cas.fglife.com.tw

- Farglory Life Insurance Co. -

Issued by TWCA Secure SSL Certification Authority

About this certificate

This digital certificate with serial number 47:e3:00:00:00:01:bb:8f:25:7f:be:d3:40:46:6c:3c was issued on by TAIWAN-CA.

This certificate has already expired and will cause a warning or error message in the browser it's still listed on this site to allow you to look back on previously issued certificates. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • Subscriber Certificate: commonName is deprecated. (BRs: 7.1.4.2.2)

Farglory Life Insurance Co.

Organization: Farglory Life Insurance Co.
Organization unit: IT
State / Province: Taiwan
Locality: Taipei
Country: TW

TAIWAN-CA

Organization: TAIWAN-CA
Organization unit: Secure SSL Sub-CA
Country: TW

This certificate has expire since

Certificate Details

Serial Number (hex): 47:e3:00:00:00:01:bb:8f:25:7f:be:d3:40:46:6c:3c
Serial Number (int): 95553839087618527496785125855904295996
Serial Number lenght: 127 bits, 16 octets

SubjectKeyId: 09:40:db:05:f7:dc:b0:32:4f:7d:d4:56:29:ed:3d:9c:b7:38:16:61:d8:9c:9f:55:e4:c6:65:30:ae:4e:42:51
AuthorityKeyId: f8:07:c2:68:24:ff:85:95:cb:db:1e:e3:33:9c:2a:4f:97:20:56:7b

Fingerprint (sha1): 79:6a:0f:29:fa:03:f0:51:9a:80:c4:95:61:cd:5e:54:e2:9d:5c:ce
Fingerprint (sha256): c9:ab:38:ad:ad:c5:bf:e7:a5:91:30:b7:6b:e5:7a:1e:da:fa:cf:bc:3a:38:46:7c:2e:4d:32:df:1d:51:a6:10

Issuing Certificate URL: http://sslserver.twca.com.tw/cacert/secure_sha2_2014.crt

Revocation information

OCSP Server: http://twcasslocsp.twca.com.tw/
CRL Distribution Point: http://sslserver.twca.com.tw/sslserver/Securessl_revoke_sha2_2014.crl

Check the revocation status for certificate cas.fglife.com.tw

1

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for cas.fglife.com.tw

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

cas.fglife.com.tw

Other certificates including the domain name fglife.com.tw

(limited to 100 certificates)
ex.fglife.com.tw
mdm.fglife.com.tw
app-customer.fglife.com.tw
ex3.fglife.com.tw
fgweb.fglife.com.tw
member.fglife.com.tw
uat.lia-share.fglife.com.tw
app-bank.fglife.com.tw
hr.fglife.com.tw
bw.fglife.com.tw
proposal.fglife.com.tw
hr.fglife.com.tw
member.fglife.com.tw
member.fglife.com.tw
uat.lia-share.fglife.com.tw
slm.fglife.com.tw
webmail.fglife.com.tw
app-customer.fglife.com.tw
test.fglife.com.tw
bw.fglife.com.tw
gip.fglife.com.tw
ex3.fglife.com.tw
ex.fglife.com.tw
accessibility.fglife.com.tw
sslvpn.fglife.com.tw
app2-ins.fglife.com.tw
app-broker.fglife.com.tw
fgweb.fglife.com.tw
luckygo.fglife.com.tw
webmail.fglife.com.tw
fgweb.fglife.com.tw
member.fglife.com.tw
app-broker.fglife.com.tw
www.fglife.com.tw
jcm.fglife.com.tw
app-bank.fglife.com.tw
www2.fglife.com.tw
bw.fglife.com.tw
online-ins.fglife.com.tw
member.fglife.com.tw
e-recruit.fglife.com.tw
app-broker.fglife.com.tw
bw.fglife.com.tw
realty.fglife.com.tw
slm.fglife.com.tw
www.fglife.com.tw
online-ins.fglife.com.tw
member.fglife.com.tw
lip.fglife.com.tw
lip.fglife.com.tw
lia-share.fglife.com.tw
mdm.fglife.com.tw
hr.fglife.com.tw
webmail.fglife.com.tw
fgweb.fglife.com.tw
lia-share.fglife.com.tw
slm.fglife.com.tw
member.fglife.com.tw
sslvpn.fglife.com.tw
jcm.fglife.com.tw
online-ins.fglife.com.tw
app-agent.fglife.com.tw
app-agent.fglife.com.tw
ex.fglife.com.tw
app-ins-test.fglife.com.tw
app-ins-nbpr.fglife.com.tw
ex.fglife.com.tw
lip.fglife.com.tw
lia-share.fglife.com.tw
uat.lia-share.fglife.com.tw
accessibility.fglife.com.tw
www.fglife.com.tw
cas.fglife.com.tw
fatca.fglife.com.tw
cas.fglife.com.tw
member.fglife.com.tw
member.fglife.com.tw
fg-ao5.fglife.com.tw
sslvpn.fglife.com.tw
realty.fglife.com.tw
www.fglife.com.tw
lip.fglife.com.tw
jira.fglife.com.tw
fg-ao5.fglife.com.tw
www2.fglife.com.tw
e-recruit.fglife.com.tw
member.fglife.com.tw
app2-ins-test.fglife.com.tw
cas.fglife.com.tw
sslvpn.fglife.com.tw
app-bank.fglife.com.tw
hr.fglife.com.tw
www.fglife.com.tw

Certificate

The complete raw certificate details for cas.fglife.com.tw in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIIGtzCCBZ+gAwIBAgIQR+MAAAABu48lf77TQEZsPDANBgkqhkiG9w0BAQsFADBv
MQswCQYDVQQGEwJUVzESMBAGA1UEChMJVEFJV0FOLUNBMRowGAYDVQQLExFTZWN1
cmUgU1NMIFN1Yi1DQTEwMC4GA1UEAxMnVFdDQSBTZWN1cmUgU1NMIENlcnRpZmlj
YXRpb24gQXV0aG9yaXR5MB4XDTE5MDgwNzA4MDAwM1oXDTIxMTEwMzE1NTk1OVow
fjELMAkGA1UEBhMCVFcxDzANBgNVBAgTBlRhaXdhbjEPMA0GA1UEBxMGVGFpcGVp
MSQwIgYDVQQKExtGYXJnbG9yeSBMaWZlIEluc3VyYW5jZSBDby4xCzAJBgNVBAsT
AklUMRowGAYDVQQDExFjYXMuZmdsaWZlLmNvbS50dzCCASIwDQYJKoZIhvcNAQEB
BQADggEPADCCAQoCggEBAMcVSLNU5sV9WnhWZJq3e5slupAx5/fboryVszYK392J
FD/o1HIPFkEwZOwH6PKwsNKlF2vEsw7qMJsjvbrFqmeBN2wYgA2Kwki9wu/r7BVM
xCxFQJoqOqivjxeGbUzm+H/CBfUeygnFUcyDUewOx4Lb8R/5ad7pUCdGEQdOIoxj
GGBy+QWLaf9MfzCyWxWR4H80Nw5SB/xl0TLSsn9ttY7lGH4cErJ0lxDhcsUWCLK7
j8z6lxmrQRKedDAa5scfUB40xLLnNAXXkV4tbYaE5HGKwuwiGiQth1VV+Hw8pdG+
Y/8gObcL3D6aLIkLRgpewUHtIsVxkxjyR65LNI5CMD0CAwEAAaOCAz4wggM6MB8G
A1UdIwQYMBaAFPgHwmgk/4WVy9se4zOcKk+XIFZ7MCkGA1UdDgQiBCAJQNsF99yw
Mk991FYp7T2ctzgWYdicn1XkxmUwrk5CUTBWBgNVHR8ETzBNMEugSaBHhkVodHRw
Oi8vc3Nsc2VydmVyLnR3Y2EuY29tLnR3L3NzbHNlcnZlci9TZWN1cmVzc2xfcmV2
b2tlX3NoYTJfMjAxNC5jcmwwHAYDVR0RBBUwE4IRY2FzLmZnbGlmZS5jb20udHcw
gYEGCCsGAQUFBwEBBHUwczBEBggrBgEFBQcwAoY4aHR0cDovL3NzbHNlcnZlci50
d2NhLmNvbS50dy9jYWNlcnQvc2VjdXJlX3NoYTJfMjAxNC5jcnQwKwYIKwYBBQUH
MAGGH2h0dHA6Ly90d2Nhc3Nsb2NzcC50d2NhLmNvbS50dy8wNwYDVR0gBDAwLjAs
BgsrBgEEAYK/JQEBGTAdMBsGCCsGAQUFBwIBFg93d3cudHdjYS5jb20udHcwCQYD
VR0TBAIwADAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG
AQUFBwMCMIIBfQYKKwYBBAHWeQIEAgSCAW0EggFpAWcAdgBvU3asMfAxGdiZAKRR
Ff93FRwR2QLBACkGjbIImjfZEwAAAWxrF5wQAAAEAwBHMEUCIEri2JGfAQidc9CV
gwZWIqKJHTHaZ2KLXQBG/FoYn6aPAiEA5tv0HOpufJb9FuPanJ+G6Xf6V2vKmUig
lSX8HoUXaywAdgC72d+8H4pxtZOUI5eqkntHOFeVCqtS6BqQlmQ2jh7RhQAAAWxr
F5gdAAAEAwBHMEUCIACoQHnmtk668r0kik6kgbJDq9UFdicTdXJfQWQnplsDAiEA
/MKdm3FT91+kzZUtyHTWNqxKKgEzWslWKX7RLNZde44AdQD2XJQv0XcwIhRUGAgw
lFaO400TGTO/3wwvIAvMTvFk4wAAAWxrF5gbAAAEAwBGMEQCIE7KKB05wEBUsGKU
FEsQLJ/8Fh5xy6VWtkWp97nY9so+AiBTC0wKfp48cWVjsKJqxFrz7cJ9A1kTGhen
emw3J4jedzANBgkqhkiG9w0BAQsFAAOCAQEAE8S7KB4FwZ3+cqP6ttBuhCB5UTKc
LQkvU6sIZujR27T55XyD7fjuNE+F9wyRWsCnMM97T0yxSfsUAVqQ8w7rj2gv6Xas
SqEJunj1M9SfD3GO4hV44ullAm4P9sLiFsxOCHse8Pn3kcvZIr9gTLDy/L+6iIzB
23RiXCazRWNCay4q6MTz47sIq4o5uDA7pzN1L1FKDbLRPzH9eQJQcLGAf/+5vzNe
HMmzk1FLvKss0VFkETLRh3pHfOazfCSC0h3+QEylxfYetCS937j4YlN5mYXG57bC
Hrx4zPVVALCMWC9sPnkc+CqxdtyNzjjTssn24QVbARz5va/iqVM5k89UYw==
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxxVIs1TmxX1aeFZkmrd7
myW6kDHn99uivJWzNgrf3YkUP+jUcg8WQTBk7Afo8rCw0qUXa8SzDuowmyO9usWq
Z4E3bBiADYrCSL3C7+vsFUzELEVAmio6qK+PF4ZtTOb4f8IF9R7KCcVRzINR7A7H
gtvxH/lp3ulQJ0YRB04ijGMYYHL5BYtp/0x/MLJbFZHgfzQ3DlIH/GXRMtKyf221
juUYfhwSsnSXEOFyxRYIsruPzPqXGatBEp50MBrmxx9QHjTEsuc0BdeRXi1thoTk
cYrC7CIaJC2HVVX4fDyl0b5j/yA5twvcPposiQtGCl7BQe0ixXGTGPJHrks0jkIw
PQIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 95553839087618527496785125855904295996
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'TW'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'TAIWAN-CA'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Secure SSL Sub-CA'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'TWCA Secure SSL Certification Authority'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2019-08-07 08:00:03 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2021-11-03 15:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'TW'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.8 (stateOrProvinceName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Taiwan'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.7 (localityName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Taipei'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Farglory Life Insurance Co.'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.11 (organizationalUnitName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'IT'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'cas.fglife.com.tw'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 25131918213105067840770353140156634010267327668021221014977027054783360022710205721367913152742113158354070900050014503606443614904277529295691071803955519584466325436196628085478665732518757956306563927875349840673387084153384052965956162028324942105993514049911374027343206105537595498719023051772629174551659658789993507002627043927519097600670332979750084707086886650418092299290837604457006668242569624957533912117582334968561962922531321383181053157542074923564615943976134648020959086672342034601856736812676427599581797507210514543767197921105491253770024461898547632979660745335625652129904281377996659634237
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName f807c26824ff8595cbdb1ee3339c2a4f9720567b
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (34 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (32 bytes)
							0940db05f7dcb0324f7dd45629ed3d9cb7381661d89c9f55e4c66530ae4e4251
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (79 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://sslserver.twca.com.tw/sslserver/Securessl_revoke_sha2_2014.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (21 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cas.fglife.com.tw'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (117 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://sslserver.twca.com.tw/cacert/secure_sha2_2014.crt'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://twcasslocsp.twca.com.tw/'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (48 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.40869.1.1.25
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.2.1 (cps)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:22|false] IA5String 'www.twca.com.tw'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes)
							01670076006f5376ac31f03119d89900a45115ff77151c11d902c10029068db2089a37d9130000016c6b179c10000004030047304502204ae2d8919f01089d73d09583065622a2891d31da67628b5d0046fc5a189fa68f022100e6dbf41cea6e7c96fd16e3da9c9f86e977fa576bca9948a09525fc1e85176b2c007600bbd9dfbc1f8a71b593942397aa927b473857950aab52e81a909664368e1ed1850000016c6b17981d0000040300473045022000a84079e6b64ebaf2bd248a4ea481b243abd50576271375725f416427a65b03022100fcc29d9b7153f75fa4cd952dc874d636ac4a2a01335ac956297ed12cd65d7b8e007500f65c942fd1773022145418083094568ee34d131933bfdf0c2f200bcc4ef164e30000016c6b17981b000004030046304402204eca281d39c04054b06294144b102c9ffc161e71cba556b645a9f7b9d8f6ca3e0220530b4c0a7e9e3c716563b0a26ac45af3edc27d0359131a17a77a6c372788de77
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		0013c4bb281e05c19dfe72a3fab6d06e84207951329c2d092f53ab0866e8d1dbb4f9e57c83edf8ee344f85f70c915ac0a730cf7b4f4cb149fb14015a90f30eeb8f682fe976ac4aa109ba78f533d49f0f718ee21578e2e965026e0ff6c2e216cc4e087b1ef0f9f791cbd922bf604cb0f2fcbfba888cc1db74625c26b34563426b2e2ae8c4f3e3bb08ab8a39b8303ba733752f514a0db2d13f31fd79025070b1807fffb9bf335e1cc9b393514bbcab2cd151641132d1877a477ce6b37c2482d21dfe404ca5c5f61eb424bddfb8f86253799985c6e7b6c21ebc78ccf55500b08c582f6c3e791cf82ab176dc8dce38d3b2c9f6e1055b011cf9bdafe2a9533993cf5463