Chrome carries a convoluted hack for certain Network Solutions' CAs, beginning at https://chromium.googlesource.com/chromium/src/+blame/4f9c35c3635144e2c2d1b87d09cbcf076d138b66/net/cert_net/nss_ocsp.cc#745

This 'hack' injects OCSP responders if the authorityKeyID matches one of these two certificates, in order to attempt to work around an NSS bug.

As we're papering over an issue, we should explore removing this hack. There are a total of 181 unexpired (certs || precerts) that would be affected by this - that is, certificates that are issued with the AKI of one of those two values.

However, all of these are SHA-1, and thus no risk of breakage is expected.