proinvest.com.sg

Issued by Amazon RSA 2048 M02

About this certificate

This digital certificate with serial number 03:fc:09:cd:85:f7:4f:49:d9:b7:5d:9c:a1:64:b0:ba was issued on by Amazon.

With 18 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=proinvest.com.sg

Amazon

Organization: Amazon
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 03:fc:09:cd:85:f7:4f:49:d9:b7:5d:9c:a1:64:b0:ba
Serial Number (int): 5296341620625757883260410841165770938
Serial Number lenght: 122 bits, 16 octets

SubjectKeyId: 96:35:17:c5:b1:d0:b0:0b:d9:89:4f:4a:d1:de:1c:81:c5:ff:e7:e3
AuthorityKeyId: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2

Fingerprint (sha1): f0:75:01:19:d5:e0:e1:36:5e:c8:94:03:9f:8b:c3:e6:e5:e3:ab:25
Fingerprint (sha256): 91:c9:11:35:6f:93:69:ab:c2:79:14:05:1c:e3:95:2a:bc:a6:44:fb:e6:73:fc:2e:5c:c8:cc:6b:40:b7:ef:ac

Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer

Revocation information

OCSP Server: http://ocsp.r2m02.amazontrust.com
CRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl

Check the revocation status for certificate proinvest.com.sg

18

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for proinvest.com.sg

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

proinvest.com.sg
protectionavivacontreleau.ca
roadwingsinsurance.com
roadwingsinsurance.ca
road-wings-insurance.ca
qualtrics.at.aviva.com
support-logmeininc.at.aviva.com
saye.at.aviva.com
archergrc.aviva.com
protectionetancheaviva.ca
protectionavivacontreleau.com
thirdparty.avivabrand.com
riskasyst.ie
protectionetancheaviva.com
qa.avivaassurance.ca
road-wings-insurance.com
practice-autoenrolmentmanager.co.uk
road-wings.ca

Other certificates including the domain name proinvest.com.sg

(limited to 100 certificates)
gi.proinvest.com.sg
aem-staging.proinvest.com.sg
gi.proinvest.com.sg
proinvest.com.sg
cert01.as.aviva.com

vue.proinvest.com.sg
cert01.as.aviva.com
vueint-prod.proinvest.com.sg
vue.proinvest.com.sg
gi.proinvest.com.sg
vue.proinvest.com.sg
dn.proinvest.com.sg
proinvest.wildcrayon.com
docushare.proinvest.com.sg
iap.proinvest.com.sg
iau.proinvest.com.sg
proinvest.com.sg
cert01.as.aviva.com
cert01.as.aviva.com
cert01.as.aviva.com
docushare.proinvest.com.sg
proinvest.wildcrayon.com
gi.proinvest.com.sg
proinvest.com.sg
cert01.as.aviva.com
proinvest.com.sg
cert01.as.aviva.com
proinvest.wildcrayon.com
proinvest.wildcrayon.com
dn.proinvest.com.sg
gi.proinvest.com.sg
cert01.as.aviva.com
iap.proinvest.com.sg
proinvest.com.sg
proinvest.com.sg
proinvest.com.sg
proinvest.com.sg
dn.proinvest.com.sg
gi.proinvest.com.sg
dn.proinvest.com.sg
cert01.as.aviva.com
cert01.as.aviva.com
cert01.as.aviva.com
cert01.as.aviva.com
cert01.as.aviva.com
gi.proinvest.com.sg
cert01.as.aviva.com
vueint-prod.proinvest.com.sg
vue.proinvest.com.sg
info.proinvest.com.sg
docushare.proinvest.com.sg
*.proinvest.com.sg
ssp.proinvest.com.sg
proinvest.wildcrayon.com
cert01.as.aviva.com
gi.proinvest.com.sg
cert01.as.aviva.com
proinvest.com.sg
vueint-prod.proinvest.com.sg
gi.proinvest.com.sg
cert01.as.aviva.com
gi.proinvest.com.sg

Certificate

The complete raw certificate details for proinvest.com.sg in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIHfjCCBmagAwIBAgIQA/wJzYX3T0nZt12coWSwujANBgkqhkiG9w0BAQsFADA8
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g
UlNBIDIwNDggTTAyMB4XDTIzMTAxNTAwMDAwMFoXDTI0MTExMjIzNTk1OVowGzEZ
MBcGA1UEAxMQcHJvaW52ZXN0LmNvbS5zZzCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBANeQXLPPelvN+mw8OfuUJmmpWpcJ+/6jc9s+PKPGR57Gtc/SLiS5
469CN8uEcryS1uj1Jk7QLrsQgYHzgzcFnaGY36144RceZLZ0rx/UKS6k4UhGTJqX
2wcO0xAlbPut4htDS7ml2lfmWA1o78dThcM+flQ707g0HrD0qkGjyJR98xjnejmU
L1ujQsPFg3GeCaFJM0RCTgP6tMWAYQA+GG8FOy0JwBpGRg4NbC4sgi8G3So3S4mr
NhRSKObgotu5vLcd1IsYV8I932ynfUWOQ8+qix0FDIIuPaqRbSzvJPTkgspkaVby
v7LUFv5VJk3oORqCsZMhT+td3iOvMLqAQf0CAwEAAaOCBJswggSXMB8GA1UdIwQY
MBaAFMAxUs1aUMOCfHRxzsvpnPl664LiMB0GA1UdDgQWBBSWNRfFsdCwC9mJT0rR
3hyBxf/n4zCCAckGA1UdEQSCAcAwggG8ghBwcm9pbnZlc3QuY29tLnNnghxwcm90
ZWN0aW9uYXZpdmFjb250cmVsZWF1LmNhghZyb2Fkd2luZ3NpbnN1cmFuY2UuY29t
ghVyb2Fkd2luZ3NpbnN1cmFuY2UuY2GCF3JvYWQtd2luZ3MtaW5zdXJhbmNlLmNh
ghZxdWFsdHJpY3MuYXQuYXZpdmEuY29tgh9zdXBwb3J0LWxvZ21laW5pbmMuYXQu
YXZpdmEuY29tghFzYXllLmF0LmF2aXZhLmNvbYITYXJjaGVyZ3JjLmF2aXZhLmNv
bYIZcHJvdGVjdGlvbmV0YW5jaGVhdml2YS5jYYIdcHJvdGVjdGlvbmF2aXZhY29u
dHJlbGVhdS5jb22CGXRoaXJkcGFydHkuYXZpdmFicmFuZC5jb22CDHJpc2thc3lz
dC5pZYIacHJvdGVjdGlvbmV0YW5jaGVhdml2YS5jb22CFHFhLmF2aXZhYXNzdXJh
bmNlLmNhghhyb2FkLXdpbmdzLWluc3VyYW5jZS5jb22CI3ByYWN0aWNlLWF1dG9l
bnJvbG1lbnRtYW5hZ2VyLmNvLnVrgg1yb2FkLXdpbmdzLmNhMBMGA1UdIAQMMAow
CAYGZ4EMAQIBMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYI
KwYBBQUHAwIwOwYDVR0fBDQwMjAwoC6gLIYqaHR0cDovL2NybC5yMm0wMi5hbWF6
b250cnVzdC5jb20vcjJtMDIuY3JsMHUGCCsGAQUFBwEBBGkwZzAtBggrBgEFBQcw
AYYhaHR0cDovL29jc3AucjJtMDIuYW1hem9udHJ1c3QuY29tMDYGCCsGAQUFBzAC
hipodHRwOi8vY3J0LnIybTAyLmFtYXpvbnRydXN0LmNvbS9yMm0wMi5jZXIwDAYD
VR0TAQH/BAIwADCCAYAGCisGAQQB1nkCBAIEggFwBIIBbAFqAHcA7s3QZNXbGs7F
XLedtM0TojKHRny87N7DUUhZRnEftZsAAAGLMMIu3QAABAMASDBGAiEA2RaiU3CX
F0jekdw4kFLSz+SPc8Vf1yCKzJQuGDwaPxQCIQDsHu0hfY7lCZAcQO67nGuc56E1
QKc8S1mi/FZYE+kN/AB2AEiw42vapkc0D+VqAvqdMOscUgHLVt0sgdm7v6s52IRz
AAABizDCLwcAAAQDAEcwRQIhAMhFO260yFLtpIMUPx4AQ9AintjTMeAl3pIWgNEi
mSYNAiBLs75+/sOkXKWgP1xjty7dY/2tF5DCoSTfXOO0Qr+n9AB3ANq2v2s/tbYi
n5vCu1xr6HCRcWy7UYSFNL2kPTBI1/urAAABizDCLwkAAAQDAEgwRgIhAJkPEllf
wZSqVKZq+EQjBsw31TyU/V88NmuPn+1t0TcwAiEAkTXJ46qvsHKsyaXnWKXOoThS
HqUVaMhyVjgnWbiClscwDQYJKoZIhvcNAQELBQADggEBACcEdU8XNMBWFy5cg8tA
OIkycTWye/Lmb4Fh32ViT3DGvNXbrmELxxIWxg6YKr9OCR90ihteVoweqWsI5mwV
JsKBu6bxRT9UwO74/QzOFnX5h/xM0vhWYTKiiLGnDwUNpuA8pwrubuWrmliGCzl3
6ruD6P3M3t6bwzgxDl7/ivfNwi1ySsYpKHW2HqVkW47dBvS8ugJNUtndXAq2P0H2
4LncOrwnROzKYVX1xj2O9IHU9xhYw0mFGEaztfk17ybO5hg0h5Begr4IofvdLmhb
QoqlyxxnV7c/1QHI4YcymgiS8rjRwrPTMRg13gatgG1n0NHi2JRKEDXz3Q4XQcKN
fmo=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA15Bcs896W836bDw5+5Qm
aalalwn7/qNz2z48o8ZHnsa1z9IuJLnjr0I3y4RyvJLW6PUmTtAuuxCBgfODNwWd
oZjfrXjhFx5ktnSvH9QpLqThSEZMmpfbBw7TECVs+63iG0NLuaXaV+ZYDWjvx1OF
wz5+VDvTuDQesPSqQaPIlH3zGOd6OZQvW6NCw8WDcZ4JoUkzREJOA/q0xYBhAD4Y
bwU7LQnAGkZGDg1sLiyCLwbdKjdLias2FFIo5uCi27m8tx3UixhXwj3fbKd9RY5D
z6qLHQUMgi49qpFtLO8k9OSCymRpVvK/stQW/lUmTeg5GoKxkyFP613eI68wuoBB
/QIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 5296341620625757883260410841165770938
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-10-15 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-11-12 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'proinvest.com.sg'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 27212423181627295191659147210648455210845524903049102295952873783965691313799114110203184214516232004146691399932036827540866450817438204652868067100373716711448711616575999480478501467436248278203641835040859145385702456251285587175178025367291278304846274915311194926892460431920539488727385654803280690685681616519287766112221498643119996584679499038366707412447059174978264317576140996575097991912978247180439367928489251924377134415779837761414537418265910463882839948921456473718368145862180400133033175089881667506397541595543955527792372848216854410559275394989396741006922349390438467803666958462242342846973
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							963517c5b1d0b00bd9894f4ad1de1c81c5ffe7e3
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (448 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'proinvest.com.sg'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'protectionavivacontreleau.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'roadwingsinsurance.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'roadwingsinsurance.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'road-wings-insurance.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'qualtrics.at.aviva.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'support-logmeininc.at.aviva.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'saye.at.aviva.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'archergrc.aviva.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'protectionetancheaviva.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'protectionavivacontreleau.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'thirdparty.avivabrand.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'riskasyst.ie'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'protectionetancheaviva.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'qa.avivaassurance.ca'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'road-wings-insurance.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'practice-autoenrolmentmanager.co.uk'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'road-wings.ca'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (368 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes)
							016a007700eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b0000018b30c22edd0000040300483046022100d916a25370971748de91dc389052d2cfe48f73c55fd7208acc942e183c1a3f14022100ec1eed217d8ee509901c40eebb9c6b9ce7a13540a73c4b59a2fc565813e90dfc00760048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d884730000018b30c22f070000040300473045022100c8453b6eb4c852eda483143f1e0043d0229ed8d331e025de921680d12299260d02204bb3be7efec3a45ca5a03f5c63b72edd63fdad1790c2a124df5ce3b442bfa7f4007700dab6bf6b3fb5b6229f9bc2bb5c6be87091716cbb51848534bda43d3048d7fbab0000018b30c22f090000040300483046022100990f12595fc194aa54a66af8442306cc37d53c94fd5f3c366b8f9fed6dd137300221009135c9e3aaafb072acc9a5e758a5cea138521ea51568c87256382759b88296c7
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		002704754f1734c056172e5c83cb403889327135b27bf2e66f8161df65624f70c6bcd5dbae610bc71216c60e982abf4e091f748a1b5e568c1ea96b08e66c1526c281bba6f1453f54c0eef8fd0cce1675f987fc4cd2f8566132a288b1a70f050da6e03ca70aee6ee5ab9a58860b3977eabb83e8fdccdede9bc338310e5eff8af7cdc22d724ac6292875b61ea5645b8edd06f4bcba024d52d9dd5c0ab63f41f6e0b9dc3abc2744ecca6155f5c63d8ef481d4f71858c349851846b3b5f935ef26cee6183487905e82be08a1fbdd2e685b428aa5cb1c6757b73fd501c8e187329a0892f2b8d1c2b3d3311835de06ad806d67d0d1e2d8944a1035f3dd0e1741c28d7e6a