signin-fips.amazonaws-us-gov.com
Issued by Amazon RSA 2048 M01
About this certificate
This digital certificate with serial number 01:62:04:79:86:82:74:50:9c:01:48:9e:91:41:df:9c was issued on by Amazon.
With 4 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.
We have idenified some issues with this certificate:
- Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)
Certificate Subject
CN=signin-fips.amazonaws-us-gov.com
Amazon
Organization:
Amazon
Country:
US
This certificate has expire since
Certificate Details
Serial Number (hex): 01:62:04:79:86:82:74:50:9c:01:48:9e:91:41:df:9cSerial Number (int): 1838163845796108767269366076580945820
Serial Number lenght: 121 bits, 16 octets
SubjectKeyId: b1:7c:ce:79:37:d9:7f:c4:e9:fe:e7:ea:03:a2:c8:31:ca:49:4e:a9
AuthorityKeyId: 81:b8:0e:63:8a:89:12:18:e5:fa:3b:3b:50:95:9f:e6:e5:90:13:85
Fingerprint (sha1): b8:c5:df:3f:98:c5:10:e0:53:5b:33:65:05:9a:3f:0a:14:73:0f:4f
Fingerprint (sha256): c1:55:db:16:e8:9c:d1:6c:bd:af:a7:4b:16:d0:6c:2b:5c:17:cd:6e:2e:d6:a2:a6:f3:b2:24:c6:f5:91:8a:50
Issuing Certificate URL: http://crt.r2m01.amazontrust.com/r2m01.cer
Revocation information
OCSP Server: http://ocsp.r2m01.amazontrust.comCRL Distribution Point: http://crl.r2m01.amazontrust.com/r2m01.crl
Check the revocation status for certificate signin-fips.amazonaws-us-gov.com
4
DNS Names
0
Email Addresses
0
IP Addresses
Advanced Certificate Properties
Tehnical certificate details for signin-fips.amazonaws-us-gov.com
Public Key Algorithm
RSA
Key Size
2048
Signature Algorithm
SHA256 with RSA
Key Usage
Digital Signature
Key Encipherment
Extended Key Usages
Server Authentication
Client Authentication
Extensions
10 extensions
No
unhandled critical extensions
CA Certificate
This is not a CA certificate
Subject Alternative Names
signin-fips.amazonaws-us-gov.com
us-gov-west-1.signin-fips.amazonaws-us-gov.com
smartcard.us-gov-west-1.signin-fips.amazonaws-us-gov.com
smartcard.signin.amazonaws-us-gov.com
us-gov-west-1.signin-fips.amazonaws-us-gov.com
smartcard.us-gov-west-1.signin-fips.amazonaws-us-gov.com
smartcard.signin.amazonaws-us-gov.com
Other certificates including the domain name amazonaws-us-gov.com
(limited to 100 certificates)
glacier-console-us-gov-west-1.console.amazonaws-us-gov.com
policysim.amazonaws-us-gov.com
*.signin.amazonaws-us-gov.com
*.signin.amazonaws-us-gov.com
s3-console-us-gov-west-1.console.amazonaws-us-gov.com
*.us-gov-west-1.console-gamma.aws-dev.amazonaws-us-gov.com
us-gov-west-1.console.amazonaws-us-gov.com
us-gov-west-1.console.amazonaws-us-gov.com
policysim.amazonaws-us-gov.com
*.signin.amazonaws-us-gov.com
us-gov-west-1.console.amazonaws-us-gov.com
*.signin.amazonaws-us-gov.com
appstream2.us-gov-east-1.aws.amazon.com
us-gov-east-1.console.amazonaws-us-gov.com
websocket.us-gov-east-1-onebox.quicksight.amazonaws-us-gov.com
api-quicksight-integ.us-gov-west-1.amazonaws.com
*.signin.amazonaws-us-gov.com
*.signin.amazonaws-us-gov.com
websocket.us-gov-east-1.quicksight.amazonaws-us-gov.com
appstream2.us-gov-west-1.aws.amazon.com
us-gov-west-1.console.amazonaws-us-gov.com
appstream2-fips.us-gov-east-1.aws.amazon.com
appstream2-fips.us-gov-west-1.aws.amazon.com
appstream2.us-gov-west-1.aws.amazon.com
appstream2.us-gov-west-1.aws.amazon.com
web-quicksight.us-gov-west-1.amazonaws.com
phd.amazonaws-us-gov.com
*.signin.amazonaws-us-gov.com
appstream2.us-gov-east-1.aws.amazon.com
policysim.amazonaws-us-gov.com
us-gov-west-1.console.amazonaws-us-gov.com
appstream2.us-gov-west-1.aws.amazon.com
*.signin.amazonaws-us-gov.com
us-gov-east-1.console.amazonaws-us-gov.com
phd.amazonaws-us-gov.com
*.signin.amazonaws-us-gov.com
phd.amazonaws-us-gov.com
us-gov-west-1.console.amazonaws-us-gov.com
us-gov-east-1.console.amazonaws-us-gov.com
us-gov-west-1.console.amazonaws-us-gov.com
*.signin.amazonaws-us-gov.com
websocket.fips-us-gov-east-1.quicksight.amazonaws-us-gov.com
signin-fips.amazonaws-us-gov.com
us-gov-east-1.console.amazonaws-us-gov.com
*.signin.amazonaws-us-gov.com
appstream2-fips.us-gov-west-1.aws.amazon.com
*.signin.amazonaws-us-gov.com
*.signin.amazonaws-us-gov.com
*.signin.amazonaws-us-gov.com
phd.amazonaws-us-gov.com
phd.amazonaws-us-gov.com
us-gov-west-1.prod.console-api.aws-dev.amazonaws-us-gov.com
us-gov-west-1.console.amazonaws-us-gov.com
appstream2.us-gov-west-1.aws.amazon.com
phd.amazonaws-us-gov.com
phd.amazonaws-us-gov.com
us-gov-west-1.console.amazonaws-us-gov.com
phd.amazonaws-us-gov.com
fpq3q23wnh.cell.logs.us-gov-west-1.amazonaws-us-gov.com
*.signin.amazonaws-us-gov.com
s3-console-us-gov-west-1.console.amazonaws-us-gov.com
us-gov-west-1.console.amazonaws-us-gov.com
appstream2-fips.us-gov-east-1.aws.amazon.com
signin-fips.amazonaws-us-gov.com
us-gov-west-1.console.amazonaws-us-gov.com
us-gov-east-1.console.amazonaws-us-gov.com
s3-console-us-gov-west-1.console.amazonaws-us-gov.com
s3-console-us-gov-west-1.console.amazonaws-us-gov.com
appstream2.us-gov-west-1.aws.amazon.com
us-gov-west-1.console.amazonaws-us-gov.com
*.us-gov-east-1.console-gamma.aws-dev.amazonaws-us-gov.com
*.signin.amazonaws-us-gov.com
appstream2-fips.us-gov-west-1.aws.amazon.com
*.signin.amazonaws-us-gov.com
policysim.amazonaws-us-gov.com
appstream2-fips.us-gov-west-1.aws.amazon.com
us-gov-west-1.console.amazonaws-us-gov.com
us-gov-west-1.console.amazonaws-us-gov.com
organizations-nexus.amazonaws-us-gov.com
us-gov-east-1.console.amazonaws-us-gov.com
us-gov-west-1.console.amazonaws-us-gov.com
us-gov-east-1.prod.console-api.aws-dev.amazonaws-us-gov.com
policysim.amazonaws-us-gov.com
*.signin.amazonaws-us-gov.com
*.signin.amazonaws-us-gov.com
s3-console-us-gov-west-1.console.amazonaws-us-gov.com
*.us-gov-west-1.console-gamma.aws-dev.amazonaws-us-gov.com
us-gov-west-1.console.amazonaws-us-gov.com
us-gov-west-1.console.amazonaws-us-gov.com
policysim.amazonaws-us-gov.com
*.signin.amazonaws-us-gov.com
us-gov-west-1.console.amazonaws-us-gov.com
*.signin.amazonaws-us-gov.com
appstream2.us-gov-east-1.aws.amazon.com
us-gov-east-1.console.amazonaws-us-gov.com
websocket.us-gov-east-1-onebox.quicksight.amazonaws-us-gov.com
api-quicksight-integ.us-gov-west-1.amazonaws.com
*.signin.amazonaws-us-gov.com
*.signin.amazonaws-us-gov.com
websocket.us-gov-east-1.quicksight.amazonaws-us-gov.com
appstream2.us-gov-west-1.aws.amazon.com
us-gov-west-1.console.amazonaws-us-gov.com
appstream2-fips.us-gov-east-1.aws.amazon.com
appstream2-fips.us-gov-west-1.aws.amazon.com
appstream2.us-gov-west-1.aws.amazon.com
appstream2.us-gov-west-1.aws.amazon.com
web-quicksight.us-gov-west-1.amazonaws.com
phd.amazonaws-us-gov.com
*.signin.amazonaws-us-gov.com
appstream2.us-gov-east-1.aws.amazon.com
policysim.amazonaws-us-gov.com
us-gov-west-1.console.amazonaws-us-gov.com
appstream2.us-gov-west-1.aws.amazon.com
*.signin.amazonaws-us-gov.com
us-gov-east-1.console.amazonaws-us-gov.com
phd.amazonaws-us-gov.com
*.signin.amazonaws-us-gov.com
phd.amazonaws-us-gov.com
us-gov-west-1.console.amazonaws-us-gov.com
us-gov-east-1.console.amazonaws-us-gov.com
us-gov-west-1.console.amazonaws-us-gov.com
*.signin.amazonaws-us-gov.com
websocket.fips-us-gov-east-1.quicksight.amazonaws-us-gov.com
signin-fips.amazonaws-us-gov.com
us-gov-east-1.console.amazonaws-us-gov.com
*.signin.amazonaws-us-gov.com
appstream2-fips.us-gov-west-1.aws.amazon.com
*.signin.amazonaws-us-gov.com
*.signin.amazonaws-us-gov.com
*.signin.amazonaws-us-gov.com
phd.amazonaws-us-gov.com
phd.amazonaws-us-gov.com
us-gov-west-1.prod.console-api.aws-dev.amazonaws-us-gov.com
us-gov-west-1.console.amazonaws-us-gov.com
appstream2.us-gov-west-1.aws.amazon.com
phd.amazonaws-us-gov.com
phd.amazonaws-us-gov.com
us-gov-west-1.console.amazonaws-us-gov.com
phd.amazonaws-us-gov.com
fpq3q23wnh.cell.logs.us-gov-west-1.amazonaws-us-gov.com
*.signin.amazonaws-us-gov.com
s3-console-us-gov-west-1.console.amazonaws-us-gov.com
us-gov-west-1.console.amazonaws-us-gov.com
appstream2-fips.us-gov-east-1.aws.amazon.com
signin-fips.amazonaws-us-gov.com
us-gov-west-1.console.amazonaws-us-gov.com
us-gov-east-1.console.amazonaws-us-gov.com
s3-console-us-gov-west-1.console.amazonaws-us-gov.com
s3-console-us-gov-west-1.console.amazonaws-us-gov.com
appstream2.us-gov-west-1.aws.amazon.com
us-gov-west-1.console.amazonaws-us-gov.com
*.us-gov-east-1.console-gamma.aws-dev.amazonaws-us-gov.com
*.signin.amazonaws-us-gov.com
appstream2-fips.us-gov-west-1.aws.amazon.com
*.signin.amazonaws-us-gov.com
policysim.amazonaws-us-gov.com
appstream2-fips.us-gov-west-1.aws.amazon.com
us-gov-west-1.console.amazonaws-us-gov.com
us-gov-west-1.console.amazonaws-us-gov.com
organizations-nexus.amazonaws-us-gov.com
us-gov-east-1.console.amazonaws-us-gov.com
us-gov-west-1.console.amazonaws-us-gov.com
us-gov-east-1.prod.console-api.aws-dev.amazonaws-us-gov.com
Certificate
The complete raw certificate details for signin-fips.amazonaws-us-gov.com in PEM and ASN.1 format.
Certificate (PEM)
-----BEGIN CERTIFICATE----- MIIGgjCCBWqgAwIBAgIQAWIEeYaCdFCcAUiekUHfnDANBgkqhkiG9w0BAQsFADA8 MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g UlNBIDIwNDggTTAxMB4XDTIzMDMxNjAwMDAwMFoXDTI0MDEyMzIzNTk1OVowKzEp MCcGA1UEAxMgc2lnbmluLWZpcHMuYW1hem9uYXdzLXVzLWdvdi5jb20wggEiMA0G CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDpGrKQf1f/CqthhZcJWE/wTNFdZf2s goQoJF6Hwb89d6mKPaHyYl+uCcu4AbxLklbMcgOMboSWG/tRTE7Qwh8Rr6OOtd/q cdeThasegJHaYbltabMLLK7Hi7czkf3sqJ9xoP/ZAJW11dkio/baIMR2D2iDEz1r 8cihlx9mgdm+opOCRQR/LwpiYhEp7SiOnbUXp0xYzY/pqZwzd+1L13dh58TGjL7B hWwpAzWV4uF2ZJr8GbTAscGU0s51raTAdW+cPWOjA1xGdAHz7JOnunnf0qOItPZj bwNdP8WI9YHbjw4wjUHlMneGaFKU1MKfb3Na7FO24FD7W6ldudLXxSN5AgMBAAGj ggOPMIIDizAfBgNVHSMEGDAWgBSBuA5jiokSGOX6OztQlZ/m5ZAThTAdBgNVHQ4E FgQUsXzOeTfZf8Tp/ufqA6LIMcpJTqkwgb4GA1UdEQSBtjCBs4Igc2lnbmluLWZp cHMuYW1hem9uYXdzLXVzLWdvdi5jb22CLnVzLWdvdi13ZXN0LTEuc2lnbmluLWZp cHMuYW1hem9uYXdzLXVzLWdvdi5jb22COHNtYXJ0Y2FyZC51cy1nb3Ytd2VzdC0x LnNpZ25pbi1maXBzLmFtYXpvbmF3cy11cy1nb3YuY29tgiVzbWFydGNhcmQuc2ln bmluLmFtYXpvbmF3cy11cy1nb3YuY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUE FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwOwYDVR0fBDQwMjAwoC6gLIYqaHR0cDov L2NybC5yMm0wMS5hbWF6b250cnVzdC5jb20vcjJtMDEuY3JsMBMGA1UdIAQMMAow CAYGZ4EMAQIBMHUGCCsGAQUFBwEBBGkwZzAtBggrBgEFBQcwAYYhaHR0cDovL29j c3AucjJtMDEuYW1hem9udHJ1c3QuY29tMDYGCCsGAQUFBzAChipodHRwOi8vY3J0 LnIybTAxLmFtYXpvbnRydXN0LmNvbS9yMm0wMS5jZXIwDAYDVR0TAQH/BAIwADCC AYAGCisGAQQB1nkCBAIEggFwBIIBbAFqAHcA7s3QZNXbGs7FXLedtM0TojKHRny8 7N7DUUhZRnEftZsAAAGG7KB2+QAABAMASDBGAiEAslk1j+LKHUDBORIC4DjpRURB wRn7fAqpWYx9pMHFPRECIQDkp3krpPkQxJQ3XEPQO7XcM4SKhGJHTlmAcaI2tpWy GwB2AHPZnokbTJZ4oCB9R53mssYc0FFecRkqjGuAEHrBd3K1AAABhuygdzcAAAQD AEcwRQIhAJKJVhKpXjLqqQYAg295S2F+qW6TyXq/QGt0T7hBbROyAiAHuN7A+I5q 2aZIsYp0XUpSlhl8qZW3QR+3IX/vGCHilAB3AEiw42vapkc0D+VqAvqdMOscUgHL Vt0sgdm7v6s52IRzAAABhuygdvkAAAQDAEgwRgIhAKIicvqKbxOIspxJ47HU1SIQ HP5UoAWW6ZVCTNajezWHAiEA65aUs9kc03MVJj0hVtqK1yvVjrN4Qpci2LwQJkoU DfwwDQYJKoZIhvcNAQELBQADggEBAD8w824OxIdkkfp6hp5qPlyNpF2P3A5HEIBl iCT5IUALPeYLaq14+qDgagWgkXEzo5SRQECcUQ7EemHHF73B6pU/+In8ZOyDoYQs 8LWwdqfHk34rmcBMKD/ZJz0DvRwrXF/HigjR9SS3vdYR0PH3DMHgk9W7cKzTTXVJ j6j3bYGz08TQcaX4jNoD0AJnaRGXJcUGIeHX7umP+OEzmObVd7o/UjW+vCuxqRKp MDyOYgzn5H+HgvJBlGN1WIVNrE1nfZnhiaJ7qxpTT+OZV4j6DIYhjqfBfvDfTO8g lYMcPGDS1s4HbhqLP6exzMUZXaDyP2jUUxT7ZXAn1Olh+C5cgws= -----END CERTIFICATE-----
Public Key (PEM)
-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6RqykH9X/wqrYYWXCVhP 8EzRXWX9rIKEKCReh8G/PXepij2h8mJfrgnLuAG8S5JWzHIDjG6Elhv7UUxO0MIf Ea+jjrXf6nHXk4WrHoCR2mG5bWmzCyyux4u3M5H97KifcaD/2QCVtdXZIqP22iDE dg9ogxM9a/HIoZcfZoHZvqKTgkUEfy8KYmIRKe0ojp21F6dMWM2P6amcM3ftS9d3 YefExoy+wYVsKQM1leLhdmSa/Bm0wLHBlNLOda2kwHVvnD1jowNcRnQB8+yTp7p5 39KjiLT2Y28DXT/FiPWB248OMI1B5TJ3hmhSlNTCn29zWuxTtuBQ+1upXbnS18Uj eQIDAQAB -----END PUBLIC KEY-----
ASN.1 decoded
[c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2 . . . . . . . . [c:0|t:2|false] INTEGER 1838163845796108767269366076580945820 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon' . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M01' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2023-03-16 00:00:00 +0000 UTC . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-01-23 23:59:59 +0000 UTC . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName) . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'signin-fips.amazonaws-us-gov.com' . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption) . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 29426690093567483754253457626362010757498115083219348489980396345643821149019646091741961578647029952984446542588484498731505712200684790438456790882586377923201182133539266585087307460789240695409363021090429320554124981058486713496081783882788976343339005083394007734125944068920045303610983397108571879423570847117581735351837046363452006536197544921389160895671085442584585508821834182365764139811305011837802090372286006139791491276633181648675167550841128294570075320449566674383987733640306149151188194698128142378316544588033190229470742902313077241149280585864213118905597500292458949650970058266752275784569 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537 . . . . . . . . [c:2|t:3|true] ORAddress . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName 81b80e638a891218e5fa3b3b50959fe6e5901385 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes) b17cce7937d97fc4e9fee7ea03a2c831ca494ea9 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (182 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'signin-fips.amazonaws-us-gov.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'us-gov-west-1.signin-fips.amazonaws-us-gov.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'smartcard.us-gov-west-1.signin-fips.amazonaws-us-gov.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'smartcard.signin.amazonaws-us-gov.com' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits) 05a0 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m01.amazontrust.com/r2m01.crl' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy) . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m01.amazontrust.com' . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m01.amazontrust.com/r2m01.cer' . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints) . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (368 bytes) . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (364 bytes) 016a007700eecdd064d5db1acec55cb79db4cd13a23287467cbcecdec351485946711fb59b00000186eca076f90000040300483046022100b259358fe2ca1d40c1391202e038e9454441c119fb7c0aa9598c7da4c1c53d11022100e4a7792ba4f910c494375c43d03bb5dc33848a8462474e598071a236b695b21b00760073d99e891b4c9678a0207d479de6b2c61cd0515e71192a8c6b80107ac17772b500000186eca07737000004030047304502210092895612a95e32eaa90600836f794b617ea96e93c97abf406b744fb8416d13b2022007b8dec0f88e6ad9a648b18a745d4a5296197ca995b7411fb7217fef1821e29400770048b0e36bdaa647340fe56a02fa9d30eb1c5201cb56dd2c81d9bbbfab39d8847300000186eca076f90000040300483046022100a22272fa8a6f1388b29c49e3b1d4d522101cfe54a00596e995424cd6a37b3587022100eb9694b3d91cd37315263d2156da8ad72bd58eb378429722d8bc10264a140dfc . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) . . . . . . . . [c:0|t:5|false] NULL . . . . [c:0|t:3|false] BIT STRING (2048 bits) 003f30f36e0ec4876491fa7a869e6a3e5c8da45d8fdc0e471080658824f921400b3de60b6aad78faa0e06a05a0917133a3949140409c510ec47a61c717bdc1ea953ff889fc64ec83a1842cf0b5b076a7c7937e2b99c04c283fd9273d03bd1c2b5c5fc78a08d1f524b7bdd611d0f1f70cc1e093d5bb70acd34d75498fa8f76d81b3d3c4d071a5f88cda03d0026769119725c50621e1d7eee98ff8e13398e6d577ba3f5235bebc2bb1a912a9303c8e620ce7e47f8782f24194637558854dac4d677d99e189a27bab1a534fe3995788fa0c86218ea7c17ef0df4cef2095831c3c60d2d6ce076e1a8b3fa7b1ccc5195da0f23f68d45314fb657027d4e961f82e5c830b