← All Amazon Trust Services certificates
Root Certificate

Amazon Root CA 1

Amazon Trust Services
Browser Trust
Apple
Apple
Included
CCADB status only
Chrome
Chrome
Included
Not directly listed
Microsoft
Microsoft
Included
Not directly listed
Mozilla
Mozilla
Included
Not directly listed
Trust Bits (root)
Server AuthenticationClient AuthenticationDocument SigningSecure EmailEncrypting File SystemTime Stamping
Certificate Details
Record Type
Root Certificate
SHA-256
8ECDE6884F3D87B1125BA31AC3FCB13D7016DE7F57CC904FE1CB97C6AE98196E
Parent SHA-256
Valid From (GMT)
2015.05.26
Valid To (GMT)
2038.01.17
AKI
SKI
hBjMhTTsvAyUlC4IWZzHshBOCgg=
Operated By
Constrained
False
Revocation
Salesforce ID
001o000000rGWUDAA4
Capabilities
EV OIDs
2.23.140.1.1
Status of Root
Apple
Included
Google Chrome
Included
Microsoft
Included
Mozilla
Included
TLSTLS EVCode SigningS/MIME
CAA Identifiers
Recognized CAA issuer identifiers published by CCADB for this CA certificate.
Amazon Root CA 1
SKI 8418CC8534ECBC0C94942E08599CC7B2104E0A08
amazon.com amazontrust.com awstrust.com amazonaws.com aws.amazon.com amazontrustservices.eu amazonaws.eu amznts.eu
Audit
Audit Firm
BDO International Limited
Firm Location
United States
Same as Parent
false
Standard
Audit URL
Type
WebTrust
Statement
2026.04.07
Period
2025.01.16 – 2026.01.15
NetSec
Audit URL
Type
WebTrust
Statement
2026.04.07
Period
2025.01.16 – 2026.01.15
TLS BR
Audit URL
Type
WebTrust
Statement
2026.04.07
Period
2025.01.16 – 2026.01.15
TLS EVG
Audit URL
Type
WebTrust
Statement
2026.04.07
Period
2025.01.16 – 2026.01.15
Code Signing
Audit URL
Type
WebTrust
Statement
2026.04.07
Period
2025.01.16 – 2026.01.15
S/MIME BR
Audit URL
Type
WebTrust
Statement
2026.04.07
Period
2025.01.16 – 2026.01.15
Policy & Documentation
CP URL
CP Effective
CPS URL
CPS Effective
CP/CPS Statement
MD/AsciiDoc URL
Policy OIDs
Certificate X.509 certificatePolicies · cryptographic fact
No certificatePolicies extension in certificate
CCADB EV OIDs for Root Cert · administrative declaration
CA/B EV TLS2.23.140.1.1
Comparison
CCADB declares policy OIDs but certificate has none
Marked TLS EV Capable in CCADB but certificate has no policy OIDs
Chain Validation
No parent certificate in CCADB — chain lint requires issuer
Infrastructure
CRL (Full)
CRL (Parts)
ACME DV
ACME OV
ACME EV
Test (Valid)
Test (Expired)
Test (Revoked)
Certificate (PEM)
External References
crt.sh → CCADB Browser → Amazon Trust Services →

We use only essential cookies and local browser storage for preferences and security. See our Privacy Policy for details.

Confirm action