rules/Azure.Template.Rule.ps1
|
# Copyright (c) Microsoft Corporation. # Licensed under the MIT License. # # Validation rules for Azure template and parameter files # #region Template # Synopsis: Use ARM template file structure. Rule 'Azure.Template.TemplateFile' -Ref 'AZR-000212' -Type '.json' -If { (IsTemplateFile) } -Tag @{ release = 'GA'; ruleSet = '2020_06' } { $jsonObject = $PSRule.GetContentFirstOrDefault($TargetObject); $Assert.HasFields($jsonObject, @('$schema', 'contentVersion', 'resources')); $jsonObject.PSObject.Properties | Within 'Name' '$schema', 'contentVersion', 'metadata', 'parameters', 'functions', 'variables', 'resources', 'outputs'; } # Synopsis: Use a more recent version of the Azure template schema. Rule 'Azure.Template.TemplateSchema' -Ref 'AZR-000213' -Type '.json' -If { (IsTemplateFile) } -Tag @{ release = 'GA'; ruleSet = '2021_09'; } { $jsonObject = $PSRule.GetContentFirstOrDefault($TargetObject); $Assert.HasJsonSchema($jsonObject, @( 'https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json' 'https://schema.management.azure.com/schemas/2018-05-01/subscriptionDeploymentTemplate.json' 'https://schema.management.azure.com/schemas/2019-08-01/tenantDeploymentTemplate.json' 'https://schema.management.azure.com/schemas/2019-08-01/managementGroupDeploymentTemplate.json' ), $True); } # Synopsis: Use a Azure template schema with the https scheme. Rule 'Azure.Template.TemplateScheme' -Ref 'AZR-000214' -Type '.json' -If { (IsTemplateFile) } -Tag @{ release = 'GA'; ruleSet = '2021_09'; } { $jsonObject = $PSRule.GetContentFirstOrDefault($TargetObject); $Assert.StartsWith($jsonObject, '$schema', 'https://'); } # Synopsis: Use template parameter descriptions. Rule 'Azure.Template.ParameterMetadata' -Ref 'AZR-000215' -Type '.json' -If { (IsTemplateFile) } -Tag @{ release = 'GA'; ruleSet = '2020_09' } { $parameters = @(GetTemplateParameters); if ($parameters.Length -eq 0) { return $Assert.Pass(); } foreach ($parameter in $parameters) { $Assert.HasFieldValue($parameter.value, 'metadata.description'). Reason($LocalizedData.TemplateParameterDescription, $parameter.name); } } # Synopsis: ARM templates should include at least one resource. Rule 'Azure.Template.Resources' -Ref 'AZR-000216' -Type '.json' -If { (IsTemplateFile) } -Tag @{ release = 'GA'; ruleSet = '2020_09' } { $jsonObject = $PSRule.GetContent($TargetObject)[0]; $Assert.GreaterOrEqual($jsonObject, 'resources', 1); } # Synopsis: ARM template parameters should be used at least once. Rule 'Azure.Template.UseParameters' -Ref 'AZR-000217' -Type '.json' -If { (IsTemplateFile) } -Tag @{ release = 'GA'; ruleSet = '2020_09' } { $jsonContent = Get-Content -Path $TargetObject.FullName -Raw; $parameters = @(GetTemplateParameters); if ($parameters.Length -eq 0) { return $Assert.Pass(); } foreach ($parameter in $parameters) { $Assert.Match($jsonContent, '.', "\`"\[[\s\S]*parameters\(\s{0,}'$($parameter.name.Replace('$', '\$'))'\s{0,}\)[\s\S]*\]\`""). Reason($LocalizedData.ParameterNotFound, $parameter.name); } } # Synopsis: Each Azure Resource Manager (ARM) template file should contain a minimal number of parameters. Rule 'Azure.Template.DefineParameters' -Ref 'AZR-000218' -Type '.json' -If { (IsTemplateFile) -and !(IsGenerated) } -Tag @{ release = 'GA'; ruleSet = '2021_03'; } { $parameters = @(GetTemplateParameters); $Assert.GreaterOrEqual($parameters, '.', 1); } # Synopsis: ARM template variables should be used at least once. Rule 'Azure.Template.UseVariables' -Ref 'AZR-000219' -Type '.json' -If { (IsTemplateFile) } -Tag @{ release = 'GA'; ruleSet = '2020_09' } { $jsonObject = $PSRule.GetContent($TargetObject)[0]; $jsonContent = Get-Content -Path $TargetObject.FullName -Raw; $variableNames = @($jsonObject.variables.PSObject.Properties | Where-Object { $_.MemberType -eq 'NoteProperty' } | ForEach-Object { $variable = $_; if ($variable.name -eq 'copy') { $variable.value | ForEach-Object { $_.name; } } else { $variable.name; } }); if ($variableNames.Length -eq 0) { return $Assert.Pass(); } foreach ($variableName in $variableNames) { $Assert.Match($jsonContent, '.', "\`"\[[\s\S]*variables\(\s{0,}'$([System.Text.RegularExpressions.Regex]::Escape($variableName))'\s{0,}\)[\s\S]*\]\`""). Reason($LocalizedData.VariableNotFound, $variableName); } } # Synopsis: Set the default value for location parameters within ARM template to the default value to `[resourceGroup().location]`. Rule 'Azure.Template.LocationDefault' -Ref 'AZR-000220' -Type '.json' -If { (HasLocationParameter) } -Tag @{ release = 'GA'; ruleSet = '2021_03' } { # https://github.com/Azure/arm-ttk/blob/master/arm-ttk/testcases/deploymentTemplate/Location-Should-Not-Be-Hardcoded.test.ps1 $parameters = @(GetTemplateParameters -Name 'location'); foreach ($parameter in $parameters) { if ($Assert.HasFieldValue($parameter.Value, 'defaultValue', 'global').Result) { $Assert.Pass(); } else { $defaultValue = [PSRule.Rules.Azure.Runtime.Helper]::CompressExpression($parameter.Value.defaultValue); $Assert.HasFieldValue($defaultValue, '.', '[resourceGroup().location]'). Reason($LocalizedData.ParameterInvalidDefaultValue, $parameter.Name, $parameter.Value.defaultValue); } } } # Synopsis: Location parameters should use a string value. Rule 'Azure.Template.LocationType' -Ref 'AZR-000221' -Type '.json' -If { (HasLocationParameter) } -Tag @{ release = 'GA'; ruleSet = '2021_03'; } { # https://github.com/Azure/arm-ttk/blob/master/arm-ttk/testcases/deploymentTemplate/Location-Should-Not-Be-Hardcoded.test.ps1 $parameters = @(GetTemplateParameters -Name 'location'); foreach ($parameter in $parameters) { $Assert.HasFieldValue($parameter.Value, 'type', 'string'); } } # Synopsis: Template resource location should be an expression or `global`. Rule 'Azure.Template.ResourceLocation' -Ref 'AZR-000222' -Type '.json' -If { (HasTemplateResources) } -Tag @{ release = 'GA'; ruleSet = '2021_03'; } { # https://github.com/Azure/arm-ttk/blob/master/arm-ttk/testcases/deploymentTemplate/Resources-Should-Have-Location.test.ps1 $resources = @(GetTemplateResources); if ($resources.Length -eq 0) { return $Assert.Pass(); } foreach ($resource in $resources) { AnyOf { $Assert.NotHasField($resource, 'location'); $Assert.HasFieldValue($resource, 'location', 'global'); $Assert.Match($resource, 'location', '^\[.*\]$'); } } } # Synopsis: Template should reference a location parameter to specify resource location. Rule 'Azure.Template.UseLocationParameter' -Ref 'AZR-000223' -Type '.json' -If { (IsTemplateFile -Suffix '/deploymentTemplate.json') -and !(IsGenerated) } -Tag @{ release = 'GA'; ruleSet = '2021_03'; } { $jsonObject = $PSRule.GetContent($TargetObject)[0]; if ($Assert.HasField($jsonObject, 'parameters.location').Result) { $jsonObject.parameters.PSObject.Properties.Remove('location') } $content = $jsonObject | ConvertTo-Json -Depth 100; $Assert.NotMatch($content, '.', 'resourceGroup\(\s{0,}\)\.location'). Reason($LocalizedData.ExpressionInTemplate, 'resourceGroup().location'); } # Synopsis: Template parameters `minValue` and `maxValue` constraints must be valid. Rule 'Azure.Template.ParameterMinMaxValue' -Ref 'AZR-000224' -Type '.json' -If { (HasTemplateParameters) } -Tag @{ release = 'GA'; ruleSet = '2021_03'; } { # https://github.com/Azure/arm-ttk/blob/master/arm-ttk/testcases/deploymentTemplate/Min-And-Max-Value-Are-Numbers.test.ps1 # Get parameters with either minValue or maxValue $parameters = @(GetTemplateParameters | Where-Object { $Assert.HasField($_.Value, @('minValue', 'maxValue')).Result }); if ($parameters.Length -eq 0) { return $Assert.Pass(); } foreach ($parameter in $parameters) { $Assert.HasFieldValue($parameter.Value, 'type', 'int'); if ($Assert.HasField($parameter.Value, 'minValue').Result) { $Assert.IsInteger($parameter.Value, 'minValue'). Reason($LocalizedData.ParameterTypeMismatch, 'minValue', $parameter.Name, 'int'); } if ($Assert.HasField($parameter.Value, 'maxValue').Result) { $Assert.IsInteger($parameter.Value, 'maxValue'). Reason($LocalizedData.ParameterTypeMismatch, 'maxValue', $parameter.Name, 'int'); } } } # Synopsis: Use default deployment detail level for nested deployments. Rule 'Azure.Template.DebugDeployment' -Ref 'AZR-000225' -Type '.json' -If { (HasTemplateResources) } -Tag @{ release = 'GA'; ruleSet = '2021_03'; } { # https://github.com/Azure/arm-ttk/blob/master/arm-ttk/testcases/deploymentTemplate/Deployment-Resources-Must-Not-Be-Debug.test.ps1 # Get deployments $resources = @($PSRule.GetContent($TargetObject)[0].resources | Where-Object { $Assert.HasFieldValue($_, 'type', 'Microsoft.Resources/deployments').Result }); if ($resources.Length -eq 0) { return $Assert.Pass(); } foreach ($resource in $resources) { $Assert.HasDefaultValue($resource, 'properties.debugSetting.detailLevel', 'None'); } } # Synopsis: Set the parameter default value to a value of the same type. Rule 'Azure.Template.ParameterDataTypes' -Ref 'AZR-000226' -Type '.json' -If { (HasTemplateParameters) } -Tag @{ release = 'GA'; ruleSet = '2021_03'; } { $jsonObject = $PSRule.GetContent($TargetObject)[0]; $parameters = @($jsonObject.parameters.PSObject.Properties); if ($parameters.Length -eq 0) { return $Assert.Pass(); } foreach ($parameter in $parameters) { if (!$Assert.HasField($parameter.Value, 'defaultValue').Result) { # No defaultValue $Assert.Pass(); } elseif ($parameter.Value.defaultValue -is [string] -and $parameter.Value.defaultValue.StartsWith('[') -and $parameter.Value.defaultValue.EndsWith(']')) { # Is function $Assert.Pass(); } elseif ($Null -eq $parameter.Value.defaultValue) { # defaultValue is null $Assert.Pass(); } elseif ($parameter.Value.type -eq 'bool') { $Assert.IsBoolean($parameter.Value, 'defaultValue'). Reason($LocalizedData.ParameterTypeMismatch, 'defaultValue', $parameter.Name, $parameter.Value.type); } elseif ($parameter.Value.type -eq 'int') { $Assert.IsInteger($parameter.Value, 'defaultValue'). Reason($LocalizedData.ParameterTypeMismatch, 'defaultValue', $parameter.Name, $parameter.Value.type); } elseif ($parameter.Value.type -eq 'array') { $Assert.IsArray($parameter.Value, 'defaultValue'). Reason($LocalizedData.ParameterTypeMismatch, 'defaultValue', $parameter.Name, $parameter.Value.type); } elseif ($parameter.Value.type -eq 'string' -or $parameter.Value.type -eq 'secureString') { $Assert.IsString($parameter.Value, 'defaultValue'). Reason($LocalizedData.ParameterTypeMismatch, 'defaultValue', $parameter.Name, $parameter.Value.type); } elseif ($parameter.Value.type -eq 'object' -or $parameter.Value.type -eq 'secureObject') { $Assert.TypeOf($parameter.Value, 'defaultValue', [PSObject]). Reason($LocalizedData.ParameterTypeMismatch, 'defaultValue', $parameter.Name, $parameter.Value.type); } } } # Synopsis: Set the parameter value to a value that matches the specified strong type. Rule 'Azure.Template.ParameterStrongType' -Ref 'AZR-000227' -Type 'Microsoft.Resources/deployments' -Tag @{ release = 'GA'; ruleSet = '2021_12'; } { $Assert.Create($PSRule.Issue.Get('PSRule.Rules.Azure.Template.ParameterStrongType')); } # Synopsis: Template expressions should not exceed the maximum length. Rule 'Azure.Template.ExpressionLength' -Ref 'AZR-000228' -Type 'Microsoft.Resources/deployments' -Tag @{ release = 'GA'; ruleSet = '2021_12'; } { $Assert.Create($PSRule.Issue.Get('PSRule.Rules.Azure.Template.ExpressionLength')); } #endregion Template #region Parameters # Synopsis: Use ARM parameter file structure. Rule 'Azure.Template.ParameterFile' -Ref 'AZR-000229' -Type '.json' -If { (IsParameterFile) } -Tag @{ release = 'GA'; ruleSet = '2020_06' } { $jsonObject = $PSRule.GetContentFirstOrDefault($TargetObject); $Assert.HasFields($jsonObject, @('$schema', 'contentVersion', 'parameters')); $jsonObject.PSObject.Properties | Within 'Name' '$schema', 'contentVersion', 'metadata', 'parameters'; } # Synopsis: Use a Azure template parameter schema with the https scheme. Rule 'Azure.Template.ParameterScheme' -Ref 'AZR-000230' -Type '.json' -If { (IsParameterFile) } -Tag @{ release = 'GA'; ruleSet = '2021_09'; } { $jsonObject = $PSRule.GetContentFirstOrDefault($TargetObject); $Assert.StartsWith($jsonObject, '$schema', 'https://'); } # Synopsis: Configure a metadata link for each parameter file. Rule 'Azure.Template.MetadataLink' -Ref 'AZR-000231' -Type '.json' -If { $Configuration.AZURE_PARAMETER_FILE_METADATA_LINK -eq $True -and (IsParameterFile) } -Tag @{ release = 'GA'; ruleSet = '2021_09' } { $jsonObject = $PSRule.GetContentFirstOrDefault($TargetObject); $field = $Assert.HasFieldValue($jsonObject, 'metadata.template'); if (!$field.Result) { return $field; } $path = [PSRule.Rules.Azure.Runtime.Helper]::GetMetadataLinkPath($TargetObject.FullName, $jsonObject.metadata.template) $Assert.FilePath($path, '.'); $Assert.WithinPath($path, '.', @($PWD)); } # Synopsis: Specify a value for each parameter in template parameter files. Rule 'Azure.Template.ParameterValue' -Ref 'AZR-000232' -Type '.json' -If { (IsParameterFile) } -Tag @{ release = 'GA'; ruleSet = '2021_09'; } { $jsonObject = $PSRule.GetContentFirstOrDefault($TargetObject); $parameters = @($jsonObject.parameters.PSObject.Properties | Where-Object { $_.MemberType -eq 'NoteProperty' }); if ($parameters.Length -eq 0) { return $Assert.Pass(); } foreach ($parameter in $parameters) { if ($Assert.HasField($parameter.Value, 'value').Result -or $Assert.HasFieldValue($parameter.Value, 'reference').Result) { $Assert.Pass(); } else { $Assert.Fail($LocalizedData.ParameterValueNotSet, $parameter.Name); } } } # Synopsis: Use a valid secret reference within parameter files. Rule 'Azure.Template.ValidSecretRef' -Ref 'AZR-000233' -Type '.json' -If { (IsParameterFile) } -Tag @{ release = 'GA'; ruleSet = '2021_09'; } { $jsonObject = $PSRule.GetContentFirstOrDefault($TargetObject); $parameters = @($jsonObject.parameters.PSObject.Properties | Where-Object { $_.MemberType -eq 'NoteProperty' -and $Assert.HasField($_.Value, 'reference').Result }); if ($parameters.Length -eq 0) { return $Assert.Pass(); } foreach ($parameter in $parameters) { $Assert.Match($parameter.Value, 'reference.keyVault.id', '^\/subscriptions\/(.+?)\/resourceGroups\/(.+?)\/providers\/Microsoft\.KeyVault\/vaults\/[A-Za-z](-|[A-Za-z0-9])*[A-Za-z0-9]$'); $Assert.Match($parameter.Value, 'reference.secretName', '^[A-Za-z0-9-]{1,127}$'); } } # Synopsis: Use comments for each resource in ARM template to communicate purpose. Rule 'Azure.Template.UseComments' -Ref 'AZR-000234' -Type '.json' -If { (IsTemplateFile) -and !(IsGenerated) } -Tag @{ release = 'GA'; ruleSet = '2021_12'; } { $resources = @(GetTemplateResources | Where-Object { $Assert.NullOrEmpty($_, 'comments').Result }); $Assert.Count($resources, '.', 0).Reason( $LocalizedData.TemplateResourceWithoutComment, $TargetObject.FullName, $resources.Length ); } # Synopsis: Use descriptions for each resource in generated template(bicep, psarm, AzOps) to communicate purpose. Rule 'Azure.Template.UseDescriptions' -Ref 'AZR-000235' -Type '.json' -If { (IsTemplateFile) -and (IsGenerated) } -Tag @{ release = 'GA'; ruleSet = '2021_12'; } { $resources = @(GetTemplateResources | Where-Object { $Assert.NullOrEmpty($_, 'metadata.description').Result }); $Assert.Count($resources, '.', 0).Reason( $LocalizedData.TemplateResourceWithoutDescription, $TargetObject.FullName, $resources.Length ); } #endregion Parameters #region Helper functions # Determines if the object is a Azure Resource Manager template file function global:IsTemplateFile { [CmdletBinding()] [OutputType([System.Boolean])] param ( [Parameter(Mandatory = $False)] [String]$Suffix ) process { if ($PSRule.TargetType -ne '.json') { return $False; } try { $jsonObject = $PSRule.GetContent($TargetObject)[0]; [String]$targetSchema = $jsonObject.'$schema'; $schemas = @( # Https "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json`#" "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json`#" "https://schema.management.azure.com/schemas/2018-05-01/subscriptionDeploymentTemplate.json`#" "https://schema.management.azure.com/schemas/2019-08-01/tenantDeploymentTemplate.json`#" "https://schema.management.azure.com/schemas/2019-08-01/managementGroupDeploymentTemplate.json`#" # Http "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json`#" "http://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json`#" "http://schema.management.azure.com/schemas/2018-05-01/subscriptionDeploymentTemplate.json`#" "http://schema.management.azure.com/schemas/2019-08-01/tenantDeploymentTemplate.json`#" "http://schema.management.azure.com/schemas/2019-08-01/managementGroupDeploymentTemplate.json`#" ) return $targetSchema -in $schemas -and ([String]::IsNullOrEmpty($Suffix) -or $targetSchema.Trim("`#").EndsWith($Suffix)); } catch { return $False; } } } # Determines if the object is a Azure Resource Manager parameter file function global:IsParameterFile { [CmdletBinding()] [OutputType([System.Boolean])] param () process { if ($PSRule.TargetType -ne '.json') { return $False; } try { $jsonObject = $PSRule.GetContent($TargetObject)[0]; $schemas = @( # Https "https://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json`#" "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json`#" "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json`#" "https://schema.management.azure.com/schemas/2018-05-01/subscriptionDeploymentParameters.json`#" "https://schema.management.azure.com/schemas/2019-08-01/tenantDeploymentParameters.json`#" "https://schema.management.azure.com/schemas/2019-08-01/managementGroupDeploymentParameters.json`#" # Http "http://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json`#" "http://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json`#" "http://schema.management.azure.com/schemas/2018-05-01/subscriptionDeploymentParameters.json`#" "http://schema.management.azure.com/schemas/2019-08-01/tenantDeploymentParameters.json`#" "http://schema.management.azure.com/schemas/2019-08-01/managementGroupDeploymentParameters.json`#" ) return $jsonObject.'$schema' -in $schemas; } catch { return $False; } } } function global:HasLocationParameter { [CmdletBinding()] [OutputType([System.Boolean])] param () process { if (!(IsTemplateFile -Suffix '/deploymentTemplate.json')) { return $False; } $jsonObject = $PSRule.GetContent($TargetObject)[0]; return $Assert.HasField($jsonObject, 'parameters.location').Result; } } function global:HasTemplateParameters { [CmdletBinding()] [OutputType([System.Boolean])] param () process { if (!(IsTemplateFile)) { return $False; } $parameters = @($PSRule.GetContent($TargetObject)[0].parameters.PSObject.Properties | Where-Object { $_.MemberType -eq 'NoteProperty' }); return $Assert.GreaterOrEqual($parameters, '.', 1).Result; } } function global:HasTemplateResources { [CmdletBinding()] [OutputType([System.Boolean])] param () process { if (!(IsTemplateFile)) { return $False; } $jsonObject = $PSRule.GetContent($TargetObject)[0].resources; return $Assert.GreaterOrEqual($jsonObject, '.', 1).Result; } } function global:GetTemplateParameters { [CmdletBinding()] [OutputType([PSObject])] param ( [Parameter(Mandatory = $False)] [String[]]$Name ) process { $parameters = @($PSRule.GetContent($TargetObject)[0].parameters.PSObject.Properties | Where-Object { $_.MemberType -eq 'NoteProperty' }); return $parameters | Where-Object { $Null -eq $Name -or $_.Name -in $Name }; } } function global:GetTemplateResources { [CmdletBinding()] [OutputType([PSObject])] param () process { $PSRule.GetContent($TargetObject)[0].resources | ForEach-Object { # Emit each resource $_; # Emit resources in nested templates if ($Assert.HasFieldValue($_, 'type', 'Microsoft.Resources/deployments').Result -and $Assert.GreaterOrEqual($_, 'properties.template.resources', 1).Result) { $_.properties.template.resources; } # Emit sub-resources elseif ($Assert.GreaterOrEqual($_, 'resources', 1).Result) { $_.resources; } } } } function global:IsGenerated { [CmdletBinding()] param () process { if ($PSRule.TargetType -ne '.json') { return $False; } try { $jsonObject = $PSRule.GetContentFirstOrDefault($TargetObject); return $Assert.In($jsonObject, 'metadata._generator.name', @('bicep', 'psarm', 'AzOps')).Result; } catch { return $False; } } } #endregion Helper functions # SIG # Begin signature block # MIInlQYJKoZIhvcNAQcCoIInhjCCJ4ICAQExDzANBglghkgBZQMEAgEFADB5Bgor # BgEEAYI3AgEEoGswaTA0BgorBgEEAYI3AgEeMCYCAwEAAAQQH8w7YFlLCE63JNLG # KX7zUQIBAAIBAAIBAAIBAAIBADAxMA0GCWCGSAFlAwQCAQUABCCJ+qIB/g5iMf0c # jCiPOVDhi75xz2EYTHhaO2hAe/u7uaCCDXYwggX0MIID3KADAgECAhMzAAACURR2 # zMWFg24LAAAAAAJRMA0GCSqGSIb3DQEBCwUAMH4xCzAJBgNVBAYTAlVTMRMwEQYD # VQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24xKDAmBgNVBAMTH01pY3Jvc29mdCBDb2RlIFNpZ25p # bmcgUENBIDIwMTEwHhcNMjEwOTAyMTgzMjU5WhcNMjIwOTAxMTgzMjU5WjB0MQsw # CQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9u # ZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMR4wHAYDVQQDExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB # AQDBIpXR3b1IYAMunV9ZYBVYsaA7S64mqacKy/OJUf0Lr/LW/tWlJDzJH9nFAhs0 # zzSdQQcLhShOSTUxtlwZD9dnfIcx4pZgu0VHkqQw2dVc8Ob21GBo5sVrXgEAQxZo # rlEuAl20KpSIFLUBwoZFGFSQNSMcqPudXOw+Mhvn6rXYv/pjXIjgBntn6p1f+0+C # 2NXuFrIwjJIJd0erGefwMg//VqUTcRaj6SiCXSY6kjO1J9P8oaRQBHIOFEfLlXQ3 # a1ATlM7evCUvg3iBprpL+j1JMAUVv+87NRApprPyV75U/FKLlO2ioDbb69e3S725 # XQLW+/nJM4ihVQ0BHadh74/lAgMBAAGjggFzMIIBbzAfBgNVHSUEGDAWBgorBgEE # AYI3TAgBBggrBgEFBQcDAzAdBgNVHQ4EFgQUMLgM7NX5EnpPfK5uU6FPvn2g/Ekw # RQYDVR0RBD4wPKQ6MDgxHjAcBgNVBAsTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEW # MBQGA1UEBRMNMjMwMDEyKzQ2NzU5NjAfBgNVHSMEGDAWgBRIbmTlUAXTgqoXNzci # tW2oynUClTBUBgNVHR8ETTBLMEmgR6BFhkNodHRwOi8vd3d3Lm1pY3Jvc29mdC5j # b20vcGtpb3BzL2NybC9NaWNDb2RTaWdQQ0EyMDExXzIwMTEtMDctMDguY3JsMGEG # CCsGAQUFBwEBBFUwUzBRBggrBgEFBQcwAoZFaHR0cDovL3d3dy5taWNyb3NvZnQu # Y29tL3BraW9wcy9jZXJ0cy9NaWNDb2RTaWdQQ0EyMDExXzIwMTEtMDctMDguY3J0 # MAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQELBQADggIBAIVJlff+Fp0ylEJhmvap # NVv1bYLSWf58OqRRIDnXbHQ+FobsOwL83/ncPC3xl8ySR5uK/af4ZDy7DcDw0yEd # mKbRLzHIfcztZVSrlsg0GKwZuaB2MEI1VizNCoZlN+HlFZa4DNm3J0LhTWrZjVR0 # M6V57cFW0GsV4NlqmtelT9JFEae7PomwgAV9xOScz8HzvbZeERcoSRp9eRsQwOw7 # 8XeCLeglqjUnz9gFM7RliCYP58Fgphtkht9LNEcErLOVW17m6/Dj75zg/IS+//6G # FEK2oXnw5EIIWZraFHqSaee+NMgOw/R6bwB8qLv5ClOJEpGKA3XPJvS9YgOpF920 # Vu4Afqa5Rv5UJKrsxA7HOiuH4TwpkP3XQ801YLMp4LavXnvqNkX5lhFcITvb01GQ # lcC5h+XfCv0L4hUum/QrFLavQXJ/vtirCnte5Bediqmjx3lswaTRbr/j+KX833A1 # l9NIJmdGFcVLXp1en3IWG/fjLIuP7BqPPaN7A1tzhWxL+xx9yw5vQiT1Yn14YGmw # OzBYYLX0H9dKRLWMxMXGvo0PWEuXzYyrdDQExPf66Fq/EiRpZv2EYl2gbl9fxc3s # qoIkyNlL1BCrvmzunkwt4cwvqWremUtqTJ2B53MbBHlf4RfvKz9NVuh5KHdr82AS # MMjU4C8KNTqzgisqQdCy8unTMIIHejCCBWKgAwIBAgIKYQ6Q0gAAAAAAAzANBgkq # hkiG9w0BAQsFADCBiDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24x # EDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlv # bjEyMDAGA1UEAxMpTWljcm9zb2Z0IFJvb3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5 # IDIwMTEwHhcNMTEwNzA4MjA1OTA5WhcNMjYwNzA4MjEwOTA5WjB+MQswCQYDVQQG # EwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwG # A1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSgwJgYDVQQDEx9NaWNyb3NvZnQg # Q29kZSBTaWduaW5nIFBDQSAyMDExMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC # CgKCAgEAq/D6chAcLq3YbqqCEE00uvK2WCGfQhsqa+laUKq4BjgaBEm6f8MMHt03 # a8YS2AvwOMKZBrDIOdUBFDFC04kNeWSHfpRgJGyvnkmc6Whe0t+bU7IKLMOv2akr # rnoJr9eWWcpgGgXpZnboMlImEi/nqwhQz7NEt13YxC4Ddato88tt8zpcoRb0Rrrg # OGSsbmQ1eKagYw8t00CT+OPeBw3VXHmlSSnnDb6gE3e+lD3v++MrWhAfTVYoonpy # 4BI6t0le2O3tQ5GD2Xuye4Yb2T6xjF3oiU+EGvKhL1nkkDstrjNYxbc+/jLTswM9 # sbKvkjh+0p2ALPVOVpEhNSXDOW5kf1O6nA+tGSOEy/S6A4aN91/w0FK/jJSHvMAh # dCVfGCi2zCcoOCWYOUo2z3yxkq4cI6epZuxhH2rhKEmdX4jiJV3TIUs+UsS1Vz8k # A/DRelsv1SPjcF0PUUZ3s/gA4bysAoJf28AVs70b1FVL5zmhD+kjSbwYuER8ReTB # w3J64HLnJN+/RpnF78IcV9uDjexNSTCnq47f7Fufr/zdsGbiwZeBe+3W7UvnSSmn # Eyimp31ngOaKYnhfsi+E11ecXL93KCjx7W3DKI8sj0A3T8HhhUSJxAlMxdSlQy90 # lfdu+HggWCwTXWCVmj5PM4TasIgX3p5O9JawvEagbJjS4NaIjAsCAwEAAaOCAe0w # ggHpMBAGCSsGAQQBgjcVAQQDAgEAMB0GA1UdDgQWBBRIbmTlUAXTgqoXNzcitW2o # ynUClTAZBgkrBgEEAYI3FAIEDB4KAFMAdQBiAEMAQTALBgNVHQ8EBAMCAYYwDwYD # VR0TAQH/BAUwAwEB/zAfBgNVHSMEGDAWgBRyLToCMZBDuRQFTuHqp8cx0SOJNDBa # BgNVHR8EUzBRME+gTaBLhklodHRwOi8vY3JsLm1pY3Jvc29mdC5jb20vcGtpL2Ny # bC9wcm9kdWN0cy9NaWNSb29DZXJBdXQyMDExXzIwMTFfMDNfMjIuY3JsMF4GCCsG # AQUFBwEBBFIwUDBOBggrBgEFBQcwAoZCaHR0cDovL3d3dy5taWNyb3NvZnQuY29t # L3BraS9jZXJ0cy9NaWNSb29DZXJBdXQyMDExXzIwMTFfMDNfMjIuY3J0MIGfBgNV # HSAEgZcwgZQwgZEGCSsGAQQBgjcuAzCBgzA/BggrBgEFBQcCARYzaHR0cDovL3d3 # dy5taWNyb3NvZnQuY29tL3BraW9wcy9kb2NzL3ByaW1hcnljcHMuaHRtMEAGCCsG # AQUFBwICMDQeMiAdAEwAZQBnAGEAbABfAHAAbwBsAGkAYwB5AF8AcwB0AGEAdABl # AG0AZQBuAHQALiAdMA0GCSqGSIb3DQEBCwUAA4ICAQBn8oalmOBUeRou09h0ZyKb # C5YR4WOSmUKWfdJ5DJDBZV8uLD74w3LRbYP+vj/oCso7v0epo/Np22O/IjWll11l # hJB9i0ZQVdgMknzSGksc8zxCi1LQsP1r4z4HLimb5j0bpdS1HXeUOeLpZMlEPXh6 # I/MTfaaQdION9MsmAkYqwooQu6SpBQyb7Wj6aC6VoCo/KmtYSWMfCWluWpiW5IP0 # wI/zRive/DvQvTXvbiWu5a8n7dDd8w6vmSiXmE0OPQvyCInWH8MyGOLwxS3OW560 # STkKxgrCxq2u5bLZ2xWIUUVYODJxJxp/sfQn+N4sOiBpmLJZiWhub6e3dMNABQam # ASooPoI/E01mC8CzTfXhj38cbxV9Rad25UAqZaPDXVJihsMdYzaXht/a8/jyFqGa # J+HNpZfQ7l1jQeNbB5yHPgZ3BtEGsXUfFL5hYbXw3MYbBL7fQccOKO7eZS/sl/ah # XJbYANahRr1Z85elCUtIEJmAH9AAKcWxm6U/RXceNcbSoqKfenoi+kiVH6v7RyOA # 9Z74v2u3S5fi63V4GuzqN5l5GEv/1rMjaHXmr/r8i+sLgOppO6/8MO0ETI7f33Vt # Y5E90Z1WTk+/gFcioXgRMiF670EKsT/7qMykXcGhiJtXcVZOSEXAQsmbdlsKgEhr # /Xmfwb1tbWrJUnMTDXpQzTGCGXUwghlxAgEBMIGVMH4xCzAJBgNVBAYTAlVTMRMw # EQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVN # aWNyb3NvZnQgQ29ycG9yYXRpb24xKDAmBgNVBAMTH01pY3Jvc29mdCBDb2RlIFNp # Z25pbmcgUENBIDIwMTECEzMAAAJRFHbMxYWDbgsAAAAAAlEwDQYJYIZIAWUDBAIB # BQCgga4wGQYJKoZIhvcNAQkDMQwGCisGAQQBgjcCAQQwHAYKKwYBBAGCNwIBCzEO # MAwGCisGAQQBgjcCARUwLwYJKoZIhvcNAQkEMSIEIItjCyWrXCyOt2MX57VHdfZV # 2OYYImAxv6BAwf91g8EaMEIGCisGAQQBgjcCAQwxNDAyoBSAEgBNAGkAYwByAG8A # cwBvAGYAdKEagBhodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20wDQYJKoZIhvcNAQEB # BQAEggEAbbeAeBrVmUSqIy2fSu+B2/r1mrtvIrXMoKRQ6VXAO625W1NizwnHP/e4 # HulYETkYE5eqc+bXPMa4f6vQBtxpba3RXsrJbR0qZJoEDEnKhoDlG05lkmpnmbP5 # chrWKXUpzWjWej5e3Y0QlNgfGRlrYO2HJ9rekBNYr5CcFnbDCol3pfQjLlSeVkbt # vxOrFFKF4w0nOmXUCaW/09RbVbyDApqWDyUmrJ3djyjeWxb0da66C9q1oE0pIay/ # oBc+QPcVlL80JWROrqpvmR89Khq+F7B8gNR3z99xF3VQy5y24qqiS3VKetpFrSqd # VNX+nGdEqN3S1dDLSnwJKFD0WS2uvqGCFv8wghb7BgorBgEEAYI3AwMBMYIW6zCC # FucGCSqGSIb3DQEHAqCCFtgwghbUAgEDMQ8wDQYJYIZIAWUDBAIBBQAwggFQBgsq # hkiG9w0BCRABBKCCAT8EggE7MIIBNwIBAQYKKwYBBAGEWQoDATAxMA0GCWCGSAFl # AwQCAQUABCAOD4+L0wmBikIn4jp0Y7ASf37erfkNA9j31OBqA7QQzQIGYrSffA48 # GBIyMDIyMDcwNjExNDIzMi43MlowBIACAfSggdCkgc0wgcoxCzAJBgNVBAYTAlVT # MRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQK # ExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xJTAjBgNVBAsTHE1pY3Jvc29mdCBBbWVy # aWNhIE9wZXJhdGlvbnMxJjAkBgNVBAsTHVRoYWxlcyBUU1MgRVNOOkU1QTYtRTI3 # Qy01OTJFMSUwIwYDVQQDExxNaWNyb3NvZnQgVGltZS1TdGFtcCBTZXJ2aWNloIIR # VzCCBwwwggT0oAMCAQICEzMAAAGVt/wN1uM3MSUAAQAAAZUwDQYJKoZIhvcNAQEL # BQAwfDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcT # B1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEmMCQGA1UE # AxMdTWljcm9zb2Z0IFRpbWUtU3RhbXAgUENBIDIwMTAwHhcNMjExMjAyMTkwNTEy # WhcNMjMwMjI4MTkwNTEyWjCByjELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hp # bmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jw # b3JhdGlvbjElMCMGA1UECxMcTWljcm9zb2Z0IEFtZXJpY2EgT3BlcmF0aW9uczEm # MCQGA1UECxMdVGhhbGVzIFRTUyBFU046RTVBNi1FMjdDLTU5MkUxJTAjBgNVBAMT # HE1pY3Jvc29mdCBUaW1lLVN0YW1wIFNlcnZpY2UwggIiMA0GCSqGSIb3DQEBAQUA # A4ICDwAwggIKAoICAQCfbUEMZ7ZLOz9aoRCeJL4hhT9Q8JZB2xaVlMNCt3bwhcTI # 5GLPrt2e93DAsmlqOzw1cFiPPg6S5sLCXz7LbbUQpLha8S4v2qccMtTokEaDQS+Q # JErnAsl6VSmRvAy0nlj+C/PaZuLb3OzY0ARw7UeCZLpyWPPH+k5MdYj6NUDTNoXq # bzQHCuPs+fgIoro5y3DHoO077g6Ir2THIx1yfVFEt5zDcFPOYMg4yBi4A6Xc3hm9 # tZ6w849nBvVKwm5YALfH3y/f3n4LnN61b1wzAx3ZCZjf13UKbpE7p6DYJrHRB/+p # wFjG99TwHH6uXzDeZT6/r6qH7AABwn8fpYc1TmleFY8YRuVzzjp9VkPHV8VzvzLL # 7QK2kteeXLL/Y4lvjL6hzyOmE+1LVD3lEbYho1zCt+F7bU+FpjyBfTC4i/wHsptb # 218YlbkQt1i1B6llmJwVFwCLX7gxQ48QIGUacMy8kp1+zczY+SxlpaEgNmQkfc1r # aPh9y5sMa6X48+x0K7B8OqDoXcTiECIjJetxwtuBlQseJ05HRfisfgFm09kG7vdH # Eo3NbUuMMBFikc4boN9Ufm0iUhq/JtqV0Kwrv9Cv3ayDgdNwEWiL2a65InEWSpRT # YfsCQ03eqEh5A3rwV/KfUFcit+DrP+9VcDpjWRsCokZv4tgn5qAXNMtHa8NiqQID # AQABo4IBNjCCATIwHQYDVR0OBBYEFKuX02ICFFdXgrcCBmDJfH5v/KkXMB8GA1Ud # IwQYMBaAFJ+nFV0AXmJdg/Tl0mWnG1M1GelyMF8GA1UdHwRYMFYwVKBSoFCGTmh0 # dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9wa2lvcHMvY3JsL01pY3Jvc29mdCUyMFRp # bWUtU3RhbXAlMjBQQ0ElMjAyMDEwKDEpLmNybDBsBggrBgEFBQcBAQRgMF4wXAYI # KwYBBQUHMAKGUGh0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9wa2lvcHMvY2VydHMv # TWljcm9zb2Z0JTIwVGltZS1TdGFtcCUyMFBDQSUyMDIwMTAoMSkuY3J0MAwGA1Ud # EwEB/wQCMAAwEwYDVR0lBAwwCgYIKwYBBQUHAwgwDQYJKoZIhvcNAQELBQADggIB # AOCzNt4fJ+jOvQuq0Itn37IZrYNBGswAi+IAFM3YGK/wGQlEncgjmNBuac95W2fA # L6xtFVfMfkeqSLMLqoidVsU9Bm4DEBjaWNOT9uX/tcYiJSfFQM0rDbrl8V4nM88R # ZF56G/qJW9g5dIqOSoimzKUt/Q7WH6VByW0sar5wGvgovK3qFadwKShzRYcEqTkH # H2zip5e73jezPHx2+taYqJG5xJzdDErZ1nMixRjaHs3KpcsmZYuxsIRfBYOJvAFG # ymTGRv5PuwsNps9Ech1Aasq84H/Y/8xN3GQj4P3MiDn8izUBDCuXIfHYk39bqnaA # mFbUiCby+WWpuzdk4oDKz/sWwrnsoQ72uEGVEN7+kyw9+HSo5i8l8Zg1Ymj9tUgD # pVUGjAduoLyHQ7XqknKmS9kJSBKk4okEDg0Id6LeKLQwH1e4aVeTyUYwcBX3wg7p # LJQWvR7na2SGrtl/23YGQTudmWOryhx9lnU7KBGV/aNvz0tTpcsucsK+cZFKDEkW # B/oUFVrtyun6ND5pYZNj0CgRup5grVACq/Agb+EOGLCD+zEtGNop4tfKvsYb6425 # 7NJ9XrMHgpCib76WT34RPmCBByxLUkHxHq5zCyYNu0IFXAt1AVicw14M+czLYIVM # 7NOyVpFdcB1B9MiJik7peSii0XTRdl5/V/KscTaCBFz3MIIHcTCCBVmgAwIBAgIT # MwAAABXF52ueAptJmQAAAAAAFTANBgkqhkiG9w0BAQsFADCBiDELMAkGA1UEBhMC # VVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNV # BAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEyMDAGA1UEAxMpTWljcm9zb2Z0IFJv # b3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IDIwMTAwHhcNMjEwOTMwMTgyMjI1WhcN # MzAwOTMwMTgzMjI1WjB8MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3Rv # bjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0 # aW9uMSYwJAYDVQQDEx1NaWNyb3NvZnQgVGltZS1TdGFtcCBQQ0EgMjAxMDCCAiIw # DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAOThpkzntHIhC3miy9ckeb0O1YLT # /e6cBwfSqWxOdcjKNVf2AX9sSuDivbk+F2Az/1xPx2b3lVNxWuJ+Slr+uDZnhUYj # DLWNE893MsAQGOhgfWpSg0S3po5GawcU88V29YZQ3MFEyHFcUTE3oAo4bo3t1w/Y # JlN8OWECesSq/XJprx2rrPY2vjUmZNqYO7oaezOtgFt+jBAcnVL+tuhiJdxqD89d # 9P6OU8/W7IVWTe/dvI2k45GPsjksUZzpcGkNyjYtcI4xyDUoveO0hyTD4MmPfrVU # j9z6BVWYbWg7mka97aSueik3rMvrg0XnRm7KMtXAhjBcTyziYrLNueKNiOSWrAFK # u75xqRdbZ2De+JKRHh09/SDPc31BmkZ1zcRfNN0Sidb9pSB9fvzZnkXftnIv231f # gLrbqn427DZM9ituqBJR6L8FA6PRc6ZNN3SUHDSCD/AQ8rdHGO2n6Jl8P0zbr17C # 89XYcz1DTsEzOUyOArxCaC4Q6oRRRuLRvWoYWmEBc8pnol7XKHYC4jMYctenIPDC # +hIK12NvDMk2ZItboKaDIV1fMHSRlJTYuVD5C4lh8zYGNRiER9vcG9H9stQcxWv2 # XFJRXRLbJbqvUAV6bMURHXLvjflSxIUXk8A8FdsaN8cIFRg/eKtFtvUeh17aj54W # cmnGrnu3tz5q4i6tAgMBAAGjggHdMIIB2TASBgkrBgEEAYI3FQEEBQIDAQABMCMG # CSsGAQQBgjcVAgQWBBQqp1L+ZMSavoKRPEY1Kc8Q/y8E7jAdBgNVHQ4EFgQUn6cV # XQBeYl2D9OXSZacbUzUZ6XIwXAYDVR0gBFUwUzBRBgwrBgEEAYI3TIN9AQEwQTA/ # BggrBgEFBQcCARYzaHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraW9wcy9Eb2Nz # L1JlcG9zaXRvcnkuaHRtMBMGA1UdJQQMMAoGCCsGAQUFBwMIMBkGCSsGAQQBgjcU # AgQMHgoAUwB1AGIAQwBBMAsGA1UdDwQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB8G # A1UdIwQYMBaAFNX2VsuP6KJcYmjRPZSQW9fOmhjEMFYGA1UdHwRPME0wS6BJoEeG # RWh0dHA6Ly9jcmwubWljcm9zb2Z0LmNvbS9wa2kvY3JsL3Byb2R1Y3RzL01pY1Jv # b0NlckF1dF8yMDEwLTA2LTIzLmNybDBaBggrBgEFBQcBAQROMEwwSgYIKwYBBQUH # MAKGPmh0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9wa2kvY2VydHMvTWljUm9vQ2Vy # QXV0XzIwMTAtMDYtMjMuY3J0MA0GCSqGSIb3DQEBCwUAA4ICAQCdVX38Kq3hLB9n # ATEkW+Geckv8qW/qXBS2Pk5HZHixBpOXPTEztTnXwnE2P9pkbHzQdTltuw8x5MKP # +2zRoZQYIu7pZmc6U03dmLq2HnjYNi6cqYJWAAOwBb6J6Gngugnue99qb74py27Y # P0h1AdkY3m2CDPVtI1TkeFN1JFe53Z/zjj3G82jfZfakVqr3lbYoVSfQJL1AoL8Z # thISEV09J+BAljis9/kpicO8F7BUhUKz/AyeixmJ5/ALaoHCgRlCGVJ1ijbCHcNh # cy4sa3tuPywJeBTpkbKpW99Jo3QMvOyRgNI95ko+ZjtPu4b6MhrZlvSP9pEB9s7G # dP32THJvEKt1MMU0sHrYUP4KWN1APMdUbZ1jdEgssU5HLcEUBHG/ZPkkvnNtyo4J # vbMBV0lUZNlz138eW0QBjloZkWsNn6Qo3GcZKCS6OEuabvshVGtqRRFHqfG3rsjo # iV5PndLQTHa1V1QJsWkBRH58oWFsc/4Ku+xBZj1p/cvBQUl+fpO+y/g75LcVv7TO # PqUxUYS8vwLBgqJ7Fx0ViY1w/ue10CgaiQuPNtq6TPmb/wrpNPgkNWcr4A245oyZ # 1uEi6vAnQj0llOZ0dFtq0Z4+7X6gMTN9vMvpe784cETRkPHIqzqKOghif9lwY1NN # je6CbaUFEMFxBmoQtB1VM1izoXBm8qGCAs4wggI3AgEBMIH4oYHQpIHNMIHKMQsw # CQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9u # ZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSUwIwYDVQQLExxNaWNy # b3NvZnQgQW1lcmljYSBPcGVyYXRpb25zMSYwJAYDVQQLEx1UaGFsZXMgVFNTIEVT # TjpFNUE2LUUyN0MtNTkyRTElMCMGA1UEAxMcTWljcm9zb2Z0IFRpbWUtU3RhbXAg # U2VydmljZaIjCgEBMAcGBSsOAwIaAxUA0Y+CyLezGgVHWFNmKI1LuE/hY6uggYMw # gYCkfjB8MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UE # BxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSYwJAYD # VQQDEx1NaWNyb3NvZnQgVGltZS1TdGFtcCBQQ0EgMjAxMDANBgkqhkiG9w0BAQUF # AAIFAOZvmEUwIhgPMjAyMjA3MDYxMzEyMzdaGA8yMDIyMDcwNzEzMTIzN1owdzA9 # BgorBgEEAYRZCgQBMS8wLTAKAgUA5m+YRQIBADAKAgEAAgIWHwIB/zAHAgEAAgIT # hDAKAgUA5nDpxQIBADA2BgorBgEEAYRZCgQCMSgwJjAMBgorBgEEAYRZCgMCoAow # CAIBAAIDB6EgoQowCAIBAAIDAYagMA0GCSqGSIb3DQEBBQUAA4GBAJeO1F32N5DB # awkQ/zTsProPCP6fc65FWlAg5QmIDE06pyhSigS9I2L04cxvfGPBh4nhxiSDbGVt # LjpVg2WRVsssu3sS1ftHaztbboX3MIRWTkQnLyyhzd8ijmwfKxUtucQ+FP6IsKnR # O2lPlMve6CjVKEjuag9PxBFwkoL668EMMYIEDTCCBAkCAQEwgZMwfDELMAkGA1UE # BhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAc # BgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEmMCQGA1UEAxMdTWljcm9zb2Z0 # IFRpbWUtU3RhbXAgUENBIDIwMTACEzMAAAGVt/wN1uM3MSUAAQAAAZUwDQYJYIZI # AWUDBAIBBQCgggFKMBoGCSqGSIb3DQEJAzENBgsqhkiG9w0BCRABBDAvBgkqhkiG # 9w0BCQQxIgQgCyVLmdQ8GAp90vetHEqHCoof6kb1PErZ6kR0jFgM/nAwgfoGCyqG # SIb3DQEJEAIvMYHqMIHnMIHkMIG9BCBc5kvhjZALe2mhIz/Qd7keVOmA/cC1dzKZ # T4ybLEkCxzCBmDCBgKR+MHwxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5n # dG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9y # YXRpb24xJjAkBgNVBAMTHU1pY3Jvc29mdCBUaW1lLVN0YW1wIFBDQSAyMDEwAhMz # AAABlbf8DdbjNzElAAEAAAGVMCIEIIeydkuxKyJ+BtrnpewODwxW6ZzYM/cnaJy6 # GBDS2VEBMA0GCSqGSIb3DQEBCwUABIICAFWFemIsobO7r/5p6cVG16gawAbb7ZAQ # 2L/eCNWZifLum1+Kr9cRxNcHxH57RAaP6FxS7HAjfeJ+8OgfEHBZBvZuJ8jc1NzZ # fA/+fnNi09M9iBwj8WmP8NnCmD2PRUynnx76r3rNwQQEIY1KYu4GHUNY+sTDLXhB # fRrqNW+NjTP8dmbafQ42ioGq8p+EmaTljtupchc+1C22/gaqkZRSro8UVjCqppry # Ik3VyRoITUm1llzJcVDxkttYCSWDp4w8+IDms4WEQL+qKla0XmEKXfQ2JmGlPdV7 # qAP3NVjxgNxKhroxC/UvqvfWFg58gtSpLgIcaAwT3fjUVUpVRFzq5+rJKUnmASrb # Iv61mNqh+PygdXpn2nValFRK5n3ib4OK3D+5omgApyqcLMm+FxowjWIwxSnlMHIr # l7lXjotlB0FyFxK48RQ6+1Duk1GkF+CdsHAvNTdUvRqIUdE4Ism9nH3Fi6KjIfpA # vKLcn5DPNYrASOkHLh5XZj+V0teZhub6lfKclYYVPR5xNa+BWqqKMe2Gx7Q2d2fo # ZWBID64O57kISkazylOBQ69IM3zNG2/W2AmZwVpX7LyrGNBIdsq9dXUNQ8wdC06N # hcASKqIp+S0ttckhigXH8pcipdmH0pesQY+Jkq8CpO+7CnINMCmjmn6E/71VgBo6 # +F4wZ1APR/BP # SIG # End signature block |