phd.amazonaws-us-gov.com

Issued by Amazon RSA 2048 M01

About this certificate

This digital certificate with serial number 0d:4b:8e:38:3c:cf:b8:1f:46:2f:58:7e:29:e4:7d:ad was issued on by Amazon.

With 4 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Certificate Subject

CN=phd.amazonaws-us-gov.com

Amazon

Organization: Amazon
Country: US

This certificate has expire since

Certificate Details

Serial Number (hex): 0d:4b:8e:38:3c:cf:b8:1f:46:2f:58:7e:29:e4:7d:ad
Serial Number (int): 17672270767355055482172589624298601901
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: 02:5d:ab:b8:a0:56:8b:80:2d:3c:fc:e2:ca:dc:d0:a7:09:96:63:84
AuthorityKeyId: 81:b8:0e:63:8a:89:12:18:e5:fa:3b:3b:50:95:9f:e6:e5:90:13:85

Fingerprint (sha1): 67:78:93:4c:53:d0:8e:07:4d:e3:a9:e4:37:6c:34:52:1d:82:64:ac
Fingerprint (sha256): 9b:b2:d0:cd:82:fa:8c:e0:27:f6:2d:28:1b:d3:4e:3c:fd:cc:10:8a:7a:59:e7:6b:9b:3f:f2:ee:4c:ae:ff:b6

Issuing Certificate URL: http://crt.r2m01.amazontrust.com/r2m01.cer

Revocation information

OCSP Server: http://ocsp.r2m01.amazontrust.com
CRL Distribution Point: http://crl.r2m01.amazontrust.com/r2m01.crl

Check the revocation status for certificate phd.amazonaws-us-gov.com

4

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for phd.amazonaws-us-gov.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

phd.us-gov-west-1.console.amazonaws-us-gov.com
*.phd.us-gov-west-1.console.vpce.amazonaws-us-gov.com
phd.amazonaws-us-gov.com
health.amazonaws-us-gov.com

Other certificates including the domain name amazonaws-us-gov.com

(limited to 100 certificates)
glacier-console-us-gov-west-1.console.amazonaws-us-gov.com
policysim.amazonaws-us-gov.com
*.signin.amazonaws-us-gov.com
*.signin.amazonaws-us-gov.com
s3-console-us-gov-west-1.console.amazonaws-us-gov.com
*.us-gov-west-1.console-gamma.aws-dev.amazonaws-us-gov.com
us-gov-west-1.console.amazonaws-us-gov.com
us-gov-west-1.console.amazonaws-us-gov.com
policysim.amazonaws-us-gov.com
*.signin.amazonaws-us-gov.com
us-gov-west-1.console.amazonaws-us-gov.com
*.signin.amazonaws-us-gov.com
appstream2.us-gov-east-1.aws.amazon.com
us-gov-east-1.console.amazonaws-us-gov.com
websocket.us-gov-east-1-onebox.quicksight.amazonaws-us-gov.com
api-quicksight-integ.us-gov-west-1.amazonaws.com
*.signin.amazonaws-us-gov.com
*.signin.amazonaws-us-gov.com
websocket.us-gov-east-1.quicksight.amazonaws-us-gov.com
appstream2.us-gov-west-1.aws.amazon.com
us-gov-west-1.console.amazonaws-us-gov.com
appstream2-fips.us-gov-east-1.aws.amazon.com
appstream2-fips.us-gov-west-1.aws.amazon.com
appstream2.us-gov-west-1.aws.amazon.com
appstream2.us-gov-west-1.aws.amazon.com
web-quicksight.us-gov-west-1.amazonaws.com
phd.amazonaws-us-gov.com
*.signin.amazonaws-us-gov.com
appstream2.us-gov-east-1.aws.amazon.com
policysim.amazonaws-us-gov.com
us-gov-west-1.console.amazonaws-us-gov.com
appstream2.us-gov-west-1.aws.amazon.com
*.signin.amazonaws-us-gov.com
us-gov-east-1.console.amazonaws-us-gov.com
phd.amazonaws-us-gov.com
*.signin.amazonaws-us-gov.com
phd.amazonaws-us-gov.com
us-gov-west-1.console.amazonaws-us-gov.com
us-gov-east-1.console.amazonaws-us-gov.com
us-gov-west-1.console.amazonaws-us-gov.com
*.signin.amazonaws-us-gov.com
websocket.fips-us-gov-east-1.quicksight.amazonaws-us-gov.com
signin-fips.amazonaws-us-gov.com
us-gov-east-1.console.amazonaws-us-gov.com
*.signin.amazonaws-us-gov.com
appstream2-fips.us-gov-west-1.aws.amazon.com
*.signin.amazonaws-us-gov.com
*.signin.amazonaws-us-gov.com
*.signin.amazonaws-us-gov.com
phd.amazonaws-us-gov.com
phd.amazonaws-us-gov.com
us-gov-west-1.prod.console-api.aws-dev.amazonaws-us-gov.com
us-gov-west-1.console.amazonaws-us-gov.com
appstream2.us-gov-west-1.aws.amazon.com
phd.amazonaws-us-gov.com
phd.amazonaws-us-gov.com
us-gov-west-1.console.amazonaws-us-gov.com
phd.amazonaws-us-gov.com
fpq3q23wnh.cell.logs.us-gov-west-1.amazonaws-us-gov.com
*.signin.amazonaws-us-gov.com
s3-console-us-gov-west-1.console.amazonaws-us-gov.com
us-gov-west-1.console.amazonaws-us-gov.com
appstream2-fips.us-gov-east-1.aws.amazon.com
signin-fips.amazonaws-us-gov.com
us-gov-west-1.console.amazonaws-us-gov.com
us-gov-east-1.console.amazonaws-us-gov.com
s3-console-us-gov-west-1.console.amazonaws-us-gov.com
s3-console-us-gov-west-1.console.amazonaws-us-gov.com
appstream2.us-gov-west-1.aws.amazon.com
us-gov-west-1.console.amazonaws-us-gov.com
*.us-gov-east-1.console-gamma.aws-dev.amazonaws-us-gov.com
*.signin.amazonaws-us-gov.com
appstream2-fips.us-gov-west-1.aws.amazon.com
*.signin.amazonaws-us-gov.com
policysim.amazonaws-us-gov.com
appstream2-fips.us-gov-west-1.aws.amazon.com
us-gov-west-1.console.amazonaws-us-gov.com
us-gov-west-1.console.amazonaws-us-gov.com
organizations-nexus.amazonaws-us-gov.com
us-gov-east-1.console.amazonaws-us-gov.com
us-gov-west-1.console.amazonaws-us-gov.com
us-gov-east-1.prod.console-api.aws-dev.amazonaws-us-gov.com

Certificate

The complete raw certificate details for phd.amazonaws-us-gov.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGYzCCBUugAwIBAgIQDUuOODzPuB9GL1h+KeR9rTANBgkqhkiG9w0BAQsFADA8
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g
UlNBIDIwNDggTTAxMB4XDTIzMDMzMDAwMDAwMFoXDTIzMTIyNjIzNTk1OVowIzEh
MB8GA1UEAxMYcGhkLmFtYXpvbmF3cy11cy1nb3YuY29tMIIBIjANBgkqhkiG9w0B
AQEFAAOCAQ8AMIIBCgKCAQEAySMeBEvbHtBPd1nC0xys2b/hVSlHhXoITOJXAW/E
faAB+bOFq+Rkt2xss2OZvkUbNZ9QYp8OeBqn2okH7X/7op6S/de/WdOAkqeN6Hap
KNoqQW3p4gR8i8tWolCcMFAULmkQfuCP4wREc0HIkwue0ZOaSlUIVdcqPOmkUGSs
VMNADW24joHhP4psmmUF/Q0bDNM+OZnmGEOJTDvG19Y+htrMTCXHdASuf36CsqoM
/YQdPvKS2RfAr1YnOlUE5SbKuDKYXFu/pKWN4lBkCCoIL0gETmnaEds98GYV6MjX
G6GbEkvYduap+/m40ObDieWa/yz102dHvCirZCo2pDuVSwIDAQABo4IDeDCCA3Qw
HwYDVR0jBBgwFoAUgbgOY4qJEhjl+js7UJWf5uWQE4UwHQYDVR0OBBYEFAJdq7ig
VouALTz84src0KcJlmOEMIGpBgNVHREEgaEwgZ6CLnBoZC51cy1nb3Ytd2VzdC0x
LmNvbnNvbGUuYW1hem9uYXdzLXVzLWdvdi5jb22CNSoucGhkLnVzLWdvdi13ZXN0
LTEuY29uc29sZS52cGNlLmFtYXpvbmF3cy11cy1nb3YuY29tghhwaGQuYW1hem9u
YXdzLXVzLWdvdi5jb22CG2hlYWx0aC5hbWF6b25hd3MtdXMtZ292LmNvbTAOBgNV
HQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMDsGA1Ud
HwQ0MDIwMKAuoCyGKmh0dHA6Ly9jcmwucjJtMDEuYW1hem9udHJ1c3QuY29tL3Iy
bTAxLmNybDATBgNVHSAEDDAKMAgGBmeBDAECATB1BggrBgEFBQcBAQRpMGcwLQYI
KwYBBQUHMAGGIWh0dHA6Ly9vY3NwLnIybTAxLmFtYXpvbnRydXN0LmNvbTA2Bggr
BgEFBQcwAoYqaHR0cDovL2NydC5yMm0wMS5hbWF6b250cnVzdC5jb20vcjJtMDEu
Y2VyMAwGA1UdEwEB/wQCMAAwggF+BgorBgEEAdZ5AgQCBIIBbgSCAWoBaAB2AOg+
0No+9QY1MudXKLyJa8kD08vREWvs62nhd31tBr1uAAABhzIka2cAAAQDAEcwRQIg
OeVkBgTzQ3X5ocz8ElpTQrFPWOCbmxpMIY9Yw26Xtp4CIQC/rzqQ8CHuNd926jxQ
TQSNjnQ2GzNtFPQEzdPzY5mgsQB1ALNzdwfhhFD4Y4bWBancEQlKeS2xZwwLh9zw
Aw55NqWaAAABhzIka78AAAQDAEYwRAIhAMVvzWp4hzW9bEutXL/DNxbaJPIQ/lL8
U3SWbXJg99ebAh9pNIhm0UdQ4A383sO/VZ1MQf6Qtf/INezyf4jsJmNaAHcAejKM
VNi3LbYg6jjgUh7phBZwMhOFTTvSK8E6V6NS61IAAAGHMiRrTgAABAMASDBGAiEA
3RPVJykDKNh+gCHbi4Hf9XC0JPhSeKYotdRxwiXqlJECIQCrcCynk8/nvKMuIkOD
I3i0+jW8TY7Wtj4AC9TTSvI0rjANBgkqhkiG9w0BAQsFAAOCAQEAPVdXiXBUaVfI
ADm/TISLFSY6nTx26NHEQlzHvdCQ7QaBBc2RKduzTk8mFjOIZioI5lN772Nv3iCY
9lNFpR7rFyTuxw/svECunNGDPw9bExJ92zKLjmMvBMNaXas+cA3u8ilXdpx9mkFa
eLcGAvRGC4oGMOkOsvNPvo4ZHwtE8PnCEUwt+KvXVDVi4UD7YwXutpP7mgJiCnDE
C1e2VXJYJM8mVG9wuewoizsN5Lt61PTGCovHcf9D6gW/QaEpT7MPNh8anS8cLeOv
bwmvyMR1z12PRymtPBpy8W7OTxTEbkz4r++y8SqiBo7Q/H6kx96p7DhO2SkmekNX
1UMmmIYI7w==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAySMeBEvbHtBPd1nC0xys
2b/hVSlHhXoITOJXAW/EfaAB+bOFq+Rkt2xss2OZvkUbNZ9QYp8OeBqn2okH7X/7
op6S/de/WdOAkqeN6HapKNoqQW3p4gR8i8tWolCcMFAULmkQfuCP4wREc0HIkwue
0ZOaSlUIVdcqPOmkUGSsVMNADW24joHhP4psmmUF/Q0bDNM+OZnmGEOJTDvG19Y+
htrMTCXHdASuf36CsqoM/YQdPvKS2RfAr1YnOlUE5SbKuDKYXFu/pKWN4lBkCCoI
L0gETmnaEds98GYV6MjXG6GbEkvYduap+/m40ObDieWa/yz102dHvCirZCo2pDuV
SwIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 17672270767355055482172589624298601901
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M01'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-03-30 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-26 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'phd.amazonaws-us-gov.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25391216261072000057205196754255247847727494099240741942440807176066929790337896129131749244433847745749666264482203266023462767343811560207578621123102778476756640530184658225345317740950789463612880309246688013224203906505384545059324156700873785979087004292374586522545699033918615064402630693331928375391767820258080925463845491692790317746136944229693336266619541047130948753690456891989594900851488653652030699180698012520665840189867826436052301823513845392086093210728197083397382929835147939320824358892707379203958498419054698293509603886044518350711425540798777603177216485872027178465280392690353519170891
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 81b80e638a891218e5fa3b3b50959fe6e5901385
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							025dabb8a0568b802d3cfce2cadcd0a709966384
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (161 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'phd.us-gov-west-1.console.amazonaws-us-gov.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.phd.us-gov-west-1.console.vpce.amazonaws-us-gov.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'phd.amazonaws-us-gov.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'health.amazonaws-us-gov.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m01.amazontrust.com/r2m01.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m01.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m01.amazontrust.com/r2m01.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes)
							0168007600e83ed0da3ef5063532e75728bc896bc903d3cbd1116beceb69e1777d6d06bd6e0000018732246b670000040300473045022039e5640604f34375f9a1ccfc125a5342b14f58e09b9b1a4c218f58c36e97b69e022100bfaf3a90f021ee35df76ea3c504d048d8e74361b336d14f404cdd3f36399a0b1007500b3737707e18450f86386d605a9dc11094a792db1670c0b87dcf0030e7936a59a0000018732246bbf0000040300463044022100c56fcd6a788735bd6c4bad5cbfc33716da24f210fe52fc5374966d7260f7d79b021f69348866d14750e00dfcdec3bf559d4c41fe90b5ffc835ecf27f88ec26635a0077007a328c54d8b72db620ea38e0521ee98416703213854d3bd22bc13a57a352eb520000018732246b4e0000040300483046022100dd13d527290328d87e8021db8b81dff570b424f85278a628b5d471c225ea9491022100ab702ca793cfe7bca32e2243832378b4fa35bc4d8ed6b63e000bd4d34af234ae
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		003d57578970546957c80039bf4c848b15263a9d3c76e8d1c4425cc7bdd090ed068105cd9129dbb34e4f26163388662a08e6537bef636fde2098f65345a51eeb1724eec70fecbc40ae9cd1833f0f5b13127ddb328b8e632f04c35a5dab3e700deef22957769c7d9a415a78b70602f4460b8a0630e90eb2f34fbe8e191f0b44f0f9c2114c2df8abd7543562e140fb6305eeb693fb9a02620a70c40b57b655725824cf26546f70b9ec288b3b0de4bb7ad4f4c60a8bc771ff43ea05bf41a1294fb30f361f1a9d2f1c2de3af6f09afc8c475cf5d8f4729ad3c1a72f16ece4f14c46e4cf8afefb2f12aa2068ed0fc7ea4c7dea9ec384ed929267a4357d54326988608ef