Amazon-ECDSA-256-M02.cer: CN=Amazon ECDSA 256 M02,O=Amazon,C=US (Intermediate Certificate, Expiring 2030-08-23) detail info and audit record

Last Updated: 2023-05-06

Page content

CA Certificate Information and Audit Record

This certificate is intermediate certificate used for the issuance of other certificates.

Certificate Download URL: https://www.amazontrust.com/repository/Amazon-ECDSA-256-M02.cer (in DER format )
Serial Number : 166129400417736670689131007823872910340260973
SHA-1 Fingerprint : f5d3ae3c230238152df60d6a693d542ad8815011
SHA-1 Fingerprint : f5:d3:ae:3c:23:02:38:15:2d:f6:0d:6a:69:3d:54:2a:d8:81:50:11
SHA-256 Fingerprint : f9693255933b68159d168aa9a247da1dc66e23c0620338ef7149e48f83b1ae79
SHA-256 Fingerprint : f9:69:32:55:93:3b:68:15:9d:16:8a:a9:a2:47:da:1d:c6:6e:23:c0:62:03:38:ef:71:49:e4:8f:83:b1:ae:79
Signature Hash Algorithm : sha256
Subject : CN=Amazon ECDSA 256 M02,O=Amazon,C=US
- Country Name: US (United States of America)
- Organization: Amazon
- Common Name: Amazon ECDSA 256 M02
Not Valid Before: 2022-08-23 22:33:24
Not Valid After: 2030-08-23 22:33:24
Issuer (Parent Certificate):
- Issuer Name: CN=Amazon Root CA 3,O=Amazon,C=US
- Issuer Certificate URL: NA
Audit Record:
- Revocation Status: Not Revoked
- Certificate Policy (CP) URL: https://www.digicert.com/content/dam/digicert/pdfs/legal/digicert-cp-v5-12-Final.pdf
- Certificate Practice Statement (CPS) URL: https://www.digicert.com/content/dam/digicert/pdfs/legal/digicert-cps-v5-12-Final.pdf
- Auditor: BDO International Limited
- Standard Audit URL: https://bugzilla.mozilla.org/attachment.cgi?id=9309728
- Standard Audit Period Start Date: 2021.10.01
- Standard Audit Period End Date: 2022.09.30
- Standard Audit Statement Date: 2022.12.22
- Standard Audit Type: WebTrust
- Full CRL Issued By This CA: http://crl.e2m02.amazontrust.com/e2m02.crl
- Check its issuer’s audit information: CN=Amazon Root CA 3,O=Amazon,C=US .

Download certificate through curl:

curl -sSL "https://www.amazontrust.com/repository/Amazon-ECDSA-256-M02.cer" --output cert.crt

Download certificate through wget:

wget -q "https://www.amazontrust.com/repository/Amazon-ECDSA-256-M02.cer" --output-document=cert.crt

CA Certificate Detail Information

Use openssl x509 to decode DER certificate to get detail information:

openssl x509 -in cert.crt -inform der -text -noout

Use openssl x509 to decode PEM certificate to get detail information:

openssl x509 -in cert.crt -inform pem -text -noout

Decoded detail certificate information:

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            07:73:12:6d:e2:c2:fa:fd:2c:47:ad:88:b1:56:6e:01:82:04:6d
    Signature Algorithm: ecdsa-with-SHA256
        Issuer: C=US, O=Amazon, CN=Amazon Root CA 3
        Validity
            Not Before: Aug 23 22:33:24 2022 GMT
            Not After : Aug 23 22:33:24 2030 GMT
        Subject: C=US, O=Amazon, CN=Amazon ECDSA 256 M02
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (256 bit)
                pub: 
                    04:bd:bd:02:c3:e1:6f:ca:83:80:27:15:19:7c:c7:
                    f1:54:6c:ba:ad:77:92:02:62:35:22:8c:6b:32:b4:
                    5f:61:9a:06:ff:0f:29:3e:11:bb:78:73:0e:ab:02:
                    51:9b:6a:23:8b:6a:94:89:29:98:99:af:e5:10:76:
                    1d:c8:40:ea:fe
                ASN1 OID: prime256v1
                NIST CURVE: P-256
        X509v3 extensions:
            X509v3 Basic Constraints: critical
                CA:TRUE, pathlen:0
            X509v3 Key Usage: critical
                Digital Signature, Certificate Sign, CRL Sign
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Subject Key Identifier: 
                BB:78:9A:D7:68:33:32:9D:1A:BB:6C:FD:B1:34:4C:01:DE:CB:D0:75
            X509v3 Authority Key Identifier: 
                keyid:AB:B6:DB:D7:06:9E:37:AC:30:86:07:91:70:C7:9C:C4:19:B1:78:C0

            Authority Information Access: 
                OCSP - URI:http://ocsp.rootca3.amazontrust.com
                CA Issuers - URI:http://crt.rootca3.amazontrust.com/rootca3.cer

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:http://crl.rootca3.amazontrust.com/rootca3.crl

            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1

    Signature Algorithm: ecdsa-with-SHA256
         30:46:02:21:00:a4:98:11:c0:dc:a7:79:1c:3c:cc:e1:38:86:
         03:59:93:8b:bb:82:27:3e:87:78:7d:08:51:4e:67:36:cc:10:
         20:02:21:00:9b:07:46:13:80:2e:35:68:70:f4:df:11:12:17:
         fc:da:b2:4b:36:6e:e1:f4:cc:a0:4e:c4:7d:5a:ed:1b:41:85

CA Certificate in PEM Format

Use openssl x509 to convert certificate from DER format to PEM format:

openssl x509 -in cert.crt -inform der

Converted PEM format certificate:

Decode PEM Certificate online

Download PEM Certificate

Also see Top 1 Millions Domains CA Certificate List

CA Certificate Information and Audit Record

CA Certificate Detail Information

CA Certificate in PEM Format

Related Certificates