*.tvsdk.spectrum.net

Issued by Amazon RSA 2048 M03

About this certificate

This digital certificate with serial number 05:6a:66:34:9b:46:17:08:bf:0e:09:5f:6d:85:33:82 was issued on by Amazon.

With 9 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=*.tvsdk.spectrum.net

Amazon

Organization: Amazon
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 05:6a:66:34:9b:46:17:08:bf:0e:09:5f:6d:85:33:82
Serial Number (int): 7198596419628204410723585098684642178
Serial Number lenght: 123 bits, 16 octets

SubjectKeyId: e3:b1:83:0a:b2:3e:c4:b5:c5:3e:7f:b6:80:25:46:68:54:9c:17:40
AuthorityKeyId: 55:d9:18:5f:d2:1c:cc:01:e1:58:b4:be:ab:d9:55:42:01:d7:2e:02

Fingerprint (sha1): d5:ea:35:1a:84:4a:78:73:a9:c1:46:ef:2f:22:ba:fa:a6:57:64:94
Fingerprint (sha256): 87:05:b3:95:0b:8f:ef:ae:b3:4e:56:28:48:c4:93:2d:85:4c:c4:cf:dc:1b:81:f0:94:0b:73:40:8b:e5:66:a3

Issuing Certificate URL: http://crt.r2m03.amazontrust.com/r2m03.cer

Revocation information

OCSP Server: http://ocsp.r2m03.amazontrust.com
CRL Distribution Point: http://crl.r2m03.amazontrust.com/r2m03.crl

Check the revocation status for certificate *.tvsdk.spectrum.net

9

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for *.tvsdk.spectrum.net

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

*.tvsdk.spectrum.net
*.spectrum.net
*.xclass.spectrum.net
*.spectrumenterprisetv.net
*.tvsdk.spectrumutv.com
*.spectrumenterprisetv.com
*.spectrumutv.com
*.flex.spectrum.net
*.spectrumutv.net

Other certificates including the domain name spectrum.net

(limited to 100 certificates)
privacy.portals.spectrum.net
mail.charter.net
api-private.cm.spectrum.net
self-care.portals.spectrum.net
device.cmdev.spectrum.net
*.pi.spectrum.net
activate-uat.spectrum.net
aviatrix-lab.scratch.spectrum.net
report.cm.spectrum.net
device.cm.spectrum.net
ci-cmt3teamportal.cmdev.spectrum.net
*.pi.spectrum.net
report.cm.spectrum.net
*.scl.spectrum.net
*.stage.tau.spectrum.net
artifactory.scratch.spectrum.net
esim-api.cmstage.spectrum.net
report-qa.cmdev.spectrum.net
pci.spectrum.net
wifiprofile.spectrum.net
api.spectrum.net
ci-private-api.cmdev.spectrum.net
*.spectrum.net
preprod.idp.aws.spectrum.net
*.cmdev.spectrum.net
*.spectrum.net
advisor2.spectrum.net
*.wtg.spectrum.net
cii.spectrum.net
ocsports.tv
xspca02.hv.rr.com
tdcs-origin.spectrum.net
ci-cmt3teamportal.cmdev.spectrum.net
device-gn.cm.spectrum.net
spectrum.net
*.portals.spectrum.net
report.cm.stg.spectrum.net
report-sit.cm.spectrum.net
edge-vod.spectrum.net
xspca02.hv.rr.com
preprod.idp.aws.spectrum.net
*.wireless-api.spectrum.net
xspca01.hv.spectrum.net
spectrum.net
2.symend.io
xspca02.hv.rr.com
ci-cmt3teamportal.cmdev.spectrum.net
*.pi.spectrum.net
nsl-mock.ci.wearable-dev.spectrum.net
spectrum.net
xspca01.hv.rr.com
spectrumtv.com
logpull-prod.tau.spectrum.net
gitlab.meta.spectrum.net
xspca01.hv.rr.com
device.cm.stg.spectrum.net
opensearch.impulse-dev.spectrum.net
cm-policy-sit.cm.spectrum.net
*.meta.spectrum.net
sonar.cm.spectrum.net
scratch.spectrum.net
api2.cmdev.spectrum.net
tdcs-origin.spectrum.net
fols.spectrum.net
activate.spectrum.net
*.failover.pi.spectrum.net
dsexp.spectrum.net
care.spectrumwifi.spectrum.net
stage-spectrum.net
airflow-pilot-private.dev.dsexp.spectrum.net
*.dev.wtg.spectrum.net
self-care.portals.spectrum.net
cms.prd-aws.charter.net
cloudnet-controller.meta.spectrum.net
mediaportals-news-64.dev-charter.net
tdcs.spectrum.net
community.spectrum.net
ci-cmt3teamportal.cmdev.spectrum.net
watch.spectrum.net
cmt3teamportal.cmdev.spectrum.net
prd-infra-instana-2.prd.spectrum.net
api-ondemand.spectrum.net
*.ci.wearable-dev.spectrum.net
ci-cmt3teamportal.cmdev.spectrum.net
sdptpsiproxyvip.charter.com
instanadist.tools.prd.spectrum.net
privacy.portals.spectrum.net
xspca01.hv.rr.com
*.eos.spectrum.net
spectrumtv.com
report.cm.stg.spectrum.net
device-ci.cmdev.spectrum.net
edge-vod.spectrum.net
spectrumwifi.spectrum.net
report.cm.spectrum.net
private-api.cm.spectrum.net
cm-policy.cm.spectrum.net
prd.effiedataservice-external.spectrum.net
cloudnet-controller.meta.spectrum.net
*.nls-sit.wtg.spectrum.net

Certificate

The complete raw certificate details for *.tvsdk.spectrum.net in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGiTCCBXGgAwIBAgIQBWpmNJtGFwi/DglfbYUzgjANBgkqhkiG9w0BAQsFADA8
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g
UlNBIDIwNDggTTAzMB4XDTIzMDkyNjAwMDAwMFoXDTI0MTAyNDIzNTk1OVowHzEd
MBsGA1UEAwwUKi50dnNkay5zcGVjdHJ1bS5uZXQwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC17WmMsfnqzkyUHtEtRqn/Ezkk37HayLLaiYtbqkzZ5xt0
Xry0MpfF2BsSBOT3xz5QwYNEMErl+axPk0TGYxFzrS6kQQsKcpHbraSrWRDlibE7
KMlXypvcKqeq1Ope/s/OAslhHucx70Ul6TAdo81o+l2rFFEfPT8wML/7OrwPLIKr
FqTCIZIixPLD8AmHuFyfnfevJljm4TJGhotwIPR/rYftRmTwxzMfF6dMN09FLFYs
8p5ygwK6/moNcb7PZ+CTHJwaGqZh8gfh3HnFN593D2nqYe9aCj6+gbya9vM8UPlg
nrMMMx0EPVP/wBnMTor3+8A5XwGA8fRRfzsTP+TTAgMBAAGjggOiMIIDnjAfBgNV
HSMEGDAWgBRV2Rhf0hzMAeFYtL6r2VVCAdcuAjAdBgNVHQ4EFgQU47GDCrI+xLXF
Pn+2gCVGaFScF0AwgdQGA1UdEQSBzDCByYIUKi50dnNkay5zcGVjdHJ1bS5uZXSC
Diouc3BlY3RydW0ubmV0ghUqLnhjbGFzcy5zcGVjdHJ1bS5uZXSCGiouc3BlY3Ry
dW1lbnRlcnByaXNldHYubmV0ghcqLnR2c2RrLnNwZWN0cnVtdXR2LmNvbYIaKi5z
cGVjdHJ1bWVudGVycHJpc2V0di5jb22CESouc3BlY3RydW11dHYuY29tghMqLmZs
ZXguc3BlY3RydW0ubmV0ghEqLnNwZWN0cnVtdXR2Lm5ldDATBgNVHSAEDDAKMAgG
BmeBDAECATAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG
AQUFBwMCMDsGA1UdHwQ0MDIwMKAuoCyGKmh0dHA6Ly9jcmwucjJtMDMuYW1hem9u
dHJ1c3QuY29tL3IybTAzLmNybDB1BggrBgEFBQcBAQRpMGcwLQYIKwYBBQUHMAGG
IWh0dHA6Ly9vY3NwLnIybTAzLmFtYXpvbnRydXN0LmNvbTA2BggrBgEFBQcwAoYq
aHR0cDovL2NydC5yMm0wMy5hbWF6b250cnVzdC5jb20vcjJtMDMuY2VyMAwGA1Ud
EwEB/wQCMAAwggF9BgorBgEEAdZ5AgQCBIIBbQSCAWkBZwB2AHb/iD8KtvuVUcJh
zPWHujS0pM27KdxoQgqf5mdMWjp0AAABitLh7dkAAAQDAEcwRQIhAKftpKigmKb1
hRmT48IrRWP+Cl3IY+68R1FoKdEPXoGoAiAqo7YdRiKeVuv0JBHQ3qcryyy4Mx4H
Y+yXMhW4GK9gKQB1AEiw42vapkc0D+VqAvqdMOscUgHLVt0sgdm7v6s52IRzAAAB
itLh7aUAAAQDAEYwRAIgCNd+YhcvZNg0INqWle/iShTY+vrRcWZnfOC5xmEMAf0C
IBDkTEonHVq0h4UXTapRyo3xAFkwW/DEHz+3Bz14kAO3AHYA2ra/az+1tiKfm8K7
XGvocJFxbLtRhIU0vaQ9MEjX+6sAAAGK0uHtdwAABAMARzBFAiAp2j1QY5aDasdn
qfHNFjChq9gZcn8BZbcQ1rVF+EyuMAIhAJoAs+daR6UAnvBhgx4vp4kWA0s9Qvw7
RGKL3BXOaP/6MA0GCSqGSIb3DQEBCwUAA4IBAQCUWInMKu7BEKyinpqrnb1uBQrH
7HI5Cn9cdy2ekhTm16F0qavezrqYMu1z+b/hVBB8Fy3Vqx/wdPNPiZf1/t/cM34N
85RR8RReeUFbb3lGuKUMZtI/f42P+d4d0E3gg/NEGQ92/4qXeWkV2Mnz1CC2U5sx
+SZQcWYo4sh0H0XuKt/xIP1g8oG3BpIVzIxqz7nGrY5Y9ERs94F/zXHqNRfbi2Ya
FzGMBrBcwAltFVBL9Yf8mskb6Md2kkPtWF/D9ZjN5vqJljxMl4LUAsB2gWJmSj0R
eeP1gU11EsKC5gIdiGgv1C1mfsnlM1vMR+qNc4vtKJsUKKW+DE0NzTt8lVPA
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAte1pjLH56s5MlB7RLUap
/xM5JN+x2siy2omLW6pM2ecbdF68tDKXxdgbEgTk98c+UMGDRDBK5fmsT5NExmMR
c60upEELCnKR262kq1kQ5YmxOyjJV8qb3CqnqtTqXv7PzgLJYR7nMe9FJekwHaPN
aPpdqxRRHz0/MDC/+zq8DyyCqxakwiGSIsTyw/AJh7hcn533ryZY5uEyRoaLcCD0
f62H7UZk8MczHxenTDdPRSxWLPKecoMCuv5qDXG+z2fgkxycGhqmYfIH4dx5xTef
dw9p6mHvWgo+voG8mvbzPFD5YJ6zDDMdBD1T/8AZzE6K9/vAOV8BgPH0UX87Ez/k
0wIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 7198596419628204410723585098684642178
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M03'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-09-26 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-10-24 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.tvsdk.spectrum.net'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22966205568856622481515323545736462038572564637054021131502161238320029528739219372334206424289643221867125036883108105172048789009840959079669428467852176479179028621312271149211136372945141382313269288406931960583430817876666165987902067598323565765483214811738129867727691881963841400847318291511369453689036500464434344293731055812211852247866776880435233135754803055556931635739523330122341299603029053452077284565814426049361308866673398451187732170978277373760762231365253818245881563857994087955057174257673127657515184260563978511874923893410650468760710918225893423725505417745833465818916430581158060745939
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 55d9185fd21ccc01e158b4beabd9554201d72e02
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							e3b1830ab23ec4b5c53e7fb680254668549c1740
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (204 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.tvsdk.spectrum.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.spectrum.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.xclass.spectrum.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.spectrumenterprisetv.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.tvsdk.spectrumutv.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.spectrumenterprisetv.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.spectrumutv.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.flex.spectrum.net'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.spectrumutv.net'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m03.amazontrust.com/r2m03.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m03.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m03.amazontrust.com/r2m03.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes)
							016700760076ff883f0ab6fb9551c261ccf587ba34b4a4cdbb29dc68420a9fe6674c5a3a740000018ad2e1edd90000040300473045022100a7eda4a8a098a6f5851993e3c22b4563fe0a5dc863eebc47516829d10f5e81a802202aa3b61d46229e56ebf42411d0dea72bcb2cb8331e0763ec973215b818af602900750048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018ad2e1eda50000040300463044022008d77e62172f64d83420da9695efe24a14d8fafad17166677ce0b9c6610c01fd022010e44c4a271d5ab48785174daa51ca8df10059305bf0c41f3fb7073d789003b7007600dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018ad2e1ed770000040300473045022029da3d506396836ac767a9f1cd1630a1abd819727f0165b710d6b545f84cae300221009a00b3e75a47a5009ef061831e2fa78916034b3d42fc3b44628bdc15ce68fffa
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		00945889cc2aeec110aca29e9aab9dbd6e050ac7ec72390a7f5c772d9e9214e6d7a174a9abdeceba9832ed73f9bfe154107c172dd5ab1ff074f34f8997f5fedfdc337e0df39451f1145e79415b6f7946b8a50c66d23f7f8d8ff9de1dd04de083f344190f76ff8a97796915d8c9f3d420b6539b31f92650716628e2c8741f45ee2adff120fd60f281b7069215cc8c6acfb9c6ad8e58f4446cf7817fcd71ea3517db8b661a17318c06b05cc0096d15504bf587fc9ac91be8c7769243ed585fc3f598cde6fa89963c4c9782d402c0768162664a3d1179e3f5814d7512c282e6021d88682fd42d667ec9e5335bcc47ea8d738bed289b1428a5be0c4d0dcd3b7c9553c0