Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug] - Root CA list contains expired certificates #471

Closed
TheRealBro opened this issue Sep 28, 2023 · 8 comments
Closed

[Bug] - Root CA list contains expired certificates #471

TheRealBro opened this issue Sep 28, 2023 · 8 comments

Comments

@TheRealBro
Copy link

Describe the bug
Amazon Linux 2023 according to your webpage your new distro is sourced from multiple upstreams

this might have lead to the following merging bug.

The file located in

/etc/pki/ca-trust/extracted/openssl/ca-bundle.trust.crt

contains several outdated CA certificates, which blowup the file size and might end up in possible errors due to the big file size and expiration date of the certificates.

See attached files with list of ca-bundle.trust.crt of AmazonLinux 2023 and AmazonLinux 2

To Reproduce

  1. Export certs from file ca-bundle.trust.crt in AmazonLinux 2023 and AmazonLinux 2 container
  2. Check for date of expiration of these files with openssl x509 -subject -enddate -noout -in $f

Expected behavior
Having an up-to-date list of CA bundles not containing expired CA certificates.

Additional context
See list with expired certs. I also found one expired cert in the AmazonLinux 2 Container, which already expired this year.

today is ... 2023-09-28


####################################
Check AmazonLinux 2 CA cert files...
####################################


subject=C = HK, O = Hongkong Post, CN = Hongkong Post Root CA 1
expired on ...  2023-05-15


#######################################
Check AmazonLinux 2023 CA cert files...
#######################################


subject=C = DE, O = D-Trust GmbH, CN = D-TRUST Qualified Root CA 1 2007:PN
expired on ...  2012-06-08
subject=C = DE, O = D-Trust GmbH, CN = D-TRUST Root Class 2 CA 2007
expired on ...  2022-05-16
subject=C = DE, O = D-Trust GmbH, CN = D-TRUST Root Class 3 CA 2007
expired on ...  2022-05-16
subject=C = US, O = Entrust.net, OU = www.entrust.net/CPS incorp. by ref. (limits liab.), OU = (c) 1999 Entrust.net Limited, CN = Entrust.net Secure Server Certification Authority
expired on ...  2019-05-25
subject=C = SI, O = ACNLB
expired on ...  2023-05-15
subject=C = KR, O = Government of Korea, OU = GPKI, CN = GPKIRootCA
expired on ...  2017-03-15
subject=C = US, O = GeoTrust Inc., CN = GeoTrust Global CA
expired on ...  2022-05-21
subject=C = US, O = GeoTrust Inc., CN = GeoTrust Global CA 2
expired on ...  2019-03-04
subject=C = SI, O = Halcom, CN = Halcom CA FO
expired on ...  2020-06-05
subject=C = SI, O = Halcom, CN = Halcom CA PO 2
expired on ...  2019-02-07
subject=C = HK, O = Hongkong Post, CN = Hongkong Post Root CA 1
expired on ...  2023-05-15
subject=C = CZ, CN = "I.CA - Qualified Certification Authority, 09/2009", O = "Prvn\C3\AD certifika\C4\8Dn\C3\AD autorita, a.s.", OU = I.CA - Accredited Provider of Certification Services
expired on ...  2019-09-01
subject=C = CZ, CN = I.CA - Qualified root certificate, O = "Prvn\C3\AD certifika\C4\8Dn\C3\AD autorita, a.s."
expired on ...  2018-04-01
subject=C = CZ, CN = "I.CA - Standard Certification Authority, 09/2009", O = "Prvn\C3\AD certifika\C4\8Dn\C3\AD autorita, a.s.", OU = I.CA - Provider of Certification Services
expired on ...  2019-09-01
subject=C = CZ, CN = I.CA - Standard root certificate, O = Prvni certifikacni autorita a.s.
expired on ...  2018-04-01
subject=C = FR, ST = France, L = Paris, O = PM/SGDN, OU = DCSSI, CN = IGC/A, emailAddress = [email protected]
expired on ...  2020-10-17
subject=C = JP, O = Japanese Government, OU = ApplicationCA
expired on ...  2017-12-12
subject=C = FR, O = KEYNECTIS, OU = ROOT, CN = KEYNECTIS ROOT CA
expired on ...  2020-05-26
subject=C = KR, O = KISA, OU = Korea Certification Authority Central, CN = KISA RootCA 3
expired on ...  2014-11-19
subject=C = JP, O = LGPKI, OU = Application CA G2
expired on ...  2016-03-31
subject=C = LU, O = LuxTrust s.a., CN = LuxTrust Global Root
expired on ...  2021-03-17
subject=C = MO, O = Macao Post, CN = Macao Post eSignTrust Root Certification Authority
expired on ...  2013-01-30
subject=C = MO, O = Macao Post, CN = Macao Post eSignTrust Root Certification Authority (G02)
expired on ...  2020-01-06
subject=C = HU, L = Budapest, O = Microsec Ltd., OU = e-Szigno CA, CN = Microsec e-Szigno Root CA
expired on ...  2017-04-06
subject=OU = Copyright (c) 1997 Microsoft Corp., OU = Microsoft Corporation, CN = Microsoft Root Authority
expired on ...  2020-12-31
subject=DC = com, DC = microsoft, CN = Microsoft Root Certificate Authority
expired on ...  2021-05-10
subject=C = HU, L = Budapest, O = NetLock Halozatbiztonsagi Kft., OU = Tanusitvanykiadok, CN = NetLock Minositett Kozjegyzoi (Class QA) Tanusitvanykiado, emailAddress = [email protected]
expired on ...  2022-12-15
subject=C = IE, O = An Post, OU = Post.Trust Ltd., CN = Post.Trust Root CA
expired on ...  2010-08-20
subject=C = BM, O = QuoVadis Limited, OU = Root Certification Authority, CN = QuoVadis Root Certification Authority
expired on ...  2021-03-17
subject=C = KR, O = Government of Korea, OU = GPKI, CN = Root CA
expired on ...  2012-04-21
subject=C = ES, O = Generalitat Valenciana, OU = PKIGVA, CN = Root CA Generalitat Valenciana
expired on ...  2021-07-01
subject=C = ES, ST = Barcelona, L = Barcelona (see current address at https://www.anf.es/address/), O = ANF Autoridad de Certificaci\C3\B3n, OU = ANF Clase 1 CA, serialNumber = G63287510, CN = ANF Server CA
expired on ...  2021-12-01
subject=C = SE, O = Carelink, CN = SITHS CA v3
expired on ...  2015-11-28
subject=C = IT, L = Milano, O = Actalis S.p.A./03358520967, CN = Actalis Authentication CA G1
expired on ...  2022-06-25
subject=C = NL, O = Staat der Nederlanden, CN = Staat der Nederlanden Root CA
expired on ...  2015-12-16
subject=C = NL, O = Staat der Nederlanden, CN = Staat der Nederlanden Root CA - G2
expired on ...  2020-03-25
subject=C = SE, O = AddTrust AB, OU = AddTrust External TTP Network, CN = AddTrust External CA Root
expired on ...  2020-05-30
subject=C = ch, O = admin, OU = Services, OU = Certification Authorities, CN = Admin-Root-CA
expired on ...  2021-11-10
subject=C = CH, O = admin, OU = Services, OU = Certification Authorities, CN = AdminCA-CD-T01
expired on ...  2016-01-25
subject=C = DK, O = TDC Internet, OU = TDC Internet Root CA
expired on ...  2021-04-05
subject=C = ZA, ST = Western Cape, L = Cape Town, O = Thawte Consulting cc, OU = Certification Services Division, CN = Thawte Premium Server CA, emailAddress = [email protected]
expired on ...  2021-01-02
subject=C = ZA, ST = Western Cape, L = Cape Town, O = Thawte Consulting cc, OU = Certification Services Division, CN = Thawte Server CA, emailAddress = [email protected]
expired on ...  2021-01-02
subject=C = TR, L = Gebze - Kocaeli, O = T\C3\BCrkiye Bilimsel ve Teknolojik Ara\C5\9Ft\C4\B1rma Kurumu - T\C3\9CB\C4\B0TAK, OU = Ulusal Elektronik ve Kriptoloji Ara\C5\9Ft\C4\B1rma Enstit\C3\BCs\C3\BC - UEKAE, OU = Kamu Sertifikasyon Merkezi, CN = T\C3\9CB\C4\B0TAK UEKAE K\C3\B6k Sertifika Hizmet Sa\C4\9Flay\C4\B1c\C4\B1s\C4\B1 - S\C3\BCr\C3\BCm 3
expired on ...  2017-08-21
subject=CN = T\C3\9CRKTRUST Elektronik Sertifika Hizmet Sa\C4\9Flay\C4\B1c\C4\B1s\C4\B1, C = TR, L = Ankara, O = T\C3\9CRKTRUST Bilgi \C4\B0leti\C5\9Fim ve Bili\C5\9Fim G\C3\BCvenli\C4\9Fi Hizmetleri A.\C5\9E. (c) Kas\C4\B1m 2005
expired on ...  2015-09-16
subject=C = US, ST = UT, L = Salt Lake City, O = The USERTRUST Network, OU = http://www.usertrust.com, CN = UTN-USERFirst-Object
expired on ...  2019-07-09
subject=C = TR, O = Elektronik Bilgi Guvenligi A.S., CN = e-Guven Kok Elektronik Sertifika Hizmet Saglayicisi
expired on ...  2017-01-04
subject=C = si, O = state-institutions, OU = sigen-ca
expired on ...  2021-06-29
subject=C = AT, ST = Austria, L = Vienna, O = ARGE DATEN - Austrian Society for Data Protection, OU = A-CERT Certification Service, CN = A-CERT ADVANCED, emailAddress = [email protected]
expired on ...  2011-10-23
subject=C = BR, O = ICP-Brasil, OU = Instituto Nacional de Tecnologia da Informacao - ITI, L = Brasilia, ST = DF, CN = Autoridade Certificadora Raiz Brasileira
expired on ...  2011-12-01
subject=C = AT, O = A-Trust Ges. f\C3\BCr Sicherheitssysteme im elektr. Datenverkehr GmbH, OU = A-Trust-Qual-01, CN = A-Trust-Qual-01
expired on ...  2014-12-01
subject=C = BR, O = ICP-Brasil, OU = Instituto Nacional de Tecnologia da Informacao - ITI, CN = Autoridade Certificadora Raiz Brasileira v1
expired on ...  2021-07-29
subject=C = BR, O = ICP-Brasil, OU = Instituto Nacional de Tecnologia da Informacao - ITI, CN = Autoridade Certificadora Raiz Brasileira v2
expired on ...  2023-06-21
subject=C = SK, L = Bratislava, O = Disig a.s., CN = CA Disig
expired on ...  2016-03-22
subject=C = IN, O = India PKI, CN = CCA India 2007
expired on ...  2015-07-04
subject=C = IN, O = India PKI, CN = CCA India 2011
expired on ...  2016-03-11
subject=C = AT, O = A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH, OU = A-Trust-Qual-03, CN = A-Trust-Qual-03
expired on ...  2018-04-25
subject=C = KR, O = KISA, OU = ROOTCA, CN = CertRSA01
expired on ...  2010-03-03
subject=C = AT, O = A-Trust, OU = A-Trust-nQual-01, CN = A-Trust-nQual-01
expired on ...  2014-12-01
subject=C = BE, O = Certipost s.a./n.v., CN = Certipost E-Trust Primary Normalised CA
expired on ...  2020-07-26
subject=C = BE, O = Certipost s.a./n.v., CN = Certipost E-Trust Primary Qualified CA
expired on ...  2020-07-26
subject=C = AT, O = A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH, OU = A-Trust-nQual-03, CN = A-Trust-nQual-03
expired on ...  2015-08-18
subject=O = "Cybertrust, Inc", CN = Cybertrust Global Root
expired on ...  2021-12-15
subject=CN = AC1 RAIZ MTIN, serialNumber = S2819001E, OU = PRESTADOR DE SERVICIOS DE CERTIFICACION MTIN, OU = SUBDIRECCION GENERAL DE PROCESO DE DATOS, O = MINISTERIO DE TRABAJO E INMIGRACION, L = MADRID, C = ES
expired on ...  2019-11-03
@TheRealBro TheRealBro mentioned this issue Sep 29, 2023
Closed
@paulez
Copy link

paulez commented Oct 12, 2023

Thanks for the report. We are working on an update to the ca-certificates package.

@bbarani
Copy link

bbarani commented Dec 1, 2023

Any update on the fix?

@jordarlu
Copy link

Greetings, @paulez , just wondering if you have an ETA on when you will be able to share the update with the community here? thanks !!

@szarkos
Copy link

szarkos commented Feb 3, 2024

Do you still see this issue on the latest ca-certificates package (ca-certificates-2023.2.62-1.0.amzn2023.0.1). There may be additional certificates expiring this year and will continue to update this package when that occurs.

@jordarlu
Copy link

I just did a test onn AL2023, and AL2,and believed this issue had been resolved.

tested on AL2023

$ for cert_file in cert.*.crt;do echo "Validating cert: $cert_file"; openssl x509 -subject -enddate -noout -in "$cert_file"; done
Validating cert: cert.0.crt
Could not read certificate from cert.0.crt
Unable to load certificate
Validating cert: cert.1.crt
subject=C = AT, O = A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH, OU = A-Trust-nQual-03, CN = A-Trust-nQual-03
notAfter=Jul 23 08:38:29 2025 GMT
Validating cert: cert.10.crt
subject=C = ES, O = Agencia Notarial de Certificacion S.L.U. - CIF B83395988, CN = ANCERT Certificados Notariales V2
notAfter=May 25 16:56:14 2030 GMT
Validating cert: cert.100.crt
subject=C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert Global Root CA
notAfter=Nov 10 00:00:00 2031 GMT
Validating cert: cert.101.crt
subject=C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert Global Root G2
notAfter=Jan 15 12:00:00 2038 GMT
Validating cert: cert.102.crt
subject=C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert Global Root G3
notAfter=Jan 15 12:00:00 2038 GMT
Validating cert: cert.103.crt
subject=C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert High Assurance EV Root CA
notAfter=Nov 10 00:00:00 2031 GMT
Validating cert: cert.104.crt
subject=C = US, O = "DigiCert, Inc.", CN = DigiCert RSA4096 Root G5
notAfter=Jan 14 23:59:59 2046 GMT
Validating cert: cert.105.crt
subject=C = US, O = "DigiCert, Inc.", CN = DigiCert SMIME ECC P384 Root G5
notAfter=Jan 14 23:59:59 2046 GMT
Validating cert: cert.106.crt
subject=C = US, O = "DigiCert, Inc.", CN = DigiCert SMIME RSA4096 Root G5
notAfter=Jan 14 23:59:59 2046 GMT
Validating cert: cert.107.crt
subject=C = US, O = "DigiCert, Inc.", CN = DigiCert TLS ECC P384 Root G5
notAfter=Jan 14 23:59:59 2046 GMT
Validating cert: cert.108.crt
subject=C = US, O = "DigiCert, Inc.", CN = DigiCert TLS RSA4096 Root G5
notAfter=Jan 14 23:59:59 2046 GMT
Validating cert: cert.109.crt
subject=C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert Trusted Root G4
notAfter=Jan 15 12:00:00 2038 GMT
Validating cert: cert.11.crt
subject=serialNumber = G63287510, C = ES, O = ANF Autoridad de Certificacion, OU = ANF CA Raiz, CN = ANF Secure Server Root CA
notAfter=Aug 30 10:00:38 2039 GMT
Validating cert: cert.110.crt
subject=C = NL, O = Digidentity B.V., CN = Digidentity L3 Root CA - G2
notAfter=Nov 10 10:44:19 2031 GMT
Validating cert: cert.111.crt
subject=C = LV, OU = Sertifikacijas pakalpojumu dala, CN = E-ME SSI (RCA)
notAfter=May 19 08:48:15 2027 GMT
Validating cert: cert.112.crt
subject=C = TR, L = Ankara, O = E-Tugra EBG A.S., OU = E-Tugra Trust Center, CN = E-Tugra Global Root CA ECC v3
notAfter=Mar 12 09:46:58 2045 GMT
Validating cert: cert.113.crt
subject=C = TR, L = Ankara, O = E-Tugra EBG A.S., OU = E-Tugra Trust Center, CN = E-Tugra Global Root CA RSA v3
notAfter=Mar 12 09:07:17 2045 GMT
Validating cert: cert.114.crt
subject=C = ES, O = Agencia Catalana de Certificacio (NIF Q-0801176-I), OU = Serveis Publics de Certificacio, OU = Vegeu https://www.catcert.net/verarrel (c)03, OU = Jerarquia Entitats de Certificacio Catalanes, CN = EC-ACC
notAfter=Jan  7 22:59:59 2031 GMT
Validating cert: cert.115.crt
subject=C = PT, O = SCEE, CN = ECRaizEstado
notAfter=Jun 23 13:41:27 2030 GMT
Validating cert: cert.116.crt
subject=C = EE, O = AS Sertifitseerimiskeskus, CN = EE Certification Centre Root CA, emailAddress = [email protected]
notAfter=Dec 17 23:59:59 2030 GMT
Validating cert: cert.117.crt
subject=O = Entrust.net, OU = www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), OU = (c) 1999 Entrust.net Limited, CN = Entrust.net Certification Authority (2048)
notAfter=Jul 24 14:15:12 2029 GMT
Validating cert: cert.118.crt
subject=C = US, O = "Entrust, Inc.", CN = Entrust Code Signing Root Certification Authority - CSBR1
notAfter=Dec 30 13:26:36 2040 GMT
Validating cert: cert.119.crt
subject=C = US, O = "Entrust, Inc.", OU = www.entrust.net/CPS is incorporated by reference, OU = "(c) 2006 Entrust, Inc.", CN = Entrust Root Certification Authority
notAfter=Nov 27 20:53:42 2026 GMT
Validating cert: cert.12.crt
subject=C = GR, O = Athens Exchange S.A., CN = ATHEX Root CA
notAfter=Oct 17 21:00:00 2030 GMT
Validating cert: cert.120.crt
subject=C = US, O = "Entrust, Inc.", OU = See www.entrust.net/legal-terms, OU = "(c) 2012 Entrust, Inc. - for authorized use only", CN = Entrust Root Certification Authority - EC1
notAfter=Dec 18 15:55:36 2037 GMT
Validating cert: cert.121.crt
subject=C = US, O = "Entrust, Inc.", OU = See www.entrust.net/legal-terms, OU = "(c) 2009 Entrust, Inc. - for authorized use only", CN = Entrust Root Certification Authority - G2
notAfter=Dec  7 17:55:54 2030 GMT
Validating cert: cert.122.crt
subject=C = US, O = "Entrust, Inc.", OU = See www.entrust.net/legal-terms, OU = "(c) 2015 Entrust, Inc. - for authorized use only", CN = Entrust Root Certification Authority - G4
notAfter=Dec 27 11:41:16 2037 GMT
Validating cert: cert.123.crt
subject=C = NL, O = DigiNotar, CN = DigiNotar Root CA, emailAddress = [email protected]
notAfter=Mar 31 18:19:22 2025 GMT
Validating cert: cert.124.crt
subject=C = CN, O = "GUANG DONG CERTIFICATE AUTHORITY CO.,LTD.", CN = GDCA TrustAUTH R5 ROOT
notAfter=Dec 31 15:59:59 2040 GMT
Validating cert: cert.125.crt
subject=C = AT, L = Vienna, ST = Austria, O = ARGE DATEN - Austrian Society for Data Protection, OU = GLOBALTRUST Certification Service, CN = GLOBALTRUST, emailAddress = [email protected]
notAfter=Sep 18 14:12:35 2036 GMT
Validating cert: cert.126.crt
subject=C = AT, ST = Wien, L = Wien, O = e-commerce monitoring GmbH, OU = GLOBALTRUST Certification Service, CN = GLOBALTRUST 2015
notAfter=Jun 10 00:00:00 2040 GMT
Validating cert: cert.127.crt
subject=C = AT, O = e-commerce monitoring GmbH, CN = GLOBALTRUST 2020
notAfter=Jun 10 00:00:00 2040 GMT
Validating cert: cert.128.crt
subject=C = US, O = Google Trust Services LLC, CN = GTS Root R1
notAfter=Jun 22 00:00:00 2036 GMT
Validating cert: cert.129.crt
subject=C = US, O = Google Trust Services LLC, CN = GTS Root R2
notAfter=Jun 22 00:00:00 2036 GMT
Validating cert: cert.13.crt
subject=C = IT, L = Milan, O = Actalis S.p.A./03358520967, CN = Actalis Authentication Root CA
notAfter=Sep 22 11:22:02 2030 GMT
Validating cert: cert.130.crt
subject=C = US, O = Google Trust Services LLC, CN = GTS Root R3
notAfter=Jun 22 00:00:00 2036 GMT
Validating cert: cert.131.crt
subject=C = US, O = Google Trust Services LLC, CN = GTS Root R4
notAfter=Jun 22 00:00:00 2036 GMT
Validating cert: cert.132.crt
subject=C = US, O = GeoTrust Inc., CN = GeoTrust Primary Certification Authority
notAfter=Jul 16 23:59:59 2036 GMT
Validating cert: cert.133.crt
subject=C = US, O = GeoTrust Inc., OU = (c) 2007 GeoTrust Inc. - For authorized use only, CN = GeoTrust Primary Certification Authority - G2
notAfter=Jan 18 23:59:59 2038 GMT
Validating cert: cert.134.crt
subject=C = US, O = GeoTrust Inc., OU = (c) 2008 GeoTrust Inc. - For authorized use only, CN = GeoTrust Primary Certification Authority - G3
notAfter=Dec  1 23:59:59 2037 GMT
Validating cert: cert.135.crt
subject=C = US, O = GeoTrust Inc., CN = GeoTrust Universal CA
notAfter=Mar  4 05:00:00 2029 GMT
Validating cert: cert.136.crt
subject=C = US, O = GeoTrust Inc., CN = GeoTrust Universal CA 2
notAfter=Mar  4 05:00:00 2029 GMT
Validating cert: cert.137.crt
subject=C = BE, O = GlobalSign nv-sa, CN = GlobalSign Code Signing Root E45
notAfter=Mar 18 00:00:00 2045 GMT
Validating cert: cert.138.crt
subject=C = BE, O = GlobalSign nv-sa, CN = GlobalSign Code Signing Root R45
notAfter=Mar 18 00:00:00 2045 GMT
Validating cert: cert.139.crt
subject=OU = GlobalSign ECC Root CA - R4, O = GlobalSign, CN = GlobalSign
notAfter=Jan 19 03:14:07 2038 GMT
Validating cert: cert.14.crt
subject=C = US, O = AffirmTrust, CN = AffirmTrust Commercial
notAfter=Dec 31 14:06:06 2030 GMT
Validating cert: cert.140.crt
subject=OU = GlobalSign ECC Root CA - R5, O = GlobalSign, CN = GlobalSign
notAfter=Jan 19 03:14:07 2038 GMT
Validating cert: cert.141.crt
subject=C = BE, O = GlobalSign nv-sa, OU = Root CA, CN = GlobalSign Root CA
notAfter=Jan 28 12:00:00 2028 GMT
Validating cert: cert.142.crt
subject=OU = GlobalSign Root CA - R3, O = GlobalSign, CN = GlobalSign
notAfter=Mar 18 10:00:00 2029 GMT
Validating cert: cert.143.crt
subject=OU = GlobalSign Root CA - R6, O = GlobalSign, CN = GlobalSign
notAfter=Dec 10 00:00:00 2034 GMT
Validating cert: cert.144.crt
subject=C = BE, O = GlobalSign nv-sa, CN = GlobalSign Root E46
notAfter=Mar 20 00:00:00 2046 GMT
Validating cert: cert.145.crt
subject=C = BE, O = GlobalSign nv-sa, CN = GlobalSign Root R46
notAfter=Mar 20 00:00:00 2046 GMT
Validating cert: cert.146.crt
subject=C = BE, O = GlobalSign nv-sa, CN = GlobalSign Secure Mail Root E45
notAfter=Mar 18 00:00:00 2045 GMT
Validating cert: cert.147.crt
subject=C = BE, O = GlobalSign nv-sa, CN = GlobalSign Secure Mail Root R45
notAfter=Mar 18 00:00:00 2045 GMT
Validating cert: cert.148.crt
subject=C = EU, O = AC Camerfirma SA CIF A82743287, OU = http://www.chambersign.org, CN = Global Chambersign Root
notAfter=Sep 30 16:14:18 2037 GMT
Validating cert: cert.149.crt
subject=C = EU, L = Madrid (see current address at www.camerfirma.com/address), serialNumber = A82743287, O = AC Camerfirma S.A., CN = Global Chambersign Root - 2008
notAfter=Jul 31 12:31:40 2038 GMT
Validating cert: cert.15.crt
subject=C = US, O = AffirmTrust, CN = AffirmTrust Networking
notAfter=Dec 31 14:08:24 2030 GMT
Validating cert: cert.150.crt
subject=C = US, O = "The Go Daddy Group, Inc.", OU = Go Daddy Class 2 Certification Authority
notAfter=Jun 29 17:06:20 2034 GMT
Validating cert: cert.151.crt
subject=C = US, ST = Arizona, L = Scottsdale, O = "GoDaddy.com, Inc.", CN = Go Daddy Root Certificate Authority - G2
notAfter=Dec 31 23:59:59 2037 GMT
Validating cert: cert.152.crt
subject=C = TW, O = Government Root Certification Authority
notAfter=Dec 31 15:59:59 2037 GMT
Validating cert: cert.153.crt
subject=C = GR, O = Hellenic Academic and Research Institutions CA, CN = HARICA Client ECC Root CA 2021
notAfter=Feb 13 11:03:33 2045 GMT
Validating cert: cert.154.crt
subject=C = GR, O = Hellenic Academic and Research Institutions CA, CN = HARICA Client RSA Root CA 2021
notAfter=Feb 13 10:58:45 2045 GMT
Validating cert: cert.155.crt
subject=C = GR, O = Hellenic Academic and Research Institutions CA, CN = HARICA Code Signing ECC Root CA 2021
notAfter=Feb 13 11:04:35 2045 GMT
Validating cert: cert.156.crt
subject=C = GR, O = Hellenic Academic and Research Institutions CA, CN = HARICA Code Signing RSA Root CA 2021
notAfter=Feb 13 10:59:53 2045 GMT
Validating cert: cert.157.crt
subject=C = GR, O = Hellenic Academic and Research Institutions CA, CN = HARICA TLS ECC Root CA 2021
notAfter=Feb 13 11:01:09 2045 GMT
Validating cert: cert.158.crt
subject=C = GR, O = Hellenic Academic and Research Institutions CA, CN = HARICA TLS RSA Root CA 2021
notAfter=Feb 13 10:55:37 2045 GMT
Validating cert: cert.159.crt
subject=C = SI, O = Halcom, CN = Halcom Root CA
notAfter=Feb  8 09:55:41 2032 GMT
Validating cert: cert.16.crt
subject=C = US, O = AffirmTrust, CN = AffirmTrust Premium
notAfter=Dec 31 14:10:36 2040 GMT
Validating cert: cert.160.crt
subject=C = SI, O = Halcom d.d., organizationIdentifier = VATSI-43353126, CN = Halcom Root Certificate Authority
notAfter=Jun 10 07:07:50 2036 GMT
Validating cert: cert.161.crt
subject=C = GR, L = Athens, O = Hellenic Academic and Research Institutions Cert. Authority, CN = Hellenic Academic and Research Institutions ECC RootCA 2015
notAfter=Jun 30 10:37:12 2040 GMT
Validating cert: cert.162.crt
subject=C = GR, O = Hellenic Academic and Research Institutions Cert. Authority, CN = Hellenic Academic and Research Institutions RootCA 2011
notAfter=Dec  1 13:49:52 2031 GMT
Validating cert: cert.163.crt
subject=C = GR, L = Athens, O = Hellenic Academic and Research Institutions Cert. Authority, CN = Hellenic Academic and Research Institutions RootCA 2015
notAfter=Jun 30 10:11:21 2040 GMT
Validating cert: cert.164.crt
subject=C = TW, O = "Chunghwa Telecom Co., Ltd.", CN = HiPKI Root CA - G1
notAfter=Dec 31 15:59:59 2037 GMT
Validating cert: cert.165.crt
subject=C = HK, ST = Hong Kong, L = Hong Kong, O = Hongkong Post, CN = Hongkong Post Root CA 3
notAfter=Jun  3 02:29:46 2042 GMT
Validating cert: cert.166.crt
subject=C = CZ, O = "Prvn\C3\AD certifika\C4\8Dn\C3\AD autorita, a.s.", CN = I.CA Root CA/RSA, serialNumber = NTRCZ-26439395
notAfter=May 27 12:20:00 2040 GMT
Validating cert: cert.167.crt
subject=C = FR, O = ANSSI, OU = 0002 130007669, CN = IGC/A AC racine Etat francais
notAfter=Apr 15 09:00:00 2028 GMT
Validating cert: cert.168.crt
subject=C = US, O = Internet Security Research Group, CN = ISRG Root X1
notAfter=Jun  4 11:04:38 2035 GMT
Validating cert: cert.169.crt
subject=C = US, O = Internet Security Research Group, CN = ISRG Root X2
notAfter=Sep 17 16:00:00 2040 GMT
Validating cert: cert.17.crt
subject=C = US, O = AffirmTrust, CN = AffirmTrust Premium ECC
notAfter=Dec 31 14:20:24 2040 GMT
Validating cert: cert.170.crt
subject=C = US, O = IdenTrust, CN = IdenTrust Commercial Root CA 1
notAfter=Jan 16 18:12:23 2034 GMT
Validating cert: cert.171.crt
subject=C = US, O = IdenTrust, CN = IdenTrust Public Sector Root CA 1
notAfter=Jan 16 17:53:32 2034 GMT
Validating cert: cert.172.crt
subject=C = ES, O = IZENPE S.A., CN = Izenpe.com
notAfter=Dec 13 08:27:25 2037 GMT
Validating cert: cert.173.crt
subject=C = KR, O = KISA, OU = Korea Certification Authority Central, CN = KISA RootCA 1
notAfter=Aug 24 08:05:46 2025 GMT
Validating cert: cert.174.crt
subject=C = ZA, O = LAWtrust, CN = LAWtrust Root CA2 (4096)
notAfter=Feb 14 09:49:38 2053 GMT
Validating cert: cert.175.crt
subject=C = LU, O = LuxTrust S.A., CN = LuxTrust Global Root 2
notAfter=Mar  5 13:21:57 2035 GMT
Validating cert: cert.176.crt
subject=C = PT, O = MULTICERT - Servi\C3\A7os de Certifica\C3\A7\C3\A3o Electr\C3\B3nica S.A., CN = MULTICERT Root Certification Authority 01
notAfter=Apr  4 08:59:47 2039 GMT
Validating cert: cert.177.crt
subject=C = HU, L = Budapest, O = Microsec Ltd., CN = Microsec e-Szigno Root CA 2009, emailAddress = [email protected]
notAfter=Dec 30 11:30:18 2029 GMT
Validating cert: cert.178.crt
subject=C = US, ST = Washington, L = Redmond, O = Microsoft Corporation, CN = Microsoft ECC Product Root Certificate Authority 2018
notAfter=Feb 27 20:50:46 2043 GMT
Validating cert: cert.179.crt
subject=C = US, O = Microsoft Corporation, CN = Microsoft ECC Root Certificate Authority 2017
notAfter=Jul 18 23:16:04 2042 GMT
Validating cert: cert.18.crt
subject=C = US, O = Amazon, CN = Amazon Root CA 1
notAfter=Jan 17 00:00:00 2038 GMT
Validating cert: cert.180.crt
subject=C = US, ST = Washington, L = Redmond, O = Microsoft Corporation, CN = Microsoft ECC TS Root Certificate Authority 2018
notAfter=Feb 27 21:00:12 2043 GMT
Validating cert: cert.181.crt
subject=C = US, O = Microsoft Corporation, CN = Microsoft Identity Verification Root Certificate Authority 2020
notAfter=Apr 16 18:44:40 2045 GMT
Validating cert: cert.182.crt
subject=C = US, O = Microsoft Corporation, CN = Microsoft RSA Root Certificate Authority 2017
notAfter=Jul 18 23:00:23 2042 GMT
Validating cert: cert.183.crt
subject=C = US, ST = Washington, L = Redmond, O = Microsoft Corporation, CN = Microsoft Root Certificate Authority 2010
notAfter=Jun 23 22:04:01 2035 GMT
Validating cert: cert.184.crt
subject=C = US, ST = Washington, L = Redmond, O = Microsoft Corporation, CN = Microsoft Root Certificate Authority 2011
notAfter=Mar 22 22:13:04 2036 GMT
Validating cert: cert.185.crt
subject=C = KR, O = NAVER BUSINESS PLATFORM Corp., CN = NAVER Global Root Certification Authority
notAfter=Aug 18 23:59:59 2037 GMT
Validating cert: cert.186.crt
subject=C = HU, L = Budapest, O = NetLock Kft., OU = Tan\C3\BAs\C3\ADtv\C3\A1nykiad\C3\B3k (Certification Services), CN = NetLock Arany (Class Gold) F\C5\91tan\C3\BAs\C3\ADtv\C3\A1ny
notAfter=Dec  6 15:08:21 2028 GMT
Validating cert: cert.187.crt
subject=C = HU, L = Budapest, O = NetLock Kft., OU = Tan\C3\BAs\C3\ADtv\C3\A1nykiad\C3\B3k (Certification Services), CN = NetLock Platina (Class Platinum) F\C5\91tan\C3\BAs\C3\ADtv\C3\A1ny
notAfter=Dec  6 15:12:44 2028 GMT
Validating cert: cert.188.crt
subject=C = US, O = Network Solutions L.L.C., CN = Network Solutions Certificate Authority
notAfter=Dec 31 23:59:59 2030 GMT
Validating cert: cert.189.crt
subject=C = US, ST = FL, L = Jacksonville, O = Network Solutions L.L.C., CN = Network Solutions ECC Certificate Authority
notAfter=Jan 18 23:59:59 2038 GMT
Validating cert: cert.19.crt
subject=C = US, O = Amazon, CN = Amazon Root CA 2
notAfter=May 26 00:00:00 2040 GMT
Validating cert: cert.190.crt
subject=C = US, ST = FL, L = Jacksonville, O = Network Solutions L.L.C., CN = Network Solutions RSA Certificate Authority
notAfter=Jan 18 23:59:59 2038 GMT
Validating cert: cert.191.crt
subject=C = CH, O = WISeKey, OU = Copyright (c) 2005, OU = OISTE Foundation Endorsed, CN = OISTE WISeKey Global Root GA CA
notAfter=Dec 11 16:09:51 2037 GMT
Validating cert: cert.192.crt
subject=C = CH, O = WISeKey, OU = OISTE Foundation Endorsed, CN = OISTE WISeKey Global Root GB CA
notAfter=Dec  1 15:10:31 2039 GMT
Validating cert: cert.193.crt
subject=C = CH, O = WISeKey, OU = OISTE Foundation Endorsed, CN = OISTE WISeKey Global Root GC CA
notAfter=May  9 09:58:33 2042 GMT
Validating cert: cert.194.crt
subject=C = FR, O = OpenTrust, CN = OpenTrust Root CA G2
notAfter=Jan 15 00:00:00 2038 GMT
Validating cert: cert.195.crt
subject=C = FR, O = OpenTrust, CN = OpenTrust Root CA G3
notAfter=Jan 15 00:00:00 2038 GMT
Validating cert: cert.196.crt
subject=C = IL, O = PersonalID Ltd., OU = Certificate Services, CN = PersonalID Trustworthy RootCA 2011
notAfter=Sep  1 08:45:16 2041 GMT
Validating cert: cert.197.crt
subject=C = BM, O = QuoVadis Limited, CN = QuoVadis Root CA 1 G3
notAfter=Jan 12 17:27:44 2042 GMT
Validating cert: cert.198.crt
subject=C = BM, O = QuoVadis Limited, CN = QuoVadis Root CA 2
notAfter=Nov 24 18:23:33 2031 GMT
Validating cert: cert.199.crt
subject=C = BM, O = QuoVadis Limited, CN = QuoVadis Root CA 2 G3
notAfter=Jan 12 18:59:32 2042 GMT
Validating cert: cert.2.crt
subject=C = ES, serialNumber = Q2863006I, O = CONSEJO GENERAL DE LA ABOGACIA, CN = ACA ROOT
notAfter=May 27 10:58:51 2041 GMT
Validating cert: cert.20.crt
subject=C = US, O = Amazon, CN = Amazon Root CA 3
notAfter=May 26 00:00:00 2040 GMT
Validating cert: cert.200.crt
subject=C = BM, O = QuoVadis Limited, CN = QuoVadis Root CA 3
notAfter=Nov 24 19:06:44 2031 GMT
Validating cert: cert.201.crt
subject=C = BM, O = QuoVadis Limited, CN = QuoVadis Root CA 3 G3
notAfter=Jan 12 20:26:32 2042 GMT
Validating cert: cert.202.crt
subject=C = DE, ST = Baden-Wuerttemberg (BW), L = Stuttgart, O = Deutscher Sparkassen Verlag GmbH, CN = S-TRUST Authentication and Encryption Root CA 2005:PN
notAfter=Jun 21 23:59:59 2030 GMT
Validating cert: cert.203.crt
subject=C = ZA, ST = Western Cape, L = Somerset West, O = South African Post Office Limited, OU = SAPO Trust Centre, CN = SAPO Class 2 Root CA, emailAddress = [email protected]
notAfter=Sep 14 00:00:00 2030 GMT
Validating cert: cert.204.crt
subject=C = ZA, ST = Western Cape, L = Somerset West, O = South African Post Office Limited, OU = SAPO Trust Centre, CN = SAPO Class 3 Root CA, emailAddress = [email protected]
notAfter=Sep 14 00:00:00 2030 GMT
Validating cert: cert.205.crt
subject=C = ZA, ST = Western Cape, L = Somerset West, O = South African Post Office Limited, OU = SAPO Trust Centre, CN = SAPO Class 4 Root CA, emailAddress = [email protected]
notAfter=Sep 14 00:00:00 2030 GMT
Validating cert: cert.206.crt
subject=C = JP, O = "SECOM Trust Systems CO.,LTD.", OU = Security Communication EV RootCA1
notAfter=Jun  6 02:12:32 2037 GMT
Validating cert: cert.207.crt
subject=C = SI, O = Republika Slovenija, organizationIdentifier = VATSI-17659957, CN = SI-TRUST Root
notAfter=Dec 25 08:08:17 2037 GMT
Validating cert: cert.208.crt
subject=C = SE, O = Inera AB, CN = SITHS Root CA v1
notAfter=Mar 29 07:54:49 2032 GMT
Validating cert: cert.209.crt
subject=C = LT, O = Skaitmeninio sertifikavimo centras, OU = CA ROOT Services, CN = SSC GDL CA Root A
notAfter=Jun  4 13:00:47 2033 GMT
Validating cert: cert.21.crt
subject=C = US, O = Amazon, CN = Amazon Root CA 4
notAfter=May 26 00:00:00 2040 GMT
Validating cert: cert.210.crt
subject=C = LT, O = Skaitmeninio sertifikavimo centras, OU = CA ROOT Services, CN = SSC GDL CA Root B
notAfter=Jun  4 14:21:55 2033 GMT
Validating cert: cert.211.crt
subject=C = LT, O = Skaitmeninio sertifikavimo centras, OU = Certification Authority, CN = SSC Root CA A
notAfter=Dec 28 12:05:04 2026 GMT
Validating cert: cert.212.crt
subject=C = LT, O = Skaitmeninio sertifikavimo centras, OU = Certification Authority, CN = SSC Root CA B
notAfter=Dec 25 12:08:26 2026 GMT
Validating cert: cert.213.crt
subject=C = LT, O = Skaitmeninio sertifikavimo centras, OU = Certification Authority, CN = SSC Root CA C
notAfter=Dec 22 12:11:30 2026 GMT
Validating cert: cert.214.crt
subject=C = US, O = SSL Corporation, CN = SSL.com Client ECC Root CA 2022
notAfter=Aug 19 16:30:31 2046 GMT
Validating cert: cert.215.crt
subject=C = US, O = SSL Corporation, CN = SSL.com Client RSA Root CA 2022
notAfter=Aug 19 16:31:06 2046 GMT
Validating cert: cert.216.crt
subject=C = US, ST = Texas, L = Houston, O = SSL Corporation, CN = SSL.com EV Root Certification Authority ECC
notAfter=Feb 12 18:15:23 2041 GMT
Validating cert: cert.217.crt
subject=C = US, ST = Texas, L = Houston, O = SSL Corporation, CN = SSL.com EV Root Certification Authority RSA
notAfter=Feb 12 17:50:48 2041 GMT
Validating cert: cert.218.crt
subject=C = US, ST = Texas, L = Houston, O = SSL Corporation, CN = SSL.com EV Root Certification Authority RSA R2
notAfter=May 30 18:14:37 2042 GMT
Validating cert: cert.219.crt
subject=C = US, ST = Texas, L = Houston, O = SSL Corporation, CN = SSL.com Root Certification Authority ECC
notAfter=Feb 12 18:14:03 2041 GMT
Validating cert: cert.22.crt
subject=C = US, O = America Online Inc., CN = America Online Root Certification Authority 1
notAfter=Nov 19 20:43:00 2037 GMT
Validating cert: cert.220.crt
subject=C = US, ST = Texas, L = Houston, O = SSL Corporation, CN = SSL.com Root Certification Authority RSA
notAfter=Feb 12 17:39:39 2041 GMT
Validating cert: cert.221.crt
subject=C = US, O = SSL Corporation, CN = SSL.com TLS ECC Root CA 2022
notAfter=Aug 19 16:33:47 2046 GMT
Validating cert: cert.222.crt
subject=C = US, O = SSL Corporation, CN = SSL.com TLS RSA Root CA 2022
notAfter=Aug 19 16:34:21 2046 GMT
Validating cert: cert.223.crt
subject=C = PL, O = Krajowa Izba Rozliczeniowa S.A., CN = SZAFIR ROOT CA2
notAfter=Oct 19 07:43:30 2035 GMT
Validating cert: cert.224.crt
subject=C = GB, O = Sectigo Limited, CN = Sectigo Public Email Protection Root E46
notAfter=Mar 21 23:59:59 2046 GMT
Validating cert: cert.225.crt
subject=C = GB, O = Sectigo Limited, CN = Sectigo Public Email Protection Root R46
notAfter=Mar 21 23:59:59 2046 GMT
Validating cert: cert.226.crt
subject=C = GB, O = Sectigo Limited, CN = Sectigo Public Server Authentication Root E46
notAfter=Mar 21 23:59:59 2046 GMT
Validating cert: cert.227.crt
subject=C = GB, O = Sectigo Limited, CN = Sectigo Public Server Authentication Root R46
notAfter=Mar 21 23:59:59 2046 GMT
Validating cert: cert.228.crt
subject=C = JP, O = "Japan Certification Services, Inc.", CN = SecureSign RootCA11
notAfter=Apr  8 04:56:47 2029 GMT
Validating cert: cert.229.crt
subject=C = US, O = SecureTrust Corporation, CN = SecureTrust CA
notAfter=Dec 31 19:40:55 2029 GMT
Validating cert: cert.23.crt
subject=C = JP, O = Japanese Government, OU = GPKI, CN = ApplicationCA2 Root
notAfter=Mar 12 15:00:00 2033 GMT
Validating cert: cert.230.crt
subject=C = US, O = SecureTrust Corporation, CN = Secure Global CA
notAfter=Dec 31 19:52:06 2029 GMT
Validating cert: cert.231.crt
subject=C = JP, O = "SECOM Trust Systems CO.,LTD.", CN = Security Communication ECC RootCA1
notAfter=Jan 18 05:15:28 2038 GMT
Validating cert: cert.232.crt
subject=C = JP, O = "SECOM Trust Systems CO.,LTD.", OU = Security Communication RootCA2
notAfter=May 29 05:00:39 2029 GMT
Validating cert: cert.233.crt
subject=C = JP, O = "SECOM Trust Systems CO.,LTD.", CN = Security Communication RootCA3
notAfter=Jan 18 06:17:16 2038 GMT
Validating cert: cert.234.crt
subject=C = NL, O = Staat der Nederlanden, CN = Staat der Nederlanden Root CA - G3
notAfter=Nov 13 23:00:00 2028 GMT
Validating cert: cert.235.crt
subject=C = US, O = "Starfield Technologies, Inc.", OU = Starfield Class 2 Certification Authority
notAfter=Jun 29 17:39:16 2034 GMT
Validating cert: cert.236.crt
subject=C = US, ST = Arizona, L = Scottsdale, O = "Starfield Technologies, Inc.", CN = Starfield Root Certificate Authority - G2
notAfter=Dec 31 23:59:59 2037 GMT
Validating cert: cert.237.crt
subject=C = US, ST = Arizona, L = Scottsdale, O = "Starfield Technologies, Inc.", OU = http://certificates.starfieldtech.com/repository/, CN = Starfield Services Root Certificate Authority
notAfter=Dec 31 23:59:59 2029 GMT
Validating cert: cert.238.crt
subject=C = US, ST = Arizona, L = Scottsdale, O = "Starfield Technologies, Inc.", CN = Starfield Services Root Certificate Authority - G2
notAfter=Dec 31 23:59:59 2037 GMT
Validating cert: cert.239.crt
subject=C = IL, O = StartCom Ltd., OU = Secure Digital Certificate Signing, CN = StartCom Certification Authority
notAfter=Sep 17 19:46:36 2036 GMT
Validating cert: cert.24.crt
subject=C = JP, O = LGPKI, CN = Application CA G3 Root
notAfter=Jun  3 14:59:59 2034 GMT
Validating cert: cert.240.crt
subject=C = IL, O = StartCom Ltd., CN = StartCom Certification Authority G2
notAfter=Dec 31 23:59:01 2039 GMT
Validating cert: cert.241.crt
subject=C = SE, O = Swedish Social Insurance Agency, CN = Swedish Government Root Authority v2
notAfter=May  5 11:24:19 2040 GMT
Validating cert: cert.242.crt
subject=C = SE, O = Swedish Social Insurance Agency, CN = Swedish Government Root Authority v3
notAfter=Sep 29 11:42:09 2040 GMT
Validating cert: cert.243.crt
subject=C = CH, O = SwissSign AG, CN = SwissSign Gold CA - G2
notAfter=Oct 25 08:30:35 2036 GMT
Validating cert: cert.244.crt
subject=C = CH, O = SwissSign AG, CN = SwissSign Gold Root CA - G3
notAfter=Aug  4 13:31:47 2037 GMT
Validating cert: cert.245.crt
subject=C = CH, O = SwissSign AG, CN = SwissSign Platinum CA - G2
notAfter=Oct 25 08:36:00 2036 GMT
Validating cert: cert.246.crt
subject=C = CH, O = SwissSign AG, CN = SwissSign Platinum Root CA - G3
notAfter=Aug  4 13:34:04 2037 GMT
Validating cert: cert.247.crt
subject=C = CH, O = SwissSign AG, CN = SwissSign Silver CA - G2
notAfter=Oct 25 08:32:46 2036 GMT
Validating cert: cert.248.crt
subject=C = CH, O = SwissSign AG, CN = SwissSign Silver Root CA - G3
notAfter=Aug  4 13:19:14 2037 GMT
Validating cert: cert.249.crt
subject=C = CH, O = The Federal Authorities of the Swiss Confederation, OU = Services, OU = Certification Authorities, CN = Swiss Government Root CA I
notAfter=Feb 15 08:59:59 2035 GMT
Validating cert: cert.25.crt
subject=C = JP, O = LGPKI, CN = Application CA G4 Root
notAfter=Feb 15 14:59:59 2037 GMT
Validating cert: cert.250.crt
subject=C = CH, O = The Federal Authorities of the Swiss Confederation, OU = Services, OU = Certification Authorities, CN = Swiss Government Root CA II
notAfter=Feb 16 08:59:59 2035 GMT
Validating cert: cert.251.crt
subject=C = CH, O = Swiss Government PKI, OU = www.pki.admin.ch, CN = Swiss Government Root CA III
notAfter=Apr 15 06:59:59 2041 GMT
Validating cert: cert.252.crt
subject=C = ch, O = Swisscom, OU = Digital Certificate Services, CN = Swisscom Root CA 1
notAfter=Aug 18 22:06:20 2025 GMT
Validating cert: cert.253.crt
subject=C = ch, O = Swisscom, OU = Digital Certificate Services, CN = Swisscom Root CA 2
notAfter=Jun 25 07:38:14 2031 GMT
Validating cert: cert.254.crt
subject=C = ch, O = Swisscom, OU = Digital Certificate Services, CN = Swisscom Root EV CA 2
notAfter=Jun 25 08:45:08 2031 GMT
Validating cert: cert.255.crt
subject=C = US, O = Symantec Corporation, OU = Symantec Trust Network, CN = Symantec Class 3 Public Primary Certification Authority - G4
notAfter=Dec  1 23:59:59 2037 GMT
Validating cert: cert.256.crt
subject=C = US, O = Symantec Corporation, OU = Symantec Trust Network, CN = Symantec Class 3 Public Primary Certification Authority - G6
notAfter=Dec  1 23:59:59 2037 GMT
Validating cert: cert.257.crt
subject=C = US, O = Symantec Corporation, CN = Symantec Enterprise Mobile Root for Microsoft
notAfter=Mar 14 23:59:59 2032 GMT
Validating cert: cert.258.crt
subject=C = DE, O = T-Systems Enterprise Services GmbH, OU = T-Systems Trust Center, CN = T-TeleSec GlobalRoot Class 2
notAfter=Oct  1 23:59:59 2033 GMT
Validating cert: cert.259.crt
subject=C = DE, O = T-Systems Enterprise Services GmbH, OU = T-Systems Trust Center, CN = T-TeleSec GlobalRoot Class 3
notAfter=Oct  1 23:59:59 2033 GMT
Validating cert: cert.26.crt
subject=CN = Atos TrustedRoot 2011, O = Atos, C = DE
notAfter=Dec 31 23:59:59 2030 GMT
Validating cert: cert.260.crt
subject=C = TR, L = Gebze - Kocaeli, O = Turkiye Bilimsel ve Teknolojik Arastirma Kurumu - TUBITAK, OU = Kamu Sertifikasyon Merkezi - Kamu SM, CN = TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1
notAfter=Oct 25 08:25:55 2043 GMT
Validating cert: cert.261.crt
subject=C = TW, O = TAIWAN-CA, OU = Root CA, CN = TWCA Global Root CA
notAfter=Dec 31 15:59:59 2030 GMT
Validating cert: cert.262.crt
subject=C = TW, O = TAIWAN-CA, OU = Root CA, CN = TWCA Root Certification Authority
notAfter=Dec 31 15:59:59 2030 GMT
Validating cert: cert.263.crt
subject=O = TeliaSonera, CN = TeliaSonera Root CA v1
notAfter=Oct 18 12:00:50 2032 GMT
Validating cert: cert.264.crt
subject=C = FI, O = Telia Finland Oyj, CN = Telia Root CA v2
notAfter=Nov 29 11:55:54 2043 GMT
Validating cert: cert.265.crt
subject=C = TH, O = Electronic Transactions Development Agency (Public Organization), OU = Thailand National Root Certification Authority, CN = Thailand National Root Certification Authority - G1
notAfter=Mar 27 10:10:22 2036 GMT
Validating cert: cert.266.crt
subject=C = CN, O = "TrustAsia Technologies, Inc.", CN = TrustAsia Global Root CA G3
notAfter=May 19 02:10:19 2046 GMT
Validating cert: cert.267.crt
subject=C = CN, O = "TrustAsia Technologies, Inc.", CN = TrustAsia Global Root CA G4
notAfter=May 19 02:10:22 2046 GMT
Validating cert: cert.268.crt
subject=C = US, ST = Illinois, L = Chicago, O = "Trustwave Holdings, Inc.", CN = Trustwave Global Certification Authority
notAfter=Aug 23 19:34:12 2042 GMT
Validating cert: cert.269.crt
subject=C = US, ST = Illinois, L = Chicago, O = "Trustwave Holdings, Inc.", CN = Trustwave Global ECC P256 Certification Authority
notAfter=Aug 23 19:35:10 2042 GMT
Validating cert: cert.27.crt
subject=C = DE, O = Atos, CN = Atos TrustedRoot Root CA ECC G2 2020
notAfter=Dec 10 08:39:09 2040 GMT
Validating cert: cert.270.crt
subject=C = US, ST = Illinois, L = Chicago, O = "Trustwave Holdings, Inc.", CN = Trustwave Global ECC P384 Certification Authority
notAfter=Aug 23 19:36:43 2042 GMT
Validating cert: cert.271.crt
subject=C = TN, O = Agence Nationale de Certification Electronique, CN = TunTrust Root CA
notAfter=Apr 26 08:57:56 2044 GMT
Validating cert: cert.272.crt
subject=C = TN, CN = Tunisian Root Certificate Authority - TunRootCA2, O = National Digital Certification Agency
notAfter=May  5 08:57:01 2027 GMT
Validating cert: cert.273.crt
subject=C = CN, O = UniTrust, CN = UCA Extended Validation Root
notAfter=Dec 31 00:00:00 2038 GMT
Validating cert: cert.274.crt
subject=C = CN, O = UniTrust, CN = UCA Global G2 Root
notAfter=Dec 31 00:00:00 2040 GMT
Validating cert: cert.275.crt
subject=C = CN, O = UniTrust, CN = UCA Global Root
notAfter=Dec 31 00:00:00 2037 GMT
Validating cert: cert.276.crt
subject=C = CN, O = UniTrust, CN = UCA Root
notAfter=Dec 31 00:00:00 2029 GMT
Validating cert: cert.277.crt
subject=C = US, ST = New Jersey, L = Jersey City, O = The USERTRUST Network, CN = USERTrust ECC Certification Authority
notAfter=Jan 18 23:59:59 2038 GMT
Validating cert: cert.278.crt
subject=C = US, ST = New Jersey, L = Jersey City, O = The USERTRUST Network, CN = USERTrust RSA Certification Authority
notAfter=Jan 18 23:59:59 2038 GMT
Validating cert: cert.279.crt
subject=C = US, O = "VeriSign, Inc.", OU = VeriSign Trust Network, OU = "(c) 1999 VeriSign, Inc. - For authorized use only", CN = VeriSign Class 2 Public Primary Certification Authority - G3
notAfter=Jul 16 23:59:59 2036 GMT
Validating cert: cert.28.crt
subject=CN = Atos TrustedRoot Root CA ECC TLS 2021, O = Atos, C = DE
notAfter=Apr 17 09:26:22 2041 GMT
Validating cert: cert.280.crt
subject=C = US, O = "VeriSign, Inc.", OU = VeriSign Trust Network, OU = "(c) 1999 VeriSign, Inc. - For authorized use only", CN = VeriSign Class 3 Public Primary Certification Authority - G3
notAfter=Jul 16 23:59:59 2036 GMT
Validating cert: cert.281.crt
subject=C = US, O = "VeriSign, Inc.", OU = VeriSign Trust Network, OU = "(c) 2007 VeriSign, Inc. - For authorized use only", CN = VeriSign Class 3 Public Primary Certification Authority - G4
notAfter=Jan 18 23:59:59 2038 GMT
Validating cert: cert.282.crt
subject=C = US, O = "VeriSign, Inc.", OU = VeriSign Trust Network, OU = "(c) 2006 VeriSign, Inc. - For authorized use only", CN = VeriSign Class 3 Public Primary Certification Authority - G5
notAfter=Jul 16 23:59:59 2036 GMT
Validating cert: cert.283.crt
subject=C = US, O = "VeriSign, Inc.", OU = VeriSign Trust Network, OU = "(c) 2008 VeriSign, Inc. - For authorized use only", CN = VeriSign Universal Root Certification Authority
notAfter=Dec  1 23:59:59 2037 GMT
Validating cert: cert.284.crt
subject=C = US, O = "VeriSign, Inc.", OU = Class 3 Public Primary Certification Authority - G2, OU = "(c) 1998 VeriSign, Inc. - For authorized use only", OU = VeriSign Trust Network
notAfter=Aug  1 23:59:59 2028 GMT
Validating cert: cert.285.crt
subject=C = US, O = Verizon Business, OU = OmniRoot, CN = Verizon Global Root CA
notAfter=Jul 30 14:27:04 2034 GMT
Validating cert: cert.286.crt
subject=C = US, OU = www.xrampsecurity.com, O = XRamp Security Services Inc, CN = XRamp Global Certification Authority
notAfter=Jan  1 05:37:19 2035 GMT
Validating cert: cert.287.crt
subject=C = RO, O = certSIGN, OU = certSIGN ROOT CA
notAfter=Jul  4 17:20:04 2031 GMT
Validating cert: cert.288.crt
subject=C = RO, O = CERTSIGN SA, OU = certSIGN ROOT CA G2
notAfter=Feb  6 09:27:35 2042 GMT
Validating cert: cert.289.crt
subject=C = HU, L = Budapest, O = Microsec Ltd., organizationIdentifier = VATHU-23584497, CN = e-Szigno Root CA 2017
notAfter=Aug 22 12:07:06 2042 GMT
Validating cert: cert.29.crt
subject=C = DE, O = Atos, CN = Atos TrustedRoot Root CA RSA G2 2020
notAfter=Dec 10 08:41:22 2040 GMT
Validating cert: cert.290.crt
subject=C = TW, O = "Chunghwa Telecom Co., Ltd.", OU = ePKI Root Certification Authority
notAfter=Dec 20 02:31:27 2034 GMT
Validating cert: cert.291.crt
subject=C = TW, O = "Chunghwa Telecom Co., Ltd.", CN = ePKI Root Certification Authority - G2
notAfter=Dec 31 15:59:59 2037 GMT
Validating cert: cert.292.crt
subject=C = US, OU = emSign PKI, O = eMudhra Inc, CN = emSign ECC Root CA - C3
notAfter=Feb 18 18:30:00 2043 GMT
Validating cert: cert.293.crt
subject=C = IN, OU = emSign PKI, O = eMudhra Technologies Limited, CN = emSign ECC Root CA - G3
notAfter=Feb 18 18:30:00 2043 GMT
Validating cert: cert.294.crt
subject=C = US, OU = emSign PKI, O = eMudhra Inc, CN = emSign Root CA - C1
notAfter=Feb 18 18:30:00 2043 GMT
Validating cert: cert.295.crt
subject=C = US, OU = emSign PKI, O = eMudhra Inc, CN = emSign Root CA - C2
notAfter=Feb 18 18:30:00 2043 GMT
Validating cert: cert.296.crt
subject=C = IN, OU = emSign PKI, O = eMudhra Technologies Limited, CN = emSign Root CA - G1
notAfter=Feb 18 18:30:00 2043 GMT
Validating cert: cert.297.crt
subject=C = IN, OU = emSign PKI, O = eMudhra Technologies Limited, CN = emSign Root CA - G2
notAfter=Feb 18 18:30:00 2043 GMT
Validating cert: cert.298.crt
subject=C = US, O = "thawte, Inc.", OU = Certification Services Division, OU = "(c) 2006 thawte, Inc. - For authorized use only", CN = thawte Primary Root CA
notAfter=Jul 16 23:59:59 2036 GMT
Validating cert: cert.299.crt
subject=C = US, O = "thawte, Inc.", OU = "(c) 2007 thawte, Inc. - For authorized use only", CN = thawte Primary Root CA - G2
notAfter=Jan 18 23:59:59 2038 GMT
Validating cert: cert.3.crt
subject=CN = ACCVRAIZ1, OU = PKIACCV, O = ACCV, C = ES
notAfter=Dec 31 09:37:37 2030 GMT
Validating cert: cert.30.crt
subject=CN = Atos TrustedRoot Root CA RSA TLS 2021, O = Atos, C = DE
notAfter=Apr 17 09:21:09 2041 GMT
Validating cert: cert.300.crt
subject=C = US, O = "thawte, Inc.", OU = Certification Services Division, OU = "(c) 2008 thawte, Inc. - For authorized use only", CN = thawte Primary Root CA - G3
notAfter=Dec  1 23:59:59 2037 GMT
Validating cert: cert.301.crt
subject=C = CN, O = "iTrusChina Co.,Ltd.", CN = vTrus ECC Root CA
notAfter=Jul 31 07:26:44 2043 GMT
Validating cert: cert.302.crt
subject=C = CN, O = "iTrusChina Co.,Ltd.", CN = vTrus Root CA
notAfter=Jul 31 07:24:05 2043 GMT
Validating cert: cert.31.crt
subject=C = AU, O = GOV, OU = DoD, OU = PKI, OU = CAs, CN = Australian Defence Public Root CA
notAfter=Nov 28 22:13:48 2036 GMT
Validating cert: cert.32.crt
subject=L = Alvaro Obregon, ST = Distrito Federal, C = MX, postalCode = 01030, street = Insurgentes Sur 1940, CN = Autoridad Certificadora Raiz de la Secretaria de Economia, OU = Direccion General de Normatividad Mercantil, O = Secretaria de Economia, emailAddress = [email protected]
notAfter=May  8 00:00:00 2025 GMT
Validating cert: cert.33.crt
subject=CN = Autoridad Certificadora Ra\C3\ADz Nacional de Uruguay, O = AGESIC, C = UY
notAfter=Oct 29 15:02:49 2031 GMT
Validating cert: cert.34.crt
subject=C = ES, CN = Autoridad de Certificacion Firmaprofesional CIF A62634068
notAfter=May  5 15:22:07 2036 GMT
Validating cert: cert.35.crt
subject=CN = Autoridad de Certificacion Raiz del Estado Venezolano, C = VE, L = Caracas, ST = Distrito Capital, O = Sistema Nacional de Certificacion Electronica, OU = Superintendencia de Servicios de Certificacion Electronica, emailAddress = [email protected]
notAfter=Dec 23 23:59:59 2030 GMT
Validating cert: cert.36.crt
subject=C = ES, O = Consejo General de la Abogacia NIF:Q-2863006I, CN = Autoridad de Certificacion de la Abogacia
notAfter=Jun 13 22:00:00 2030 GMT
Validating cert: cert.37.crt
subject=C = CN, O = BEIJING CERTIFICATE AUTHORITY, CN = BJCA Global Root CA1
notAfter=Dec 12 03:16:17 2044 GMT
Validating cert: cert.38.crt
subject=C = CN, O = BEIJING CERTIFICATE AUTHORITY, CN = BJCA Global Root CA2
notAfter=Dec 12 03:18:21 2044 GMT
Validating cert: cert.39.crt
subject=C = GR, O = BYTE Computer S.A., CN = BYTE Root Certification Authority 001
notAfter=Sep 10 22:01:54 2039 GMT
Validating cert: cert.4.crt
subject=CN = ACEDICOM Root, OU = PKI, O = EDICOM, C = ES
notAfter=Apr 13 16:24:22 2028 GMT
Validating cert: cert.40.crt
subject=C = IE, O = Baltimore, OU = CyberTrust, CN = Baltimore CyberTrust Root
notAfter=May 12 23:59:00 2025 GMT
Validating cert: cert.41.crt
subject=C = NO, O = Buypass AS-983163327, CN = Buypass Class 2 Root CA
notAfter=Oct 26 08:38:03 2040 GMT
Validating cert: cert.42.crt
subject=C = NO, O = Buypass AS-983163327, CN = Buypass Class 3 Root CA
notAfter=Oct 26 08:28:58 2040 GMT
Validating cert: cert.43.crt
subject=CN = CAEDICOM Root, O = EDICOM, C = ES
notAfter=May 21 10:20:00 2034 GMT
Validating cert: cert.44.crt
subject=C = SK, L = Bratislava, O = Disig a.s., CN = CA Disig Root R1
notAfter=Jul 19 09:06:56 2042 GMT
Validating cert: cert.45.crt
subject=C = SK, L = Bratislava, O = Disig a.s., CN = CA Disig Root R2
notAfter=Jul 19 09:15:30 2042 GMT
Validating cert: cert.46.crt
subject=C = CN, O = WoSign CA Limited, CN = CA WoSign ECC Root
notAfter=Nov  8 00:58:58 2044 GMT
Validating cert: cert.47.crt
subject=C = CN, O = WoSign CA Limited, CN = CA \E6\B2\83\E9\80\9A\E6\A0\B9\E8\AF\81\E4\B9\A6
notAfter=Aug  8 01:00:01 2039 GMT
Validating cert: cert.48.crt
subject=C = IN, O = India PKI, CN = CCA India 2015 SPL
notAfter=Jan 29 11:36:43 2025 GMT
Validating cert: cert.49.crt
subject=C = CN, O = China Financial Certification Authority, CN = CFCA EV ROOT
notAfter=Dec 31 03:07:01 2029 GMT
Validating cert: cert.5.crt
subject=C = ES, O = DIRECCION GENERAL DE LA POLICIA, OU = DNIE, CN = AC RAIZ DNIE
notAfter=Feb  8 22:59:59 2036 GMT
Validating cert: cert.50.crt
subject=C = CN, O = CFCA GT CA
notAfter=Jun  9 08:15:09 2026 GMT
Validating cert: cert.51.crt
subject=C = ES, ST = MADRID, L = MADRID, OU = see current address at www.camerfirma.com/address, OU = CHAMBERS OF COMMERCE ROOT - 2016, serialNumber = A82743287, organizationIdentifier = VATES-A82743287, O = AC CAMERFIRMA S.A., CN = CHAMBERS OF COMMERCE ROOT - 2016
notAfter=Apr  8 07:35:48 2040 GMT
Validating cert: cert.52.crt
subject=C = CA, O = Carillon Information Security Inc., OU = Certification Authorities, CN = CISRCA1
notAfter=Oct 16 18:28:33 2032 GMT
Validating cert: cert.53.crt
subject=C = CN, O = CNNIC, CN = CNNIC ROOT
notAfter=Apr 16 07:09:14 2027 GMT
Validating cert: cert.54.crt
subject=C = GB, ST = Greater Manchester, L = Salford, O = COMODO CA Limited, CN = COMODO Certification Authority
notAfter=Dec 31 23:59:59 2029 GMT
Validating cert: cert.55.crt
subject=C = GB, ST = Greater Manchester, L = Salford, O = COMODO CA Limited, CN = COMODO ECC Certification Authority
notAfter=Jan 18 23:59:59 2038 GMT
Validating cert: cert.56.crt
subject=C = GB, ST = Greater Manchester, L = Salford, O = COMODO CA Limited, CN = COMODO RSA Certification Authority
notAfter=Jan 18 23:59:59 2038 GMT
Validating cert: cert.57.crt
subject=C = US, O = Certainly, CN = Certainly Root E1
notAfter=Apr  1 00:00:00 2046 GMT
Validating cert: cert.58.crt
subject=C = US, O = Certainly, CN = Certainly Root R1
notAfter=Apr  1 00:00:00 2046 GMT
Validating cert: cert.59.crt
subject=C = CN, O = WoSign CA Limited, CN = Certification Authority of WoSign
notAfter=Aug  8 01:00:01 2039 GMT
Validating cert: cert.6.crt
subject=C = ES, O = FNMT-RCM, OU = AC RAIZ FNMT-RCM
notAfter=Jan  1 00:00:00 2030 GMT
Validating cert: cert.60.crt
subject=C = CN, O = WoSign CA Limited, CN = Certification Authority of WoSign G2
notAfter=Nov  8 00:58:58 2044 GMT
Validating cert: cert.61.crt
subject=C = FR, O = Dhimyotis, CN = Certigna
notAfter=Jun 29 15:13:05 2027 GMT
Validating cert: cert.62.crt
subject=C = FR, O = Dhimyotis, OU = 0002 48146308100036, CN = Certigna Root CA
notAfter=Oct  1 08:32:27 2033 GMT
Validating cert: cert.63.crt
subject=C = FR, O = Certinomis, OU = 0002 433998903, CN = Certinomis - Autorit\C3\A9 Racine
notAfter=Sep 17 08:28:59 2028 GMT
Validating cert: cert.64.crt
subject=C = BE, O = Certipost s.a./n.v., CN = Certipost E-Trust TOP Root CA
notAfter=Jul 26 10:00:00 2025 GMT
Validating cert: cert.65.crt
subject=C = FR, O = Certplus, CN = Certplus Root CA G1
notAfter=Jan 15 00:00:00 2038 GMT
Validating cert: cert.66.crt
subject=C = FR, O = Certplus, CN = Certplus Root CA G2
notAfter=Jan 15 00:00:00 2038 GMT
Validating cert: cert.67.crt
subject=C = PL, O = Asseco Data Systems S.A., OU = Certum Certification Authority, CN = Certum EC-384 CA
notAfter=Mar 26 07:24:54 2043 GMT
Validating cert: cert.68.crt
subject=C = PL, O = Unizeto Sp. z o.o., CN = Certum CA
notAfter=Jun 11 10:46:39 2027 GMT
Validating cert: cert.69.crt
subject=C = PL, O = Unizeto Technologies S.A., OU = Certum Certification Authority, CN = Certum Trusted Network CA
notAfter=Dec 31 12:07:37 2029 GMT
Validating cert: cert.7.crt
subject=C = ES, O = FNMT-RCM, OU = Ceres, organizationIdentifier = VATES-Q2826004J, CN = AC RAIZ FNMT-RCM SERVIDORES SEGUROS
notAfter=Dec 20 09:37:33 2043 GMT
Validating cert: cert.70.crt
subject=C = PL, O = Unizeto Technologies S.A., OU = Certum Certification Authority, CN = Certum Trusted Network CA 2
notAfter=Oct  6 08:39:56 2046 GMT
Validating cert: cert.71.crt
subject=C = PL, O = Asseco Data Systems S.A., OU = Certum Certification Authority, CN = Certum Trusted Root CA
notAfter=Mar 16 12:10:13 2043 GMT
Validating cert: cert.72.crt
subject=C = EU, O = AC Camerfirma SA CIF A82743287, OU = http://www.chambersign.org, CN = Chambers of Commerce Root
notAfter=Sep 30 16:13:44 2037 GMT
Validating cert: cert.73.crt
subject=C = EU, L = Madrid (see current address at www.camerfirma.com/address), serialNumber = A82743287, O = AC Camerfirma S.A., CN = Chambers of Commerce Root - 2008
notAfter=Jul 31 12:29:50 2038 GMT
Validating cert: cert.74.crt
subject=C = CN, O = China Internet Network Information Center, CN = China Internet Network Information Center EV Certificates Root
notAfter=Aug 31 07:11:25 2030 GMT
Validating cert: cert.75.crt
subject=O = Cisco Systems, CN = Cisco Root CA 2048
notAfter=May 14 20:25:42 2029 GMT
Validating cert: cert.76.crt
subject=CN = ComSign Advanced Security CA
notAfter=Mar 24 21:55:55 2029 GMT
Validating cert: cert.77.crt
subject=CN = ComSign CA, O = ComSign, C = IL
notAfter=Mar 19 15:02:18 2029 GMT
Validating cert: cert.78.crt
subject=CN = ComSign Secured CA, O = ComSign, C = IL
notAfter=Mar 16 15:04:56 2029 GMT
Validating cert: cert.79.crt
subject=C = US, O = CommScope, CN = CommScope Public Trust ECC Root-01
notAfter=Apr 28 17:35:42 2046 GMT
Validating cert: cert.8.crt
subject=C = CO, O = Sociedad Cameral de Certificaci\C3\B3n Digital - Certic\C3\A1mara S.A., CN = AC Ra\C3\ADz Certic\C3\A1mara S.A.
notAfter=Apr  2 21:42:02 2030 GMT
Validating cert: cert.80.crt
subject=C = US, O = CommScope, CN = CommScope Public Trust ECC Root-02
notAfter=Apr 28 17:44:53 2046 GMT
Validating cert: cert.81.crt
subject=C = US, O = CommScope, CN = CommScope Public Trust RSA Root-01
notAfter=Apr 28 16:45:53 2046 GMT
Validating cert: cert.82.crt
subject=C = US, O = CommScope, CN = CommScope Public Trust RSA Root-02
notAfter=Apr 28 17:16:42 2046 GMT
Validating cert: cert.83.crt
subject=C = us, O = U.S. Government, OU = FBCA, CN = Common Policy
notAfter=Oct 15 16:08:00 2027 GMT
Validating cert: cert.84.crt
subject=C = GB, ST = Greater Manchester, L = Salford, O = Comodo CA Limited, CN = AAA Certificate Services
notAfter=Dec 31 23:59:59 2028 GMT
Validating cert: cert.85.crt
subject=DC = rs, DC = posta, DC = ca, CN = Configuration, CN = Services, CN = Public Key Services, CN = AIA, CN = Posta CA Root
notAfter=Oct 20 12:52:08 2028 GMT
Validating cert: cert.86.crt
subject=C = UY, O = ADMINISTRACION NACIONAL DE CORREOS, OU = SERVICIOS ELECTRONICOS, CN = Correo Uruguayo - Root CA
notAfter=Dec 31 02:59:59 2030 GMT
Validating cert: cert.87.crt
subject=C = DE, O = D-Trust GmbH, CN = D-TRUST BR Root CA 1 2020
notAfter=Feb 11 09:44:59 2035 GMT
Validating cert: cert.88.crt
subject=C = DE, O = D-Trust GmbH, CN = D-TRUST EV Root CA 1 2020
notAfter=Feb 11 09:59:59 2035 GMT
Validating cert: cert.89.crt
subject=C = DE, O = D-Trust GmbH, CN = D-TRUST Root CA 3 2013
notAfter=Sep 20 08:25:51 2028 GMT
Validating cert: cert.9.crt
subject=C = ES, O = Agencia Notarial de Certificacion S.L.U. - CIF B83395988, CN = ANCERT Certificados CGN V2
notAfter=May 25 16:31:23 2030 GMT
Validating cert: cert.90.crt
subject=C = DE, O = D-Trust GmbH, CN = D-TRUST Root Class 3 CA 2 2009
notAfter=Nov  5 08:35:58 2029 GMT
Validating cert: cert.91.crt
subject=C = DE, O = D-Trust GmbH, CN = D-TRUST Root Class 3 CA 2 EV 2009
notAfter=Nov  5 08:50:46 2029 GMT
Validating cert: cert.92.crt
subject=C = PT, O = DigitalSign Certificadora Digital, CN = DIGITALSIGN GLOBAL ROOT ECDSA CA
notAfter=Jan 15 11:07:50 2046 GMT
Validating cert: cert.93.crt
subject=C = PT, O = DigitalSign Certificadora Digital, CN = DIGITALSIGN GLOBAL ROOT RSA CA
notAfter=Jan 15 10:50:34 2046 GMT
Validating cert: cert.94.crt
subject=C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert Assured ID Root CA
notAfter=Nov 10 00:00:00 2031 GMT
Validating cert: cert.95.crt
subject=C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert Assured ID Root G2
notAfter=Jan 15 12:00:00 2038 GMT
Validating cert: cert.96.crt
subject=C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert Assured ID Root G3
notAfter=Jan 15 12:00:00 2038 GMT
Validating cert: cert.97.crt
subject=C = US, O = "DigiCert, Inc.", CN = DigiCert CS ECC P384 Root G5
notAfter=Jan 14 23:59:59 2046 GMT
Validating cert: cert.98.crt
subject=C = US, O = "DigiCert, Inc.", CN = DigiCert CS RSA4096 Root G5
notAfter=Jan 14 23:59:59 2046 GMT
Validating cert: cert.99.crt
subject=C = US, O = "DigiCert, Inc.", CN = DigiCert ECC P384 Root G5
notAfter=Jan 14 23:59:59 2046 GMT
[ec2-user@ip-172-31-42-212 ~]$

@jordarlu
Copy link

here is the test on AL2

$ for cert_file in cert.*.crt;do echo "Validating cert: $cert_file"; openssl x509 -subject -enddate -noout -in "$cert_file"; done
Validating cert: cert.0.crt
unable to load certificate
139801642735520:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:707:Expecting: TRUSTED CERTIFICATE
Validating cert: cert.100.crt
subject= /C=HU/L=Budapest/O=Microsec Ltd./CN=Microsec e-Szigno Root CA 2009/[email protected]
notAfter=Dec 30 11:30:18 2029 GMT
Validating cert: cert.101.crt
subject= /C=US/O=Microsoft Corporation/CN=Microsoft ECC Root Certificate Authority 2017
notAfter=Jul 18 23:16:04 2042 GMT
Validating cert: cert.102.crt
subject= /C=US/O=Microsoft Corporation/CN=Microsoft RSA Root Certificate Authority 2017
notAfter=Jul 18 23:00:23 2042 GMT
Validating cert: cert.103.crt
subject= /C=KR/O=NAVER BUSINESS PLATFORM Corp./CN=NAVER Global Root Certification Authority
notAfter=Aug 18 23:59:59 2037 GMT
Validating cert: cert.104.crt
subject= /C=HU/L=Budapest/O=NetLock Kft./OU=Tan\xC3\xBAs\xC3\xADtv\xC3\xA1nykiad\xC3\xB3k (Certification Services)/CN=NetLock Arany (Class Gold) F\xC5\x91tan\xC3\xBAs\xC3\xADtv\xC3\xA1ny
notAfter=Dec  6 15:08:21 2028 GMT
Validating cert: cert.105.crt
subject= /C=CH/O=WISeKey/OU=Copyright (c) 2005/OU=OISTE Foundation Endorsed/CN=OISTE WISeKey Global Root GA CA
notAfter=Dec 11 16:09:51 2037 GMT
Validating cert: cert.106.crt
subject= /C=CH/O=WISeKey/OU=OISTE Foundation Endorsed/CN=OISTE WISeKey Global Root GB CA
notAfter=Dec  1 15:10:31 2039 GMT
Validating cert: cert.107.crt
subject= /C=CH/O=WISeKey/OU=OISTE Foundation Endorsed/CN=OISTE WISeKey Global Root GC CA
notAfter=May  9 09:58:33 2042 GMT
Validating cert: cert.108.crt
subject= /C=BM/O=QuoVadis Limited/CN=QuoVadis Root CA 1 G3
notAfter=Jan 12 17:27:44 2042 GMT
Validating cert: cert.109.crt
subject= /C=BM/O=QuoVadis Limited/CN=QuoVadis Root CA 2
notAfter=Nov 24 18:23:33 2031 GMT
Validating cert: cert.10.crt
subject= /C=US/O=Amazon/CN=Amazon Root CA 1
notAfter=Jan 17 00:00:00 2038 GMT
Validating cert: cert.110.crt
subject= /C=BM/O=QuoVadis Limited/CN=QuoVadis Root CA 2 G3
notAfter=Jan 12 18:59:32 2042 GMT
Validating cert: cert.111.crt
subject= /C=BM/O=QuoVadis Limited/CN=QuoVadis Root CA 3
notAfter=Nov 24 19:06:44 2031 GMT
Validating cert: cert.112.crt
subject= /C=BM/O=QuoVadis Limited/CN=QuoVadis Root CA 3 G3
notAfter=Jan 12 20:26:32 2042 GMT
Validating cert: cert.113.crt
subject= /C=US/O=SSL Corporation/CN=SSL.com Client ECC Root CA 2022
notAfter=Aug 19 16:30:31 2046 GMT
Validating cert: cert.114.crt
subject= /C=US/O=SSL Corporation/CN=SSL.com Client RSA Root CA 2022
notAfter=Aug 19 16:31:06 2046 GMT
Validating cert: cert.115.crt
subject= /C=US/ST=Texas/L=Houston/O=SSL Corporation/CN=SSL.com EV Root Certification Authority ECC
notAfter=Feb 12 18:15:23 2041 GMT
Validating cert: cert.116.crt
subject= /C=US/ST=Texas/L=Houston/O=SSL Corporation/CN=SSL.com EV Root Certification Authority RSA R2
notAfter=May 30 18:14:37 2042 GMT
Validating cert: cert.117.crt
subject= /C=US/ST=Texas/L=Houston/O=SSL Corporation/CN=SSL.com Root Certification Authority ECC
notAfter=Feb 12 18:14:03 2041 GMT
Validating cert: cert.118.crt
subject= /C=US/ST=Texas/L=Houston/O=SSL Corporation/CN=SSL.com Root Certification Authority RSA
notAfter=Feb 12 17:39:39 2041 GMT
Validating cert: cert.119.crt
subject= /C=US/O=SSL Corporation/CN=SSL.com TLS ECC Root CA 2022
notAfter=Aug 19 16:33:47 2046 GMT
Validating cert: cert.11.crt
subject= /C=US/O=Amazon/CN=Amazon Root CA 2
notAfter=May 26 00:00:00 2040 GMT
Validating cert: cert.120.crt
subject= /C=US/O=SSL Corporation/CN=SSL.com TLS RSA Root CA 2022
notAfter=Aug 19 16:34:21 2046 GMT
Validating cert: cert.121.crt
subject= /C=PL/O=Krajowa Izba Rozliczeniowa S.A./CN=SZAFIR ROOT CA2
notAfter=Oct 19 07:43:30 2035 GMT
Validating cert: cert.122.crt
subject= /C=GB/O=Sectigo Limited/CN=Sectigo Public Email Protection Root E46
notAfter=Mar 21 23:59:59 2046 GMT
Validating cert: cert.123.crt
subject= /C=GB/O=Sectigo Limited/CN=Sectigo Public Email Protection Root R46
notAfter=Mar 21 23:59:59 2046 GMT
Validating cert: cert.124.crt
subject= /C=GB/O=Sectigo Limited/CN=Sectigo Public Server Authentication Root E46
notAfter=Mar 21 23:59:59 2046 GMT
Validating cert: cert.125.crt
subject= /C=GB/O=Sectigo Limited/CN=Sectigo Public Server Authentication Root R46
notAfter=Mar 21 23:59:59 2046 GMT
Validating cert: cert.126.crt
subject= /C=JP/O=Japan Certification Services, Inc./CN=SecureSign RootCA11
notAfter=Apr  8 04:56:47 2029 GMT
Validating cert: cert.127.crt
subject= /C=US/O=SecureTrust Corporation/CN=SecureTrust CA
notAfter=Dec 31 19:40:55 2029 GMT
Validating cert: cert.128.crt
subject= /C=US/O=SecureTrust Corporation/CN=Secure Global CA
notAfter=Dec 31 19:52:06 2029 GMT
Validating cert: cert.129.crt
subject= /C=JP/O=SECOM Trust Systems CO.,LTD./CN=Security Communication ECC RootCA1
notAfter=Jan 18 05:15:28 2038 GMT
Validating cert: cert.12.crt
subject= /C=US/O=Amazon/CN=Amazon Root CA 3
notAfter=May 26 00:00:00 2040 GMT
Validating cert: cert.130.crt
subject= /C=JP/O=SECOM Trust Systems CO.,LTD./OU=Security Communication RootCA2
notAfter=May 29 05:00:39 2029 GMT
Validating cert: cert.131.crt

subject= /C=JP/O=SECOM Trust Systems CO.,LTD./CN=Security Communication RootCA3
notAfter=Jan 18 06:17:16 2038 GMT
Validating cert: cert.132.crt
subject= /C=NL/O=Staat der Nederlanden/CN=Staat der Nederlanden Root CA - G3
notAfter=Nov 13 23:00:00 2028 GMT
Validating cert: cert.133.crt
subject= /C=US/O=Starfield Technologies, Inc./OU=Starfield Class 2 Certification Authority
notAfter=Jun 29 17:39:16 2034 GMT
Validating cert: cert.134.crt
subject= /C=US/ST=Arizona/L=Scottsdale/O=Starfield Technologies, Inc./CN=Starfield Root Certificate Authority - G2
notAfter=Dec 31 23:59:59 2037 GMT
Validating cert: cert.135.crt
subject= /C=US/ST=Arizona/L=Scottsdale/O=Starfield Technologies, Inc./CN=Starfield Services Root Certificate Authority - G2
notAfter=Dec 31 23:59:59 2037 GMT
Validating cert: cert.136.crt
subject= /C=CH/O=SwissSign AG/CN=SwissSign Gold CA - G2
notAfter=Oct 25 08:30:35 2036 GMT
Validating cert: cert.137.crt
subject= /C=CH/O=SwissSign AG/CN=SwissSign Silver CA - G2
notAfter=Oct 25 08:32:46 2036 GMT
Validating cert: cert.138.crt
subject= /C=DE/O=T-Systems Enterprise Services GmbH/OU=T-Systems Trust Center/CN=T-TeleSec GlobalRoot Class 2
notAfter=Oct  1 23:59:59 2033 GMT
Validating cert: cert.139.crt
subject= /C=DE/O=T-Systems Enterprise Services GmbH/OU=T-Systems Trust Center/CN=T-TeleSec GlobalRoot Class 3
notAfter=Oct  1 23:59:59 2033 GMT
Validating cert: cert.13.crt
subject= /C=US/O=Amazon/CN=Amazon Root CA 4
notAfter=May 26 00:00:00 2040 GMT
Validating cert: cert.140.crt
subject= /C=TR/L=Gebze - Kocaeli/O=Turkiye Bilimsel ve Teknolojik Arastirma Kurumu - TUBITAK/OU=Kamu Sertifikasyon Merkezi - Kamu SM/CN=TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1
notAfter=Oct 25 08:25:55 2043 GMT
Validating cert: cert.141.crt
subject= /C=TW/O=TAIWAN-CA/OU=Root CA/CN=TWCA Global Root CA
notAfter=Dec 31 15:59:59 2030 GMT
Validating cert: cert.142.crt
subject= /C=TW/O=TAIWAN-CA/OU=Root CA/CN=TWCA Root Certification Authority
notAfter=Dec 31 15:59:59 2030 GMT
Validating cert: cert.143.crt
subject= /O=TeliaSonera/CN=TeliaSonera Root CA v1
notAfter=Oct 18 12:00:50 2032 GMT
Validating cert: cert.144.crt
subject= /C=FI/O=Telia Finland Oyj/CN=Telia Root CA v2
notAfter=Nov 29 11:55:54 2043 GMT
Validating cert: cert.145.crt
subject= /C=CN/O=TrustAsia Technologies, Inc./CN=TrustAsia Global Root CA G3
notAfter=May 19 02:10:19 2046 GMT
Validating cert: cert.146.crt
subject= /C=CN/O=TrustAsia Technologies, Inc./CN=TrustAsia Global Root CA G4
notAfter=May 19 02:10:22 2046 GMT
Validating cert: cert.147.crt
subject= /C=US/ST=Illinois/L=Chicago/O=Trustwave Holdings, Inc./CN=Trustwave Global Certification Authority
notAfter=Aug 23 19:34:12 2042 GMT
Validating cert: cert.148.crt
subject= /C=US/ST=Illinois/L=Chicago/O=Trustwave Holdings, Inc./CN=Trustwave Global ECC P256 Certification Authority
notAfter=Aug 23 19:35:10 2042 GMT
Validating cert: cert.149.crt
subject= /C=US/ST=Illinois/L=Chicago/O=Trustwave Holdings, Inc./CN=Trustwave Global ECC P384 Certification Authority
notAfter=Aug 23 19:36:43 2042 GMT
Validating cert: cert.14.crt
subject= /CN=Atos TrustedRoot 2011/O=Atos/C=DE
notAfter=Dec 31 23:59:59 2030 GMT
Validating cert: cert.150.crt
subject= /C=TN/O=Agence Nationale de Certification Electronique/CN=TunTrust Root CA
notAfter=Apr 26 08:57:56 2044 GMT
Validating cert: cert.151.crt
subject= /C=CN/O=UniTrust/CN=UCA Extended Validation Root
notAfter=Dec 31 00:00:00 2038 GMT
Validating cert: cert.152.crt
subject= /C=CN/O=UniTrust/CN=UCA Global G2 Root
notAfter=Dec 31 00:00:00 2040 GMT
Validating cert: cert.153.crt
subject= /C=US/ST=New Jersey/L=Jersey City/O=The USERTRUST Network/CN=USERTrust ECC Certification Authority
notAfter=Jan 18 23:59:59 2038 GMT
Validating cert: cert.154.crt
subject= /C=US/ST=New Jersey/L=Jersey City/O=The USERTRUST Network/CN=USERTrust RSA Certification Authority
notAfter=Jan 18 23:59:59 2038 GMT
Validating cert: cert.155.crt
subject= /C=US/OU=www.xrampsecurity.com/O=XRamp Security Services Inc/CN=XRamp Global Certification Authority
notAfter=Jan  1 05:37:19 2035 GMT
Validating cert: cert.156.crt
subject= /C=RO/O=certSIGN/OU=certSIGN ROOT CA
notAfter=Jul  4 17:20:04 2031 GMT
Validating cert: cert.157.crt
subject= /C=RO/O=CERTSIGN SA/OU=certSIGN ROOT CA G2
notAfter=Feb  6 09:27:35 2042 GMT
Validating cert: cert.158.crt
subject= /C=HU/L=Budapest/O=Microsec Ltd./2.5.4.97=VATHU-23584497/CN=e-Szigno Root CA 2017
notAfter=Aug 22 12:07:06 2042 GMT
Validating cert: cert.159.crt
subject= /C=TW/O=Chunghwa Telecom Co., Ltd./OU=ePKI Root Certification Authority
notAfter=Dec 20 02:31:27 2034 GMT
Validating cert: cert.15.crt
subject= /C=DE/O=Atos/CN=Atos TrustedRoot Root CA ECC G2 2020
notAfter=Dec 10 08:39:09 2040 GMT
Validating cert: cert.160.crt
subject= /C=US/OU=emSign PKI/O=eMudhra Inc/CN=emSign ECC Root CA - C3
notAfter=Feb 18 18:30:00 2043 GMT
Validating cert: cert.161.crt
subject= /C=IN/OU=emSign PKI/O=eMudhra Technologies Limited/CN=emSign ECC Root CA - G3
notAfter=Feb 18 18:30:00 2043 GMT
Validating cert: cert.162.crt
subject= /C=US/OU=emSign PKI/O=eMudhra Inc/CN=emSign Root CA - C1
notAfter=Feb 18 18:30:00 2043 GMT
Validating cert: cert.163.crt
subject= /C=IN/OU=emSign PKI/O=eMudhra Technologies Limited/CN=emSign Root CA - G1
notAfter=Feb 18 18:30:00 2043 GMT
Validating cert: cert.164.crt
subject= /C=CN/O=iTrusChina Co.,Ltd./CN=vTrus ECC Root CA
notAfter=Jul 31 07:26:44 2043 GMT
Validating cert: cert.165.crt
subject= /C=CN/O=iTrusChina Co.,Ltd./CN=vTrus Root CA
notAfter=Jul 31 07:24:05 2043 GMT
Validating cert: cert.16.crt
subject= /CN=Atos TrustedRoot Root CA ECC TLS 2021/O=Atos/C=DE
notAfter=Apr 17 09:26:22 2041 GMT
Validating cert: cert.17.crt
subject= /C=DE/O=Atos/CN=Atos TrustedRoot Root CA RSA G2 2020
notAfter=Dec 10 08:41:22 2040 GMT
Validating cert: cert.18.crt
subject= /CN=Atos TrustedRoot Root CA RSA TLS 2021/O=Atos/C=DE
notAfter=Apr 17 09:21:09 2041 GMT
Validating cert: cert.19.crt
subject= /C=ES/CN=Autoridad de Certificacion Firmaprofesional CIF A62634068
notAfter=May  5 15:22:07 2036 GMT
Validating cert: cert.1.crt
subject= /CN=ACCVRAIZ1/OU=PKIACCV/O=ACCV/C=ES
notAfter=Dec 31 09:37:37 2030 GMT
Validating cert: cert.20.crt
subject= /C=CN/O=BEIJING CERTIFICATE AUTHORITY/CN=BJCA Global Root CA1
notAfter=Dec 12 03:16:17 2044 GMT
Validating cert: cert.21.crt
subject= /C=CN/O=BEIJING CERTIFICATE AUTHORITY/CN=BJCA Global Root CA2
notAfter=Dec 12 03:18:21 2044 GMT
Validating cert: cert.22.crt
subject= /C=IE/O=Baltimore/OU=CyberTrust/CN=Baltimore CyberTrust Root
notAfter=May 12 23:59:00 2025 GMT
Validating cert: cert.23.crt
subject= /C=NO/O=Buypass AS-983163327/CN=Buypass Class 2 Root CA
notAfter=Oct 26 08:38:03 2040 GMT
Validating cert: cert.24.crt
subject= /C=NO/O=Buypass AS-983163327/CN=Buypass Class 3 Root CA
notAfter=Oct 26 08:28:58 2040 GMT
Validating cert: cert.25.crt
subject= /C=SK/L=Bratislava/O=Disig a.s./CN=CA Disig Root R2
notAfter=Jul 19 09:15:30 2042 GMT
Validating cert: cert.26.crt
subject= /C=CN/O=China Financial Certification Authority/CN=CFCA EV ROOT
notAfter=Dec 31 03:07:01 2029 GMT
Validating cert: cert.27.crt
subject= /C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO Certification Authority
notAfter=Dec 31 23:59:59 2029 GMT
Validating cert: cert.28.crt
subject= /C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO ECC Certification Authority
notAfter=Jan 18 23:59:59 2038 GMT
Validating cert: cert.29.crt
subject= /C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Certification Authority
notAfter=Jan 18 23:59:59 2038 GMT
Validating cert: cert.2.crt
subject= /C=ES/O=FNMT-RCM/OU=AC RAIZ FNMT-RCM
notAfter=Jan  1 00:00:00 2030 GMT
Validating cert: cert.30.crt
subject= /C=US/O=Certainly/CN=Certainly Root E1
notAfter=Apr  1 00:00:00 2046 GMT
Validating cert: cert.31.crt
subject= /C=US/O=Certainly/CN=Certainly Root R1
notAfter=Apr  1 00:00:00 2046 GMT
Validating cert: cert.32.crt
subject= /C=FR/O=Dhimyotis/CN=Certigna
notAfter=Jun 29 15:13:05 2027 GMT
Validating cert: cert.33.crt
subject= /C=FR/O=Dhimyotis/OU=0002 48146308100036/CN=Certigna Root CA
notAfter=Oct  1 08:32:27 2033 GMT
Validating cert: cert.34.crt
subject= /C=PL/O=Asseco Data Systems S.A./OU=Certum Certification Authority/CN=Certum EC-384 CA
notAfter=Mar 26 07:24:54 2043 GMT
Validating cert: cert.35.crt
subject= /C=PL/O=Unizeto Sp. z o.o./CN=Certum CA
notAfter=Jun 11 10:46:39 2027 GMT
Validating cert: cert.36.crt
subject= /C=PL/O=Unizeto Technologies S.A./OU=Certum Certification Authority/CN=Certum Trusted Network CA
notAfter=Dec 31 12:07:37 2029 GMT
Validating cert: cert.37.crt
subject= /C=PL/O=Unizeto Technologies S.A./OU=Certum Certification Authority/CN=Certum Trusted Network CA 2
notAfter=Oct  6 08:39:56 2046 GMT
Validating cert: cert.38.crt
subject= /C=PL/O=Asseco Data Systems S.A./OU=Certum Certification Authority/CN=Certum Trusted Root CA
notAfter=Mar 16 12:10:13 2043 GMT
Validating cert: cert.39.crt
subject= /C=US/O=CommScope/CN=CommScope Public Trust ECC Root-01
notAfter=Apr 28 17:35:42 2046 GMT
Validating cert: cert.3.crt
subject= /C=ES/O=FNMT-RCM/OU=Ceres/2.5.4.97=VATES-Q2826004J/CN=AC RAIZ FNMT-RCM SERVIDORES SEGUROS
notAfter=Dec 20 09:37:33 2043 GMT
Validating cert: cert.40.crt
subject= /C=US/O=CommScope/CN=CommScope Public Trust ECC Root-02
notAfter=Apr 28 17:44:53 2046 GMT
Validating cert: cert.41.crt
subject= /C=US/O=CommScope/CN=CommScope Public Trust RSA Root-01
notAfter=Apr 28 16:45:53 2046 GMT
Validating cert: cert.42.crt
subject= /C=US/O=CommScope/CN=CommScope Public Trust RSA Root-02
notAfter=Apr 28 17:16:42 2046 GMT
Validating cert: cert.43.crt
subject= /C=GB/ST=Greater Manchester/L=Salford/O=Comodo CA Limited/CN=AAA Certificate Services
notAfter=Dec 31 23:59:59 2028 GMT
Validating cert: cert.44.crt
subject= /C=DE/O=D-Trust GmbH/CN=D-TRUST BR Root CA 1 2020
notAfter=Feb 11 09:44:59 2035 GMT
Validating cert: cert.45.crt
subject= /C=DE/O=D-Trust GmbH/CN=D-TRUST EV Root CA 1 2020
notAfter=Feb 11 09:59:59 2035 GMT
Validating cert: cert.46.crt
subject= /C=DE/O=D-Trust GmbH/CN=D-TRUST Root CA 3 2013
notAfter=Sep 20 08:25:51 2028 GMT
Validating cert: cert.47.crt
subject= /C=DE/O=D-Trust GmbH/CN=D-TRUST Root Class 3 CA 2 2009
notAfter=Nov  5 08:35:58 2029 GMT
Validating cert: cert.48.crt
subject= /C=DE/O=D-Trust GmbH/CN=D-TRUST Root Class 3 CA 2 EV 2009
notAfter=Nov  5 08:50:46 2029 GMT
Validating cert: cert.49.crt
subject= /C=PT/O=DigitalSign Certificadora Digital/CN=DIGITALSIGN GLOBAL ROOT ECDSA CA
notAfter=Jan 15 11:07:50 2046 GMT
Validating cert: cert.4.crt
subject= /serialNumber=G63287510/C=ES/O=ANF Autoridad de Certificacion/OU=ANF CA Raiz/CN=ANF Secure Server Root CA
notAfter=Aug 30 10:00:38 2039 GMT
Validating cert: cert.50.crt
subject= /C=PT/O=DigitalSign Certificadora Digital/CN=DIGITALSIGN GLOBAL ROOT RSA CA
notAfter=Jan 15 10:50:34 2046 GMT
Validating cert: cert.51.crt
subject= /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Assured ID Root CA
notAfter=Nov 10 00:00:00 2031 GMT
Validating cert: cert.52.crt
subject= /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Assured ID Root G2
notAfter=Jan 15 12:00:00 2038 GMT
Validating cert: cert.53.crt
subject= /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Assured ID Root G3
notAfter=Jan 15 12:00:00 2038 GMT
Validating cert: cert.54.crt
subject= /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Global Root CA
notAfter=Nov 10 00:00:00 2031 GMT
Validating cert: cert.55.crt
subject= /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Global Root G2
notAfter=Jan 15 12:00:00 2038 GMT
Validating cert: cert.56.crt
subject= /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Global Root G3
notAfter=Jan 15 12:00:00 2038 GMT
Validating cert: cert.57.crt
subject= /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert High Assurance EV Root CA
notAfter=Nov 10 00:00:00 2031 GMT
Validating cert: cert.58.crt
subject= /C=US/O=DigiCert, Inc./CN=DigiCert SMIME ECC P384 Root G5
notAfter=Jan 14 23:59:59 2046 GMT
Validating cert: cert.59.crt
subject= /C=US/O=DigiCert, Inc./CN=DigiCert SMIME RSA4096 Root G5
notAfter=Jan 14 23:59:59 2046 GMT
Validating cert: cert.5.crt
subject= /C=IT/L=Milan/O=Actalis S.p.A./03358520967/CN=Actalis Authentication Root CA
notAfter=Sep 22 11:22:02 2030 GMT
Validating cert: cert.60.crt
subject= /C=US/O=DigiCert, Inc./CN=DigiCert TLS ECC P384 Root G5
notAfter=Jan 14 23:59:59 2046 GMT
Validating cert: cert.61.crt
subject= /C=US/O=DigiCert, Inc./CN=DigiCert TLS RSA4096 Root G5
notAfter=Jan 14 23:59:59 2046 GMT
Validating cert: cert.62.crt
subject= /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Trusted Root G4
notAfter=Jan 15 12:00:00 2038 GMT
Validating cert: cert.63.crt
subject= /O=Entrust.net/OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)/OU=(c) 1999 Entrust.net Limited/CN=Entrust.net Certification Authority (2048)
notAfter=Jul 24 14:15:12 2029 GMT
Validating cert: cert.64.crt
subject= /C=US/O=Entrust, Inc./OU=www.entrust.net/CPS is incorporated by reference/OU=(c) 2006 Entrust, Inc./CN=Entrust Root Certification Authority
notAfter=Nov 27 20:53:42 2026 GMT
Validating cert: cert.65.crt
subject= /C=US/O=Entrust, Inc./OU=See www.entrust.net/legal-terms/OU=(c) 2012 Entrust, Inc. - for authorized use only/CN=Entrust Root Certification Authority - EC1
notAfter=Dec 18 15:55:36 2037 GMT
Validating cert: cert.66.crt
subject= /C=US/O=Entrust, Inc./OU=See www.entrust.net/legal-terms/OU=(c) 2009 Entrust, Inc. - for authorized use only/CN=Entrust Root Certification Authority - G2
notAfter=Dec  7 17:55:54 2030 GMT
Validating cert: cert.67.crt
subject= /C=US/O=Entrust, Inc./OU=See www.entrust.net/legal-terms/OU=(c) 2015 Entrust, Inc. - for authorized use only/CN=Entrust Root Certification Authority - G4
notAfter=Dec 27 11:41:16 2037 GMT
Validating cert: cert.68.crt
subject= /C=NL/O=DigiNotar/CN=DigiNotar Root CA/[email protected]
notAfter=Mar 31 18:19:22 2025 GMT
Validating cert: cert.69.crt
subject= /C=CN/O=GUANG DONG CERTIFICATE AUTHORITY CO.,LTD./CN=GDCA TrustAUTH R5 ROOT
notAfter=Dec 31 15:59:59 2040 GMT
Validating cert: cert.6.crt
subject= /C=US/O=AffirmTrust/CN=AffirmTrust Commercial
notAfter=Dec 31 14:06:06 2030 GMT
Validating cert: cert.70.crt
subject= /C=AT/O=e-commerce monitoring GmbH/CN=GLOBALTRUST 2020
notAfter=Jun 10 00:00:00 2040 GMT
Validating cert: cert.71.crt
subject= /C=US/O=Google Trust Services LLC/CN=GTS Root R1
notAfter=Jun 22 00:00:00 2036 GMT
Validating cert: cert.72.crt
subject= /C=US/O=Google Trust Services LLC/CN=GTS Root R2
notAfter=Jun 22 00:00:00 2036 GMT
Validating cert: cert.73.crt
subject= /C=US/O=Google Trust Services LLC/CN=GTS Root R3
notAfter=Jun 22 00:00:00 2036 GMT
Validating cert: cert.74.crt
subject= /C=US/O=Google Trust Services LLC/CN=GTS Root R4
notAfter=Jun 22 00:00:00 2036 GMT
Validating cert: cert.75.crt
subject= /OU=GlobalSign ECC Root CA - R4/O=GlobalSign/CN=GlobalSign
notAfter=Jan 19 03:14:07 2038 GMT
Validating cert: cert.76.crt
subject= /OU=GlobalSign ECC Root CA - R5/O=GlobalSign/CN=GlobalSign
notAfter=Jan 19 03:14:07 2038 GMT
Validating cert: cert.77.crt
subject= /C=BE/O=GlobalSign nv-sa/OU=Root CA/CN=GlobalSign Root CA
notAfter=Jan 28 12:00:00 2028 GMT
Validating cert: cert.78.crt
subject= /OU=GlobalSign Root CA - R3/O=GlobalSign/CN=GlobalSign
notAfter=Mar 18 10:00:00 2029 GMT
Validating cert: cert.79.crt
subject= /OU=GlobalSign Root CA - R6/O=GlobalSign/CN=GlobalSign
notAfter=Dec 10 00:00:00 2034 GMT
Validating cert: cert.7.crt
subject= /C=US/O=AffirmTrust/CN=AffirmTrust Networking
notAfter=Dec 31 14:08:24 2030 GMT
Validating cert: cert.80.crt
subject= /C=BE/O=GlobalSign nv-sa/CN=GlobalSign Root E46
notAfter=Mar 20 00:00:00 2046 GMT
Validating cert: cert.81.crt
subject= /C=BE/O=GlobalSign nv-sa/CN=GlobalSign Root R46
notAfter=Mar 20 00:00:00 2046 GMT
Validating cert: cert.82.crt
subject= /C=BE/O=GlobalSign nv-sa/CN=GlobalSign Secure Mail Root E45
notAfter=Mar 18 00:00:00 2045 GMT
Validating cert: cert.83.crt
subject= /C=BE/O=GlobalSign nv-sa/CN=GlobalSign Secure Mail Root R45
notAfter=Mar 18 00:00:00 2045 GMT
Validating cert: cert.84.crt
subject= /C=US/O=The Go Daddy Group, Inc./OU=Go Daddy Class 2 Certification Authority
notAfter=Jun 29 17:06:20 2034 GMT
Validating cert: cert.85.crt
subject= /C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com, Inc./CN=Go Daddy Root Certificate Authority - G2
notAfter=Dec 31 23:59:59 2037 GMT
Validating cert: cert.86.crt
subject= /C=GR/O=Hellenic Academic and Research Institutions CA/CN=HARICA Client ECC Root CA 2021
notAfter=Feb 13 11:03:33 2045 GMT
Validating cert: cert.87.crt
subject= /C=GR/O=Hellenic Academic and Research Institutions CA/CN=HARICA Client RSA Root CA 2021
notAfter=Feb 13 10:58:45 2045 GMT
Validating cert: cert.88.crt
subject= /C=GR/O=Hellenic Academic and Research Institutions CA/CN=HARICA TLS ECC Root CA 2021
notAfter=Feb 13 11:01:09 2045 GMT
Validating cert: cert.89.crt
subject= /C=GR/O=Hellenic Academic and Research Institutions CA/CN=HARICA TLS RSA Root CA 2021
notAfter=Feb 13 10:55:37 2045 GMT
Validating cert: cert.8.crt
subject= /C=US/O=AffirmTrust/CN=AffirmTrust Premium
notAfter=Dec 31 14:10:36 2040 GMT
Validating cert: cert.90.crt
subject= /C=GR/L=Athens/O=Hellenic Academic and Research Institutions Cert. Authority/CN=Hellenic Academic and Research Institutions ECC RootCA 2015
notAfter=Jun 30 10:37:12 2040 GMT
Validating cert: cert.91.crt
subject= /C=GR/L=Athens/O=Hellenic Academic and Research Institutions Cert. Authority/CN=Hellenic Academic and Research Institutions RootCA 2015
notAfter=Jun 30 10:11:21 2040 GMT
Validating cert: cert.92.crt
subject= /C=TW/O=Chunghwa Telecom Co., Ltd./CN=HiPKI Root CA - G1
notAfter=Dec 31 15:59:59 2037 GMT
Validating cert: cert.93.crt
subject= /C=HK/ST=Hong Kong/L=Hong Kong/O=Hongkong Post/CN=Hongkong Post Root CA 3
notAfter=Jun  3 02:29:46 2042 GMT
Validating cert: cert.94.crt
subject= /C=US/O=Internet Security Research Group/CN=ISRG Root X1
notAfter=Jun  4 11:04:38 2035 GMT
Validating cert: cert.95.crt
subject= /C=US/O=Internet Security Research Group/CN=ISRG Root X2
notAfter=Sep 17 16:00:00 2040 GMT
Validating cert: cert.96.crt
subject= /C=US/O=IdenTrust/CN=IdenTrust Commercial Root CA 1
notAfter=Jan 16 18:12:23 2034 GMT
Validating cert: cert.97.crt
subject= /C=US/O=IdenTrust/CN=IdenTrust Public Sector Root CA 1
notAfter=Jan 16 17:53:32 2034 GMT
Validating cert: cert.98.crt
subject= /C=ES/O=IZENPE S.A./CN=Izenpe.com
notAfter=Dec 13 08:27:25 2037 GMT
Validating cert: cert.99.crt
subject= /C=ZA/O=LAWtrust/CN=LAWtrust Root CA2 (4096)
notAfter=Feb 14 09:49:38 2053 GMT
Validating cert: cert.9.crt
subject= /C=US/O=AffirmTrust/CN=AffirmTrust Premium ECC
notAfter=Dec 31 14:20:24 2040 GMT

@jordarlu
Copy link

jordarlu commented Mar 15, 2024
edited
Loading

I think we can close this issue as no longer expired CA certs in AL2023, AL2 bundle cert.
thanks!

@paulez
Copy link

paulez commented Apr 11, 2024

Thanks for following-up on this issue! Resolving as there are no longer expired CA certs in AL2023 and AL2 ca-certificates package.

@paulez paulez closed this as completed Apr 11, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@szarkos @paulez @TheRealBro @bbarani @jordarlu and others