*.flock.com
Issued by Amazon RSA 2048 M03
About this certificate
This digital certificate with serial number 05:d2:b2:2b:61:5d:9b:2d:1c:fd:20:39:d0:40:ad:06 was issued on by Amazon.
With 8 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
- Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
- Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)
Certificate Subject
CN=*.flock.com
Amazon
Organization:
Amazon
Country:
US
This certificate will expire on
Certificate Details
Serial Number (hex): 05:d2:b2:2b:61:5d:9b:2d:1c:fd:20:39:d0:40:ad:06Serial Number (int): 7740136025070540130104240189995003142
Serial Number lenght: 123 bits, 16 octets
SubjectKeyId: fc:f0:48:fb:4f:f7:f5:bb:f0:a9:cb:35:97:2b:8c:ee:f7:98:0a:cb
AuthorityKeyId: 55:d9:18:5f:d2:1c:cc:01:e1:58:b4:be:ab:d9:55:42:01:d7:2e:02
Fingerprint (sha1): d4:ef:1b:89:b1:b0:cb:dc:f2:36:89:5d:4e:21:35:ba:b5:a4:e0:5d
Fingerprint (sha256): a7:d0:c1:1b:dd:9c:9c:2c:e9:26:c5:56:94:70:e0:20:5d:c0:55:93:28:d1:f6:22:f0:ee:37:e7:50:3a:67:7e
Issuing Certificate URL: http://crt.r2m03.amazontrust.com/r2m03.cer
Revocation information
OCSP Server: http://ocsp.r2m03.amazontrust.comCRL Distribution Point: http://crl.r2m03.amazontrust.com/r2m03.crl
Check the revocation status for certificate *.flock.com
8
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for *.flock.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
*.flock.com
talk.to
*.flock.co
flock.com
*.talk.to
*.go.to
flock.co
go.to
talk.to
*.flock.co
flock.com
*.talk.to
*.go.to
flock.co
go.to
Other certificates including the domain name flock.com
(limited to 100 certificates)
corporatestatus.tyro.com
support.flock.com
support.flock.com
pages.flock.com
webinar.flock.com
corporatestatus.tyro.com
pages.flock.com
enomstatus.com
corporatestatus.tyro.com
ent.flock.com
kb.flock.com
*.internal.flock.com
*.flock.com
corporatestatus.tyro.com
ent.flock.com
*.flock.com
support.flock.com
*.flock.com
faq.internal.flock.com
webinar.flock.com
blog.flock.com
corporatestatus.tyro.com
*.flock.co
blog.flock.com
corporatestatus.tyro.com
*.ops.flock.com
faq.internal.flock.com
corporatestatus.tyro.com
enomstatus.com
enomstatus.com
corporatestatus.tyro.com
*.flock.co
*.flock.com
support.flock.com
*.flock.com
enomstatus.com
*.flock.com
corporatestatus.tyro.com
webinar.flock.com
api.flock.com
enomstatus.com
ent.flock.com
www.flock.com
bugzilla.flock.com
kb.flock.com
*.flock.com
support.flock.com
monumentstatus.mambu.com
ent.flock.com
blog.flock.com
enomstatus.com
enomstatus.com
*.flock.com
corporatestatus.tyro.com
blog.flock.com
www.flock.com
enomstatus.com
staging.mail.flock.com
support.flock.com
*.flock.com
enomstatus.com
*.flock.com
enomstatus.com
*.i.flock.com
enomstatus.com
support.flock.com
*.flock.co
extensions.flock.com
corporatestatus.tyro.com
*.flock.com
enomstatus.com
vpn.flock.com
my.flock.com
enomstatus.com
corporatestatus.tyro.com
corporatestatus.tyro.com
enomstatus.com
blog.flock.com
update.flock.com
support.flock.com
enomstatus.com
ent.flock.com
corporatestatus.tyro.com
www.flock.com
ent.flock.com
corporatestatus.tyro.com
ent.flock.com
*.flock.co
*.flock.com
blog.flock.com
*.flock.com
support.flock.com
corporatestatus.tyro.com
support.flock.com
*.flock.com
webinar.flock.com
www.flock.com
pages.flock.com
support.flock.com
*.flock.com
support.flock.com
support.flock.com
pages.flock.com
webinar.flock.com
corporatestatus.tyro.com
pages.flock.com
enomstatus.com
corporatestatus.tyro.com
ent.flock.com
kb.flock.com
*.internal.flock.com
*.flock.com
corporatestatus.tyro.com
ent.flock.com
*.flock.com
support.flock.com
*.flock.com
faq.internal.flock.com
webinar.flock.com
blog.flock.com
corporatestatus.tyro.com
*.flock.co
blog.flock.com
corporatestatus.tyro.com
*.ops.flock.com
faq.internal.flock.com
corporatestatus.tyro.com
enomstatus.com
enomstatus.com
corporatestatus.tyro.com
*.flock.co
*.flock.com
support.flock.com
*.flock.com
enomstatus.com
*.flock.com
corporatestatus.tyro.com
webinar.flock.com
api.flock.com
enomstatus.com
ent.flock.com
www.flock.com
bugzilla.flock.com
kb.flock.com
*.flock.com
support.flock.com
monumentstatus.mambu.com
ent.flock.com
blog.flock.com
enomstatus.com
enomstatus.com
*.flock.com
corporatestatus.tyro.com
blog.flock.com
www.flock.com
enomstatus.com
staging.mail.flock.com
support.flock.com
*.flock.com
enomstatus.com
*.flock.com
enomstatus.com
*.i.flock.com
enomstatus.com
support.flock.com
*.flock.co
extensions.flock.com
corporatestatus.tyro.com
*.flock.com
enomstatus.com
vpn.flock.com
my.flock.com
enomstatus.com
corporatestatus.tyro.com
corporatestatus.tyro.com
enomstatus.com
blog.flock.com
update.flock.com
support.flock.com
enomstatus.com
ent.flock.com
corporatestatus.tyro.com
www.flock.com
ent.flock.com
corporatestatus.tyro.com
ent.flock.com
*.flock.co
*.flock.com
blog.flock.com
*.flock.com
support.flock.com
corporatestatus.tyro.com
support.flock.com
*.flock.com
webinar.flock.com
www.flock.com
pages.flock.com
support.flock.com
*.flock.com
Certificate
The complete raw certificate details for *.flock.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGBzCCBO+gAwIBAgIQBdKyK2Fdmy0c/SA50ECtBjANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAzMB4XDTIzMTIyNTAwMDAwMFoXDTI1MDEyMTIzNTk1OVowFjEU MBIGA1UEAwwLKi5mbG9jay5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK AoIBAQC06535tn92lOlJSHJqKs1qBO4AOthsy8J3cDl1EZxOvq3+d4y0ZAyxC8R8 nsusNWvbmDAAQgT4vpC1L/rFXqBasl3hfKrrbLLYB7iIwT60LvKHcR3g1sM8Ugky Qn6l1WZh6rZTuhF5Ven82xjtMzdqmiOn5Ne4rpijqFno3PEuMe0Jqcw/jsAC68aT MFM60kqUx05aTrbEaskQ3MRQjse3x9NlHx5LB48x1pXnH7t8yvxJKtiRkP4FkvnU FfPRmcHNYMAAyMOFAaHUJFLIJVSTYtixf9SVlL2/GYCGByTq5w4DkkW5Gua71Wwo t2Z0LrHILGVxTWTX0cl0NXNCRrG1AgMBAAGjggMpMIIDJTAfBgNVHSMEGDAWgBRV 2Rhf0hzMAeFYtL6r2VVCAdcuAjAdBgNVHQ4EFgQU/PBI+0/39bvwqcs1lyuM7veY CsswWwYDVR0RBFQwUoILKi5mbG9jay5jb22CB3RhbGsudG+CCiouZmxvY2suY2+C CWZsb2NrLmNvbYIJKi50YWxrLnRvggcqLmdvLnRvgghmbG9jay5jb4IFZ28udG8w EwYDVR0gBAwwCjAIBgZngQwBAgEwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQG CCsGAQUFBwMBBggrBgEFBQcDAjA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8vY3Js LnIybTAzLmFtYXpvbnRydXN0LmNvbS9yMm0wMy5jcmwwdQYIKwYBBQUHAQEEaTBn MC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5yMm0wMy5hbWF6b250cnVzdC5jb20w NgYIKwYBBQUHMAKGKmh0dHA6Ly9jcnQucjJtMDMuYW1hem9udHJ1c3QuY29tL3Iy bTAzLmNlcjAMBgNVHRMBAf8EAjAAMIIBfgYKKwYBBAHWeQIEAgSCAW4EggFqAWgA dgDPEVbu1S58r/OHW9lpLpvpGnFnSrAX7KwB0lt3zsw7CAAAAYygcz4MAAAEAwBH MEUCIDx9bWOJ2SjBGNyujPHKigA2MDrt3uYvoif90gJ2OWpKAiEAgDSA/EutBiqg 8JuDmsQm4CnVmhuRJ4RZWXbC8Q2Ja50AdgB9WR4S4XgqexxhZ3xe/fjQh1wUoE6V nrkDL9kOjC55uAAAAYygcz36AAAEAwBHMEUCIQD+RB7GZMBmlBEaMpZAyT9UaLvS uhkYaZb0ImnoC6g93AIgbDiBq+JoWZymB4LJhcGD46VovN7gHkl2IQMj4gYlHx4A dgDm0jFjQHeMwRBBBtdxuc7B0kD2loSG+7qHMh39HjeOUAAAAYygcz4iAAAEAwBH MEUCIFSCxQQEGB4stohD5zR038xbD2XVrN0QCbvVkCGCtv8nAiEAw/mtEx3wG3k0 LPsGXDCaB4lyjjXl12NhNTyeAMBYbGwwDQYJKoZIhvcNAQELBQADggEBADsN/puc X5aX8wNZEP0haeaWcyS+ov2Sut9ZDCxlTmxYA585y63RArZl1Cqus7FU7tlUZsWl GTn+JCCfD/xgCncNaM6Ys6zcXVHHfJCitsZTDuwvNFnxj62x+ZoguUlp3L9Ho1gJ mw7Mi+FJmIRyW21bQaOM1xQJ6KIzOsCBXRArEyFcyttRvgEeTQHBFclKuz4n7Sd+ CUZUkGuc7Hl22uTvUN5oap6OAmxfRtaazzKGXaz2OIxOx7JWn7nDgr2dBkvJqdTw 38PuwpffazLGzFLnYhz4UQgQc5IZzb/FsPFTkekOIlNMvtM25tQx1ejLTFZPWfDx G48ICQ7YlI5hA5s= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtOud+bZ/dpTpSUhyairN agTuADrYbMvCd3A5dRGcTr6t/neMtGQMsQvEfJ7LrDVr25gwAEIE+L6QtS/6xV6g WrJd4Xyq62yy2Ae4iME+tC7yh3Ed4NbDPFIJMkJ+pdVmYeq2U7oReVXp/NsY7TM3 apojp+TXuK6Yo6hZ6NzxLjHtCanMP47AAuvGkzBTOtJKlMdOWk62xGrJENzEUI7H t8fTZR8eSwePMdaV5x+7fMr8SSrYkZD+BZL51BXz0ZnBzWDAAMjDhQGh1CRSyCVU k2LYsX/UlZS9vxmAhgck6ucOA5JFuRrmu9VsKLdmdC6xyCxlcU1k19HJdDVzQkax tQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 7740136025070540130104240189995003142 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M03' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-12-25 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-01-21 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:12|false] UTF8String '*.flock.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 22839082012095042712448860994454408983256792202956915684866174662789281660908003354280298778020896851798605588440189892116856088496474355344246181444444474590283642971750424803618373982809993418015703220617411301838817414137614142827035389470137420995335802890273739854740702276836426699141133123745787230989772287420862545645849268580048382779393243017392811679170744215345247416726872478239765132418471090721056416306903997208833630777561171642684555407563039003430851184107605917152042370448229139875163749615800023697535469195628437870250877383388295248964608697266659858765305623726555861611647644626813505155509 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 55d9185fd21ccc01e158b4beabd9554201d72e02 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) fcf048fb4ff7f5bbf0a9cb35972b8ceef7980acb . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (84 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.flock.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'talk.to' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.flock.co' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'flock.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.talk.to' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.go.to' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'flock.co' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'go.to' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m03.amazontrust.com/r2m03.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m03.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m03.amazontrust.com/r2m03.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (366 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (362 bytes) 0168007600cf1156eed52e7caff3875bd9692e9be91a71674ab017ecac01d25b77cecc3b080000018ca0733e0c000004030047304502203c7d6d6389d928c118dcae8cf1ca8a0036303aeddee62fa227fdd20276396a4a022100803480fc4bad062aa0f09b839ac426e029d59a1b912784595976c2f10d896b9d0076007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b80000018ca0733dfa0000040300473045022100fe441ec664c06694111a329640c93f5468bbd2ba19186996f42269e80ba83ddc02206c3881abe268599ca60782c985c183e3a568bcdee01e4976210323e206251f1e007600e6d2316340778cc1104106d771b9cec1d240f6968486fbba87321dfd1e378e500000018ca0733e22000004030047304502205482c50404181e2cb68843e73474dfcc5b0f65d5acdd1009bbd5902182b6ff27022100c3f9ad131df01b79342cfb065c309a0789728e35e5d76361353c9e00c0586c6c . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 003b0dfe9b9c5f9697f3035910fd2169e6967324bea2fd92badf590c2c654e6c58039f39cbadd102b665d42aaeb3b154eed95466c5a51939fe24209f0ffc600a770d68ce98b3acdc5d51c77c90a2b6c6530eec2f3459f18fadb1f99a20b94969dcbf47a358099b0ecc8be1499884725b6d5b41a38cd71409e8a2333ac0815d102b13215ccadb51be011e4d01c115c94abb3e27ed277e094654906b9cec7976dae4ef50de686a9e8e026c5f46d69acf32865dacf6388c4ec7b2569fb9c382bd9d064bc9a9d4f0dfc3eec297df6b32c6cc52e7621cf8510810739219cdbfc5b0f15391e90e22534cbed336e6d431d5e8cb4c564f59f0f11b8f08090ed8948e61039b