Amazon-ECDSA-256-M04.cer: CN=Amazon ECDSA 256 M04,O=Amazon,C=US (Intermediate Certificate, Expiring 2030-08-23) detail info and audit record
Page content
CA Certificate Information and Audit Record
This certificate is intermediate certificate used for the issuance of other certificates.
- Certificate Download URL: https://www.amazontrust.com/repository/Amazon-ECDSA-256-M04.cer (in DER format )
- Serial Number : 166129406838330039647042838584494779438481994
- SHA-1 Fingerprint : c3cd58443601721c4a838173fce8c11774de1a65
- SHA-1 Fingerprint : c3:cd:58:44:36:01:72:1c:4a:83:81:73:fc:e8:c1:17:74:de:1a:65
- SHA-256 Fingerprint : d241192cce57d438986723972dd6f18b5a3a3456a708e8f273d147223ab6fa5d
- SHA-256 Fingerprint : d2:41:19:2c:ce:57:d4:38:98:67:23:97:2d:d6:f1:8b:5a:3a:34:56:a7:08:e8:f2:73:d1:47:22:3a:b6:fa:5d
- Signature Hash Algorithm : sha256
- Subject
: CN=Amazon ECDSA 256 M04,O=Amazon,C=US
- Country Name: US (United States of America)
- Organization: Amazon
- Common Name: Amazon ECDSA 256 M04
- Not Valid Before: 2022-08-23 22:34:28
- Not Valid After: 2030-08-23 22:34:28
- Issuer (Parent Certificate):
- Issuer Name: CN=Amazon Root CA 3,O=Amazon,C=US
- Issuer Certificate URL: NA
- Audit Record:
- Revocation Status: Not Revoked
- Certificate Policy (CP) URL: https://www.digicert.com/content/dam/digicert/pdfs/legal/digicert-cp-v5-12-Final.pdf
- Certificate Practice Statement (CPS) URL: https://www.digicert.com/content/dam/digicert/pdfs/legal/digicert-cps-v5-12-Final.pdf
- Auditor: BDO International Limited
- Standard Audit URL: https://bugzilla.mozilla.org/attachment.cgi?id=9309728
- Standard Audit Period Start Date: 2021.10.01
- Standard Audit Period End Date: 2022.09.30
- Standard Audit Statement Date: 2022.12.22
- Standard Audit Type: WebTrust
- Full CRL Issued By This CA: http://crl.e2m04.amazontrust.com/e2m04.crl
- Check its issuer’s audit information: CN=Amazon Root CA 3,O=Amazon,C=US .
Download certificate through curl
:
curl -sSL "https://www.amazontrust.com/repository/Amazon-ECDSA-256-M04.cer" --output cert.crt
Download certificate through wget
:
wget -q "https://www.amazontrust.com/repository/Amazon-ECDSA-256-M04.cer" --output-document=cert.crt
CA Certificate Detail Information
Use openssl x509
to decode DER certificate to get detail information:
openssl x509 -in cert.crt -inform der -text -noout
Use openssl x509
to decode PEM certificate to get detail information:
openssl x509 -in cert.crt -inform pem -text -noout
Decoded detail certificate information:
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:73:12:72:b7:52:ac:8a:dc:cb:0a:30:27:f7:df:ec:18:42:4a
Signature Algorithm: ecdsa-with-SHA256
Issuer: C=US, O=Amazon, CN=Amazon Root CA 3
Validity
Not Before: Aug 23 22:34:28 2022 GMT
Not After : Aug 23 22:34:28 2030 GMT
Subject: C=US, O=Amazon, CN=Amazon ECDSA 256 M04
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
Public-Key: (256 bit)
pub:
04:83:8e:e0:bd:fc:a8:52:b7:a0:33:b4:a6:0d:e9:
e7:ae:28:6b:cd:d0:02:a9:87:33:b2:37:2e:cf:28:
b7:fe:56:07:b2:06:4d:07:3d:68:32:df:d9:76:d3:
36:c6:07:b0:49:a6:64:8e:6c:13:b8:e5:3f:7c:20:
8e:a9:e2:b1:b5
ASN1 OID: prime256v1
NIST CURVE: P-256
X509v3 extensions:
X509v3 Basic Constraints: critical
CA:TRUE, pathlen:0
X509v3 Key Usage: critical
Digital Signature, Certificate Sign, CRL Sign
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
X509v3 Subject Key Identifier:
20:76:A0:E1:59:26:ED:45:B4:02:72:19:C2:4D:AE:77:37:B4:1B:49
X509v3 Authority Key Identifier:
keyid:AB:B6:DB:D7:06:9E:37:AC:30:86:07:91:70:C7:9C:C4:19:B1:78:C0
Authority Information Access:
OCSP - URI:http://ocsp.rootca3.amazontrust.com
CA Issuers - URI:http://crt.rootca3.amazontrust.com/rootca3.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://crl.rootca3.amazontrust.com/rootca3.crl
X509v3 Certificate Policies:
Policy: 2.23.140.1.2.1
Signature Algorithm: ecdsa-with-SHA256
30:44:02:20:5c:57:06:32:e6:e5:b9:72:a5:6b:d3:0e:9e:4a:
3d:9d:99:7c:86:f9:2e:b5:28:c1:4d:a2:93:43:b6:91:1e:97:
02:20:26:e0:34:37:ac:02:b5:23:2d:12:a3:f2:2c:d5:61:61:
d3:be:b1:a3:5e:ca:8d:3b:a2:da:74:51:08:1e:c0:ad
CA Certificate in PEM Format
Use openssl x509
to convert certificate from DER
format to PEM
format:
openssl x509 -in cert.crt -inform der
Converted PEM
format certificate:
-----BEGIN CERTIFICATE-----
MIIC0jCCAnmgAwIBAgITB3MScrdSrIrcywowJ/ff7BhCSjAKBggqhkjOPQQDAjA5
MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6b24g
Um9vdCBDQSAzMB4XDTIyMDgyMzIyMzQyOFoXDTMwMDgyMzIyMzQyOFowPTELMAkG
A1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEdMBsGA1UEAxMUQW1hem9uIEVDRFNB
IDI1NiBNMDQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASDjuC9/KhSt6AztKYN
6eeuKGvN0AKphzOyNy7PKLf+VgeyBk0HPWgy39l20zbGB7BJpmSObBO45T98II6p
4rG1o4IBWjCCAVYwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYw
HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBQgdqDhWSbt
RbQCchnCTa53N7QbSTAfBgNVHSMEGDAWgBSrttvXBp43rDCGB5Fwx5zEGbF4wDB7
BggrBgEFBQcBAQRvMG0wLwYIKwYBBQUHMAGGI2h0dHA6Ly9vY3NwLnJvb3RjYTMu
YW1hem9udHJ1c3QuY29tMDoGCCsGAQUFBzAChi5odHRwOi8vY3J0LnJvb3RjYTMu
YW1hem9udHJ1c3QuY29tL3Jvb3RjYTMuY2VyMD8GA1UdHwQ4MDYwNKAyoDCGLmh0
dHA6Ly9jcmwucm9vdGNhMy5hbWF6b250cnVzdC5jb20vcm9vdGNhMy5jcmwwEwYD
VR0gBAwwCjAIBgZngQwBAgEwCgYIKoZIzj0EAwIDRwAwRAIgXFcGMubluXKla9MO
nko9nZl8hvkutSjBTaKTQ7aRHpcCICbgNDesArUjLRKj8izVYWHTvrGjXsqNO6La
dFEIHsCt
-----END CERTIFICATE-----
Also see Top 1 Millions Domains CA Certificate List
Related Certificates
- Amazon-ECDSA-256-M01.cer: CN=Amazon ECDSA 256 M01,O=Amazon,C=US (Expiring: 2030-08-23)
- Amazon-ECDSA-256-M02.cer: CN=Amazon ECDSA 256 M02,O=Amazon,C=US (Expiring: 2030-08-23)
- Amazon-ECDSA-256-M03.cer: CN=Amazon ECDSA 256 M03,O=Amazon,C=US (Expiring: 2030-08-23)
- Amazon-ECDSA-384-M01.cer: CN=Amazon ECDSA 384 M01,O=Amazon,C=US (Expiring: 2030-08-23)
- Amazon-ECDSA-384-M02.cer: CN=Amazon ECDSA 384 M02,O=Amazon,C=US (Expiring: 2030-08-23)
- Amazon-ECDSA-384-M03.cer: CN=Amazon ECDSA 384 M03,O=Amazon,C=US (Expiring: 2030-08-23)
- Amazon-ECDSA-384-M04.cer: CN=Amazon ECDSA 384 M04,O=Amazon,C=US (Expiring: 2030-08-23)
- Amazon-RSA-2048-M01.cer: CN=Amazon RSA 2048 M01,O=Amazon,C=US (Expiring: 2030-08-23)
- Amazon-RSA-2048-M02.cer: CN=Amazon RSA 2048 M02,O=Amazon,C=US (Expiring: 2030-08-23)
- Amazon-RSA-2048-M03.cer: CN=Amazon RSA 2048 M03,O=Amazon,C=US (Expiring: 2030-08-23)
- Amazon-RSA-2048-M04.cer: CN=Amazon RSA 2048 M04,O=Amazon,C=US (Expiring: 2030-08-23)
- Amazon-RSA-4096-M01.cer: CN=Amazon RSA 4096 M01,O=Amazon,C=US (Expiring: 2030-08-23)
- Amazon-RSA-4096-M02.cer: CN=Amazon RSA 4096 M02,O=Amazon,C=US (Expiring: 2030-08-23)
- Amazon-RSA-4096-M03.cer: CN=Amazon RSA 4096 M03,O=Amazon,C=US (Expiring: 2030-08-23)
- Amazon-RSA-4096-M04.cer: CN=Amazon RSA 4096 M04,O=Amazon,C=US (Expiring: 2030-08-23)
- rootca1.cer: CN=Amazon Root CA 1,O=Amazon,C=US (Expiring: 2037-12-31)
- AmazonRootCA1.cer: CN=Amazon Root CA 1,O=Amazon,C=US (Expiring: 2038-01-17)
- G2-RootCA1.cer: CN=Amazon Root CA 1,O=Amazon,C=US (Expiring: 2037-12-31)
- G2-RootCA1.orig.cer: CN=Amazon Root CA 1,O=Amazon,C=US (Expiring: 2037-12-31)
- AmazonRootCA2.cer: CN=Amazon Root CA 2,O=Amazon,C=US (Expiring: 2040-05-26)
- G2-RootCA2.cer: CN=Amazon Root CA 2,O=Amazon,C=US (Expiring: 2037-12-31)
- G2-RootCA2.orig.cer: CN=Amazon Root CA 2,O=Amazon,C=US (Expiring: 2037-12-31)
- AmazonRootCA3.cer: CN=Amazon Root CA 3,O=Amazon,C=US (Expiring: 2040-05-26)
- G2-RootCA3.cer: CN=Amazon Root CA 3,O=Amazon,C=US (Expiring: 2037-12-31)
- G2-RootCA3.orig.cer: CN=Amazon Root CA 3,O=Amazon,C=US (Expiring: 2037-12-31)
- AmazonRootCA4.cer: CN=Amazon Root CA 4,O=Amazon,C=US (Expiring: 2040-05-26)
- G2-RootCA4.cer: CN=Amazon Root CA 4,O=Amazon,C=US (Expiring: 2037-12-31)
- G2-RootCA4.orig.cer: CN=Amazon Root CA 4,O=Amazon,C=US (Expiring: 2037-12-31)
- G2-ServerCA0A.cer: CN=Amazon,OU=Server CA 0A,O=Amazon,C=US (Expiring: 2025-10-19)
- G2-ServerCA0A.orig.cer: CN=Amazon,OU=Server CA 0A,O=Amazon,C=US (Expiring: 2040-10-21)
- R1-ServerCA1A.cer: CN=Amazon,OU=Server CA 1A,O=Amazon,C=US (Expiring: 2025-10-19)
- R1-ServerCA1A.orig.cer: CN=Amazon,OU=Server CA 1A,O=Amazon,C=US (Expiring: 2040-10-21)
- sca1b.crt: CN=Amazon,OU=Server CA 1B,O=Amazon,C=US (Expiring: 2025-10-19)
- R1-ServerCA1B.cer: CN=Amazon,OU=Server CA 1B,O=Amazon,C=US (Expiring: 2025-10-19)
- R1-ServerCA1B.orig.cer: CN=Amazon,OU=Server CA 1B,O=Amazon,C=US (Expiring: 2040-10-21)
- R2-ServerCA2A.cer: CN=Amazon,OU=Server CA 2A,O=Amazon,C=US (Expiring: 2025-10-19)
- R2-ServerCA2A.orig.cer: CN=Amazon,OU=Server CA 2A,O=Amazon,C=US (Expiring: 2040-10-21)
- R3-ServerCA3A.cer: CN=Amazon,OU=Server CA 3A,O=Amazon,C=US (Expiring: 2025-10-19)
- R3-ServerCA3A.orig.cer: CN=Amazon,OU=Server CA 3A,O=Amazon,C=US (Expiring: 2040-10-21)
- R3-ServerCA3B.cer: CN=Amazon,OU=Server CA 3B,O=Amazon,C=US (Expiring: 2028-07-16)
- R4-ServerCA4A.cer: CN=Amazon,OU=Server CA 4A,O=Amazon,C=US (Expiring: 2025-10-19)
- R4-ServerCA4A.orig.cer: CN=Amazon,OU=Server CA 4A,O=Amazon,C=US (Expiring: 2040-10-21)
- rootg2.cer: CN=Starfield Services Root Certificate Authority - G2,O=Starfield Technologies, Inc.,L=Scottsdale,ST=Arizona,C=US (Expiring: 2034-06-28)
- SFC2CA-SFSRootCAG2.cer: CN=Starfield Services Root Certificate Authority - G2,O=Starfield Technologies, Inc.,L=Scottsdale,ST=Arizona,C=US (Expiring: 2034-06-28)
- SFC2CA-SFSRootCAG2.v2.cer: CN=Starfield Services Root Certificate Authority - G2,O=Starfield Technologies, Inc.,L=Scottsdale,ST=Arizona,C=US (Expiring: 2034-06-28)
- SFSRootCA-SFSRootCAG2.cer: CN=Starfield Services Root Certificate Authority - G2,O=Starfield Technologies, Inc.,L=Scottsdale,ST=Arizona,C=US (Expiring: 2031-05-30)
- SFSRootCAG2.cer: CN=Starfield Services Root Certificate Authority - G2,O=Starfield Technologies, Inc.,L=Scottsdale,ST=Arizona,C=US (Expiring: 2037-12-31)