yana-acceptance-client-placeholder.volantio.com

Issued by Amazon RSA 2048 M02

About this certificate

This digital certificate with serial number 03:24:f1:a0:5f:f9:94:69:7f:8f:e2:ad:41:96:b9:e0 was issued on by Amazon.

With 19 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=yana-acceptance-client-placeholder.volantio.com

Amazon

Organization: Amazon
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 03:24:f1:a0:5f:f9:94:69:7f:8f:e2:ad:41:96:b9:e0
Serial Number (int): 4179507441185283066655936541879613920
Serial Number lenght: 122 bits, 16 octets

SubjectKeyId: 28:15:0f:36:a0:41:41:62:a5:5a:23:97:c1:cc:ec:5e:dd:5f:84:fc
AuthorityKeyId: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2

Fingerprint (sha1): 24:11:a0:3c:3e:07:7b:55:36:83:0e:17:7b:63:29:76:be:63:08:ab
Fingerprint (sha256): 7e:cb:a6:53:0b:7a:02:5f:dd:ce:df:7d:6a:6b:be:31:d7:b4:4f:35:e3:8a:5c:8e:4d:f5:ac:d4:1d:cf:e8:5f

Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer

Revocation information

OCSP Server: http://ocsp.r2m02.amazontrust.com
CRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl

Check the revocation status for certificate yana-acceptance-client-placeholder.volantio.com

19

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for yana-acceptance-client-placeholder.volantio.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

yana-acceptance-client-placeholder.volantio.com
*.v.aircanada.com
*.yana.volantio.com
*.v.airvistara.com
*.v.flyscoot.com
*.v.iberiaexpress.com
*.v.spicejet.com
*.v.avianca.com
*.v.flybreeze.com
*.flight.icelandair.is
*.v.alaskaair.com
6evolantio.goindigo.in
voluntaryflightchange.goindigo.in
innolab.vueling.com
*.v.jetstar.com
*.v.vueling.com
flight.icelandair.is
*.v.iberia.com
*.v.volaris.com

Other certificates including the domain name volantio.com

(limited to 100 certificates)
*.v.volaris.com
*.volantio.com
bacon.jumpseat.volantio.com
*.sunexpress.yana.volantio.com
jumpseat-prod-au.volantio.com
*.volantio.com
sandbox-yana.volantio.com
view-online.jumpseat-loadtest.volantio.com
*.us.yana.volantio.com
volantio.com
*.scoot.yana.volantio.com
jumpseat-prod-au-cdn.volantio.com
*.spicejet.yana.volantio.com
volantio.com
*.sunexpress.yana.volantio.com
*.volantio.com
acceptance-client.demo-prime.sandbox.volantio.com
staging.jumpseat.volantio.com
*.yana.volantio.com
jumpseat-prod-au-cdn.volantio.com
jumpseat-sandbox-cdn.volantio.com
*.yana.volantio.com
*.us.yana.volantio.com
*.scoot.yana.volantio.com
*.v.volaris.com
*.uat.yana.volantio.com
cdn.staging.jumpseat.volantio.com
jumpseat-staging-cdn.volantio.com
yana-uat.volantio.com
volantio.com
*.sandbox.yana.volantio.com
production-yana.volantio.com
jumpseat-prod-au-cdn.volantio.com
cdn.sandbox.jumpseat.volantio.com
volantio.com
*.iberia.yana.volantio.com
www.volantio.com
*.uat.yana.volantio.com
*.us.yana.volantio.com
www.volantio.com
*.yana.volantio.com
*.icelandair.yana.volantio.com
*.iberia.yana.volantio.com
acceptance-client.demo-prime.sandbox.volantio.com
*.yana.volantio.com
*.uat.yana.volantio.com
*.uat.yana.volantio.com
jumpseat-prod-au.volantio.com
toolbox.alaska.yana.volantio.com
yana-acceptance-client-placeholder.volantio.com
toolbox.uat.yana.volantio.com
uat-yana.volantio.com
toolbox-alaska.volantio.com
jumpseat-staging-cdn.volantio.com
jumpseat-prod-au.volantio.com
jumpseat-staging.volantio.com
jumpseat-prod-au.volantio.com
jumpseat-sandbox.volantio.com
*.v.volaris.com
*.avianca.yana.volantio.com
*.volantio.com
cdn.staging.jumpseat.volantio.com
uat-yana.volantio.com
yana-disruption-client-sandbox.volantio.com
*.yana.volantio.com
yana-acceptance-client-placeholder.volantio.com
*.sandbox.yana.volantio.com
*.volantio.com
*.yana.volantio.com
*.yana.volantio.com
*.scoot.yana.volantio.com
jumpseat-staging.volantio.com
*.yana.volantio.com
*.yana.volantio.com
jumpseat-staging-cdn.volantio.com
sandbox.jumpseat.volantio.com
jumpseat-prod-au.volantio.com
jumpseat-prod-au.volantio.com
www.volantio.com
*.yana.volantio.com
yana-disruption-client-uat.volantio.com
toolbox.yana.volantio.com
cdn.au.prod.jumpseat.volantio.com
jumpseat-staging.volantio.com
sandbox-yana.volantio.com
acceptance-client.demo-prime.sandbox.volantio.com
*.sunexpress.yana.volantio.com
*.uat.yana.volantio.com
view-online.jumpseat.volantio.com
*.yana.volantio.com
*.yana.volantio.com
*.yana.volantio.com
toolbox.sandbox.yana.volantio.com
jumpseat-loadtest.volantio.com
view-online.jumpseat-loadtest.volantio.com
yana-acceptance-client-placeholder.volantio.com
*.sunexpress.yana.volantio.com
jumpseat-staging.volantio.com
yana-acceptance-client-placeholder.volantio.com
*.volantio.com

Certificate

The complete raw certificate details for yana-acceptance-client-placeholder.volantio.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHfzCCBmegAwIBAgIQAyTxoF/5lGl/j+KtQZa54DANBgkqhkiG9w0BAQsFADA8
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g
UlNBIDIwNDggTTAyMB4XDTI0MDUwODAwMDAwMFoXDTI1MDYwNjIzNTk1OVowOjE4
MDYGA1UEAxMveWFuYS1hY2NlcHRhbmNlLWNsaWVudC1wbGFjZWhvbGRlci52b2xh
bnRpby5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtyN3I4fif
ZWxaDqeewdWouoV7aQGW6ky1Coh/jadRvoBRIJx+P8a8tWb4E+0499fCLHVlfksn
9nlOvqfUJSy1ng8DiUjHp8p2FXV5cQ6y4BUsxhwh28RJwOZdZLVbsk9W9QzQSzFs
AdWA+3xnr6D+x+uFSvJ692FAgzFWpHp/1ORJb1PgjgaRp/nXku3JQ3X+RpqdPaRS
IeQwOKq8NTxp9wOhzSeyUhhvGXgm2A+DZqPE8B9j1u5rLwWW+G5ZRiOsJauJOZzt
OzrzY4ISZpW8CKrxge6TBzp2bV2yOA54e/Ca1vVggm6nEZ2vFeBsag4RNgvnC4oJ
zFJu5+nI0tzdAgMBAAGjggR9MIIEeTAfBgNVHSMEGDAWgBTAMVLNWlDDgnx0cc7L
6Zz5euuC4jAdBgNVHQ4EFgQUKBUPNqBBQWKlWiOXwczsXt1fhPwwggGtBgNVHREE
ggGkMIIBoIIveWFuYS1hY2NlcHRhbmNlLWNsaWVudC1wbGFjZWhvbGRlci52b2xh
bnRpby5jb22CESoudi5haXJjYW5hZGEuY29tghMqLnlhbmEudm9sYW50aW8uY29t
ghIqLnYuYWlydmlzdGFyYS5jb22CECoudi5mbHlzY29vdC5jb22CFSoudi5pYmVy
aWFleHByZXNzLmNvbYIQKi52LnNwaWNlamV0LmNvbYIPKi52LmF2aWFuY2EuY29t
ghEqLnYuZmx5YnJlZXplLmNvbYIWKi5mbGlnaHQuaWNlbGFuZGFpci5pc4IRKi52
LmFsYXNrYWFpci5jb22CFjZldm9sYW50aW8uZ29pbmRpZ28uaW6CIXZvbHVudGFy
eWZsaWdodGNoYW5nZS5nb2luZGlnby5pboITaW5ub2xhYi52dWVsaW5nLmNvbYIP
Ki52LmpldHN0YXIuY29tgg8qLnYudnVlbGluZy5jb22CFGZsaWdodC5pY2VsYW5k
YWlyLmlzgg4qLnYuaWJlcmlhLmNvbYIPKi52LnZvbGFyaXMuY29tMBMGA1UdIAQM
MAowCAYGZ4EMAQIBMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcD
AQYIKwYBBQUHAwIwOwYDVR0fBDQwMjAwoC6gLIYqaHR0cDovL2NybC5yMm0wMi5h
bWF6b250cnVzdC5jb20vcjJtMDIuY3JsMHUGCCsGAQUFBwEBBGkwZzAtBggrBgEF
BQcwAYYhaHR0cDovL29jc3AucjJtMDIuYW1hem9udHJ1c3QuY29tMDYGCCsGAQUF
BzAChipodHRwOi8vY3J0LnIybTAyLmFtYXpvbnRydXN0LmNvbS9yMm0wMi5jZXIw
DAYDVR0TAQH/BAIwADCCAX4GCisGAQQB1nkCBAIEggFuBIIBagFoAHYATnWjJ1ya
EMM4W2zU3z9S6x3w4I4bjWnAsfpksWKaOd8AAAGPWGWnkwAABAMARzBFAiEA5qCJ
JTj5nuvTJg8yX4yAsDbqK8Z4rNrUqW1oL7TumHYCIBUsSpgMPSco+y91DiGygsSv
Mr22PCqz7QCuU+RG78gsAHYAfVkeEuF4KnscYWd8Xv340IdcFKBOlZ65Ay/ZDowu
ebgAAAGPWGWn0QAABAMARzBFAiAx7p7G7BJV6dmUpNPFWkkRy74NcSKnwKPynhYe
HmWEBAIhALVDvwHmBfNHGEGk/KhC7OPLsSU/zgdwRATnlXgHEFpsAHYA5tIxY0B3
jMEQQQbXcbnOwdJA9paEhvu6hzId/R43jlAAAAGPWGWn6AAABAMARzBFAiEA1JTz
ZRlSuSSQiX4i7al4333xRsON+9E3OzAtgiu4ZoECIFeKN8zgQBmDOSLD3jSbqJvw
WeSxf1MHvgSuaaOGG+/hMA0GCSqGSIb3DQEBCwUAA4IBAQAG9gBxZ+RBEFXHDnBG
lT55oUnuPx13kCFt5OyzjLypjUxsirs8NykJxmjIzuGr3YzKJf/QQQ9nUWlrW8lI
uSmV+34Dqfswf3ByTTyIDQFX7U9aj7itKvEnxzgp86hHVQGnx1yOAmSwMdpKwp/W
Np3nb3BpsyVELl+M1Ow+e6v8DqtkI+R5+r+2tB4DY6Ik+Ur1nqN0JeKl1AAyPg3F
rhxS6e8d0lLkEk3rJmXF8SKcWOiGgpI53LRnbibruszKHQs6ZBRASGnkeiUj/44w
k6vTtAeLbSzHRqKAMHf6lRZHzXR3Zb2D1ucJ9DuZsPouNiKbxTreG3lSpHxk1GsG
yHqj
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArcjdyOH4n2VsWg6nnsHV
qLqFe2kBlupMtQqIf42nUb6AUSCcfj/GvLVm+BPtOPfXwix1ZX5LJ/Z5Tr6n1CUs
tZ4PA4lIx6fKdhV1eXEOsuAVLMYcIdvEScDmXWS1W7JPVvUM0EsxbAHVgPt8Z6+g
/sfrhUryevdhQIMxVqR6f9TkSW9T4I4Gkaf515LtyUN1/kaanT2kUiHkMDiqvDU8
afcDoc0nslIYbxl4JtgPg2ajxPAfY9buay8FlvhuWUYjrCWriTmc7Ts682OCEmaV
vAiq8YHukwc6dm1dsjgOeHvwmtb1YIJupxGdrxXgbGoOETYL5wuKCcxSbufpyNLc
3QIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 4179507441185283066655936541879613920
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-05-08 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-06-06 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'yana-acceptance-client-placeholder.volantio.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 21938277646252943498618332827198842840900182945925305500413055355171989652579030052241527646140294762128678577410771819966295583385696171304609919762552465105471274918411465016557831430784384547864987185209023186964518518215198528407243433958340530470562613462984788354477552942523819926732918520153792045722362595283505096413329321675447213409153253200871516758747148651067488296079544240213510588221623383959462507020613492353067562777590137423105744440788410553562188142446630155146880920885198349676516514627189813515593251587591296757514159189869037406094647027988417446095552761352261745777311908805341695106269
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							28150f36a0414162a55a2397c1ccec5edd5f84fc
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (420 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'yana-acceptance-client-placeholder.volantio.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.v.aircanada.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.yana.volantio.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.v.airvistara.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.v.flyscoot.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.v.iberiaexpress.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.v.spicejet.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.v.avianca.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.v.flybreeze.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.flight.icelandair.is'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.v.alaskaair.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '6evolantio.goindigo.in'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'voluntaryflightchange.goindigo.in'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'innolab.vueling.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.v.jetstar.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.v.vueling.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'flight.icelandair.is'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.v.iberia.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.v.volaris.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes)
							01680076004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018f5865a7930000040300473045022100e6a0892538f99eebd3260f325f8c80b036ea2bc678acdad4a96d682fb4ee98760220152c4a980c3d2728fb2f750e21b282c4af32bdb63c2ab3ed00ae53e446efc82c0076007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b80000018f5865a7d10000040300473045022031ee9ec6ec1255e9d994a4d3c55a4911cbbe0d7122a7c0a3f29e161e1e658404022100b543bf01e605f3471841a4fca842ece3cbb1253fce07704404e7957807105a6c007600e6d2316340778cc1104106d771b9cec1d240f6968486fbba87321dfd1e378e500000018f5865a7e80000040300473045022100d494f3651952b92490897e22eda978df7df146c38dfbd1373b302d822bb866810220578a37cce04019833922c3de349ba89bf059e4b17f5307be04ae69a3861befe1
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0006f6007167e4411055c70e7046953e79a149ee3f1d7790216de4ecb38cbca98d4c6c8abb3c372909c668c8cee1abdd8cca25ffd0410f6751696b5bc948b92995fb7e03a9fb307f70724d3c880d0157ed4f5a8fb8ad2af127c73829f3a8475501a7c75c8e0264b031da4ac29fd6369de76f7069b325442e5f8cd4ec3e7babfc0eab6423e479fabfb6b41e0363a224f94af59ea37425e2a5d400323e0dc5ae1c52e9ef1dd252e4124deb2665c5f1229c58e886829239dcb4676e26ebbaccca1d0b3a6414404869e47a2523ff8e3093abd3b4078b6d2cc746a2803077fa951647cd747765bd83d6e709f43b99b0fa2e36229bc53ade1b7952a47c64d46b06c87aa3