# # Add-AppxDevPackage.ps1 is a PowerShell script designed to install app # packages created by Visual Studio for developers. To run this script from # Explorer, right-click on its icon and choose "Run with PowerShell". # # Visual Studio supplies this script in the folder generated with its # "Prepare Package" command. The same folder will also contain the app # package (a .appx file), the signing certificate (a .cer file), and a # "Dependencies" subfolder containing all the framework packages used by the # app. # # This script simplifies installing these packages by automating the # following functions: # 1. Find the app package and signing certificate in the script directory # 2. Prompt the user to acquire a developer license and to install the # certificate if necessary # 3. Find dependency packages that are applicable to the operating system's # CPU architecture # 4. Install the package along with all applicable dependencies # # All command line parameters are reserved for use internally by the script. # Users should launch this script from Explorer. # # .Link # http://go.microsoft.com/fwlink/?LinkId=243053 param( [switch]$Force = $false, [switch]$GetDeveloperLicense = $false, [switch]$SkipLoggingTelemetry = $false, [string]$CertificatePath = $null ) $ErrorActionPreference = "Stop" # The language resources for this script are placed in the # "Add-AppDevPackage.resources" subfolder alongside the script. Since the # current working directory might not be the directory that contains the # script, we need to create the full path of the resources directory to # pass into Import-LocalizedData $ScriptPath = $null try { $ScriptPath = (Get-Variable MyInvocation).Value.MyCommand.Path $ScriptDir = Split-Path -Parent $ScriptPath } catch {} if (!$ScriptPath) { PrintMessageAndExit $UiStrings.ErrorNoScriptPath $ErrorCodes.NoScriptPath } $LocalizedResourcePath = Join-Path $ScriptDir "Add-AppDevPackage.resources" Import-LocalizedData -BindingVariable UiStrings -BaseDirectory $LocalizedResourcePath $ErrorCodes = Data { ConvertFrom-StringData @' Success = 0 NoScriptPath = 1 NoPackageFound = 2 ManyPackagesFound = 3 NoCertificateFound = 4 ManyCertificatesFound = 5 BadCertificate = 6 PackageUnsigned = 7 CertificateMismatch = 8 ForceElevate = 9 LaunchAdminFailed = 10 GetDeveloperLicenseFailed = 11 InstallCertificateFailed = 12 AddPackageFailed = 13 ForceDeveloperLicense = 14 CertUtilInstallFailed = 17 CertIsCA = 18 BannedEKU = 19 NoBasicConstraints = 20 NoCodeSigningEku = 21 InstallCertificateCancelled = 22 BannedKeyUsage = 23 ExpiredCertificate = 24 '@ } $IMAGE_FILE_MACHINE_i386 = 0x014c $IMAGE_FILE_MACHINE_AMD64 = 0x8664 $IMAGE_FILE_MACHINE_ARM64 = 0xAA64 $IMAGE_FILE_MACHINE_ARM = 0x01c0 $IMAGE_FILE_MACHINE_THUMB = 0x01c2 $IMAGE_FILE_MACHINE_ARMNT = 0x01c4 # First try to use IsWow64Process2 to determine the OS architecture try { $IsWow64Process2_MethodDefinition = @" [DllImport("kernel32.dll", SetLastError = true)] public static extern bool IsWow64Process2(IntPtr process, out ushort processMachine, out ushort nativeMachine); "@ $Kernel32 = Add-Type -MemberDefinition $IsWow64Process2_MethodDefinition -Name "Kernel32" -Namespace "Win32" -PassThru $Proc = Get-Process -id $pid $processMachine = New-Object uint16 $nativeMachine = New-Object uint16 $Res = $Kernel32::IsWow64Process2($Proc.Handle, [ref] $processMachine, [ref] $nativeMachine) if ($Res -eq $True) { switch ($nativeMachine) { $IMAGE_FILE_MACHINE_i386 { $ProcessorArchitecture = "x86" } $IMAGE_FILE_MACHINE_AMD64 { $ProcessorArchitecture = "amd64" } $IMAGE_FILE_MACHINE_ARM64 { $ProcessorArchitecture = "arm64" } $IMAGE_FILE_MACHINE_ARM { $ProcessorArchitecture = "arm" } $IMAGE_FILE_MACHINE_THUMB { $ProcessorArchitecture = "arm" } $IMAGE_FILE_MACHINE_ARMNT { $ProcessorArchitecture = "arm" } } } } catch { # Ignore exception and fall back to using environment variables to determine the OS architecture } if ($null -eq $ProcessorArchitecture) { $ProcessorArchitecture = $Env:Processor_Architecture # Getting $Env:Processor_Architecture on arm64 machines will return x86. So check if the environment # variable "ProgramFiles(Arm)" is also set, if it is we know the actual processor architecture is arm64. # The value will also be x86 on amd64 machines when running the x86 version of PowerShell. if ($ProcessorArchitecture -eq "x86") { if ($null -ne ${Env:ProgramFiles(Arm)}) { $ProcessorArchitecture = "arm64" } elseif ($null -ne ${Env:ProgramFiles(x86)}) { $ProcessorArchitecture = "amd64" } } } function PrintMessageAndExit($ErrorMessage, $ReturnCode) { Write-Host $ErrorMessage try { # Log telemetry data regarding the use of the script if possible. # There are three ways that this can be disabled: # 1. If the "TelemetryDependencies" folder isn't present. This can be excluded at build time by setting the MSBuild property AppxLogTelemetryFromSideloadingScript to false # 2. If the SkipLoggingTelemetry switch is passed to this script. # 3. If Visual Studio telemetry is disabled via the registry. $TelemetryAssembliesFolder = (Join-Path $PSScriptRoot "TelemetryDependencies") if (!$SkipLoggingTelemetry -And (Test-Path $TelemetryAssembliesFolder)) { $job = Start-Job -FilePath (Join-Path $TelemetryAssembliesFolder "LogSideloadingTelemetry.ps1") -ArgumentList $TelemetryAssembliesFolder, "VS/DesignTools/SideLoadingScript/AddAppDevPackage", $ReturnCode, $ProcessorArchitecture Wait-Job -Job $job -Timeout 60 | Out-Null } } catch { # Ignore telemetry errors } if (!$Force) { Pause } exit $ReturnCode } # # Warns the user about installing certificates, and presents a Yes/No prompt # to confirm the action. The default is set to No. # function ConfirmCertificateInstall { $Answer = $host.UI.PromptForChoice( "", $UiStrings.WarningInstallCert, [System.Management.Automation.Host.ChoiceDescription[]]@($UiStrings.PromptYesString, $UiStrings.PromptNoString), 1) return $Answer -eq 0 } # # Validates whether a file is a valid certificate using CertUtil. # This needs to be done before calling Get-PfxCertificate on the file, otherwise # the user will get a cryptic "Password: " prompt for invalid certs. # function ValidateCertificateFormat($FilePath) { # certutil -verify prints a lot of text that we don't need, so it's redirected to $null here certutil.exe -verify $FilePath > $null if ($LastExitCode -lt 0) { PrintMessageAndExit ($UiStrings.ErrorBadCertificate -f $FilePath, $LastExitCode) $ErrorCodes.BadCertificate } # Check if certificate is expired $cert = Get-PfxCertificate $FilePath if (($cert.NotBefore -gt (Get-Date)) -or ($cert.NotAfter -lt (Get-Date))) { PrintMessageAndExit ($UiStrings.ErrorExpiredCertificate -f $FilePath) $ErrorCodes.ExpiredCertificate } } # # Verify that the developer certificate meets the following restrictions: # - The certificate must contain a Basic Constraints extension, and its # Certificate Authority (CA) property must be false. # - The certificate's Key Usage extension must be either absent, or set to # only DigitalSignature. # - The certificate must contain an Extended Key Usage (EKU) extension with # Code Signing usage. # - The certificate must NOT contain any other EKU except Code Signing and # Lifetime Signing. # # These restrictions are enforced to decrease security risks that arise from # trusting digital certificates. # function CheckCertificateRestrictions { Set-Variable -Name BasicConstraintsExtensionOid -Value "2.5.29.19" -Option Constant Set-Variable -Name KeyUsageExtensionOid -Value "2.5.29.15" -Option Constant Set-Variable -Name EkuExtensionOid -Value "2.5.29.37" -Option Constant Set-Variable -Name CodeSigningEkuOid -Value "1.3.6.1.5.5.7.3.3" -Option Constant Set-Variable -Name LifetimeSigningEkuOid -Value "1.3.6.1.4.1.311.10.3.13" -Option Constant Set-Variable -Name UwpSigningEkuOid -Value "1.3.6.1.4.1.311.84.3.1" -Option Constant Set-Variable -Name DisposableSigningEkuOid -Value "1.3.6.1.4.1.311.84.3.2" -Option Constant $CertificateExtensions = (Get-PfxCertificate $CertificatePath).Extensions $HasBasicConstraints = $false $HasCodeSigningEku = $false foreach ($Extension in $CertificateExtensions) { # Certificate must contain the Basic Constraints extension if ($Extension.oid.value -eq $BasicConstraintsExtensionOid) { # CA property must be false if ($Extension.CertificateAuthority) { PrintMessageAndExit $UiStrings.ErrorCertIsCA $ErrorCodes.CertIsCA } $HasBasicConstraints = $true } # If key usage is present, it must be set to digital signature elseif ($Extension.oid.value -eq $KeyUsageExtensionOid) { if ($Extension.KeyUsages -ne "DigitalSignature") { PrintMessageAndExit ($UiStrings.ErrorBannedKeyUsage -f $Extension.KeyUsages) $ErrorCodes.BannedKeyUsage } } elseif ($Extension.oid.value -eq $EkuExtensionOid) { # Certificate must contain the Code Signing EKU $EKUs = $Extension.EnhancedKeyUsages.Value if ($EKUs -contains $CodeSigningEkuOid) { $HasCodeSigningEKU = $True } # EKUs other than code signing and lifetime signing are not allowed foreach ($EKU in $EKUs) { if ($EKU -ne $CodeSigningEkuOid -and $EKU -ne $LifetimeSigningEkuOid -and $EKU -ne $UwpSigningEkuOid -and $EKU -ne $DisposableSigningEkuOid) { PrintMessageAndExit ($UiStrings.ErrorBannedEKU -f $EKU) $ErrorCodes.BannedEKU } } } } if (!$HasBasicConstraints) { PrintMessageAndExit $UiStrings.ErrorNoBasicConstraints $ErrorCodes.NoBasicConstraints } if (!$HasCodeSigningEKU) { PrintMessageAndExit $UiStrings.ErrorNoCodeSigningEku $ErrorCodes.NoCodeSigningEku } } # # Performs operations that require administrative privileges: # - Prompt the user to obtain a developer license # - Install the developer certificate (if -Force is not specified, also prompts the user to confirm) # function DoElevatedOperations { if ($GetDeveloperLicense) { Write-Host $UiStrings.GettingDeveloperLicense if ($Force) { PrintMessageAndExit $UiStrings.ErrorForceDeveloperLicense $ErrorCodes.ForceDeveloperLicense } try { Show-WindowsDeveloperLicenseRegistration } catch { $Error[0] # Dump details about the last error PrintMessageAndExit $UiStrings.ErrorGetDeveloperLicenseFailed $ErrorCodes.GetDeveloperLicenseFailed } } if ($CertificatePath) { Write-Host $UiStrings.InstallingCertificate # Make sure certificate format is valid and usage constraints are followed ValidateCertificateFormat $CertificatePath CheckCertificateRestrictions # If -Force is not specified, warn the user and get consent if ($Force -or (ConfirmCertificateInstall)) { # Add cert to store certutil.exe -addstore TrustedPeople $CertificatePath if ($LastExitCode -lt 0) { PrintMessageAndExit ($UiStrings.ErrorCertUtilInstallFailed -f $LastExitCode) $ErrorCodes.CertUtilInstallFailed } } else { PrintMessageAndExit $UiStrings.ErrorInstallCertificateCancelled $ErrorCodes.InstallCertificateCancelled } } } # # Checks whether the machine is missing a valid developer license. # function CheckIfNeedDeveloperLicense { $Result = $true try { $Result = (Get-WindowsDeveloperLicense | Where-Object { $_.IsValid } | Measure-Object).Count -eq 0 } catch {} return $Result } # # Launches an elevated process running the current script to perform tasks # that require administrative privileges. This function waits until the # elevated process terminates, and checks whether those tasks were successful. # function LaunchElevated { # Set up command line arguments to the elevated process $RelaunchArgs = '-ExecutionPolicy Unrestricted -file "' + $ScriptPath + '"' if ($Force) { $RelaunchArgs += ' -Force' } if ($NeedDeveloperLicense) { $RelaunchArgs += ' -GetDeveloperLicense' } if ($SkipLoggingTelemetry) { $RelaunchArgs += ' -SkipLoggingTelemetry' } if ($NeedInstallCertificate) { $RelaunchArgs += ' -CertificatePath "' + $DeveloperCertificatePath.FullName + '"' } # Launch the process and wait for it to finish try { $PowerShellExePath = (Get-Process -Id $PID).Path $AdminProcess = Start-Process $PowerShellExePath -Verb RunAs -ArgumentList $RelaunchArgs -PassThru } catch { $Error[0] # Dump details about the last error PrintMessageAndExit $UiStrings.ErrorLaunchAdminFailed $ErrorCodes.LaunchAdminFailed } while (!($AdminProcess.HasExited)) { Start-Sleep -Seconds 2 } # Check if all elevated operations were successful if ($NeedDeveloperLicense) { if (CheckIfNeedDeveloperLicense) { PrintMessageAndExit $UiStrings.ErrorGetDeveloperLicenseFailed $ErrorCodes.GetDeveloperLicenseFailed } else { Write-Host $UiStrings.AcquireLicenseSuccessful } } if ($NeedInstallCertificate) { $Signature = Get-AuthenticodeSignature $DeveloperPackagePath -Verbose if ($Signature.Status -ne "Valid") { PrintMessageAndExit ($UiStrings.ErrorInstallCertificateFailed -f $Signature.Status) $ErrorCodes.InstallCertificateFailed } else { Write-Host $UiStrings.InstallCertificateSuccessful } } } # # Finds all applicable dependency packages according to OS architecture, and # installs the developer package with its dependencies. The expected layout # of dependencies is: # # # \Dependencies # .appx\.msix # \x86 # .appx\.msix # \x64 # .appx\.msix # \arm # .appx\.msix # \arm64 # .appx\.msix # function InstallPackageWithDependencies { $DependencyPackagesDir = (Join-Path $ScriptDir "Dependencies") $DependencyPackages = @() if (Test-Path $DependencyPackagesDir) { # Get architecture-neutral dependencies $DependencyPackages += Get-ChildItem (Join-Path $DependencyPackagesDir "*.appx") | Where-Object { $_.Mode -NotMatch "d" } $DependencyPackages += Get-ChildItem (Join-Path $DependencyPackagesDir "*.msix") | Where-Object { $_.Mode -NotMatch "d" } # Get architecture-specific dependencies if (($ProcessorArchitecture -eq "x86" -or $ProcessorArchitecture -eq "amd64" -or $ProcessorArchitecture -eq "arm64") -and (Test-Path (Join-Path $DependencyPackagesDir "x86"))) { $DependencyPackages += Get-ChildItem (Join-Path $DependencyPackagesDir "x86\*.appx") | Where-Object { $_.Mode -NotMatch "d" } $DependencyPackages += Get-ChildItem (Join-Path $DependencyPackagesDir "x86\*.msix") | Where-Object { $_.Mode -NotMatch "d" } } if (($ProcessorArchitecture -eq "amd64") -and (Test-Path (Join-Path $DependencyPackagesDir "x64"))) { $DependencyPackages += Get-ChildItem (Join-Path $DependencyPackagesDir "x64\*.appx") | Where-Object { $_.Mode -NotMatch "d" } $DependencyPackages += Get-ChildItem (Join-Path $DependencyPackagesDir "x64\*.msix") | Where-Object { $_.Mode -NotMatch "d" } } if (($ProcessorArchitecture -eq "arm" -or $ProcessorArchitecture -eq "arm64") -and (Test-Path (Join-Path $DependencyPackagesDir "arm"))) { $DependencyPackages += Get-ChildItem (Join-Path $DependencyPackagesDir "arm\*.appx") | Where-Object { $_.Mode -NotMatch "d" } $DependencyPackages += Get-ChildItem (Join-Path $DependencyPackagesDir "arm\*.msix") | Where-Object { $_.Mode -NotMatch "d" } } if (($ProcessorArchitecture -eq "arm64") -and (Test-Path (Join-Path $DependencyPackagesDir "arm64"))) { $DependencyPackages += Get-ChildItem (Join-Path $DependencyPackagesDir "arm64\*.appx") | Where-Object { $_.Mode -NotMatch "d" } $DependencyPackages += Get-ChildItem (Join-Path $DependencyPackagesDir "arm64\*.msix") | Where-Object { $_.Mode -NotMatch "d" } } } Write-Host $UiStrings.InstallingPackage $AddPackageSucceeded = $False try { if ($DependencyPackages.FullName.Count -gt 0) { Write-Host $UiStrings.DependenciesFound $DependencyPackages.FullName Add-AppxPackage -Path $DeveloperPackagePath.FullName -DependencyPath $DependencyPackages.FullName -ForceApplicationShutdown } else { Add-AppxPackage -Path $DeveloperPackagePath.FullName -ForceApplicationShutdown } $AddPackageSucceeded = $? } catch { $Error[0] # Dump details about the last error } if (!$AddPackageSucceeded) { if ($NeedInstallCertificate) { PrintMessageAndExit $UiStrings.ErrorAddPackageFailedWithCert $ErrorCodes.AddPackageFailed } else { PrintMessageAndExit $UiStrings.ErrorAddPackageFailed $ErrorCodes.AddPackageFailed } } } # # Main script logic when the user launches the script without parameters. # function DoStandardOperations { # Check for an .appx or .msix file in the script directory $PackagePath = Get-ChildItem (Join-Path $ScriptDir "*.appx") | Where-Object { $_.Mode -NotMatch "d" } if ($PackagePath -eq $null) { $PackagePath = Get-ChildItem (Join-Path $ScriptDir "*.msix") | Where-Object { $_.Mode -NotMatch "d" } } $PackageCount = ($PackagePath | Measure-Object).Count # Check for an .appxbundle or .msixbundle file in the script directory $BundlePath = Get-ChildItem (Join-Path $ScriptDir "*.appxbundle") | Where-Object { $_.Mode -NotMatch "d" } if ($BundlePath -eq $null) { $BundlePath = Get-ChildItem (Join-Path $ScriptDir "*.msixbundle") | Where-Object { $_.Mode -NotMatch "d" } } $BundleCount = ($BundlePath | Measure-Object).Count # Check for an .eappx or .emsix file in the script directory $EncryptedPackagePath = Get-ChildItem (Join-Path $ScriptDir "*.eappx") | Where-Object { $_.Mode -NotMatch "d" } if ($EncryptedPackagePath -eq $null) { $EncryptedPackagePath = Get-ChildItem (Join-Path $ScriptDir "*.emsix") | Where-Object { $_.Mode -NotMatch "d" } } $EncryptedPackageCount = ($EncryptedPackagePath | Measure-Object).Count # Check for an .eappxbundle or .emsixbundle file in the script directory $EncryptedBundlePath = Get-ChildItem (Join-Path $ScriptDir "*.eappxbundle") | Where-Object { $_.Mode -NotMatch "d" } if ($EncryptedBundlePath -eq $null) { $EncryptedBundlePath = Get-ChildItem (Join-Path $ScriptDir "*.emsixbundle") | Where-Object { $_.Mode -NotMatch "d" } } $EncryptedBundleCount = ($EncryptedBundlePath | Measure-Object).Count $NumberOfPackages = $PackageCount + $EncryptedPackageCount $NumberOfBundles = $BundleCount + $EncryptedBundleCount # There must be at least one package or bundle if ($NumberOfPackages + $NumberOfBundles -lt 1) { PrintMessageAndExit $UiStrings.ErrorNoPackageFound $ErrorCodes.NoPackageFound } # We must have exactly one bundle OR no bundle and exactly one package elseif ($NumberOfBundles -gt 1 -or ($NumberOfBundles -eq 0 -and $NumberOfpackages -gt 1)) { PrintMessageAndExit $UiStrings.ErrorManyPackagesFound $ErrorCodes.ManyPackagesFound } # First attempt to install a bundle or encrypted bundle. If neither exists, fall back to packages and then encrypted packages if ($BundleCount -eq 1) { $DeveloperPackagePath = $BundlePath Write-Host ($UiStrings.BundleFound -f $DeveloperPackagePath.FullName) } elseif ($EncryptedBundleCount -eq 1) { $DeveloperPackagePath = $EncryptedBundlePath Write-Host ($UiStrings.EncryptedBundleFound -f $DeveloperPackagePath.FullName) } elseif ($PackageCount -eq 1) { $DeveloperPackagePath = $PackagePath Write-Host ($UiStrings.PackageFound -f $DeveloperPackagePath.FullName) } elseif ($EncryptedPackageCount -eq 1) { $DeveloperPackagePath = $EncryptedPackagePath Write-Host ($UiStrings.EncryptedPackageFound -f $DeveloperPackagePath.FullName) } # The package must be signed $PackageSignature = Get-AuthenticodeSignature $DeveloperPackagePath $PackageCertificate = $PackageSignature.SignerCertificate if (!$PackageCertificate) { PrintMessageAndExit $UiStrings.ErrorPackageUnsigned $ErrorCodes.PackageUnsigned } # Test if the package signature is trusted. If not, the corresponding certificate # needs to be present in the current directory and needs to be installed. $NeedInstallCertificate = ($PackageSignature.Status -ne "Valid") if ($NeedInstallCertificate) { # List all .cer files in the script directory $DeveloperCertificatePath = Get-ChildItem (Join-Path $ScriptDir "*.cer") | Where-Object { $_.Mode -NotMatch "d" } $DeveloperCertificateCount = ($DeveloperCertificatePath | Measure-Object).Count # There must be exactly 1 certificate if ($DeveloperCertificateCount -lt 1) { PrintMessageAndExit $UiStrings.ErrorNoCertificateFound $ErrorCodes.NoCertificateFound } elseif ($DeveloperCertificateCount -gt 1) { PrintMessageAndExit $UiStrings.ErrorManyCertificatesFound $ErrorCodes.ManyCertificatesFound } Write-Host ($UiStrings.CertificateFound -f $DeveloperCertificatePath.FullName) # The .cer file must have the format of a valid certificate ValidateCertificateFormat $DeveloperCertificatePath # The package signature must match the certificate file if ($PackageCertificate -ne (Get-PfxCertificate $DeveloperCertificatePath)) { PrintMessageAndExit $UiStrings.ErrorCertificateMismatch $ErrorCodes.CertificateMismatch } } $NeedDeveloperLicense = CheckIfNeedDeveloperLicense # Relaunch the script elevated with the necessary parameters if needed if ($NeedDeveloperLicense -or $NeedInstallCertificate) { Write-Host $UiStrings.ElevateActions if ($NeedDeveloperLicense) { Write-Host $UiStrings.ElevateActionDevLicense } if ($NeedInstallCertificate) { Write-Host $UiStrings.ElevateActionCertificate } $IsAlreadyElevated = ([Security.Principal.WindowsIdentity]::GetCurrent().Groups.Value -contains "S-1-5-32-544") if ($IsAlreadyElevated) { if ($Force -and $NeedDeveloperLicense) { PrintMessageAndExit $UiStrings.ErrorForceDeveloperLicense $ErrorCodes.ForceDeveloperLicense } if ($Force -and $NeedInstallCertificate) { Write-Warning $UiStrings.WarningInstallCert } } else { if ($Force) { PrintMessageAndExit $UiStrings.ErrorForceElevate $ErrorCodes.ForceElevate } else { Write-Host $UiStrings.ElevateActionsContinue Pause } } LaunchElevated } InstallPackageWithDependencies } # # Main script entry point # if ($GetDeveloperLicense -or $CertificatePath) { DoElevatedOperations } else { DoStandardOperations PrintMessageAndExit $UiStrings.Success $ErrorCodes.Success } # SIG # Begin signature block # MIIhggYJKoZIhvcNAQcCoIIhczCCIW8CAQExDzANBglghkgBZQMEAgEFADB5Bgor # BgEEAYI3AgEEoGswaTA0BgorBgEEAYI3AgEeMCYCAwEAAAQQH8w7YFlLCE63JNLG # KX7zUQIBAAIBAAIBAAIBAAIBADAxMA0GCWCGSAFlAwQCAQUABCAaovVnr86uRLc7 # aU4MWMaEBdFBUDgUiMNw07NprqcvsqCCC3IwggT6MIID4qADAgECAhMzAAADJUiy # nQ5/xfQfAAAAAAMlMA0GCSqGSIb3DQEBCwUAMH4xCzAJBgNVBAYTAlVTMRMwEQYD # VQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24xKDAmBgNVBAMTH01pY3Jvc29mdCBDb2RlIFNpZ25p # bmcgUENBIDIwMTAwHhcNMjAwMzA0MTgyOTI5WhcNMjEwMzAzMTgyOTI5WjB0MQsw # CQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9u # ZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMR4wHAYDVQQDExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB # AQCjpRI2NHmdF4E+oz+32gQNFWfiWA/gW26xpPqf0l47t99p7IIKd5CuTAMePNYW # XHST8pFfb8yaTNWz6nECabhQTCIxAqtAzVpCNWXiuQDe18eEUoUFN2sgoMhpU7gb # 0gZigbhvznmT0moq7orBEAMcrW6C88+9JyqWBgDK0MBbpxjIwBv0uPgj3R40ItML # Qw9Lb0SBnriOEPQKGDCO2AI6MSi++xe5YXOkQZrLCDc6Tl/f/fTzn1Ci+JR7YJMd # dq8f2Ne42ogsUVIW6JH8SKbLQXb9xOVn4fMiG9b6PgRugApS0IKAUI8OQQ2kSr2a # 1BsKEY9B7MNUeFBXB74OrutZAgMBAAGjggF5MIIBdTAfBgNVHSUEGDAWBgorBgEE # AYI3PQYBBggrBgEFBQcDAzAdBgNVHQ4EFgQULcKPAJ0r4hUrTVSYmpa5RA+uHnww # UAYDVR0RBEkwR6RFMEMxKTAnBgNVBAsTIE1pY3Jvc29mdCBPcGVyYXRpb25zIFB1 # ZXJ0byBSaWNvMRYwFAYDVQQFEw0yMzA4NjUrNDU4NDkzMB8GA1UdIwQYMBaAFOb8 # X3u7IgBY5HJOtfQhdCMy5u+sMFYGA1UdHwRPME0wS6BJoEeGRWh0dHA6Ly9jcmwu # bWljcm9zb2Z0LmNvbS9wa2kvY3JsL3Byb2R1Y3RzL01pY0NvZFNpZ1BDQV8yMDEw # LTA3LTA2LmNybDBaBggrBgEFBQcBAQROMEwwSgYIKwYBBQUHMAKGPmh0dHA6Ly93 # d3cubWljcm9zb2Z0LmNvbS9wa2kvY2VydHMvTWljQ29kU2lnUENBXzIwMTAtMDct # MDYuY3J0MAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQELBQADggEBAFxz4O+cWeBo # 86e5EImiUeJXoJ5huJwH6l3YUBLhBt+t+uE6zDtBqmygeAq+qMs3otaucTmO6VEy # LRACa7Yx8xxDLK7MAcnxwAY6SYjciErNsDf1tApeZkCIINFW/8S2QKMSQXf4OJol # jWHo1TkniL9IRmzviN9l42NYNJB9i71ezxP+6ZN4PDWi8QVe70dGCLl9O2RxPQFh # Ecl3jWdCu5C1FDRg6qMpcx3qseQR2QF4+d4EE/UQ1h3YeShbtuzxf0ksbBnQqVU2 # ZJ9E/GJUTWUSsYxsJnG8xg3G46Jz3ttfVE3coMLKh1fHqsI3XXIlVzT3BIx3N9nL # g18hwONtu5kwggZwMIIEWKADAgECAgphDFJMAAAAAAADMA0GCSqGSIb3DQEBCwUA # MIGIMQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMH # UmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMTIwMAYDVQQD # EylNaWNyb3NvZnQgUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgMjAxMDAeFw0x # MDA3MDYyMDQwMTdaFw0yNTA3MDYyMDUwMTdaMH4xCzAJBgNVBAYTAlVTMRMwEQYD # VQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24xKDAmBgNVBAMTH01pY3Jvc29mdCBDb2RlIFNpZ25p # bmcgUENBIDIwMTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDpDmRQ # eWe1xOP9CQBMnpSs91Zo6kTYz8VYT6mldnxtRbrTOZK0pB75+WWC5BfSj/1EnAjo # ZZPOLFWEv30I4y4rqEErGLeiS25JTGsVB97R0sKJHnGUzbV/S7SvCNjMiNZrF5Q6 # k84mP+zm/jSYV9UdXUn2siou1YW7WT/4kLQrg3TKK7M7RuPwRknBF2ZUyRy9HcRV # Yldy+Ge5JSA03l2mpZVeqyiAzdWynuUDtWPTshTIwciKJgpZfwfs/w7tgBI1TBKm # vlJb9aba4IsLSHfWhUfVELnG6Krui2otBVxgxrQqW5wjHF9F4xoUHm83yxkzgGqJ # TaNqZmN4k9Uwz5UfAgMBAAGjggHjMIIB3zAQBgkrBgEEAYI3FQEEAwIBADAdBgNV # HQ4EFgQU5vxfe7siAFjkck619CF0IzLm76wwGQYJKwYBBAGCNxQCBAweCgBTAHUA # YgBDAEEwCwYDVR0PBAQDAgGGMA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAU # 1fZWy4/oolxiaNE9lJBb186aGMQwVgYDVR0fBE8wTTBLoEmgR4ZFaHR0cDovL2Ny # bC5taWNyb3NvZnQuY29tL3BraS9jcmwvcHJvZHVjdHMvTWljUm9vQ2VyQXV0XzIw # MTAtMDYtMjMuY3JsMFoGCCsGAQUFBwEBBE4wTDBKBggrBgEFBQcwAoY+aHR0cDov # L3d3dy5taWNyb3NvZnQuY29tL3BraS9jZXJ0cy9NaWNSb29DZXJBdXRfMjAxMC0w # Ni0yMy5jcnQwgZ0GA1UdIASBlTCBkjCBjwYJKwYBBAGCNy4DMIGBMD0GCCsGAQUF # BwIBFjFodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vUEtJL2RvY3MvQ1BTL2RlZmF1 # bHQuaHRtMEAGCCsGAQUFBwICMDQeMiAdAEwAZQBnAGEAbABfAFAAbwBsAGkAYwB5 # AF8AUwB0AGEAdABlAG0AZQBuAHQALiAdMA0GCSqGSIb3DQEBCwUAA4ICAQAadO9X # Tyl7xBaFeLhQ0yL8CZ2sgpf4NP8qLJeVEuXkv8+/k8jjNKnbgbjcHgC+0jVvr+V/ # eZV35QLU8evYzU4eG2GiwlojGvCMqGJRRWcI4z88HpP4MIUXyDlAptcOsyEp5aWh # aYwik8x0mOehR0PyU6zADzBpf/7SJSBtb2HT3wfV2XIALGmGdj1R26Y5SMk3YW0H # 3VMZy6fWYcK/4oOrD+Brm5XWfShRsIlKUaSabMi3H0oaDmmp19zBftFJcKq2rbty # R2MX+qbWoqaG7KgQRJtjtrJpiQbHRoZ6GD/oxR0h1Xv5AiMtxUHLvx1MyBbvsZx/ # /CJLSYpuFeOmf3Zb0VN5kYWd1dLbPXM18zyuVLJSR2rAqhOV0o4R2plnXjKM+zeF # 0dx1hZyHxlpXhcK/3Q2PjJst67TuzyfTtV5p+qQWBAGnJGdzz01Ptt4FVpd69+lS # TfR3BU+FxtgL8Y7tQgnRDXbjI1Z4IiY2vsqxjG6qHeSF2kczYo+kyZEzX3EeQK+Y # Zcki6EIhJYocLWDZN4lBiSoWD9dhPJRoYFLv1keZoIBA7hWBdz6c4FMYGlAdOJWb # HmYzEyc5F3iHNs5Ow1+y9T1HU7bg5dsLYT0q15IszjdaPkBCMaQfEAjCVpy/JF1R # Ap1qedIX09rBlI4HeyVxRKsGaubUxt8jmpZ1xTGCFWYwghViAgEBMIGVMH4xCzAJ # BgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25k # MR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xKDAmBgNVBAMTH01pY3Jv # c29mdCBDb2RlIFNpZ25pbmcgUENBIDIwMTACEzMAAAMlSLKdDn/F9B8AAAAAAyUw # DQYJYIZIAWUDBAIBBQCgga4wGQYJKoZIhvcNAQkDMQwGCisGAQQBgjcCAQQwHAYK # KwYBBAGCNwIBCzEOMAwGCisGAQQBgjcCARUwLwYJKoZIhvcNAQkEMSIEIEopdEf3 # vaw+bknrxifr7wCqVwSSQ1Hlz/MHRULiG6hkMEIGCisGAQQBgjcCAQwxNDAyoBSA # EgBNAGkAYwByAG8AcwBvAGYAdKEagBhodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20w # DQYJKoZIhvcNAQEBBQAEggEAEpHxxMJW5O3yToeAphpQ2yghxrlhVAzS2dfjpRso # Ff8/2uCEJrO6/122ZwHnqU0L4/25t8wImECJ4vuzz3gooRNDyNWbReuyKfJU3zi3 # 4unFzqvyCzGyQ/dvvhy0++Rcsjz0kqiPc3ZcTY7satfIjXgVKoRd4HUcR+uSm9S3 # f8UebYaUQbg+9i/TsyNj7izv6Usa+j9PJrbXlxddfPKwrkL5u7UeQIyWkjtQAHJr # /RtOiL9ytfuIr0vmmXYMM/V9hwQgI18jkW0loJLcIYoAqGIHIFIF9IVvEUnXV/w1 # yLp4HULRA8qxuZFJqANE2j38qUnoaV74bfUHrFwCYrVrbKGCEvAwghLsBgorBgEE # AYI3AwMBMYIS3DCCEtgGCSqGSIb3DQEHAqCCEskwghLFAgEDMQ8wDQYJYIZIAWUD # BAIBBQAwggFUBgsqhkiG9w0BCRABBKCCAUMEggE/MIIBOwIBAQYKKwYBBAGEWQoD # ATAxMA0GCWCGSAFlAwQCAQUABCACc8p2Hz3gsCbkAsFAcD4L7CYAHdk/XAD1NGfb # J6p25QIGX7vQ8OVeGBIyMDIwMTIwMzE4MjI1OS41NVowBIACAfSggdSkgdEwgc4x # CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRt # b25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xKTAnBgNVBAsTIE1p # Y3Jvc29mdCBPcGVyYXRpb25zIFB1ZXJ0byBSaWNvMSYwJAYDVQQLEx1UaGFsZXMg # VFNTIEVTTjo2MEJDLUUzODMtMjYzNTElMCMGA1UEAxMcTWljcm9zb2Z0IFRpbWUt # U3RhbXAgU2VydmljZaCCDkQwggT1MIID3aADAgECAhMzAAABJt+6SyK5goIHAAAA # AAEmMA0GCSqGSIb3DQEBCwUAMHwxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNo # aW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29y # cG9yYXRpb24xJjAkBgNVBAMTHU1pY3Jvc29mdCBUaW1lLVN0YW1wIFBDQSAyMDEw # MB4XDTE5MTIxOTAxMTQ1OVoXDTIxMDMxNzAxMTQ1OVowgc4xCzAJBgNVBAYTAlVT # MRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQK # ExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xKTAnBgNVBAsTIE1pY3Jvc29mdCBPcGVy # YXRpb25zIFB1ZXJ0byBSaWNvMSYwJAYDVQQLEx1UaGFsZXMgVFNTIEVTTjo2MEJD # LUUzODMtMjYzNTElMCMGA1UEAxMcTWljcm9zb2Z0IFRpbWUtU3RhbXAgU2Vydmlj # ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJ4wvoacTvMNlXQTtfF/ # Cx5Ol3X0fcjUNMvjLgTmO5+WHYJFbp725P3+qvFKDRQHWEI1Sz0gB24urVDIjXjB # h5NVNJVMQJI2tltv7M4/4IbhZJb3xzQW7LolEoZYUZanBTUuyly9osCg4o5joViT # 2GtmyxK+Fv5kC20l2opeaeptd/E7ceDAFRM87hiNCsK/KHyC+8+swnlg4gTOey6z # QqhzgNsG6HrjLBuDtDs9izAMwS2yWT0T52QA9h3Q+B1C9ps2fMKMe+DHpG+0c61D # 94Yh6cV2XHib4SBCnwIFZAeZE2UJ4qPANSYozI8PH+E5rCT3SVqYvHou97HsXvP2 # I3MCAwEAAaOCARswggEXMB0GA1UdDgQWBBRJq6wfF7B+mEKN0VimX8ajNA5hQTAf # BgNVHSMEGDAWgBTVYzpcijGQ80N7fEYbxTNoWoVtVTBWBgNVHR8ETzBNMEugSaBH # hkVodHRwOi8vY3JsLm1pY3Jvc29mdC5jb20vcGtpL2NybC9wcm9kdWN0cy9NaWNU # aW1TdGFQQ0FfMjAxMC0wNy0wMS5jcmwwWgYIKwYBBQUHAQEETjBMMEoGCCsGAQUF # BzAChj5odHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpL2NlcnRzL01pY1RpbVN0 # YVBDQV8yMDEwLTA3LTAxLmNydDAMBgNVHRMBAf8EAjAAMBMGA1UdJQQMMAoGCCsG # AQUFBwMIMA0GCSqGSIb3DQEBCwUAA4IBAQBAlvudaOlv9Cfzv56bnX41czF6tLtH # LB46l6XUch+qNN45ZmOTFwLot3JjwSrn4oycQ9qTET1TFDYd1QND0LiXmKz9OqBX # ai6S8XdyCQEZvfL82jIAs9pwsAQ6XvV9jNybPStRgF/sOAM/Deyfmej9Tg9FcRwX # ank2qgzdZZNb8GoEze7f1orcTF0Q89IUXWIlmwEwQFYF1wjn87N4ZxL9Z/xA2m/R # 1zizFylWP/mpamCnVfZZLkafFLNUNVmcvc+9gM7vceJs37d3ydabk4wR6ObR34sW # aLppmyPlsI1Qq5Lu6bJCWoXzYuWpkoK6oEep1gML6SRC3HKVS3UscZhtMIIGcTCC # BFmgAwIBAgIKYQmBKgAAAAAAAjANBgkqhkiG9w0BAQsFADCBiDELMAkGA1UEBhMC # VVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNV # BAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEyMDAGA1UEAxMpTWljcm9zb2Z0IFJv # b3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IDIwMTAwHhcNMTAwNzAxMjEzNjU1WhcN # MjUwNzAxMjE0NjU1WjB8MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3Rv # bjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0 # aW9uMSYwJAYDVQQDEx1NaWNyb3NvZnQgVGltZS1TdGFtcCBQQ0EgMjAxMDCCASIw # DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKkdDbx3EYo6IOz8E5f1+n9plGt0 # VBDVpQoAgoX77XxoSyxfxcPlYcJ2tz5mK1vwFVMnBDEfQRsalR3OCROOfGEwWbEw # RA/xYIiEVEMM1024OAizQt2TrNZzMFcmgqNFDdDq9UeBzb8kYDJYYEbyWEeGMoQe # dGFnkV+BVLHPk0ySwcSmXdFhE24oxhr5hoC732H8RsEnHSRnEnIaIYqvS2SJUGKx # Xf13Hz3wV3WsvYpCTUBR0Q+cBj5nf/VmwAOWRH7v0Ev9buWayrGo8noqCjHw2k4G # kbaICDXoeByw6ZnNPOcvRLqn9NxkvaQBwSAJk3jN/LzAyURdXhacAQVPIk0CAwEA # AaOCAeYwggHiMBAGCSsGAQQBgjcVAQQDAgEAMB0GA1UdDgQWBBTVYzpcijGQ80N7 # fEYbxTNoWoVtVTAZBgkrBgEEAYI3FAIEDB4KAFMAdQBiAEMAQTALBgNVHQ8EBAMC # AYYwDwYDVR0TAQH/BAUwAwEB/zAfBgNVHSMEGDAWgBTV9lbLj+iiXGJo0T2UkFvX # zpoYxDBWBgNVHR8ETzBNMEugSaBHhkVodHRwOi8vY3JsLm1pY3Jvc29mdC5jb20v # cGtpL2NybC9wcm9kdWN0cy9NaWNSb29DZXJBdXRfMjAxMC0wNi0yMy5jcmwwWgYI # KwYBBQUHAQEETjBMMEoGCCsGAQUFBzAChj5odHRwOi8vd3d3Lm1pY3Jvc29mdC5j # b20vcGtpL2NlcnRzL01pY1Jvb0NlckF1dF8yMDEwLTA2LTIzLmNydDCBoAYDVR0g # AQH/BIGVMIGSMIGPBgkrBgEEAYI3LgMwgYEwPQYIKwYBBQUHAgEWMWh0dHA6Ly93 # d3cubWljcm9zb2Z0LmNvbS9QS0kvZG9jcy9DUFMvZGVmYXVsdC5odG0wQAYIKwYB # BQUHAgIwNB4yIB0ATABlAGcAYQBsAF8AUABvAGwAaQBjAHkAXwBTAHQAYQB0AGUA # bQBlAG4AdAAuIB0wDQYJKoZIhvcNAQELBQADggIBAAfmiFEN4sbgmD+BcQM9naOh # IW+z66bM9TG+zwXiqf76V20ZMLPCxWbJat/15/B4vceoniXj+bzta1RXCCtRgkQS # +7lTjMz0YBKKdsxAQEGb3FwX/1z5Xhc1mCRWS3TvQhDIr79/xn/yN31aPxzymXlK # kVIArzgPF/UveYFl2am1a+THzvbKegBvSzBEJCI8z+0DpZaPWSm8tv0E4XCfMkon # /VWvL/625Y4zu2JfmttXQOnxzplmkIz/amJ/3cVKC5Em4jnsGUpxY517IW3DnKOi # PPp/fZZqkHimbdLhnPkd/DjYlPTGpQqWhqS9nhquBEKDuLWAmyI4ILUl5WTs9/S/ # fmNZJQ96LjlXdqJxqgaKD4kWumGnEcua2A5HmoDF0M2n0O99g/DhO3EJ3110mCII # YdqwUB5vvfHhAN/nMQekkzr3ZUd46PioSKv33nJ+YWtvd6mBy6cJrDm77MbL2IK0 # cs0d9LiFAR6A+xuJKlQ5slvayA1VmXqHczsI5pgt6o3gMy4SKfXAL1QnIffIrE7a # KLixqduWsqdCosnPGUFN4Ib5KpqjEWYw07t0MkvfY3v1mYovG8chr1m1rtxEPJdQ # cdeh0sVV42neV8HR3jDA/czmTfsNv11P6Z0eGTgvvM9YBS7vDaBQNdrvCScc1bN+ # NR4Iuto229Nfj950iEkSoYIC0jCCAjsCAQEwgfyhgdSkgdEwgc4xCzAJBgNVBAYT # AlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYD # VQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xKTAnBgNVBAsTIE1pY3Jvc29mdCBP # cGVyYXRpb25zIFB1ZXJ0byBSaWNvMSYwJAYDVQQLEx1UaGFsZXMgVFNTIEVTTjo2 # MEJDLUUzODMtMjYzNTElMCMGA1UEAxMcTWljcm9zb2Z0IFRpbWUtU3RhbXAgU2Vy # dmljZaIjCgEBMAcGBSsOAwIaAxUACmcyOWmZxErpq06B8dy6oMZ6//yggYMwgYCk # fjB8MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMH # UmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSYwJAYDVQQD # Ex1NaWNyb3NvZnQgVGltZS1TdGFtcCBQQ0EgMjAxMDANBgkqhkiG9w0BAQUFAAIF # AONzfakwIhgPMjAyMDEyMDMxOTA3MjFaGA8yMDIwMTIwNDE5MDcyMVowdzA9Bgor # BgEEAYRZCgQBMS8wLTAKAgUA43N9qQIBADAKAgEAAgIoGgIB/zAHAgEAAgIRSTAK # AgUA43TPKQIBADA2BgorBgEEAYRZCgQCMSgwJjAMBgorBgEEAYRZCgMCoAowCAIB # AAIDB6EgoQowCAIBAAIDAYagMA0GCSqGSIb3DQEBBQUAA4GBAKzB0KxZ21YSR5ZB # ZfGfsSsMqo8gnv/Gk/hj12rv/vw2w7+81uMVuJKZM42NwYaFOqunHOi4mkrgnajr # s5VoGdaAnR9tVYemCcfB8JpiRUXP/TaAIWagPWMV9N8W1KNhwD8oXjB6qccDDUOs # ZCdrYduZ1r9NCsNftTTr0SAgQl0hMYIDDTCCAwkCAQEwgZMwfDELMAkGA1UEBhMC # VVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNV # BAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEmMCQGA1UEAxMdTWljcm9zb2Z0IFRp # bWUtU3RhbXAgUENBIDIwMTACEzMAAAEm37pLIrmCggcAAAAAASYwDQYJYIZIAWUD # BAIBBQCgggFKMBoGCSqGSIb3DQEJAzENBgsqhkiG9w0BCRABBDAvBgkqhkiG9w0B # CQQxIgQgjA9rw54ROtynY8O9Hq5orWUG65LFOv3PIXfQQ9q8T2QwgfoGCyqGSIb3 # DQEJEAIvMYHqMIHnMIHkMIG9BCA2/c/vnr1ecAzvapOWZ2xGfAkzrkfpGcrvMW07 # CQl1DzCBmDCBgKR+MHwxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9u # MRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRp # b24xJjAkBgNVBAMTHU1pY3Jvc29mdCBUaW1lLVN0YW1wIFBDQSAyMDEwAhMzAAAB # Jt+6SyK5goIHAAAAAAEmMCIEIM0M3nvQo53PrGZJBLdCIo3uAE9rxn4U6vzR79cx # I9L2MA0GCSqGSIb3DQEBCwUABIIBAF0hV7dAE0BWyO6J5UF+u2ETiZa0XepPEr9I # nxT9YavBguRDer3IEslL/Lk78NLuO3MVrquuZpP9iIA++zn996XgmOHHn8JK7aKq # ohJc/ujlibFqRHgyhT0aD+eDgNn7BRGcxCEjnOykis1WKi0GV3w8kZyKtK5wbGZ/ # 5BxMkYA9Rf3DgWMz/5szdG3EFQ2+Tw4yBVoJzD39oF6wpg+2TOZIVX/wza4LN6sX # 2mTkFAK8Lqai9/VnAwcdLAB7VmC+cOpxgldVaoUkDmCcTuaqDEwYJTlW0UNJJrMc # K59IoC1gj4pQcPONu5sbV9HoU0NjurTlqcejedFm/VZJP7g4AqY= # SIG # End signature block