client-cf-secure-client-track4.mrpdns.com

Issued by Amazon RSA 2048 M02

About this certificate

This digital certificate with serial number 0d:3a:3e:a2:ae:38:70:aa:7d:77:2d:3a:4c:94:98:d3 was issued on by Amazon.

With 33 subject alternative names this certificate can be used to secure multiple fqdn's. This certificate is currently not expired, we haven't checked the revocation status of this certificate but you can do this simply on revocationcheck.com. If we have found any compliance issues with this certificate they will be shown below. I hope this certificate review is providing you the detailed information in a simple form you where looking for.


We have idenified some issues with this certificate:
  • DV certificate contains a subject common name, this is not recommended. If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, only country and/or common name is allowed in SubjectDN. (BRs: 7.1.2.7.2)
  • Subscriber certificates use of Subject Key Identifier is NOT RECOMMENDED (BRs v2: 7.1.2.7.6)
  • Subscriber Certificate: commonName is NOT RECOMMENDED. (BRs: 7.1.2.7.1)

Certificate Subject

CN=client-cf-secure-client-track4.mrpdns.com

Amazon

Organization: Amazon
Country: US

This certificate will expire on

Certificate Details

Serial Number (hex): 0d:3a:3e:a2:ae:38:70:aa:7d:77:2d:3a:4c:94:98:d3
Serial Number (int): 17582387561275303669439015082607810771
Serial Number lenght: 124 bits, 16 octets

SubjectKeyId: 92:a8:24:54:1e:c4:12:90:24:80:06:b6:e7:5a:2b:51:32:42:87:84
AuthorityKeyId: c0:31:52:cd:5a:50:c3:82:7c:74:71:ce:cb:e9:9c:f9:7a:eb:82:e2

Fingerprint (sha1): 70:04:ba:68:19:f0:3f:97:47:64:46:01:8b:be:62:b5:a1:ac:f6:d7
Fingerprint (sha256): db:13:de:cc:77:b0:0d:40:f0:18:3e:42:c5:fb:0b:01:17:ea:ba:8e:44:31:1d:b3:e4:22:e6:19:b3:05:b5:03

Issuing Certificate URL: http://crt.r2m02.amazontrust.com/r2m02.cer

Revocation information

OCSP Server: http://ocsp.r2m02.amazontrust.com
CRL Distribution Point: http://crl.r2m02.amazontrust.com/r2m02.crl

Check the revocation status for certificate client-cf-secure-client-track4.mrpdns.com

33

DNS Names

0

Email Addresses

0

IP Addresses

Advanced Certificate Properties

Tehnical certificate details for client-cf-secure-client-track4.mrpdns.com

Public Key Algorithm

RSA

Key Size

2048

Signature Algorithm

SHA256 with RSA

Key Usage

Digital Signature
Key Encipherment

Extended Key Usages

Server Authentication
Client Authentication

Extensions

10 extensions
No unhandled critical extensions

CA Certificate

This is not a CA certificate

Subject Alternative Names

client-cf-secure-client-track4.mrpdns.com
federatedautopartsraceway.com
*.34raceway.com
camdenspeedwaytn.com
arlingtonraceway.com
*.cottagegrovespeedway.com
harrisspeedway.com
*.quicksilverseries.com
*.flyinghdragstrip.com
141-speedway.com
cottagegrovespeedway.com
flyinghdragstrip.com
*.harrisspeedway.com
*.141-speedway.com
quicksilverseries.com
34raceway.com
*.acspeedway.com
*.idahofallsraceway.com
*.deercreekspeedway.com
worthingtonspeedway.com
*.camdenspeedwaytn.com
*.kingsofthunder.com
carstourwest.com
*.racesalinaspeedways.com
deercreekspeedway.com
*.worthingtonspeedway.com
*.carstourwest.com
acspeedway.com
*.arlingtonraceway.com
kingsofthunder.com
racesalinaspeedways.com
*.federatedautopartsraceway.com
idahofallsraceway.com

Other certificates including the domain name mrpdns.com

(limited to 100 certificates)
client-cf-secure-client-driver5.mrpdns.com
client-cf-secure-client-business2.mrpdns.com
*.myracepass.com
client-cf-secure-client-track3.mrpdns.com
client-cf-secure-client-track4.mrpdns.com
client-cf-secure-client-business2.mrpdns.com
*.myracepass.com
*.myracepass.com
client-cf-secure-client-track4.mrpdns.com
api.myracepass.com
client-cf-secure-client-business2.mrpdns.com
*.myracepass.com
client-cf-secure-client-track3.mrpdns.com
client-cf-secure-client-track4.mrpdns.com
*.myracepass.com
client-cf-secure-client-track4.mrpdns.com
*.myracepass.com
client-cf-secure-client-driver5.mrpdns.com
client-cf-secure-client-business2.mrpdns.com
client-cf-secure-client-track3.mrpdns.com
client-cf-secure-client-track4.mrpdns.com

Certificate

The complete raw certificate details for client-cf-secure-client-track4.mrpdns.com in PEM and ASN.1 format.

Certificate (PEM)

-----BEGIN CERTIFICATE-----
MIII3TCCB8WgAwIBAgIQDTo+oq44cKp9dy06TJSY0zANBgkqhkiG9w0BAQsFADA8
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRwwGgYDVQQDExNBbWF6b24g
UlNBIDIwNDggTTAyMB4XDTI0MDQyNjAwMDAwMFoXDTI1MDUyNjIzNTk1OVowNDEy
MDAGA1UEAxMpY2xpZW50LWNmLXNlY3VyZS1jbGllbnQtdHJhY2s0Lm1ycGRucy5j
b20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBaK3fdChlw8mYBLRV
bZ0GTtz3M7yFhLfNr0G+8+WcUbj5fJJI5udZA/3EsXB06TevTteMfQiWpWhjjUCh
J3+aR78QQcA/SV9Y+kIoSaJ4T/rYI7XeWDdgvheIiKX/+XErEsHD8aoAMtcJGvK1
zKzoOr05LPi6CEJ9Zd5Ufqezovb0q4c0Kvk+cIwxtePMr9L4HvnmmUJ4qXBZeIUf
dgAOh+5YuYl9YbtMQCow/VJxTO4q+bW+MAvfkyUN44wneAtKf+eMMEJVGhJ0R4oF
kTAf1a2Z+xNBUD5JHdxeLitBTDztjQ0uwJtBFdZOGmPyUAfxVBCFuy5vnquAIUB6
sjH7AgMBAAGjggXhMIIF3TAfBgNVHSMEGDAWgBTAMVLNWlDDgnx0cc7L6Zz5euuC
4jAdBgNVHQ4EFgQUkqgkVB7EEpAkgAa251orUTJCh4QwggMSBgNVHREEggMJMIID
BYIpY2xpZW50LWNmLXNlY3VyZS1jbGllbnQtdHJhY2s0Lm1ycGRucy5jb22CHWZl
ZGVyYXRlZGF1dG9wYXJ0c3JhY2V3YXkuY29tgg8qLjM0cmFjZXdheS5jb22CFGNh
bWRlbnNwZWVkd2F5dG4uY29tghRhcmxpbmd0b25yYWNld2F5LmNvbYIaKi5jb3R0
YWdlZ3JvdmVzcGVlZHdheS5jb22CEmhhcnJpc3NwZWVkd2F5LmNvbYIXKi5xdWlj
a3NpbHZlcnNlcmllcy5jb22CFiouZmx5aW5naGRyYWdzdHJpcC5jb22CEDE0MS1z
cGVlZHdheS5jb22CGGNvdHRhZ2Vncm92ZXNwZWVkd2F5LmNvbYIUZmx5aW5naGRy
YWdzdHJpcC5jb22CFCouaGFycmlzc3BlZWR3YXkuY29tghIqLjE0MS1zcGVlZHdh
eS5jb22CFXF1aWNrc2lsdmVyc2VyaWVzLmNvbYINMzRyYWNld2F5LmNvbYIQKi5h
Y3NwZWVkd2F5LmNvbYIXKi5pZGFob2ZhbGxzcmFjZXdheS5jb22CFyouZGVlcmNy
ZWVrc3BlZWR3YXkuY29tghd3b3J0aGluZ3RvbnNwZWVkd2F5LmNvbYIWKi5jYW1k
ZW5zcGVlZHdheXRuLmNvbYIUKi5raW5nc29mdGh1bmRlci5jb22CEGNhcnN0b3Vy
d2VzdC5jb22CGSoucmFjZXNhbGluYXNwZWVkd2F5cy5jb22CFWRlZXJjcmVla3Nw
ZWVkd2F5LmNvbYIZKi53b3J0aGluZ3RvbnNwZWVkd2F5LmNvbYISKi5jYXJzdG91
cndlc3QuY29tgg5hY3NwZWVkd2F5LmNvbYIWKi5hcmxpbmd0b25yYWNld2F5LmNv
bYISa2luZ3NvZnRodW5kZXIuY29tghdyYWNlc2FsaW5hc3BlZWR3YXlzLmNvbYIf
Ki5mZWRlcmF0ZWRhdXRvcGFydHNyYWNld2F5LmNvbYIVaWRhaG9mYWxsc3JhY2V3
YXkuY29tMBMGA1UdIAQMMAowCAYGZ4EMAQIBMA4GA1UdDwEB/wQEAwIFoDAdBgNV
HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwOwYDVR0fBDQwMjAwoC6gLIYqaHR0
cDovL2NybC5yMm0wMi5hbWF6b250cnVzdC5jb20vcjJtMDIuY3JsMHUGCCsGAQUF
BwEBBGkwZzAtBggrBgEFBQcwAYYhaHR0cDovL29jc3AucjJtMDIuYW1hem9udHJ1
c3QuY29tMDYGCCsGAQUFBzAChipodHRwOi8vY3J0LnIybTAyLmFtYXpvbnRydXN0
LmNvbS9yMm0wMi5jZXIwDAYDVR0TAQH/BAIwADCCAX0GCisGAQQB1nkCBAIEggFt
BIIBaQFnAHUATnWjJ1yaEMM4W2zU3z9S6x3w4I4bjWnAsfpksWKaOd8AAAGPGJim
/wAABAMARjBEAiBLbFAdb+SbsRUi831Ere/J5XLd0YZI58OPJDqVU53Z7wIgRo4T
bSux5IJTHN1eLSi5pjJJUEhUDAsAG98uTxcw7Y8AdgB9WR4S4XgqexxhZ3xe/fjQ
h1wUoE6VnrkDL9kOjC55uAAAAY8YmKb6AAAEAwBHMEUCIQCb/8rkJQgGoA4OLLnF
KURCu8rJpDwbexYI13/GfYhx0AIgAN4u0tx4vLMmC8Y3QY9ju589NRjA60Wcoqu/
ArkAjqwAdgDm0jFjQHeMwRBBBtdxuc7B0kD2loSG+7qHMh39HjeOUAAAAY8YmKcX
AAAEAwBHMEUCIQDR2ndS5QzO4YgI5HQL5jjK2GH8Nh7ljJeick2oD6kxjQIgUc4p
uzsvEZuIeSAUuFUHQ3wURlf9HL1RankCk9M41x8wDQYJKoZIhvcNAQELBQADggEB
AI+KN98tTR5M9JCkokTnX9bZtiD5CaL9C2FrYA3FvS3A3EoS4iRmEcmSyS6pM8ly
iZbBVO0pRYmTGLp23K3/9u83vb9bFCgGiEaXNjNTeWTiVMf50gs1FX3CZvNN94zQ
oLNE1jqDKrEd4f1Fn19BMpNQJBYMWCZgiv9pe477TOmcfQdp9DMCMPoY/ua1oZxg
5hwbr18ToUQ25p/R+sWhUSFVPweP50RDRqsO9Mr9WhGF0Hfsb+QXllnUyJ2Bh+t5
linj+hsYuAJ07QCKRpZ2npdJcYf1WjpiB7hyd7BdxYXCBvlRpqzIyhE9EO303jeQ
3GVoL1TwXPOadOi77Gx3TLk=
-----END CERTIFICATE-----

Public Key (PEM)

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwWit33QoZcPJmAS0VW2d
Bk7c9zO8hYS3za9BvvPlnFG4+XySSObnWQP9xLFwdOk3r07XjH0IlqVoY41AoSd/
mke/EEHAP0lfWPpCKEmieE/62CO13lg3YL4XiIil//lxKxLBw/GqADLXCRrytcys
6Dq9OSz4ughCfWXeVH6ns6L29KuHNCr5PnCMMbXjzK/S+B755plCeKlwWXiFH3YA
DofuWLmJfWG7TEAqMP1ScUzuKvm1vjAL35MlDeOMJ3gLSn/njDBCVRoSdEeKBZEw
H9WtmfsTQVA+SR3cXi4rQUw87Y0NLsCbQRXWThpj8lAH8VQQhbsub56rgCFAerIx
+wIDAQAB
-----END PUBLIC KEY-----

ASN.1 decoded

 [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . [c:0|t:2|false] INTEGER 2
 . . . . . . . . [c:0|t:2|false] INTEGER 17582387561275303669439015082607810771
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.6 (countryName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'US'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.10 (organizationName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon'
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'Amazon RSA 2048 M02'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2024-04-26 00:00:00 +0000 UTC
 . . . . . . . . . . . . [c:0|t:23|false] UTCTime 2025-05-26 23:59:59 +0000 UTC
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:17|true] SET, SET OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.4.3 (commonName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:19|false] PrintableString 'client-cf-secure-client-track4.mrpdns.com'
 . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.1 (rsaEncryption)
 . . . . . . . . . . . . . . . . [c:0|t:5|false] NULL 
 . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (2160 bits)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 24415612091349127505230129802607008589345996859626412374958236558996140356034688791817936974935735092588670576616785559205821706943025144224778412654912596433493240281194376261826902099153389134288680349483964706254643659170928897886714570159236481835218953781836645444706015089993659358267242606398780965765399184691736823409388628279156181488497358558098328723273557007238029148920494559226272811266128127109815246024115393527078031076075306057555049146861269798321282997386827160083126776172566343124772093996455095287872311270621136148112710801629847637370043794705921240484744471544034199439795477149056402338299
 . . . . . . . . . . . . . . . . . . . . [c:0|t:2|false] INTEGER 65537

 . . . . . . . . [c:2|t:3|true] ORAddress 
 . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.35 (authorityKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (24 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|false] OtherName c03152cd5a50c3827c7471cecbe99cf97aeb82e2
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.14 (subjectKeyIdentifier)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (20 bytes)
							92a824541ec41290248006b6e75a2b5132428784
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.17 (subjectAltName)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (777 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'client-cf-secure-client-track4.mrpdns.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'federatedautopartsraceway.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.34raceway.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'camdenspeedwaytn.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'arlingtonraceway.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.cottagegrovespeedway.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'harrisspeedway.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.quicksilverseries.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.flyinghdragstrip.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '141-speedway.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'cottagegrovespeedway.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'flyinghdragstrip.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.harrisspeedway.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.141-speedway.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'quicksilverseries.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '34raceway.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.acspeedway.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.idahofallsraceway.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.deercreekspeedway.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'worthingtonspeedway.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.camdenspeedwaytn.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.kingsofthunder.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'carstourwest.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.racesalinaspeedways.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'deercreekspeedway.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.worthingtonspeedway.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.carstourwest.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'acspeedway.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.arlingtonraceway.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'kingsofthunder.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'racesalinaspeedways.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String '*.federatedautopartsraceway.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:2|false] IA5String 'idahofallsraceway.com'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.32 (certificatePolicies)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (12 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.23.140.1.2.1 (Domain Validation Certificates Policy)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.15 (keyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (4 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:3|false] BIT STRING (3 bits)
							05a0
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.37 (extKeyUsage)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (22 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.1 (serverAuth)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.3.2 (clientAuth)
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.31 (cRLDistributionPoints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (52 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:0|true] OtherName 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crl.r2m02.amazontrust.com/r2m02.crl'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.1.1 (authorityInfoAccess)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (105 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.1 (ocsp)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://ocsp.r2m02.amazontrust.com'
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.5.5.7.48.2 (caIssuers)
 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . [c:2|t:6|false] IA5String 'http://crt.r2m02.amazontrust.com/r2m02.cer'
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 2.5.29.19 (basicConstraints)
 . . . . . . . . . . . . . . . . . . . . [c:0|t:1|false] BOOLEAN true
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (2 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . . . . . . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.3.6.1.4.1.11129.2.4.2
 . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (365 bytes)
 . . . . . . . . . . . . . . . . . . . . . . . . [c:0|t:4|false] OCTET STRING (361 bytes)
							01670075004e75a3275c9a10c3385b6cd4df3f52eb1df0e08e1b8d69c0b1fa64b1629a39df0000018f1898a6ff000004030046304402204b6c501d6fe49bb11522f37d44adefc9e572ddd18648e7c38f243a95539dd9ef0220468e136d2bb1e482531cdd5e2d28b9a632495048540c0b001bdf2e4f1730ed8f0076007d591e12e1782a7b1c61677c5efdf8d0875c14a04e959eb9032fd90e8c2e79b80000018f1898a6fa00000403004730450221009bffcae4250806a00e0e2cb9c5294442bbcac9a43c1b7b1608d77fc67d8871d0022000de2ed2dc78bcb3260bc637418f63bb9f3d3518c0eb459ca2abbf02b9008eac007600e6d2316340778cc1104106d771b9cec1d240f6968486fbba87321dfd1e378e500000018f1898a7170000040300473045022100d1da7752e50ccee18808e4740be638cad861fc361ee58c97a2724da80fa9318d022051ce29bb3b2f119b88792014b85507437c144657fd1cbd516a790293d338d71f
 . . . . [c:0|t:16|true] SEQUENCE, SEQUENCE OF 
 . . . . . . . . [c:0|t:6|false] OBJECT IDENTIFIER 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)
 . . . . . . . . [c:0|t:5|false] NULL 
 . . . . [c:0|t:3|false] BIT STRING (2048 bits)
		008f8a37df2d4d1e4cf490a4a244e75fd6d9b620f909a2fd0b616b600dc5bd2dc0dc4a12e2246611c992c92ea933c9728996c154ed2945899318ba76dcadfff6ef37bdbf5b1428068846973633537964e254c7f9d20b35157dc266f34df78cd0a0b344d63a832ab11de1fd459f5f4132935024160c5826608aff697b8efb4ce99c7d0769f4330230fa18fee6b5a19c60e61c1baf5f13a14436e69fd1fac5a15121553f078fe7444346ab0ef4cafd5a1185d077ec6fe4179659d4c89d8187eb799629e3fa1b18b80274ed008a4696769e97497187f55a3a6207b87277b05dc585c206f951a6acc8ca113d10edf4de3790dc65682f54f05cf39a74e8bbec6c774cb9