1[Created by: generate-chains.py]
2
3A certificate tree with two self-signed root certificates(oldroot, newroot),
4and a third root certificate (newrootrollover) which has the same key as newroot
5but is signed by oldroot, all with the same subject and issuer.
6There are two intermediates with the same key, subject and issuer
7(oldintermediate signed by oldroot, and newintermediate signed by newroot).
8The target certificate is signed by the intermediate key.
9
10
11In graphical form:
12
13   oldroot-------->newrootrollover  newroot
14      |                      |        |
15      v                      v        v
16oldintermediate           newintermediate
17      |                          |
18      +------------+-------------+
19                   |
20                   v
21                 target
22
23
24Several chains are output:
25  key-rollover-oldchain.pem:
26    target<-oldintermediate<-oldroot
27  key-rollover-rolloverchain.pem:
28    target<-newintermediate<-newrootrollover<-oldroot
29  key-rollover-longrolloverchain.pem:
30    target<-newintermediate<-newroot<-newrootrollover<-oldroot
31  key-rollover-newchain.pem:
32    target<-newintermediate<-newroot
33
34All of these chains should verify successfully.
35
36
37Certificate:
38    Data:
39        Version: 3 (0x2)
40        Serial Number:
41            60:cf:3c:af:c2:01:a7:ee:48:ed:83:9c:13:19:f0:c1:ff:af:13:68
42        Signature Algorithm: sha256WithRSAEncryption
43        Issuer: CN=Intermediate
44        Validity
45            Not Before: Jan  1 12:00:00 2015 GMT
46            Not After : Jan  1 12:00:00 2016 GMT
47        Subject: CN=Target
48        Subject Public Key Info:
49            Public Key Algorithm: rsaEncryption
50                RSA Public-Key: (2048 bit)
51                Modulus:
52                    00:ef:77:94:e8:68:c5:7e:1d:9b:ae:10:cd:d5:bb:
53                    96:27:0c:05:17:f4:ec:bc:da:7d:28:e5:b7:e5:8f:
54                    da:d8:ae:7a:2a:d2:e3:15:9b:12:62:79:02:61:3d:
55                    3f:8b:64:4e:fb:7d:e1:59:bd:2f:83:ad:d3:b8:e5:
56                    45:33:c4:13:5f:79:ef:8a:3e:c0:39:20:81:e2:98:
57                    b9:e6:c9:60:b6:8e:b4:bf:b4:2b:55:ae:b1:7c:21:
58                    d3:fe:ec:f0:56:31:fe:0a:19:c4:2c:54:a4:97:aa:
59                    84:a2:83:f8:5a:9a:f3:11:b8:ad:3b:14:3a:68:5a:
60                    72:24:49:6f:6f:5a:02:39:91:07:09:cb:18:57:13:
61                    1e:a4:54:03:31:5c:b6:e9:7d:78:2d:e8:ba:2f:70:
62                    17:0a:03:11:aa:90:c7:5e:f0:1b:7f:56:39:f5:e0:
63                    1f:1e:33:8d:23:30:e6:7a:ba:5e:ca:46:33:13:04:
64                    5c:65:b0:be:53:7f:ab:a7:9f:8d:fb:bd:46:e5:87:
65                    44:31:55:e5:9f:97:7e:a3:ec:69:a8:d7:8b:47:ae:
66                    48:ae:74:50:5e:57:55:31:ca:36:ec:43:a1:dd:61:
67                    b2:18:12:6a:29:0b:63:24:d5:71:4d:da:e7:0f:0d:
68                    e3:2c:aa:76:6b:f9:2c:93:c2:fa:f9:40:2c:1b:34:
69                    65:53
70                Exponent: 65537 (0x10001)
71        X509v3 extensions:
72            X509v3 Subject Key Identifier:
73                FA:2D:AF:E0:5F:8E:8E:18:7A:FB:AF:FE:D9:C9:A3:62:AA:B8:2A:18
74            X509v3 Authority Key Identifier:
75                keyid:CC:72:60:F0:8D:8C:CB:A9:6C:FF:09:57:F3:6A:FE:29:46:24:26:5B
76
77            Authority Information Access:
78                CA Issuers - URI:http://url-for-aia/Intermediate.cer
79
80            X509v3 CRL Distribution Points:
81
82                Full Name:
83                  URI:http://url-for-crl/Intermediate.crl
84
85            X509v3 Key Usage: critical
86                Digital Signature, Key Encipherment
87            X509v3 Extended Key Usage:
88                TLS Web Server Authentication, TLS Web Client Authentication
89    Signature Algorithm: sha256WithRSAEncryption
90         01:db:ae:1e:db:9c:37:2a:1c:f6:44:c8:55:cb:39:9d:88:f5:
91         72:27:94:80:ec:51:ce:86:c3:64:b9:7f:f6:c2:83:38:9c:66:
92         27:44:94:31:28:bc:ed:37:dc:bd:7c:84:d5:c6:44:74:ef:81:
93         54:01:78:55:d0:59:60:99:bc:ab:bb:6a:45:0b:50:f9:de:d4:
94         3e:ce:ed:1a:26:8f:8b:6c:2d:3a:b2:e8:4b:17:c4:b8:d6:41:
95         4e:fa:8c:af:70:44:6f:30:71:f5:92:62:7e:db:19:f2:67:18:
96         e9:17:a6:98:b7:9e:7e:df:69:0c:d9:ad:65:b8:0b:5c:1d:c0:
97         a9:4c:e4:1b:2c:56:57:36:3b:8f:50:26:a6:7e:95:4b:06:d6:
98         67:1d:0e:b4:58:a7:c1:c2:37:ca:87:3a:86:e7:07:df:3c:55:
99         13:18:e8:5b:8d:08:d2:30:04:1b:de:3f:f3:eb:21:6f:99:e2:
100         5c:52:6f:37:1f:d9:93:45:e5:81:9d:4b:db:0c:6f:55:fd:e4:
101         6d:98:ac:88:7b:1a:48:b8:e8:24:ed:a6:cf:e9:f6:e2:a9:71:
102         60:cd:d7:90:0e:c3:92:b3:57:ec:da:2f:48:84:47:c8:91:c4:
103         50:1e:f0:c4:91:99:8b:4f:f1:35:65:c1:ab:a2:4a:12:1b:cf:
104         bd:68:1c:bf
105-----BEGIN CERTIFICATE-----
106MIIDoDCCAoigAwIBAgIUYM88r8IBp+5I7YOcExnwwf+vE2gwDQYJKoZIhvcNAQEL
107BQAwFzEVMBMGA1UEAwwMSW50ZXJtZWRpYXRlMB4XDTE1MDEwMTEyMDAwMFoXDTE2
108MDEwMTEyMDAwMFowETEPMA0GA1UEAwwGVGFyZ2V0MIIBIjANBgkqhkiG9w0BAQEF
109AAOCAQ8AMIIBCgKCAQEA73eU6GjFfh2brhDN1buWJwwFF/TsvNp9KOW35Y/a2K56
110KtLjFZsSYnkCYT0/i2RO+33hWb0vg63TuOVFM8QTX3nvij7AOSCB4pi55slgto60
111v7QrVa6xfCHT/uzwVjH+ChnELFSkl6qEooP4WprzEbitOxQ6aFpyJElvb1oCOZEH
112CcsYVxMepFQDMVy26X14Lei6L3AXCgMRqpDHXvAbf1Y59eAfHjONIzDmerpeykYz
113EwRcZbC+U3+rp5+N+71G5YdEMVXln5d+o+xpqNeLR65IrnRQXldVMco27EOh3WGy
114GBJqKQtjJNVxTdrnDw3jLKp2a/ksk8L6+UAsGzRlUwIDAQABo4HpMIHmMB0GA1Ud
115DgQWBBT6La/gX46OGHr7r/7ZyaNiqrgqGDAfBgNVHSMEGDAWgBTMcmDwjYzLqWz/
116CVfzav4pRiQmWzA/BggrBgEFBQcBAQQzMDEwLwYIKwYBBQUHMAKGI2h0dHA6Ly91
117cmwtZm9yLWFpYS9JbnRlcm1lZGlhdGUuY2VyMDQGA1UdHwQtMCswKaAnoCWGI2h0
118dHA6Ly91cmwtZm9yLWNybC9JbnRlcm1lZGlhdGUuY3JsMA4GA1UdDwEB/wQEAwIF
119oDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQAD
120ggEBAAHbrh7bnDcqHPZEyFXLOZ2I9XInlIDsUc6Gw2S5f/bCgzicZidElDEovO03
1213L18hNXGRHTvgVQBeFXQWWCZvKu7akULUPne1D7O7Romj4tsLTqy6EsXxLjWQU76
122jK9wRG8wcfWSYn7bGfJnGOkXppi3nn7faQzZrWW4C1wdwKlM5BssVlc2O49QJqZ+
123lUsG1mcdDrRYp8HCN8qHOobnB988VRMY6FuNCNIwBBveP/PrIW+Z4lxSbzcf2ZNF
1245YGdS9sMb1X95G2YrIh7Gki46CTtps/p9uKpcWDN15AOw5KzV+zaL0iER8iRxFAe
1258MSRmYtP8TVlwauiShIbz71oHL8=
126-----END CERTIFICATE-----
127
128Certificate:
129    Data:
130        Version: 3 (0x2)
131        Serial Number:
132            52:7c:19:50:39:c6:38:0e:14:9f:b2:17:b8:81:f7:cf:f8:66:d1:95
133        Signature Algorithm: sha256WithRSAEncryption
134        Issuer: CN=Root
135        Validity
136            Not Before: Jan  2 12:00:00 2015 GMT
137            Not After : Jan  1 12:00:00 2016 GMT
138        Subject: CN=Intermediate
139        Subject Public Key Info:
140            Public Key Algorithm: rsaEncryption
141                RSA Public-Key: (2048 bit)
142                Modulus:
143                    00:9d:2b:d3:86:6e:f6:af:a0:b2:08:23:93:2a:c0:
144                    1c:02:49:c6:ef:a9:64:39:4e:80:6a:36:56:e5:a5:
145                    93:0e:45:12:ad:05:41:9a:5d:cc:ed:af:2e:7b:b6:
146                    cf:bd:14:79:8f:a5:59:16:02:fe:23:5c:2b:e4:90:
147                    d2:67:7c:bb:74:cb:37:20:40:c4:62:fa:e0:23:f1:
148                    a4:89:70:fe:54:ea:ea:3b:d7:1a:7a:9b:0d:a1:74:
149                    44:89:c9:58:3d:d6:99:42:6b:e5:da:f5:f1:0c:33:
150                    26:11:e1:d4:2b:33:d7:2e:be:b9:42:5d:e7:b2:ce:
151                    52:37:51:30:17:80:a7:77:e0:ca:55:ac:42:12:23:
152                    17:d6:42:5a:6d:55:1f:f8:f1:13:7b:73:7d:b6:ff:
153                    b7:67:72:d8:55:af:8e:60:71:cd:b8:a4:72:9f:84:
154                    d8:6f:a6:62:1a:0f:79:de:3e:27:a5:08:bc:90:20:
155                    f6:a3:b2:64:21:92:3e:1c:8c:35:f5:38:16:96:18:
156                    f1:5c:de:fd:89:b6:4d:ca:00:0a:59:91:84:9a:28:
157                    ea:1c:8f:0d:14:aa:4b:e5:56:66:9e:40:36:35:ff:
158                    dc:72:f3:ea:e3:7f:b4:73:64:66:ff:81:16:b9:93:
159                    8e:61:30:7f:15:2e:1d:6c:23:90:76:56:b2:60:11:
160                    91:19
161                Exponent: 65537 (0x10001)
162        X509v3 extensions:
163            X509v3 Subject Key Identifier:
164                CC:72:60:F0:8D:8C:CB:A9:6C:FF:09:57:F3:6A:FE:29:46:24:26:5B
165            X509v3 Authority Key Identifier:
166                keyid:01:6B:49:1F:21:8F:80:DD:D4:97:C0:A8:BB:2A:7E:DC:F3:DA:FD:E1
167
168            Authority Information Access:
169                CA Issuers - URI:http://url-for-aia/Root.cer
170
171            X509v3 CRL Distribution Points:
172
173                Full Name:
174                  URI:http://url-for-crl/Root.crl
175
176            X509v3 Key Usage: critical
177                Certificate Sign, CRL Sign
178            X509v3 Basic Constraints: critical
179                CA:TRUE
180    Signature Algorithm: sha256WithRSAEncryption
181         58:20:51:07:c1:79:72:0f:8d:3b:34:8d:af:79:8a:f4:65:dd:
182         f6:62:8c:28:b1:e3:91:7a:c1:e0:75:11:6e:f4:cf:90:04:39:
183         8f:08:19:c9:d5:3b:61:4a:30:5c:f1:dd:93:1d:b0:05:d0:2b:
184         f4:a0:ce:4a:8d:10:f9:ce:47:92:a1:84:8a:5d:42:62:e4:81:
185         4d:8d:2a:49:cf:41:b7:1f:b8:ef:62:68:80:64:52:b5:b4:e8:
186         9c:33:10:85:f6:2d:18:0c:a1:cd:a7:6d:2a:b6:73:a8:3d:4c:
187         64:c3:3a:33:11:8b:6b:0c:68:86:ab:28:c8:e2:21:a0:26:78:
188         ed:15:f6:14:3c:d0:19:ea:d2:88:3b:ed:de:c8:99:4b:74:ff:
189         aa:d3:80:1b:5d:f0:f4:08:33:28:33:e9:0a:e8:07:0c:c4:ab:
190         f6:8c:3d:08:5a:4b:91:84:45:56:85:a0:92:59:e8:b4:e8:c6:
191         92:0d:db:1a:fe:dc:4f:ac:b6:5c:7e:6f:e5:56:14:85:f4:74:
192         33:f8:1e:eb:33:d0:0b:74:a6:ef:4e:3b:e7:77:c4:92:26:4e:
193         5d:e2:cd:6e:dc:f7:25:ee:92:b9:b0:48:5d:46:e5:a9:50:a8:
194         bb:68:57:cb:f8:7f:07:f7:b2:54:97:f9:6e:54:1c:53:09:ce:
195         c0:6b:f1:f1
196-----BEGIN CERTIFICATE-----
197MIIDgDCCAmigAwIBAgIUUnwZUDnGOA4Un7IXuIH3z/hm0ZUwDQYJKoZIhvcNAQEL
198BQAwDzENMAsGA1UEAwwEUm9vdDAeFw0xNTAxMDIxMjAwMDBaFw0xNjAxMDExMjAw
199MDBaMBcxFTATBgNVBAMMDEludGVybWVkaWF0ZTCCASIwDQYJKoZIhvcNAQEBBQAD
200ggEPADCCAQoCggEBAJ0r04Zu9q+gsggjkyrAHAJJxu+pZDlOgGo2VuWlkw5FEq0F
201QZpdzO2vLnu2z70UeY+lWRYC/iNcK+SQ0md8u3TLNyBAxGL64CPxpIlw/lTq6jvX
202GnqbDaF0RInJWD3WmUJr5dr18QwzJhHh1Csz1y6+uUJd57LOUjdRMBeAp3fgylWs
203QhIjF9ZCWm1VH/jxE3tzfbb/t2dy2FWvjmBxzbikcp+E2G+mYhoPed4+J6UIvJAg
2049qOyZCGSPhyMNfU4FpYY8Vze/Ym2TcoAClmRhJoo6hyPDRSqS+VWZp5ANjX/3HLz
2056uN/tHNkZv+BFrmTjmEwfxUuHWwjkHZWsmARkRkCAwEAAaOByzCByDAdBgNVHQ4E
206FgQUzHJg8I2My6ls/wlX82r+KUYkJlswHwYDVR0jBBgwFoAUAWtJHyGPgN3Ul8Co
207uyp+3PPa/eEwNwYIKwYBBQUHAQEEKzApMCcGCCsGAQUFBzAChhtodHRwOi8vdXJs
208LWZvci1haWEvUm9vdC5jZXIwLAYDVR0fBCUwIzAhoB+gHYYbaHR0cDovL3VybC1m
209b3ItY3JsL1Jvb3QuY3JsMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/
210MA0GCSqGSIb3DQEBCwUAA4IBAQBYIFEHwXlyD407NI2veYr0Zd32YowoseOResHg
211dRFu9M+QBDmPCBnJ1TthSjBc8d2THbAF0Cv0oM5KjRD5zkeSoYSKXUJi5IFNjSpJ
212z0G3H7jvYmiAZFK1tOicMxCF9i0YDKHNp20qtnOoPUxkwzozEYtrDGiGqyjI4iGg
213JnjtFfYUPNAZ6tKIO+3eyJlLdP+q04AbXfD0CDMoM+kK6AcMxKv2jD0IWkuRhEVW
214haCSWei06MaSDdsa/txPrLZcfm/lVhSF9HQz+B7rM9ALdKbvTjvnd8SSJk5d4s1u
2153Pcl7pK5sEhdRuWpUKi7aFfL+H8H97JUl/luVBxTCc7Aa/Hx
216-----END CERTIFICATE-----
217
218Certificate:
219    Data:
220        Version: 3 (0x2)
221        Serial Number:
222            52:7c:19:50:39:c6:38:0e:14:9f:b2:17:b8:81:f7:cf:f8:66:d1:96
223        Signature Algorithm: sha256WithRSAEncryption
224        Issuer: CN=Root
225        Validity
226            Not Before: Jan  2 12:00:00 2015 GMT
227            Not After : Jan  1 12:00:00 2016 GMT
228        Subject: CN=Root
229        Subject Public Key Info:
230            Public Key Algorithm: rsaEncryption
231                RSA Public-Key: (2048 bit)
232                Modulus:
233                    00:c7:04:19:c8:b2:fc:28:77:e5:99:8e:f0:05:8b:
234                    0d:5b:e5:38:f1:8e:d1:07:d2:f6:d8:6b:bd:c8:c3:
235                    2c:f3:05:e9:1f:4c:b6:c1:39:d4:0f:03:2f:62:ba:
236                    e7:c4:7e:9c:7c:1c:be:df:6b:f2:34:b2:45:ec:b9:
237                    76:a5:3a:25:1c:a1:b7:78:76:0c:e8:3d:76:d1:46:
238                    bd:20:e1:ef:1c:80:22:12:b5:8a:de:78:4f:ed:05:
239                    25:5d:b4:83:4c:9e:b2:ee:64:b5:df:d9:d1:b7:5f:
240                    3c:e9:8a:e1:e1:49:bd:d6:7c:fe:4a:38:f1:94:9a:
241                    b5:cc:cf:85:aa:bd:bb:2d:93:b9:a9:2b:c1:f9:82:
242                    c0:ba:68:a5:90:4f:e1:d4:30:6f:99:c4:d9:6c:e8:
243                    6a:0c:71:a8:ff:c4:7f:b5:9a:e6:07:a0:ed:f4:3c:
244                    3a:4b:a3:88:b1:41:cf:f1:b8:ea:f8:b7:43:b0:9f:
245                    88:05:eb:cd:ab:27:f5:ed:62:55:05:3d:62:59:b4:
246                    1c:07:ca:c4:49:3d:07:80:93:13:ff:0f:31:4f:34:
247                    41:9e:5b:a9:0a:79:fa:13:91:da:7c:35:c4:7b:56:
248                    9c:a1:89:05:7d:6e:12:e5:e4:83:be:9a:5e:14:cd:
249                    fc:27:58:ae:f5:26:83:36:a4:04:61:a7:4a:01:2f:
250                    1a:4f
251                Exponent: 65537 (0x10001)
252        X509v3 extensions:
253            X509v3 Subject Key Identifier:
254                01:6B:49:1F:21:8F:80:DD:D4:97:C0:A8:BB:2A:7E:DC:F3:DA:FD:E1
255            X509v3 Authority Key Identifier:
256                keyid:D2:45:64:68:86:8E:07:F2:AF:BF:0B:F3:DD:7F:61:1D:4B:6B:4A:CD
257
258            Authority Information Access:
259                CA Issuers - URI:http://url-for-aia/Root.cer
260
261            X509v3 CRL Distribution Points:
262
263                Full Name:
264                  URI:http://url-for-crl/Root.crl
265
266            X509v3 Key Usage: critical
267                Certificate Sign, CRL Sign
268            X509v3 Basic Constraints: critical
269                CA:TRUE
270    Signature Algorithm: sha256WithRSAEncryption
271         92:e9:36:26:51:cb:1d:31:0c:a0:5e:86:32:26:b1:0a:2f:2a:
272         e7:a5:65:0d:6e:56:e2:6d:1e:41:52:23:03:38:63:72:20:10:
273         b8:0f:42:28:9a:53:6e:ea:3c:88:a4:b6:89:67:50:34:2b:84:
274         15:a3:ee:e2:a6:88:74:80:c0:8d:f0:af:84:10:94:2f:50:6f:
275         b8:7f:55:a6:a2:18:d5:0e:98:1d:2e:62:29:15:eb:07:eb:01:
276         a8:33:f2:11:08:d3:b1:09:2a:2a:05:81:ec:7c:29:10:bd:6f:
277         07:55:05:77:21:e1:84:25:b3:65:b2:be:e6:db:7b:3f:e2:46:
278         a6:03:75:07:d0:ec:b4:00:e8:46:bf:16:2d:b0:87:0e:06:84:
279         7c:54:3b:a1:8c:0e:fa:d3:d1:d2:5d:40:c1:24:b9:00:31:b7:
280         bc:9a:3a:e9:68:5a:bc:20:7e:5a:5e:8b:a7:28:e2:a6:5c:9b:
281         ff:0f:c6:ae:39:04:1d:73:77:8f:e3:28:03:7e:c5:92:50:9a:
282         dc:15:67:b6:42:be:7f:b1:a6:5f:25:3c:61:6c:68:a0:b5:d0:
283         d9:d5:bd:45:29:06:bc:ab:ee:16:6f:63:55:6b:eb:d1:9c:a5:
284         a7:47:70:4b:43:3a:2a:b2:a1:b5:3a:a2:fe:57:78:db:16:66:
285         9f:4c:3e:55
286-----BEGIN CERTIFICATE-----
287MIIDeDCCAmCgAwIBAgIUUnwZUDnGOA4Un7IXuIH3z/hm0ZYwDQYJKoZIhvcNAQEL
288BQAwDzENMAsGA1UEAwwEUm9vdDAeFw0xNTAxMDIxMjAwMDBaFw0xNjAxMDExMjAw
289MDBaMA8xDTALBgNVBAMMBFJvb3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
290AoIBAQDHBBnIsvwod+WZjvAFiw1b5TjxjtEH0vbYa73IwyzzBekfTLbBOdQPAy9i
291uufEfpx8HL7fa/I0skXsuXalOiUcobd4dgzoPXbRRr0g4e8cgCIStYreeE/tBSVd
292tINMnrLuZLXf2dG3XzzpiuHhSb3WfP5KOPGUmrXMz4Wqvbstk7mpK8H5gsC6aKWQ
293T+HUMG+ZxNls6GoMcaj/xH+1muYHoO30PDpLo4ixQc/xuOr4t0Own4gF682rJ/Xt
294YlUFPWJZtBwHysRJPQeAkxP/DzFPNEGeW6kKefoTkdp8NcR7VpyhiQV9bhLl5IO+
295ml4UzfwnWK71JoM2pARhp0oBLxpPAgMBAAGjgcswgcgwHQYDVR0OBBYEFAFrSR8h
296j4Dd1JfAqLsqftzz2v3hMB8GA1UdIwQYMBaAFNJFZGiGjgfyr78L891/YR1La0rN
297MDcGCCsGAQUFBwEBBCswKTAnBggrBgEFBQcwAoYbaHR0cDovL3VybC1mb3ItYWlh
298L1Jvb3QuY2VyMCwGA1UdHwQlMCMwIaAfoB2GG2h0dHA6Ly91cmwtZm9yLWNybC9S
299b290LmNybDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG
3009w0BAQsFAAOCAQEAkuk2JlHLHTEMoF6GMiaxCi8q56VlDW5W4m0eQVIjAzhjciAQ
301uA9CKJpTbuo8iKS2iWdQNCuEFaPu4qaIdIDAjfCvhBCUL1BvuH9VpqIY1Q6YHS5i
302KRXrB+sBqDPyEQjTsQkqKgWB7HwpEL1vB1UFdyHhhCWzZbK+5tt7P+JGpgN1B9Ds
303tADoRr8WLbCHDgaEfFQ7oYwO+tPR0l1AwSS5ADG3vJo66WhavCB+Wl6Lpyjiplyb
304/w/GrjkEHXN3j+MoA37FklCa3BVntkK+f7GmXyU8YWxooLXQ2dW9RSkGvKvuFm9j
305VWvr0Zylp0dwS0M6KrKhtTqi/ld42xZmn0w+VQ==
306-----END CERTIFICATE-----
307
308Certificate:
309    Data:
310        Version: 3 (0x2)
311        Serial Number:
312            52:7c:19:50:39:c6:38:0e:14:9f:b2:17:b8:81:f7:cf:f8:66:d1:92
313        Signature Algorithm: sha256WithRSAEncryption
314        Issuer: CN=Root
315        Validity
316            Not Before: Jan  1 12:00:00 2015 GMT
317            Not After : Jan  1 12:00:00 2016 GMT
318        Subject: CN=Root
319        Subject Public Key Info:
320            Public Key Algorithm: rsaEncryption
321                RSA Public-Key: (2048 bit)
322                Modulus:
323                    00:ef:5f:3f:57:00:ad:2d:82:81:56:19:c0:da:98:
324                    72:8b:7f:4b:4f:37:f2:d9:0e:b3:3c:7b:73:d3:8a:
325                    ad:5a:94:9c:37:0b:bc:68:4b:40:ac:a9:d1:1f:1b:
326                    35:6a:74:50:6b:91:c2:30:e5:a6:88:87:90:f4:dc:
327                    8d:09:49:6a:3e:f0:fe:cf:bb:b3:3b:33:c1:2a:2e:
328                    b9:fb:9b:6a:db:2a:a6:9f:87:46:6a:b0:7d:87:c6:
329                    63:27:cd:58:e7:55:7d:c5:6c:d8:ac:c7:10:fb:6e:
330                    68:40:9d:69:bf:8f:a0:9c:36:d8:7a:dc:fb:14:48:
331                    f4:96:5d:c2:0e:8f:e9:2f:1d:08:13:04:a0:1d:03:
332                    78:b8:a6:97:15:13:0f:91:4e:9e:18:00:96:9f:94:
333                    e6:ad:02:2e:c7:60:c8:ed:50:54:02:2e:b2:6b:6e:
334                    d5:78:7f:7a:74:20:20:f6:9c:fa:98:17:b3:8f:fd:
335                    92:01:3d:ff:e6:56:fa:45:28:41:b1:3c:ba:4a:ef:
336                    bc:ff:4c:1e:d3:96:bc:5d:a6:06:7d:27:d8:66:13:
337                    e0:40:74:83:8c:f4:89:c9:8d:8a:13:b7:98:88:32:
338                    6c:51:6c:15:92:1c:1b:e7:f7:08:a6:35:81:b4:24:
339                    be:45:10:1f:ff:c9:e4:4d:35:b7:4d:3c:ae:54:d2:
340                    ee:6f
341                Exponent: 65537 (0x10001)
342        X509v3 extensions:
343            X509v3 Subject Key Identifier:
344                D2:45:64:68:86:8E:07:F2:AF:BF:0B:F3:DD:7F:61:1D:4B:6B:4A:CD
345            X509v3 Authority Key Identifier:
346                keyid:D2:45:64:68:86:8E:07:F2:AF:BF:0B:F3:DD:7F:61:1D:4B:6B:4A:CD
347
348            Authority Information Access:
349                CA Issuers - URI:http://url-for-aia/Root.cer
350
351            X509v3 CRL Distribution Points:
352
353                Full Name:
354                  URI:http://url-for-crl/Root.crl
355
356            X509v3 Key Usage: critical
357                Certificate Sign, CRL Sign
358            X509v3 Basic Constraints: critical
359                CA:TRUE
360    Signature Algorithm: sha256WithRSAEncryption
361         c3:93:57:64:ef:a6:14:46:fd:70:31:57:e2:2d:d1:84:90:c6:
362         24:77:6a:9d:e4:a7:39:fc:ae:f6:22:f8:ae:04:d9:8b:9c:e7:
363         c1:52:b4:1a:39:85:62:30:25:49:40:86:87:48:5f:fb:f8:4e:
364         19:fe:68:1f:07:17:e2:a7:09:86:f1:49:58:6e:3e:04:49:01:
365         87:2a:92:c1:38:45:4a:fa:e9:36:f5:30:77:01:2a:03:2b:ae:
366         9c:bd:bc:a4:61:43:4c:a4:90:97:f6:d8:40:8b:20:c2:7e:cf:
367         ed:83:08:b8:c5:68:4f:a4:69:83:16:c5:b5:e5:9a:a3:4d:f2:
368         4f:f4:51:3a:19:3f:8b:83:3e:04:c3:bf:7a:bf:cf:37:86:0f:
369         a1:79:a7:bf:c9:9c:7b:52:b9:84:ca:97:51:89:f2:25:bd:15:
370         4f:61:d5:bd:f0:86:e9:14:b3:77:92:11:d5:b9:7a:58:6c:b3:
371         96:16:9b:ac:db:e1:97:f7:5e:f9:58:e7:b3:4b:35:05:e6:aa:
372         a4:ca:a5:1a:48:b0:28:84:81:7f:32:07:39:cd:31:32:b5:c8:
373         da:0c:07:c2:1a:01:26:41:76:26:68:36:50:2c:34:5c:3f:b7:
374         05:4a:50:d3:37:ec:8c:d1:84:3c:25:f0:d9:ef:5e:0d:b9:b1:
375         f9:d9:d6:3a
376-----BEGIN CERTIFICATE-----
377MIIDeDCCAmCgAwIBAgIUUnwZUDnGOA4Un7IXuIH3z/hm0ZIwDQYJKoZIhvcNAQEL
378BQAwDzENMAsGA1UEAwwEUm9vdDAeFw0xNTAxMDExMjAwMDBaFw0xNjAxMDExMjAw
379MDBaMA8xDTALBgNVBAMMBFJvb3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
380AoIBAQDvXz9XAK0tgoFWGcDamHKLf0tPN/LZDrM8e3PTiq1alJw3C7xoS0CsqdEf
381GzVqdFBrkcIw5aaIh5D03I0JSWo+8P7Pu7M7M8EqLrn7m2rbKqafh0ZqsH2HxmMn
382zVjnVX3FbNisxxD7bmhAnWm/j6CcNth63PsUSPSWXcIOj+kvHQgTBKAdA3i4ppcV
383Ew+RTp4YAJaflOatAi7HYMjtUFQCLrJrbtV4f3p0ICD2nPqYF7OP/ZIBPf/mVvpF
384KEGxPLpK77z/TB7TlrxdpgZ9J9hmE+BAdIOM9InJjYoTt5iIMmxRbBWSHBvn9wim
385NYG0JL5FEB//yeRNNbdNPK5U0u5vAgMBAAGjgcswgcgwHQYDVR0OBBYEFNJFZGiG
386jgfyr78L891/YR1La0rNMB8GA1UdIwQYMBaAFNJFZGiGjgfyr78L891/YR1La0rN
387MDcGCCsGAQUFBwEBBCswKTAnBggrBgEFBQcwAoYbaHR0cDovL3VybC1mb3ItYWlh
388L1Jvb3QuY2VyMCwGA1UdHwQlMCMwIaAfoB2GG2h0dHA6Ly91cmwtZm9yLWNybC9S
389b290LmNybDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG
3909w0BAQsFAAOCAQEAw5NXZO+mFEb9cDFX4i3RhJDGJHdqneSnOfyu9iL4rgTZi5zn
391wVK0GjmFYjAlSUCGh0hf+/hOGf5oHwcX4qcJhvFJWG4+BEkBhyqSwThFSvrpNvUw
392dwEqAyuunL28pGFDTKSQl/bYQIsgwn7P7YMIuMVoT6RpgxbFteWao03yT/RROhk/
393i4M+BMO/er/PN4YPoXmnv8mce1K5hMqXUYnyJb0VT2HVvfCG6RSzd5IR1bl6WGyz
394lhabrNvhl/de+Vjns0s1BeaqpMqlGkiwKISBfzIHOc0xMrXI2gwHwhoBJkF2Jmg2
395UCw0XD+3BUpQ0zfsjNGEPCXw2e9eDbmx+dnWOg==
396-----END CERTIFICATE-----
397