Note: This reference implementation is not production quality. Use at your own risk.
SEQUENCE (8 elem)
[0] (1 elem)
INTEGER 2
INTEGER 0c 28 1d e6 9e 24 d1 9d ad 60 f8 08 ff
SEQUENCE (1 elem)
OBJECT IDENTIFIER 1.2.840.10045.4.3.3 ECDSA coupled with SHA-384
SEQUENCE (2 elem)
SET (1 elem)
SEQUENCE (2 elem)
OBJECT IDENTIFIER 2.5.4.3 commonName (X.520 DN component)
UTF8String OpenID Key Attestation Root at http://localhost:8051
SET (1 elem)
SEQUENCE (2 elem)
OBJECT IDENTIFIER 2.5.4.6 countryName (X.520 DN component)
UTF8String US
SEQUENCE (2 elem)
UTCTime 2026-01-05T16:16:12Z
UTCTime 2026-07-04T16:16:12Z
SEQUENCE (1 elem)
SET (1 elem)
SEQUENCE (2 elem)
OBJECT IDENTIFIER 2.5.4.3 commonName (X.520 DN component)
UTF8String OpenID Key Attestation at http://localhost:8051
SEQUENCE (2 elem)
SEQUENCE (2 elem)
OBJECT IDENTIFIER 1.2.840.10045.2.1 Elliptic curve public key cryptography
OBJECT IDENTIFIER 1.2.840.10045.3.1.7 NIST Curve P-256
BIT STRING (520 bit) 0000010011100001100001001010010111000100110010010111101011011101101010110110100100001001111100110010001100011010000110011011001111000011011000010000000100001011110001010100101001001100000110110000011010110110011111000010111101110011010111100010001100100110010000100100110110110110011101110011110110010101000001100011001100100110101100011111010111011011111100111101101001100011001001101101100111000011110101000110001000011101100100100000110100011101000110100110010010001101010010111111010110110110011101101000110001010000
[3] (1 elem)
SEQUENCE (5 elem)
SEQUENCE (2 elem)
OBJECT IDENTIFIER 2.5.29.35 authorityKeyIdentifier (X.509 extension)
OCTET STRING (24 byte) 30 16 80 14 de 06 cc 68 38 94 7e d3 11 c6 2a 16 f1 d0 df 0f b6 22 39 25 ("0.�.�.�h8�~�.�*.���.�"9%")
SEQUENCE (3 elem)
OBJECT IDENTIFIER 2.5.29.15 keyUsage (X.509 extension)
BOOLEAN true
OCTET STRING (4 byte) 03 02 02 84 ("...�")
SEQUENCE (2 elem)
OBJECT IDENTIFIER 2.5.29.18 issuerAltName (X.509 extension)
OCTET STRING (25 byte) 30 17 86 15 68 74 74 70 3a 2f 2f 6c 6f 63 61 6c 68 6f 73 74 3a 38 30 35 31 ("0.�.http://localhost:8051")
SEQUENCE (2 elem)
OBJECT IDENTIFIER 2.5.29.31 cRLDistributionPoints (X.509 extension)
OCTET STRING (51 byte) 30 31 30 2f a0 2d a0 2b 86 29 68 74 74 70 3a 2f 2f 6c 6f 63 61 6c 68 6f 73 74 3a 38 30 35 31 2f 63 72 6c 2f 6b 65 79 5f 61 74 74 65 73 74 61 74 69 6f 6e ("010/�-�+�)http://localhost:8051/crl/key_attestation")
SEQUENCE (2 elem)
OBJECT IDENTIFIER 2.5.29.14 subjectKeyIdentifier (X.509 extension)
OCTET STRING (22 byte) 04 14 6a b5 7d 48 f3 f8 33 5d 4d 99 95 45 6c a7 75 3c 1b 8a 8a 54 ("..j�}H��3]M��El�u<.��T")
SEQUENCE (8 elem)
[0] (1 elem)
INTEGER 2
INTEGER b3 e6 3e 47 21 37 f5 7c c8 06 bd 20 1f 28 2a 76
SEQUENCE (1 elem)
OBJECT IDENTIFIER 1.2.840.10045.4.3.3 ECDSA coupled with SHA-384
SEQUENCE (2 elem)
SET (1 elem)
SEQUENCE (2 elem)
OBJECT IDENTIFIER 2.5.4.3 commonName (X.520 DN component)
UTF8String OpenID Key Attestation Root at http://localhost:8051
SET (1 elem)
SEQUENCE (2 elem)
OBJECT IDENTIFIER 2.5.4.6 countryName (X.520 DN component)
UTF8String US
SEQUENCE (2 elem)
UTCTime 2026-01-05T16:16:12Z
UTCTime 2041-01-01T16:16:12Z
SEQUENCE (2 elem)
SET (1 elem)
SEQUENCE (2 elem)
OBJECT IDENTIFIER 2.5.4.3 commonName (X.520 DN component)
UTF8String OpenID Key Attestation Root at http://localhost:8051
SET (1 elem)
SEQUENCE (2 elem)
OBJECT IDENTIFIER 2.5.4.6 countryName (X.520 DN component)
UTF8String US
SEQUENCE (2 elem)
SEQUENCE (2 elem)
OBJECT IDENTIFIER 1.2.840.10045.2.1 Elliptic curve public key cryptography
OBJECT IDENTIFIER 1.3.132.0.34 EC Curve P-384
BIT STRING (776 bit) 00000100010111011001101110001000100001100111110000011100100000011001011011000111001000001010101001111111110010011010001011001010001010100101110011101010000110100011000110011001001000110000011100111011000000000000001010100111010011000100000001111011010011010111101111010111011001100001010010000101101110100011010011100100011011101010001011101011001011011010010111000010111011010001110010011000111010000111011111001010111001110010111100100101010110011011100000111011000011001101010000111000000101100100110111101110101010000111011000001010010000101110011010111110011011001011001001111001001110110000000000101110100011001011000011011110100100100110010111111001011000001000100001101001000110111000101101010000011110101011101010100000110011111110000001101000110100011110010101010000
[3] (1 elem)
SEQUENCE (6 elem)
SEQUENCE (3 elem)
OBJECT IDENTIFIER 2.5.29.15 keyUsage (X.509 extension)
BOOLEAN true
OCTET STRING (4 byte) 03 02 01 06 ("....")
SEQUENCE (3 elem)
OBJECT IDENTIFIER 2.5.29.19 basicConstraints (X.509 extension)
BOOLEAN true
OCTET STRING (8 byte) 30 06 01 01 ff 02 01 01 ("0...�...")
SEQUENCE (2 elem)
OBJECT IDENTIFIER 2.5.29.18 issuerAltName (X.509 extension)
OCTET STRING (25 byte) 30 17 86 15 68 74 74 70 3a 2f 2f 6c 6f 63 61 6c 68 6f 73 74 3a 38 30 35 31 ("0.�.http://localhost:8051")
SEQUENCE (2 elem)
OBJECT IDENTIFIER 2.5.29.31 cRLDistributionPoints (X.509 extension)
OCTET STRING (51 byte) 30 31 30 2f a0 2d a0 2b 86 29 68 74 74 70 3a 2f 2f 6c 6f 63 61 6c 68 6f 73 74 3a 38 30 35 31 2f 63 72 6c 2f 6b 65 79 5f 61 74 74 65 73 74 61 74 69 6f 6e ("010/�-�+�)http://localhost:8051/crl/key_attestation")
SEQUENCE (2 elem)
OBJECT IDENTIFIER 2.5.29.14 subjectKeyIdentifier (X.509 extension)
OCTET STRING (22 byte) 04 14 de 06 cc 68 38 94 7e d3 11 c6 2a 16 f1 d0 df 0f b6 22 39 25 ("..�.�h8�~�.�*.���.�"9%")
SEQUENCE (2 elem)
OBJECT IDENTIFIER 2.5.29.35 authorityKeyIdentifier (X.509 extension)
OCTET STRING (24 byte) 30 16 80 14 de 06 cc 68 38 94 7e d3 11 c6 2a 16 f1 d0 df 0f b6 22 39 25 ("0.�.�.�h8�~�.�*.���.�"9%")
SEQUENCE (8 elem)
[0] (1 elem)
INTEGER 2
INTEGER 0c 0a 3f 20 c9 44 4a c9 2e 78 3d e2 22
SEQUENCE (1 elem)
OBJECT IDENTIFIER 1.2.840.10045.4.3.3 ECDSA coupled with SHA-384
SEQUENCE (2 elem)
SET (1 elem)
SEQUENCE (2 elem)
OBJECT IDENTIFIER 2.5.4.3 commonName (X.520 DN component)
UTF8String CSA Binding Root at http://localhost:8051
SET (1 elem)
SEQUENCE (2 elem)
OBJECT IDENTIFIER 2.5.4.6 countryName (X.520 DN component)
UTF8String US
SEQUENCE (2 elem)
UTCTime 2026-01-05T16:16:13Z
UTCTime 2026-07-04T16:16:13Z
SEQUENCE (1 elem)
SET (1 elem)
SEQUENCE (2 elem)
OBJECT IDENTIFIER 2.5.4.3 commonName (X.520 DN component)
UTF8String CSA Binding at http://localhost:8051
SEQUENCE (2 elem)
SEQUENCE (2 elem)
OBJECT IDENTIFIER 1.2.840.10045.2.1 Elliptic curve public key cryptography
OBJECT IDENTIFIER 1.2.840.10045.3.1.7 NIST Curve P-256
BIT STRING (520 bit) 0000010001110010001101011111001110001111101100101011010100010111100001100001011101100000101010010101000000010000111101111010101111100111111011111101110011010111000010110000000100101001100110000111110001001101111100010000100010111010001011001111111000111001010010000011110110110010101001111000110101010010100011010111001111000001001000011000011101011010101101100010010100111100010010001011000001010001011001100010100111001111100010011111111001010101100100111111101001110100000010011110110110101011010001110000110100011011
[3] (1 elem)
SEQUENCE (5 elem)
SEQUENCE (2 elem)
OBJECT IDENTIFIER 2.5.29.35 authorityKeyIdentifier (X.509 extension)
OCTET STRING (24 byte) 30 16 80 14 49 04 37 ee 13 72 d3 c1 92 3b 0c 76 62 74 49 41 88 40 93 e6 ("0.�.I.7�.r���;.vbtIA�@��")
SEQUENCE (3 elem)
OBJECT IDENTIFIER 2.5.29.15 keyUsage (X.509 extension)
BOOLEAN true
OCTET STRING (4 byte) 03 02 07 80 ("...�")
SEQUENCE (2 elem)
OBJECT IDENTIFIER 2.5.29.18 issuerAltName (X.509 extension)
OCTET STRING (25 byte) 30 17 86 15 68 74 74 70 3a 2f 2f 6c 6f 63 61 6c 68 6f 73 74 3a 38 30 35 31 ("0.�.http://localhost:8051")
SEQUENCE (2 elem)
OBJECT IDENTIFIER 2.5.29.31 cRLDistributionPoints (X.509 extension)
OCTET STRING (61 byte) 30 3b 30 39 a0 37 a0 35 86 33 68 74 74 70 3a 2f 2f 6c 6f 63 61 6c 68 6f 73 74 3a 38 30 35 31 2f 63 72 6c 2f 63 6c 6f 75 64 5f 73 65 63 75 72 65 5f 61 72 65 61 5f 62 69 6e 64 69 6e 67 ("0;09�7�5�3http://localhost:8051/crl/cloud_secure_area_binding")
SEQUENCE (2 elem)
OBJECT IDENTIFIER 2.5.29.14 subjectKeyIdentifier (X.509 extension)
OCTET STRING (22 byte) 04 14 52 91 19 b3 80 26 37 44 f7 25 c2 cd 54 8c f6 7e 71 ae 03 96 ("..R�.��&7D�%��T��~q�.�")
SEQUENCE (8 elem)
[0] (1 elem)
INTEGER 2
INTEGER 31 50 7c 04 71 c2 da 80 96 df 70 86 38 a6 64 14
SEQUENCE (1 elem)
OBJECT IDENTIFIER 1.2.840.10045.4.3.3 ECDSA coupled with SHA-384
SEQUENCE (2 elem)
SET (1 elem)
SEQUENCE (2 elem)
OBJECT IDENTIFIER 2.5.4.3 commonName (X.520 DN component)
UTF8String CSA Binding Root at http://localhost:8051
SET (1 elem)
SEQUENCE (2 elem)
OBJECT IDENTIFIER 2.5.4.6 countryName (X.520 DN component)
UTF8String US
SEQUENCE (2 elem)
UTCTime 2026-01-05T16:16:13Z
UTCTime 2041-01-01T16:16:13Z
SEQUENCE (2 elem)
SET (1 elem)
SEQUENCE (2 elem)
OBJECT IDENTIFIER 2.5.4.3 commonName (X.520 DN component)
UTF8String CSA Binding Root at http://localhost:8051
SET (1 elem)
SEQUENCE (2 elem)
OBJECT IDENTIFIER 2.5.4.6 countryName (X.520 DN component)
UTF8String US
SEQUENCE (2 elem)
SEQUENCE (2 elem)
OBJECT IDENTIFIER 1.2.840.10045.2.1 Elliptic curve public key cryptography
OBJECT IDENTIFIER 1.3.132.0.34 EC Curve P-384
BIT STRING (776 bit) 00000100100101010111100110001001101100100000011100100111001110100000100010111001000011101010111101111111111101011001000011110100101010101011011100110101010011111000101001001001011010000110110001100110010101100011010010111110000010101010011011011001101101001110001001101110000110000010101001110010001001000001101101110011100100101010011011110011000010110100101110111111010010011001010010111111011101001001010110110111000110010111100000010000100011001011011011100101011110101010111000011000111010101100101111110111111001001001100101111101011101000101000101101000010101111111110001100011111000111100000011100011101000100010101011101011101001100010111101110101110100101100101001110000111101010011001010001110100001100110000111001110101000110010110100010100000010100101001011000111
[3] (1 elem)
SEQUENCE (6 elem)
SEQUENCE (3 elem)
OBJECT IDENTIFIER 2.5.29.15 keyUsage (X.509 extension)
BOOLEAN true
OCTET STRING (4 byte) 03 02 01 06 ("....")
SEQUENCE (3 elem)
OBJECT IDENTIFIER 2.5.29.19 basicConstraints (X.509 extension)
BOOLEAN true
OCTET STRING (8 byte) 30 06 01 01 ff 02 01 00 ("0...�...")
SEQUENCE (2 elem)
OBJECT IDENTIFIER 2.5.29.18 issuerAltName (X.509 extension)
OCTET STRING (25 byte) 30 17 86 15 68 74 74 70 3a 2f 2f 6c 6f 63 61 6c 68 6f 73 74 3a 38 30 35 31 ("0.�.http://localhost:8051")
SEQUENCE (2 elem)
OBJECT IDENTIFIER 2.5.29.31 cRLDistributionPoints (X.509 extension)
OCTET STRING (61 byte) 30 3b 30 39 a0 37 a0 35 86 33 68 74 74 70 3a 2f 2f 6c 6f 63 61 6c 68 6f 73 74 3a 38 30 35 31 2f 63 72 6c 2f 63 6c 6f 75 64 5f 73 65 63 75 72 65 5f 61 72 65 61 5f 62 69 6e 64 69 6e 67 ("0;09�7�5�3http://localhost:8051/crl/cloud_secure_area_binding")
SEQUENCE (2 elem)
OBJECT IDENTIFIER 2.5.29.14 subjectKeyIdentifier (X.509 extension)
OCTET STRING (22 byte) 04 14 49 04 37 ee 13 72 d3 c1 92 3b 0c 76 62 74 49 41 88 40 93 e6 ("..I.7�.r���;.vbtIA�@��")
SEQUENCE (2 elem)
OBJECT IDENTIFIER 2.5.29.35 authorityKeyIdentifier (X.509 extension)
OCTET STRING (24 byte) 30 16 80 14 49 04 37 ee 13 72 d3 c1 92 3b 0c 76 62 74 49 41 88 40 93 e6 ("0.�.I.7�.r���;.vbtIA�@��")