5uc3cuZ292LmF1ghB0ZWFjaC5uc3cuZWR1LmF1ghgq
LnN3cy5zY2hvb2xzLm5zdy5nb3YuYXWCF3d3dy5uYXBsYW5yZXZpZXcuY29tLmF1
ghIqLnRlYWNoLm5zdy5lZHUuYXWCFiouZWR1Y2F0aW9uLm5zdy5nb3YuYXWCFCou
c2Nob29scy5uc3cuZ292LmF1MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggr
BgEFBQcDAQYIKwYBBQUHAwIwOwYDVR0fBDQwMjAwoC6gLIYqaHR0cDovL2NybC5y
Mm0wMi5hbWF6b250cnVzdC5jb20vcjJtMDIuY3JsMBMGA1UdIAQMMAowCAYGZ4EM
AQIBMHUGCCsGAQUFBwEBBGkwZzAtBggrBgEFBQcwAYYhaHR0cDovL29jc3AucjJt
MDIuYW1hem9udHJ1c3QuY29tMDYGCCsGAQUFBzAChipodHRwOi8vY3J0LnIybTAy
LmFtYXpvbnRydXN0LmNvbS9yMm0wMi5jZXIwDAYDVR0TAQH/BAIwADCCAYAGCisG
AQQB1nkCBAIEggFwBIIBbAFqAHcA6D7Q2j71BjUy51covIlryQPTy9ERa+zraeF3
fW0GvW4AAAGGTDgZLwAABAMASDBGAiEAicUc8O5WuV25+hCBTZhm71h3TQlwrzkZ
LfKIZRgYis8CIQDR3j1SO0QLrv8QpjqYsqVAT50/qL8DXL+ceJ5/mAin+QB2ALNz
dwfhhFD4Y4bWBancEQlKeS2xZwwLh9zwAw55NqWaAAABhkw4GWUAAAQDAEcwRQIh
AJBPKzBj3wFZLA+7V6EobYTwLEcLSP1bNxkJJEfeV7ZeAiBWVErlI8lfiHrAJ1+b
7XLdEpGODBavoG6KDvnBjV4lXQB3ALc++yTfnE26dfI5xbpY9Gxd/ELPep81xJ4d
CYEl7bSZAAABhkw4GToAAAQDAEgwRgIhAPelfXv71pYW/bxILumZ8f+rEgCPwSD+
H6qJo0qoOCIaAiEA5TAUz6dVi1do6gl+XIHRlrlxgY57djMK27gyF1D2pocwDQYJ
KoZIhvcNAQELBQADggEBAIyl6wthle677MCBtW0H8m+ojuZSjkhKsRGVKWZbgYcK
Dd3qdu0u922TL2jnIi0/rqz3r4O/glI6JRCV3GeY9KG8+WsHZYEVqUhtLhPqVm+C
ytekGHOjniYy4BHugGFk0sVsgWHZvt6+T30NV/+Q5uZDKKumiTXK3iMQy+Mn5W0m
YoVhN+MRf2Z4nvFXDFicPpXrOAQQSv7aiJnBEgJGv+dMV6f/bSFe1Lkwz4dddwGV
yY8sKIVJngLIKyebyIXR/rw/htowSj9AoQbAHkCaExyuFSjsMeyZzv3YxtGKl8oD
TRT0PsELBdUyAMqWZUaQ1XVneEJSxCkzwBoJa9RfMJ0=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiL4gy0VvEWZ7nmzCG1pT
oDOOUBZ3fuOd+Hi/a1fiD27EuXBExneH+pWFCxCvrmmLts/4ocgkuZyMD0sbIVxv
E7QfwdCpQvF5WYy85XdyDD6HO0cPj8tuWoNYqSO6kTaYfmCuTgHI+RHTglzGdHX5
UYMDXlvmgCP7J3r2NFpHdZ1vbZ7GAzN2nWzGsgaAbSp112K8mQKLmMssp1XiVk4v
0toO7n1CsEFj2wAG+wHjI5vtFwznlaZpqhUvA+Cvbl/L+m2jnaFL2wuWiD/DQxtE
Q/5PpGXZ9kSgtxNMNWNhu2+IH38ghEFSEtjrXgpegNggelWgA5wTT3uHsIZQXFtH
ywIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 16793518626091736390596640220426585068
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-02-13 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-07 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'education.nsw.gov.au'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 17262165136640158968746242949489074863171615743609434803724828297680523163323231328485150861285379715941617958184312618764302883041443669572867151304214972574570654534157366577043251269421628315044245336167463096549235751600997761035272839719113395234660138480305151469843950089950326051120968817080990354902025539618476665297701016487229686717984493300125078948739877454842225203189452036996696048621279487631208786654630898193815832215176939121570191467166488962511302134707997843683467866326732665002789219162688174264256434511932847856611917208630810923771366213752792397999256362920042573323847681486000842557387
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							80c0df2f973f86585cf5e86aad50ac3807cb1eb1
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (236 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'education.nsw.gov.au'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'careers.nsw.gov.au'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'naplanreview.com.au'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.schoolinfrastructure.nsw.gov.au'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'teach.nsw.edu.au'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.sws.schools.nsw.gov.au'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'www.naplanreview.com.au'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.teach.nsw.edu.au'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.education.nsw.gov.au'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.schools.nsw.gov.au'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (368 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes)
							016a007700e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e000001864c38192f000004030048304602210089c51cf0ee56b95db9fa10814d9866ef58774d0970af39192df2886518188acf022100d1de3d523b440baeff10a63a98b2a5404f9d3fa8bf035cbf9c789e7f9808a7f9007600b3737707e18450f86386d605a9dc11094a792db1670c0b87dcf0030e7936a59a000001864c3819650000040300473045022100904f2b3063df01592c0fbb57a1286d84f02c470b48fd5b3719092447de57b65e022056544ae523c95f887ac0275f9bed72dd12918e0c16afa06e8a0ef9c18d5e255d007700b73efb24df9c4dba75f239c5ba58f46c5dfc42cf7a9f35c49e1d098125edb499000001864c38193a0000040300483046022100f7a57d7bfbd69616fdbc482ee999f1ffab12008fc120fe1faa89a34aa838221a022100e53014cfa7558b5768ea097e5c81d196b971818e7b76330adbb8321750f6a687
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		008ca5eb0b6195eebbecc081b56d07f26fa88ee6528e484ab1119529665b81870a0dddea76ed2ef76d932f68e7222d3faeacf7af83bf82523a251095dc6798f4a1bcf96b07658115a9486d2e13ea566f82cad7a41873a39e2632e011ee806164d2c56c8161d9bedebe4f7d0d57ff90e6e64328aba68935cade2310cbe327e56d2662856137e3117f66789ef1570c589c3e95eb3804104afeda8899c1120246bfe74c57a7ff6d215ed4b930cf875d770195c98f2c2885499e02c82b279bc885d1febc3f86da304a3f40a106c01e409a131cae1528ec31ec99cefdd8c6d18a97ca034d14f43ec10b05d53200ca96654690d57567784252c42933c01a096bd45f309d