From 293f748d51a38918568820dd8cd80b119d55e36f Mon Sep 17 00:00:00 2001
From: Macey Dobrowsky <macey.dobrowsky@keyfactor.com>
Date: Tue, 11 Mar 2025 16:53:04 +0000
Subject: [PATCH 01/18] remove powershell handler and point to workflow repo

---
 .../AkamaiExpirationHandler.ps1               | 347 ------------------
 readme_source.md                              |  19 +-
 2 files changed, 4 insertions(+), 362 deletions(-)
 delete mode 100644 akamai-cps-orchestrator/AkamaiExpirationHandler.ps1

diff --git a/akamai-cps-orchestrator/AkamaiExpirationHandler.ps1 b/akamai-cps-orchestrator/AkamaiExpirationHandler.ps1
deleted file mode 100644
index 363f3ff..0000000
--- a/akamai-cps-orchestrator/AkamaiExpirationHandler.ps1
+++ /dev/null
@@ -1,347 +0,0 @@
-# // Copyright 2023 Keyfactor
-# // Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License.
-# // You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0
-# // Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS,
-# // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions
-# // and limitations under the License.
-
-[hashtable]$context
-$Thumb = $context["Thumbprint"]
-$CA = $context["CAConfiguration"]
-$Template = $context["Template"]
-
-# script variables
-#############################################################
-$apiUrl = "https://my.keyfactor.instance01/KeyfactorAPI" # update to be Keyfactor API endpoint
-$LogDest = "C:\Keyfactor\logs\AkamaiExpirationHandler.log" # the location for the error log file, the script will create this file
-#############################################################
-
-Function LogWrite($LogString)
-{
-    Add-Content $LogDest -value $LogString
-}
-
-Function GetIdAndSans
-{
-    try
-    {
-        $searchURL = $apiUrl + "/certificates/?verbose=1&maxResults=50&page=1&query=Thumbprint%20-eq%20`""+$Thumb+"`""
-
-        $certificateResponse = Invoke-RestMethod `
-        -Method Get `
-        -Uri $searchUrl `
-        -UseDefaultCredentials `
-        -ContentType "application/json"
-
-        $certValues = @{}
-
-        $certValues.Id = $certificateResponse.Id
-        $certValues.Sans = ""
-
-        foreach($san in $certificateResponse.SubjectAltNameElements)
-        {
-            if ($san.Type -eq 2) #include only dns sans (type 2)
-            {
-                if ($cert.Sans)
-                {
-                    $certValues.Sans = $certValues.Sans + "&" # add ampersand delimiter for additional DNS SANs
-                }
-                $certValues.Sans = $certValues.Sans + $san.Value
-            }
-        }
-
-        return $certValues
-    }
-    catch
-    {
-        LogWrite "An error occurred looking up the certificate in Keyfactor"
-        LogWrite $_
-        return "SEARCH_ERROR"        
-    }
-}
-
-Function GetLocations($certId)
-{
-    try
-    {
-        $locationsURL = $apiUrl + "/certificates/locations/" + $certId
-        $locationsResponse = Invoke-RestMethod `
-        -Method Get `
-        -Uri $locationsURL `
-        -UseDefaultCredentials `
-        -ContentType "application/json"
-
-        foreach($storetype in $locationsResponse.Details)
-        {
-            if ($storetype.StoreType -match "Akamai")
-            {
-                return $storetype.Locations # array of all akamai locations this cert is in
-            }
-        }
-    }
-    catch
-    {
-        LogWrite "An error occurred looking up the certificate locations in Keyfactor"
-        LogWrite $_
-        return "LOCATIONS_ERROR"
-    }
-}
-
-Function GetOrchestratorId($storeId)
-{
-    try
-    {
-        $storeURL = $apiUrl + "/certificatestores/" + $storeId
-        $storeResponse = Invoke-RestMethod `
-        -Method Get `
-        -Uri $storeURL `
-        -UseDefaultCredentials `
-        -ContentType "application/json"
-
-        return $storeResponse.AgentId
-    }
-    catch
-    {
-        LogWrite "An error occurred while retrieving the Orchestrator ID of the store with id: " + $storeId
-        LogWrite $_
-        return "GET_ORCHESTRATORID_ERROR"
-    }
-}
-
-Function GetStoreInventory($storeId)
-{
-    try
-    {
-        $inventoryURL = $apiUrl + "/certificatestores/" + $storeId + "/inventory"
-        $inventoryResponse = Invoke-RestMethod `
-        -Method Get `
-        -Uri $inventoryURL `
-        -UseDefaultCredentials `
-        -ContentType "application/json"
-
-        return $inventoryResponse #
-    }
-    catch
-    {
-        LogWrite "An error occurred while retrieving the inventory of certs in the store with id: " + $storeId
-        LogWrite $_
-        return "GET_INVENTORY_ERROR"
-    }
-}
-
-Function FindInventoryParameters($inventoryList)
-{
-    try
-    {
-        $parsedResults = @{}
-        # search through the store inventory list for matching cert
-        foreach($inventoryItem in $inventoryList)
-        {
-            if ($inventoryItem.Name -eq $Thumb)
-            {
-                # get cert subject
-                foreach ($cert in $inventoryItem.Certificates)
-                {
-                    if ($cert.Id -eq $CertId)
-                    {
-                        $parsedResults.Subject = $cert.IssuedDN
-                    }
-                }
-                $parsedResults.Parameters = $inventoryItem.Parameters
-                return $parsedResults
-            }
-        }
-    }
-    catch
-    {
-        LogWrite "An error occurred while parsing the job parameters from the cert store inventory"
-        LogWrite $_
-        return "PARSE_INVENTORY_ERROR"
-    }
-}
-
-Function FilterSubjectForAkamai($certSubject)
-{
-    # Subject fields allowed by Akamai:
-    # CN, C, L, O, OU, ST
-    $subjectElements = $certSubject.split(',')
-
-    $parsedSubject = ""
-
-    $noCN? = $true
-    $noC? = $true
-    $noL? = $true
-    $noO? = $true
-    $noOU? = $true
-    $noST? = $true
-    foreach($ele in $subjectElements)
-    {
-        if ($noCN?)
-        {
-            if ($ele -match 'CN=')
-            {
-                $parsedSubject += $ele + ','
-                $noCN? = $false
-            }
-        }
-        if ($noC?)
-        {
-            if ($ele -match 'C=')
-            {
-                $parsedSubject += $ele + ','
-                $noC? = $false
-            }
-        }
-        if ($noL?)
-        {
-            if ($ele -match 'L=')
-            {
-                $parsedSubject += $ele + ','
-                $noL? = $false
-            }
-        }
-        if ($noO?)
-        {
-            if ($ele -match 'O=')
-            {
-                $parsedSubject += $ele + ','
-                $noO? = $false
-            }
-        }
-        if ($noOU?)
-        {
-            if ($ele -match 'OU=')
-            {
-                $parsedSubject += $ele + ','
-                $noOU? = $false
-            }
-        }
-        if ($noST?)
-        {
-            if ($ele -match 'ST=')
-            {
-                $parsedSubject += $ele + ','
-                $noST? = $false
-            }
-        }
-    }
-
-    # trim comma at end
-    $i = $parsedSubject.LastIndexOf(',')
-    return $parsedSubject.Substring(0, $i)
-}
-
-Function ScheduleReenrollment($storeId, $orchId, $inventoryList, $sans)
-{
-    try
-    {        
-        # parse inventory parameters for reenrollment, and get subject
-        $reenrollmentParameters = FindInventoryParameters($inventoryList)
-        LogWrite "Parsed Subject: " 
-        $Subject = $reenrollmentParameters.Subject
-        LogWrite $Subject
-        LogWrite "Subject filtered for Akamai Reenrollment: "
-        $FilteredSubject = FilterSubjectForAkamai($Subject)
-        LogWrite $FilteredSubject
-        LogWrite "Parsed Inventory Parameters"
-        $Parameters = $reenrollmentParameters.Parameters
-
-        # add sans, which are not returned on inventory
-        $Parameters.Sans = $sans
-        LogWrite $Parameters
-
-        # escape backslashes in CA name
-        $escapedCA = $CA -replace '\\', '\\'
-
-        # convert Parameters object to Json
-        $paramsJSON = $Parameters | ConvertTo-Json
-
-        # get Orchestrator Agent Id for scheduling reenrollment
-
-        $headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]"
-        $headers.Add('content-type', 'application/json')
-        $headers.Add("X-Keyfactor-Requested-With", "APIClient")
-        $body = @"
-{
-  "KeystoreId": "$storeId",
-  "SubjectName": "$FilteredSubject",
-  "AgentGuid": "$orchId",
-  "Alias": "$Thumb",
-  "JobProperties": $paramsJson,
-  "CertificateAuthority": "$escapedCA",
-  "CertificateTemplate": "$Template"
-}
-"@
-        LogWrite $body
-        $reenrollmentURL = $apiUrl + "/certificatestores/reenrollment"
-        $reenrollmentResponse = Invoke-RestMethod `
-        -Method Post `
-        -Uri $reenrollmentURL `
-        -Headers $headers `
-        -UseDefaultCredentials `
-        -Body $body `
-        -ContentType "application/json"
-
-    }
-    catch
-    {
-        LogWrite "An error occurred while scheduling the reenrollment job"
-        LogWrite $_
-        return "REENROLLMENT_ERROR"
-    }
-}
-
-try
-{
-    LogWrite (Get-Date).ToUniversalTime().ToString()
-    LogWrite $Thumb
-    LogWrite $CA
-    LogWrite $Template
-    LogWrite $CertLocations
-    LogWrite $context
-}
-catch
-{
-    LogWrite "An error occurred reading info into the logs"
-    LogWrite $_
-    return "INFO_ERROR"
-}
-
-try
-{
-    # get CertID and Sans
-    $CertValues = GetIdAndSans
-    $CertId = $CertValues.Id
-    $CertSans = $CertValues.Sans
-
-    LogWrite $CertId
-    LogWrite $CertSans
-
-            
-    # get cert locations
-    $Locations = GetLocations($CertId)
-    LogWrite "Retrieved Locations"
-
-    # process for each store location this cert is in
-    foreach($Location in $Locations)
-    {
-        $StoreId = $Location.StoreId
-
-        # get Orchestrator Id for store
-        $OrchestratorId = GetOrchestratorId $StoreId
-
-        # get inventory of location
-        $InventoryList = GetStoreInventory $StoreId
-        LogWrite "Got Store Inventory Parameters"
-        LogWrite $InventoryList
-
-        # schedule reenrollment with parameters
-        ScheduleReenrollment $StoreId $OrchestratorId $InventoryList $CertSans
-        LogWrite "Scheduled Reenrollment"
-    }
-}
-catch
-{
-    LogWrite (Get-Date).ToUniversalTime().ToString()
-    LogWrite "Script Failed Gracefully"
-}
\ No newline at end of file
diff --git a/readme_source.md b/readme_source.md
index 9bca043..c60283e 100644
--- a/readme_source.md
+++ b/readme_source.md
@@ -71,23 +71,12 @@ Change any default values as needed, and enter an Enrollment ID if an existing e
 The SAN entry needs to be filled out with the DNS value you are using for the certificate's CN. If there are multiple DNS SANs, they should be separted with an ampersand. Example: `www.example01.com&www.example02.com`
 
 
-**6. (Optional) Configure Renewal of Certificates using Expiration Alert Handler**
+**6. (Optional) Configure Renewal of Certificates using a Workflow**
 
 Akamai does not support traditional certificate Renewal or one-click Renewal done in the Keyfactor Command platform. The Renewal process creates Certificates with outside keys which are not allowed to be imported into Akamai CPS. As a result, the Reenrollment Job must be used in order to renew existing certificates that reside on the Akamai system. Reenrollment is required as opposed to the Renewal process as it allows Akamai to generate the keys on their platform, which are used to create a certificate in Keyfactor.
 
-Renewing existing certificates in Akamai means running a Reenrollment Job with the same Enrollment ID that was used for an existing Certificate Enrollment. This can be done manually through the Reenrollment process, but an automated process can also be configured using a Keyfactor Expiration Alert Handler.
+Renewing existing certificates in Akamai means running a Reenrollment Job with the same Enrollment ID that was used for an existing Certificate Enrollment. This can be done manually through the Reenrollment prompt, but an automated process can also be configured using a Keyfactor Workflow.
 
-The Expiration Alert Handler should be configured to target a Keyfactor Collection of certificates that includes the Akamai certificates that need to be renewed. This can be done with a query targeting the `CertStoreFQDN` containing `Akamai` and can be further restricted with the `CertStorePath` being equal to `Production` or `Staging`.
+The Workflow should be configured to target a Keyfactor Collection of certificates that includes the Akamai certificates that need to be renewed. This can be done with a query targeting the `CertStoreFQDN` containing `Akamai` and can be further restricted with the `CertStorePath` being equal to `Production` or `Staging`.
 
-With the Expiration Alert Handler using the correct Collection, the Alert should be set to use the `ExpirationPowershell` Handler. A [sample Powershell Handler script](./akamai-cps-orchestrator/AkamaiExpirationHandler.ps1) is included in this repository. The sample script needs to be updated with the correct URL for API requests, and may need other changes as well, as it assumes that Default Credentials (Windows Auth) can be used to authenticate API requests to the Keyfactor instance. __This script needs to be placed in the Keyfactor Command installation's configured Extension Handler Path (default: {installation_dir}\ExtensionLibrary) location so that it can be run.__
-
-The `ExpirationPowershell` Event Handler configuration should be configured with the following values:
-
-| Parameter Name | Type | Value |
-| - | - | - |
-| Thumbprint | Special Text | Thumbprint |
-| Template | Renewal Template | `desired renewal template` |
-| CAConfiguration | Renewal Certificate Authority | `desired renewal CA` |
-| ScriptName | PowerShell Script Name | AkamaiExpirationHandler.ps1 |
-
-When running the sample script, it will assume that all certs passed to the script should schedule a Reenrollment job with their existing parameters in Akamai.
+A sample workflow for ODKG / Reenrollment scheduling for renewals can be viewed in the [kf-workflow-samples repo](https://github.com/Keyfactor/kf-workflow-samples). When running the sample workflow, it will assume that all certs passed to the script should schedule a Reenrollment job with their existing parameters in Akamai.

From 19a8cb1e2f17f98f1554344606fc2f56556bb119 Mon Sep 17 00:00:00 2001
From: Macey Dobrowsky <11599974+doebrowsk@users.noreply.github.com>
Date: Tue, 11 Mar 2025 12:56:01 -0400
Subject: [PATCH 02/18] Update CHANGELOG.md

---
 CHANGELOG.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index b37d52b..6ee1586 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,7 @@
+1.1.1
+- Point to kf-workflow-samples repo for setting up "renewals" for ODKG certificates
+- Remove Powershell script sample previously provided for Expiration Alert Handler renewal process
+
 1.1.0
 - Update Expiration Alert Handler sample to filter Subject Elements for duplicates / invalid fields and set the subject to one that will be accepted and matched in the CSR from Akamai
 - Additional error handling around renewing / updating existing Akamai Enrollments

From 80d95c5c9deb49bf5a4dc31ee541ced50683c78f Mon Sep 17 00:00:00 2001
From: "Matthew H. Irby" <matt.irby@outlook.com>
Date: Tue, 13 May 2025 14:01:58 -0400
Subject: [PATCH 03/18] chore(test): Add a test console for testing Akamai CPS
 API calls. Add unit tests for extracting retry delay from CPS response
 headers.

---
 .gitignore                                    |   3 +
 TestConsole/Program.cs                        | 120 ++++++++++++++++++
 TestConsole/TestConsole.csproj                |  19 +++
 akamai-cps-orchestrator.sln                   |  17 +++
 http-interface.Tests/HttpUtilitiesTests.cs    |  72 +++++++++++
 .../http-interface.Tests.csproj               |  29 +++++
 http-interface/HttpUtilities.cs               |  28 ++++
 7 files changed, 288 insertions(+)
 create mode 100644 TestConsole/Program.cs
 create mode 100644 TestConsole/TestConsole.csproj
 create mode 100644 http-interface.Tests/HttpUtilitiesTests.cs
 create mode 100644 http-interface.Tests/http-interface.Tests.csproj
 create mode 100644 http-interface/HttpUtilities.cs

diff --git a/.gitignore b/.gitignore
index 9491a2f..c75737e 100644
--- a/.gitignore
+++ b/.gitignore
@@ -356,6 +356,9 @@ healthchecksdb
 # Backup folder for Package Reference Convert tool in Visual Studio 2017
 MigrationBackup/
 
+# JetBrains IDEA configurations
+.idea/
+
 # Ionide (cross platform F# VS Code tools) working folder
 .ionide/
 
diff --git a/TestConsole/Program.cs b/TestConsole/Program.cs
new file mode 100644
index 0000000..e84d208
--- /dev/null
+++ b/TestConsole/Program.cs
@@ -0,0 +1,120 @@
+using System.Diagnostics;
+using Keyfactor.Orchestrator.Extensions.AkamaiCpsOrchestrator.Models;
+using Microsoft.Extensions.Logging;
+using Microsoft.Extensions.Logging.Abstractions;
+
+namespace TestConsole;
+
+class Program
+{
+    private static ILogger<Program> _logger;
+    
+    public static void Main(string[] args)
+    {
+        string clientSecret = GetEnvironmentVariable("AKAMAI_CLIENT_SECRET");
+        string clientToken = GetEnvironmentVariable("AKAMAI_CLIENT_TOKEN");
+        string accessToken = GetEnvironmentVariable("AKAMAI_ACCESS_TOKEN");
+        
+        string clientMachine = GetEnvironmentVariable("AKAMAI_HOST");
+        
+        Dictionary<string, string> storeProps = new()
+        {
+            { "client_secret", clientSecret },
+            { "client_token", clientToken },
+            { "access_token", accessToken }
+        };
+        
+        using var loggerFactory = LoggerFactory.Create(builder =>
+        {
+            builder
+                .AddConsole()
+                .SetMinimumLevel(LogLevel.Debug); // Set minimum log level here
+        });
+        
+        _logger = loggerFactory.CreateLogger<Program>();
+        
+        AkamaiAuth auth = new AkamaiAuth(storeProps);
+        AkamaiClient client = new AkamaiClient(_logger, clientMachine, auth);
+        client.SetDeploymentType(Constants.StorePaths.Staging);
+        
+        // StressTestGetEnrollments(client);
+        
+        var enrollments = GetEnrollments(client);
+        var enrollment = enrollments.FirstOrDefault();
+
+        if (enrollment == null)
+        {
+            _logger.LogWarning("No enrollments found in system. Unable to perform certificate / enrollment actions");
+            return;
+        }
+        
+        GetEnrollment(client, enrollment.id);
+        GetCertificate(client, enrollment.id);
+        GetEnrollmentChangeHistory(client, enrollment.id);
+        UpdateEnrollment(client, enrollment.id, enrollment);
+        
+        _logger.LogInformation("API test suite completed successfully.");
+    }
+
+    private static void StressTestGetEnrollments(AkamaiClient client)
+    {
+        int maxRequests = 51;
+        // https://techdocs.akamai.com/cps/reference/rate-limiting
+        // According to the docs here, we should be rate limited 50 requests per minute
+        // or 20 requests per 2 seconds.
+        for (int i = 1; i <= maxRequests; i++)
+        {
+            var stopwatch = Stopwatch.StartNew();
+            _logger.LogInformation($"Sending request {i} of {maxRequests}");
+            client.GetEnrollments();
+            stopwatch.Stop();
+            _logger.LogInformation($"Completed request {i} of {maxRequests}. Time elapsed (ms): {stopwatch.ElapsedMilliseconds}");
+        }
+    }
+    
+    private static Enrollment[] GetEnrollments(AkamaiClient client)
+    {
+        _logger.LogInformation($"Getting enrollments...");
+        var result = client.GetEnrollments();
+        _logger.LogInformation($"Enrollments retrieved successfully. Count: {result.Length}");
+        return result;
+    }
+
+    private static Enrollment GetEnrollment(AkamaiClient client, string id)
+    {
+        _logger.LogInformation($"Getting enrollment {id}...");
+        var enrollment = client.GetEnrollment(id);
+        _logger.LogInformation($"Enrollment {id} retrieved successfully.");
+        return enrollment;
+    }
+    
+    private static void GetCertificate(AkamaiClient client, string enrollmentId)
+    {
+        _logger.LogInformation($"Getting certificate with enrollment ID {enrollmentId}...");
+        var cert = client.GetCertificate(enrollmentId);
+        _logger.LogInformation($"Certificate with enrollment ID {enrollmentId} retrieved successfully.");
+    }
+
+    private static void GetEnrollmentChangeHistory(AkamaiClient client, string enrollmentId)
+    {
+        _logger.LogInformation($"Getting enrollment change history for enrollment ID {enrollmentId}...");
+        var history = client.GetEnrollmentChangeHistory(enrollmentId);
+        _logger.LogInformation($"Enrollment change history for enrollment ID {enrollmentId} retrieved successfully. Change history count: {history.changes.Length}");
+    }
+
+    private static void UpdateEnrollment(AkamaiClient client, string enrollmentId, Enrollment enrollment)
+    {
+        _logger.LogInformation($"Updating enrollment {enrollmentId}...");
+        client.UpdateEnrollment(enrollmentId, enrollment);
+        _logger.LogInformation($"Enrollment {enrollmentId} updated successfully.");
+    }
+
+    private static string GetEnvironmentVariable(string env)
+    {
+        string? value = Environment.GetEnvironmentVariable(env);
+        
+        if (!string.IsNullOrWhiteSpace(value)) return value;
+        
+        throw new ArgumentException($"Environment variable {env} is required for test console");
+    }
+}
diff --git a/TestConsole/TestConsole.csproj b/TestConsole/TestConsole.csproj
new file mode 100644
index 0000000..a914d38
--- /dev/null
+++ b/TestConsole/TestConsole.csproj
@@ -0,0 +1,19 @@
+<Project Sdk="Microsoft.NET.Sdk">
+
+    <PropertyGroup>
+        <OutputType>Exe</OutputType>
+        <TargetFramework>net6.0</TargetFramework>
+        <ImplicitUsings>enable</ImplicitUsings>
+        <Nullable>enable</Nullable>
+    </PropertyGroup>
+
+    <ItemGroup>
+      <ProjectReference Include="..\akamai-cps-orchestrator\akamai-cps-orchestrator.csproj" />
+      <ProjectReference Include="..\http-interface\http-interface.csproj" />
+    </ItemGroup>
+
+    <ItemGroup>
+      <PackageReference Include="Microsoft.Extensions.Logging.Console" Version="9.0.4" />
+    </ItemGroup>
+
+</Project>
diff --git a/akamai-cps-orchestrator.sln b/akamai-cps-orchestrator.sln
index ed1f9cf..4c4b70a 100644
--- a/akamai-cps-orchestrator.sln
+++ b/akamai-cps-orchestrator.sln
@@ -7,6 +7,12 @@ Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "akamai-cps-orchestrator", "
 EndProject
 Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "http-interface", "http-interface\http-interface.csproj", "{C43887FD-287A-4A69-9777-F7895CCFE44F}"
 EndProject
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "TestConsole", "TestConsole\TestConsole.csproj", "{AA406C8E-2ACE-43B2-BF03-1B7659B7D082}"
+EndProject
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "http-interface.Tests", "http-interface.Tests\http-interface.Tests.csproj", "{9E9E9B40-868F-4D6B-9D79-FD668B6F7199}"
+EndProject
+Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "tests", "tests", "{D55E4F97-06FB-45DE-B041-0DE83EEC87E1}"
+EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 		Debug|Any CPU = Debug|Any CPU
@@ -21,6 +27,14 @@ Global
 		{C43887FD-287A-4A69-9777-F7895CCFE44F}.Debug|Any CPU.Build.0 = Debug|Any CPU
 		{C43887FD-287A-4A69-9777-F7895CCFE44F}.Release|Any CPU.ActiveCfg = Release|Any CPU
 		{C43887FD-287A-4A69-9777-F7895CCFE44F}.Release|Any CPU.Build.0 = Release|Any CPU
+		{AA406C8E-2ACE-43B2-BF03-1B7659B7D082}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{AA406C8E-2ACE-43B2-BF03-1B7659B7D082}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{AA406C8E-2ACE-43B2-BF03-1B7659B7D082}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{AA406C8E-2ACE-43B2-BF03-1B7659B7D082}.Release|Any CPU.Build.0 = Release|Any CPU
+		{9E9E9B40-868F-4D6B-9D79-FD668B6F7199}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{9E9E9B40-868F-4D6B-9D79-FD668B6F7199}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{9E9E9B40-868F-4D6B-9D79-FD668B6F7199}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{9E9E9B40-868F-4D6B-9D79-FD668B6F7199}.Release|Any CPU.Build.0 = Release|Any CPU
 	EndGlobalSection
 	GlobalSection(SolutionProperties) = preSolution
 		HideSolutionNode = FALSE
@@ -28,4 +42,7 @@ Global
 	GlobalSection(ExtensibilityGlobals) = postSolution
 		SolutionGuid = {C851E932-4FDA-4BCF-A048-5F89DDD14106}
 	EndGlobalSection
+	GlobalSection(NestedProjects) = preSolution
+		{9E9E9B40-868F-4D6B-9D79-FD668B6F7199} = {D55E4F97-06FB-45DE-B041-0DE83EEC87E1}
+	EndGlobalSection
 EndGlobal
diff --git a/http-interface.Tests/HttpUtilitiesTests.cs b/http-interface.Tests/HttpUtilitiesTests.cs
new file mode 100644
index 0000000..72ddc65
--- /dev/null
+++ b/http-interface.Tests/HttpUtilitiesTests.cs
@@ -0,0 +1,72 @@
+using Keyfactor.Extensions.Utilities.HttpInterface;
+using Xunit;
+
+namespace http_interface.Tests;
+
+public class HttpUtilitiesTests
+{
+    [Fact]
+    public void GetRetryDate_WhenHeaderIncludesRetryDate_DateInFuture_ReturnsRetryDelayFromHeader()
+    {
+        var response = new HttpResponseMessage();
+        response.Headers.Add("X-RateLimit-Next", "2025-05-13T14:28:19.4732Z");
+
+        var mockNow = DateTimeOffset.Parse("2025-05-13T14:28:17.1234Z");
+        
+        // A 1-second buffer is added onto the retry timestamp
+        var expected = TimeSpan.FromSeconds(3.3498);
+
+        var result = HttpUtilities.GetRetryAfterDelay(response, mockNow);
+        Assert.Equal(expected, result);
+    }
+    
+    [Fact]
+    public void GetRetryDate_WhenHeaderIncludesRetryDate_DateInPast_ReturnsRetryDelayOfOneSecond()
+    {
+        var response = new HttpResponseMessage();
+        response.Headers.Add("X-RateLimit-Next", "2025-05-13T14:28:14.4732Z");
+
+        var mockNow = DateTimeOffset.Parse("2025-05-13T14:28:17.1234Z");
+        var expected = TimeSpan.FromSeconds(1);
+
+        var result = HttpUtilities.GetRetryAfterDelay(response, mockNow);
+        Assert.Equal(expected, result);
+    }
+    
+    [Fact]
+    public void GetRetryDate_WhenHeaderIncludesRetryDate_DateInvalid_ReturnsDefaultRetryDelay()
+    {
+        var response = new HttpResponseMessage();
+        response.Headers.Add("X-RateLimit-Next", "invalid");
+
+        var mockNow = DateTimeOffset.Parse("2025-05-13T14:28:17.1234Z");
+        var expected = TimeSpan.FromSeconds(60);
+
+        var result = HttpUtilities.GetRetryAfterDelay(response, mockNow);
+        Assert.Equal(expected, result);
+    }
+    
+    [Fact]
+    public void GetRetryDate_WhenHeaderDoesNotIncludeRetryDate_ReturnsDefaultOffsetFromCurrentDate()
+    {
+        var response = new HttpResponseMessage();
+
+        var mockNow = DateTimeOffset.Parse("2025-05-13T14:28:17.1234Z");
+        var expected = TimeSpan.FromSeconds(60);
+
+        var result = HttpUtilities.GetRetryAfterDelay(response, mockNow);
+        Assert.Equal(expected, result);
+    }
+    
+    [Fact]
+    public void GetRetryDate_WhenHeaderDoesNotIncludeRetryDate_DefaultIsOverridden_ReturnsProvidedOffsetFromCurrentDate()
+    {
+        var response = new HttpResponseMessage();
+
+        var mockNow = DateTimeOffset.Parse("2025-05-13T14:28:17.1234Z");
+        var expected = TimeSpan.FromSeconds(15);
+
+        var result = HttpUtilities.GetRetryAfterDelay(response, mockNow, 15);
+        Assert.Equal(expected, result);
+    }
+}
diff --git a/http-interface.Tests/http-interface.Tests.csproj b/http-interface.Tests/http-interface.Tests.csproj
new file mode 100644
index 0000000..0324358
--- /dev/null
+++ b/http-interface.Tests/http-interface.Tests.csproj
@@ -0,0 +1,29 @@
+<Project Sdk="Microsoft.NET.Sdk">
+
+    <PropertyGroup>
+        <TargetFramework>net6.0</TargetFramework>
+        <RootNamespace>http_interface.Tests</RootNamespace>
+        <ImplicitUsings>enable</ImplicitUsings>
+        <Nullable>enable</Nullable>
+
+        <IsPackable>false</IsPackable>
+    </PropertyGroup>
+
+    <ItemGroup>
+        <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.1.0"/>
+        <PackageReference Include="xunit" Version="2.4.1"/>
+        <PackageReference Include="xunit.runner.visualstudio" Version="2.4.3">
+            <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
+            <PrivateAssets>all</PrivateAssets>
+        </PackageReference>
+        <PackageReference Include="coverlet.collector" Version="3.1.2">
+            <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
+            <PrivateAssets>all</PrivateAssets>
+        </PackageReference>
+    </ItemGroup>
+
+    <ItemGroup>
+      <ProjectReference Include="..\http-interface\http-interface.csproj" />
+    </ItemGroup>
+
+</Project>
diff --git a/http-interface/HttpUtilities.cs b/http-interface/HttpUtilities.cs
new file mode 100644
index 0000000..0a134c7
--- /dev/null
+++ b/http-interface/HttpUtilities.cs
@@ -0,0 +1,28 @@
+using System;
+using System.Linq;
+using System.Net.Http;
+
+namespace Keyfactor.Extensions.Utilities.HttpInterface
+{
+    public static class HttpUtilities
+    {
+        public static TimeSpan GetRetryAfterDelay(HttpResponseMessage response, DateTimeOffset now, int defaultTimeoutSeconds = 60)
+        {
+            var defaultDelay = TimeSpan.FromSeconds(defaultTimeoutSeconds);
+            if (!response.Headers.Contains("X-RateLimit-Next"))
+            {
+                return defaultDelay;
+            }
+            
+            var nextHeader = response.Headers.First(p => p.Key == "X-RateLimit-Next");
+            if (DateTimeOffset.TryParse(nextHeader.Value.FirstOrDefault(), out var retryUtc))
+            {
+                // Add a 1-second buffer to the retry to avoid sending requests before server is ready.
+                var delay = (retryUtc - now) + TimeSpan.FromSeconds(1);
+                return delay > TimeSpan.Zero ? delay : TimeSpan.FromSeconds(1);
+            }
+
+            return defaultDelay;
+        }
+    }
+}

From 873d14c52e4c77ee529c2c911abe9b7ab6820242 Mon Sep 17 00:00:00 2001
From: "Matthew H. Irby" <matt.irby@outlook.com>
Date: Tue, 13 May 2025 16:46:17 -0400
Subject: [PATCH 04/18] feat(http): Add HTTP retries for failed requests

---
 TestConsole/Program.cs                        |   8 +-
 akamai-cps-orchestrator/Jobs/Inventory.cs     |   1 +
 .../Models/AkamaiClient.cs                    | 140 ++++++++---------
 http-interface.Tests/HttpUtilitiesTests.cs    |  40 +++++
 .../Models => http-interface}/AkamaiAuth.cs   |   4 +-
 http-interface/HttpInterface.cs               | 145 +++++++++++-------
 http-interface/HttpService.cs                 | 136 ++++++++++++++++
 http-interface/HttpUtilities.cs               |  57 ++++++-
 http-interface/http-interface.csproj          |   1 +
 9 files changed, 393 insertions(+), 139 deletions(-)
 rename {akamai-cps-orchestrator/Models => http-interface}/AkamaiAuth.cs (97%)
 create mode 100644 http-interface/HttpService.cs

diff --git a/TestConsole/Program.cs b/TestConsole/Program.cs
index e84d208..7e4abbe 100644
--- a/TestConsole/Program.cs
+++ b/TestConsole/Program.cs
@@ -1,7 +1,7 @@
 using System.Diagnostics;
+using Keyfactor.Extensions.Utilities.HttpInterface;
 using Keyfactor.Orchestrator.Extensions.AkamaiCpsOrchestrator.Models;
 using Microsoft.Extensions.Logging;
-using Microsoft.Extensions.Logging.Abstractions;
 
 namespace TestConsole;
 
@@ -41,7 +41,7 @@ public static void Main(string[] args)
         
         var enrollments = GetEnrollments(client);
         var enrollment = enrollments.FirstOrDefault();
-
+        //
         if (enrollment == null)
         {
             _logger.LogWarning("No enrollments found in system. Unable to perform certificate / enrollment actions");
@@ -50,7 +50,7 @@ public static void Main(string[] args)
         
         GetEnrollment(client, enrollment.id);
         GetCertificate(client, enrollment.id);
-        GetEnrollmentChangeHistory(client, enrollment.id);
+        // GetEnrollmentChangeHistory(client, enrollment.id);
         UpdateEnrollment(client, enrollment.id, enrollment);
         
         _logger.LogInformation("API test suite completed successfully.");
@@ -65,7 +65,7 @@ private static void StressTestGetEnrollments(AkamaiClient client)
         for (int i = 1; i <= maxRequests; i++)
         {
             var stopwatch = Stopwatch.StartNew();
-            _logger.LogInformation($"Sending request {i} of {maxRequests}");
+            _logger.LogInformation($"Sending request {i} of {maxRequests}...");
             client.GetEnrollments();
             stopwatch.Stop();
             _logger.LogInformation($"Completed request {i} of {maxRequests}. Time elapsed (ms): {stopwatch.ElapsedMilliseconds}");
diff --git a/akamai-cps-orchestrator/Jobs/Inventory.cs b/akamai-cps-orchestrator/Jobs/Inventory.cs
index cd3ee7b..9a2b102 100644
--- a/akamai-cps-orchestrator/Jobs/Inventory.cs
+++ b/akamai-cps-orchestrator/Jobs/Inventory.cs
@@ -20,6 +20,7 @@
 using System.Collections.Generic;
 using System.Security.Cryptography.X509Certificates;
 using System.Text;
+using Keyfactor.Extensions.Utilities.HttpInterface;
 using Microsoft.Extensions.Logging;
 
 namespace Keyfactor.Orchestrator.Extensions.AkamaiCpsOrchestrator.Jobs
diff --git a/akamai-cps-orchestrator/Models/AkamaiClient.cs b/akamai-cps-orchestrator/Models/AkamaiClient.cs
index ac51ac6..f718576 100644
--- a/akamai-cps-orchestrator/Models/AkamaiClient.cs
+++ b/akamai-cps-orchestrator/Models/AkamaiClient.cs
@@ -13,10 +13,7 @@
 // limitations under the License.
 
 using System;
-using System.Collections.Generic;
 using System.Linq;
-using System.Net.Http;
-using System.Net.Http.Headers;
 using Keyfactor.Extensions.Utilities.HttpInterface;
 using Microsoft.Extensions.Logging;
 using Newtonsoft.Json;
@@ -28,7 +25,7 @@ public class AkamaiClient
         private ILogger _logger;
         private HttpInterface _http;
         private AkamaiAuth _auth;
-        private JsonSerializerSettings _serializerSettings = new JsonSerializerSettings() { NullValueHandling = NullValueHandling.Ignore };
+        
 
         public string Username;
         public string ApiKey; // accountSwitchKey
@@ -42,7 +39,7 @@ public AkamaiClient(ILogger logger, string clientMachine, AkamaiAuth auth)
             Hostname = clientMachine;
 
             _auth = auth;
-            _http = new HttpInterface(_logger, Hostname, useSSL: true);
+            _http = new HttpInterface(_logger, _auth, Hostname, useSSL: true);
         }
 
         public void SetDeploymentType(string storePath)
@@ -66,13 +63,12 @@ public CertificateInfo GetCertificate(string enrollmentId)
             var path = string.Format(Constants.Endpoints.Deployments, enrollmentId);
             var acceptHeader = "application/vnd.akamai.cps.deployments.v7+json";
 
-            _http.SetRequestHeaders(new Dictionary<string, string>()
+            var config = new HttpRequestConfig()
             {
-                {"Accept", acceptHeader}
-            });
-            _http.AddAuthHeader(_auth.GenerateAuthHeader("GET", Hostname, path));
+                Accept = acceptHeader,
+            };
 
-            Deployment deployment = _http.Get<Deployment>(path);
+            Deployment deployment = _http.Get<Deployment>(config, path);
 
             // deployments are returned for in process enrollments, so null coalesce to filter for fully deployed certs
             if (IsProduction)
@@ -91,14 +87,13 @@ public Enrollment[] GetEnrollments()
         {
             var path = Constants.Endpoints.Enrollments;
             var acceptHeader = "application/vnd.akamai.cps.enrollments.v11+json";
-
-            _http.SetRequestHeaders(new Dictionary<string, string>()
+            
+            var config = new HttpRequestConfig()
             {
-                {"Accept", acceptHeader}
-            });
-            _http.AddAuthHeader(_auth.GenerateAuthHeader("GET", Hostname, path));
+                Accept = acceptHeader,
+            };
 
-            Enrollments enrollmentList = _http.Get<Enrollments>(path);
+            Enrollments enrollmentList = _http.Get<Enrollments>(config, path);
             return enrollmentList.enrollments;
         }
 
@@ -106,28 +101,26 @@ public Enrollment GetEnrollment(string enrollmentId)
         {
             var path = $"{Constants.Endpoints.Enrollments}/{enrollmentId}";
             var acceptHeader = "application/vnd.akamai.cps.enrollment.v11+json";
-
-            _http.SetRequestHeaders(new Dictionary<string, string>()
+            
+            var config = new HttpRequestConfig()
             {
-                {"Accept", acceptHeader}
-            });
-            _http.AddAuthHeader(_auth.GenerateAuthHeader("GET", Hostname, path));
+                Accept = acceptHeader,
+            };
 
-            return _http.Get<Enrollment>(path);
+            return _http.Get<Enrollment>(config, path);
         }
 
         public ChangeHistory GetEnrollmentChangeHistory(string enrollmentId)
         {
             var path = $"{Constants.Endpoints.Enrollments}/{enrollmentId}/history/changes";
             var acceptHeader = "application/vnd.akamai.cps.change-history.v5+json";
-
-            _http.SetRequestHeaders(new Dictionary<string, string>()
+            
+            var config = new HttpRequestConfig()
             {
-                {"Accept", acceptHeader}
-            });
-            _http.AddAuthHeader(_auth.GenerateAuthHeader("GET", Hostname, path));
+                Accept = acceptHeader,
+            };
 
-            return _http.Get<ChangeHistory>(path);
+            return _http.Get<ChangeHistory>(config, path);
         }
 
         public CreatedEnrollment CreateEnrollment(Enrollment newEnrollment, string contractId)
@@ -136,37 +129,31 @@ public CreatedEnrollment CreateEnrollment(Enrollment newEnrollment, string contr
             newEnrollment.changeManagement = !IsProduction;
 
             var path = $"{Constants.Endpoints.Enrollments}?contractId={contractId}";
-            var body = JsonConvert.SerializeObject(newEnrollment, _serializerSettings);
-            var requestContent = new StringContent(body);
             var acceptHeader = "application/vnd.akamai.cps.enrollment-status.v1+json";
             var contentHeader = "application/vnd.akamai.cps.enrollment.v11+json";
-
-            _http.SetRequestHeaders(new Dictionary<string, string>()
+            
+            var config = new HttpRequestConfig()
             {
-                {"Accept", acceptHeader}
-            });
-            _http.AddAuthHeader(_auth.GenerateAuthHeader("POST", Hostname, path, body));
-            requestContent.Headers.ContentType = new MediaTypeHeaderValue(contentHeader);
+                Accept = acceptHeader,
+                ContentType = contentHeader,
+            };
 
-            return _http.Post<CreatedEnrollment>(path, requestContent);
+            return _http.Post<Enrollment, CreatedEnrollment>(config, path, newEnrollment);
         }
 
         public CreatedEnrollment UpdateEnrollment(string enrollmentId, Enrollment enrollment)
         {
             var path = $"{Constants.Endpoints.Enrollments}/{enrollmentId}?force-renewal=true&allow-cancel-pending-changes=true"; //&allow-staging-bypass={IsProduction.ToString().ToLower()}";
-            var body = JsonConvert.SerializeObject(enrollment, _serializerSettings);
-            var requestContent = new StringContent(body);
             var acceptHeader = "application/vnd.akamai.cps.enrollment-status.v1+json";
             var contentHeader = "application/vnd.akamai.cps.enrollment.v11+json";
-
-            _http.SetRequestHeaders(new Dictionary<string, string>()
+            
+            var config = new HttpRequestConfig()
             {
-                {"Accept", acceptHeader}
-            });
-            _http.AddAuthHeader(_auth.GenerateAuthHeader("PUT", Hostname, path));
-            requestContent.Headers.ContentType = new MediaTypeHeaderValue(contentHeader);
+                Accept = acceptHeader,
+                ContentType = contentHeader,
+            };
 
-            return _http.Put<CreatedEnrollment>(path, requestContent);
+            return _http.Put<Enrollment, CreatedEnrollment>(config, path, enrollment);
         }
 
         public string GetCSR(string enrollmentId, string changeId, string keyType)
@@ -174,14 +161,13 @@ public string GetCSR(string enrollmentId, string changeId, string keyType)
             // get CSR from new pending change
             var path = string.Format(Constants.Endpoints.GetChange, enrollmentId, changeId);
             var acceptHeader = "application/vnd.akamai.cps.csr.v2+json";
-
-            _http.SetRequestHeaders(new Dictionary<string, string>()
+            
+            var config = new HttpRequestConfig()
             {
-                {"Accept", acceptHeader}
-            });
-            _http.AddAuthHeader(_auth.GenerateAuthHeader("GET", Hostname, path));
+                Accept = acceptHeader,
+            };
 
-            PendingChange change = _http.Get<PendingChange>(path);
+            PendingChange change = _http.Get<PendingChange>(config, path);
 
             // get CSR for correct key type of reenrollment template
             PendingCSR csr = change.csrs.Where(csr => string.Equals(csr.keyAlgorithm, keyType, StringComparison.CurrentCultureIgnoreCase)).SingleOrDefault();
@@ -193,14 +179,13 @@ public void DeletePendingChange(string enrollmentId, string changeId)
         {
             var path = string.Format(Constants.Endpoints.Changes, enrollmentId) + $"/{changeId}";
             var acceptHeader = "application/vnd.akamai.cps.change-id.v1+json";
-
-            _http.SetRequestHeaders(new Dictionary<string, string>()
+            
+            var config = new HttpRequestConfig()
             {
-                {"Accept", acceptHeader}
-            });
-            _http.AddAuthHeader(_auth.GenerateAuthHeader("DELETE", Hostname, path));
+                Accept = acceptHeader,
+            };
 
-            var response = _http.DeleteRaw(path);
+            var response = _http.DeleteRaw(config, path);
             return;
         }
 
@@ -220,18 +205,16 @@ public void PostCertificate(string enrollmentId, string changeId, string certifi
                 }
             };
             var body = JsonConvert.SerializeObject(cert);
-            var requestContent = new StringContent(body);
             var acceptHeader = "application/vnd.akamai.cps.change-id.v1+json";
             var contentHeader = "application/vnd.akamai.cps.certificate-and-trust-chain.v2+json";
-
-            _http.SetRequestHeaders(new Dictionary<string, string>()
+            
+            var config = new HttpRequestConfig()
             {
-                {"Accept", acceptHeader}
-            });
-            _http.AddAuthHeader(_auth.GenerateAuthHeader("POST", Hostname, path, body));
-            requestContent.Headers.ContentType = new MediaTypeHeaderValue(contentHeader);
+                Accept = acceptHeader,
+                ContentType = contentHeader,
+            };
 
-            var response = _http.PostRaw(path, requestContent);
+            var response = _http.PostRaw(config, path, body);
             return;
         }
 
@@ -240,15 +223,14 @@ public void DeployCertificate(string enrollmentId, string changeId)
             var path = string.Format(Constants.Endpoints.UpdateDeployment, enrollmentId, changeId);
             var acceptHeader = "application/vnd.akamai.cps.change-id.v1+json";
             var contentHeader = "application/vnd.akamai.cps.deployment-schedule.v1+json";
-
-            _http.SetRequestHeaders(new Dictionary<string, string>()
+            
+            var config = new HttpRequestConfig()
             {
-                {"Accept", acceptHeader},
-                {"Content-Type", contentHeader}
-            });
-            _http.AddAuthHeader(_auth.GenerateAuthHeader("PUT", Hostname, path));
+                Accept = acceptHeader,
+                ContentType = contentHeader,
+            };
 
-            var response = _http.GetRaw(path);
+            var response = _http.GetRaw(config, path);
             return;
         }
 
@@ -257,18 +239,16 @@ public void AcknowledgeWarnings(string enrollmentId, string changeId)
             var path = string.Format(Constants.Endpoints.AcknowledgePostVerification, enrollmentId, changeId);
             var ack = new Acknowledgement();
             var body = JsonConvert.SerializeObject(ack);
-            var requestContent = new StringContent(body);
             var acceptHeader = "application/vnd.akamai.cps.change-id.v1+json";
             var contentHeader = "application/vnd.akamai.cps.acknowledgement.v1+json";
 
-            _http.SetRequestHeaders(new Dictionary<string, string>()
+            var config = new HttpRequestConfig()
             {
-                {"Accept", acceptHeader}
-            });
-            _http.AddAuthHeader(_auth.GenerateAuthHeader("POST", Hostname, path, body));
-            requestContent.Headers.ContentType = new MediaTypeHeaderValue(contentHeader);
+                Accept = acceptHeader,
+                ContentType = contentHeader,
+            };
 
-            var response = _http.PostRaw(path, requestContent);
+            var response = _http.PostRaw(config, path, body);
             return;
         }
     }
diff --git a/http-interface.Tests/HttpUtilitiesTests.cs b/http-interface.Tests/HttpUtilitiesTests.cs
index 72ddc65..3d53849 100644
--- a/http-interface.Tests/HttpUtilitiesTests.cs
+++ b/http-interface.Tests/HttpUtilitiesTests.cs
@@ -1,3 +1,17 @@
+// Copyright 2025 Keyfactor
+// 
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// 
+//     http://www.apache.org/licenses/LICENSE-2.0
+// 
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
 using Keyfactor.Extensions.Utilities.HttpInterface;
 using Xunit;
 
@@ -69,4 +83,30 @@ public void GetRetryDate_WhenHeaderDoesNotIncludeRetryDate_DefaultIsOverridden_R
         var result = HttpUtilities.GetRetryAfterDelay(response, mockNow, 15);
         Assert.Equal(expected, result);
     }
+
+    [Theory]
+    [InlineData("hostname.com", "hostname.com")]
+    [InlineData("https://hostname.com", "hostname.com")]
+    [InlineData("http://hostname.com", "hostname.com")]
+    [InlineData("hostname.com/some/path", "hostname.com")]
+    [InlineData("api.hostname.com", "api.hostname.com")]
+    [InlineData("api.hostname.com/", "api.hostname.com")]
+    public void TryGetHostname_WhenInputIsValid_ReturnsExpectedHostname(string input, string expected)
+    {
+        var ok = HttpUtilities.TryGetHostname(input, out string result);
+        Assert.True(ok);
+        Assert.Equal(expected, result);
+    }
+    
+    [Theory]
+    [InlineData("")]
+    [InlineData("  ")]
+    [InlineData(null)]
+    [InlineData("some host")]
+    public void TryGetHostname_WhenInputIsInvalid_ReturnsFalseResult(string input)
+    {
+        var ok = HttpUtilities.TryGetHostname(input, out string result);
+        Assert.False(ok);
+        Assert.Equal(input, result);
+    }
 }
diff --git a/akamai-cps-orchestrator/Models/AkamaiAuth.cs b/http-interface/AkamaiAuth.cs
similarity index 97%
rename from akamai-cps-orchestrator/Models/AkamaiAuth.cs
rename to http-interface/AkamaiAuth.cs
index be2e5a2..f3b10ac 100644
--- a/akamai-cps-orchestrator/Models/AkamaiAuth.cs
+++ b/http-interface/AkamaiAuth.cs
@@ -1,4 +1,4 @@
-// Copyright 2023 Keyfactor
+// Copyright 2025 Keyfactor
 // 
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
@@ -18,7 +18,7 @@
 using System.Security.Cryptography;
 using System.Text;
 
-namespace Keyfactor.Orchestrator.Extensions.AkamaiCpsOrchestrator.Models
+namespace Keyfactor.Extensions.Utilities.HttpInterface
 {
     public class AkamaiAuth
     {
diff --git a/http-interface/HttpInterface.cs b/http-interface/HttpInterface.cs
index b621917..988cec4 100644
--- a/http-interface/HttpInterface.cs
+++ b/http-interface/HttpInterface.cs
@@ -23,63 +23,75 @@
 
 namespace Keyfactor.Extensions.Utilities.HttpInterface
 {
+    public class HttpRequestConfig
+    {
+        public string Accept { get; set; } = "application/json";
+        public string ContentType { get; set; } = "application/json";
+    }
+    
     public class HttpInterface
     {
         private ILogger _logger;
         private HttpClient _http;
         private SocketsHttpHandler _httpHandler; // TODO: use to make requests with headers
+        private HttpService _httpService;
+        private readonly AkamaiAuth _auth;
+        private readonly string _hostname;
+        private readonly JsonSerializerSettings _serializerSettings = new JsonSerializerSettings() { NullValueHandling = NullValueHandling.Ignore };
 
         public int Timeout { get; set; }
 
-        public HttpInterface(ILogger logger, string baseAddress, bool useSSL)
+        public HttpInterface(ILogger logger, AkamaiAuth auth, string hostname, bool useSSL)
         {
             _logger = logger;
             _http = new HttpClient();
-            // TODO: check if http(s) prefix is already present
-            // TODO: parse incoming baseAddress as URI
-            _logger.LogDebug($"Base Address - {baseAddress}");
+
+            _logger.LogDebug($"Base Address - {hostname}");
             _logger.LogDebug($"Using SSL - {useSSL}");
+            
+            _auth = auth;
+
+            // TODO: Configure the max retries via a parameter?
+            _httpService = new HttpService(_logger, _http, 3);
+            
+            HttpUtilities.TryGetHostname(hostname, out _hostname);
+            
             if (useSSL)
             {
-                _http.BaseAddress = new Uri($"https://{baseAddress}/");
+                _http.BaseAddress = new Uri($"https://{_hostname}/");
             }
             else
             {
-                _http.BaseAddress = new Uri($"http://{baseAddress}/");
+                _http.BaseAddress = new Uri($"http://{_hostname}/");
             }
 
         }
-
-        public void SetRequestHeaders(Dictionary<string, string> headers)
+        
+        public T Get<T>(HttpRequestConfig req, string path)
         {
-            // TODO: set on httpHandler per request instead of defaults for whole client each time
-            _http.DefaultRequestHeaders.Clear();
-            foreach (var key in headers.Keys)
-            {
-                _logger.LogDebug($"Adding header - {key}: {headers[key]}");
-                _http.DefaultRequestHeaders.Add(key, headers[key]);
-            }
-    
-        }
-
-        public void AddAuthHeader(AuthenticationHeaderValue authHeader)
-        {
-            _http.DefaultRequestHeaders.Authorization = authHeader;
-        }
-
-        public T Get<T>(string path)
-        {
-            string json = GetRaw(path);
+            string json = GetRaw(req, path);
             _logger.LogTrace($"Received GET response. Deserializing into type {typeof(T)}");
             return JsonConvert.DeserializeObject<T>(json);
         }
-
-        public string GetRaw(string path)
+        
+        public string GetRaw(HttpRequestConfig req, string path)
         {
             try
             {
                 _logger.LogDebug($"Performing GET request to {_http.BaseAddress}/{path}");
-                var response = _http.GetAsync(path).Result;
+                
+                var config = new HttpServiceConfig()
+                {
+                    Accept = req.Accept,
+                    ContentType = req.ContentType,
+                    AuthorizationDelegate = async () => _auth.GenerateAuthHeader("GET", _hostname, path)
+                };
+                
+                var response = _httpService
+                    .GetAsync(config, path)
+                    .GetAwaiter()
+                    .GetResult();
+                
                 _logger.LogTrace($"Completed GET request. Reading response");
                 return ReadHttpResponse(response);
             }
@@ -104,20 +116,31 @@ public string GetRaw(string path)
                 throw;
             }
         }
-
-        public T Post<T>(string path, StringContent body)
+        
+        public T2 Post<T1, T2>(HttpRequestConfig req, string path, T1 body)
         {
-            string json = PostRaw(path, body);
-            _logger.LogTrace($"Received POST response. Deserializing into type {typeof(T)}");
-            return JsonConvert.DeserializeObject<T>(json);
+            string content = JsonConvert.SerializeObject(body, _serializerSettings);
+            string json = PostRaw(req, path, content);
+            _logger.LogTrace($"Received POST response. Deserializing into type {typeof(T2)}");
+            return JsonConvert.DeserializeObject<T2>(json);
         }
-
-        public string PostRaw(string path, StringContent body)
+        
+        public string PostRaw(HttpRequestConfig req, string path, string body)
         {
             try
             {
                 _logger.LogDebug($"Performing POST request to {_http.BaseAddress}/{path}");
-                var response = _http.PostAsync(path, body).Result;
+                
+                var config = new HttpServiceConfig()
+                {
+                    Accept = req.Accept,
+                    ContentType = req.ContentType,
+                    AuthorizationDelegate = async () => _auth.GenerateAuthHeader("POST", _hostname, path, body)
+                };
+
+                var content = new StringContent(body);
+                
+                var response = _httpService.PostAsync(config, path, content).GetAwaiter().GetResult();
                 _logger.LogTrace($"Completed POST request. Reading response");
                 return ReadHttpResponse(response);
             }
@@ -142,20 +165,30 @@ public string PostRaw(string path, StringContent body)
                 throw;
             }
         }
-
-        public T Put<T>(string path, StringContent body)
+        
+        public T2 Put<T1, T2>(HttpRequestConfig req, string path, T1 content)
         {
-            string json = PutRaw(path, body);
-            _logger.LogTrace($"Received PUT response. Deserializing into type {typeof(T)}");
-            return JsonConvert.DeserializeObject<T>(json);
+            string body = JsonConvert.SerializeObject(content, _serializerSettings);
+            string json = PutRaw(req, path, body);
+            _logger.LogTrace($"Received PUT response. Deserializing into type {typeof(T2)}");
+            return JsonConvert.DeserializeObject<T2>(json);
         }
-
-        public string PutRaw(string path, StringContent body)
+        
+        public string PutRaw(HttpRequestConfig req, string path, string body)
         {
             try
             {
                 _logger.LogDebug($"Performing PUT request to {_http.BaseAddress}/{path}");
-                var response = _http.PutAsync(path, body).Result;
+                
+                var config = new HttpServiceConfig()
+                {
+                    Accept = req.Accept,
+                    ContentType = req.ContentType,
+                    AuthorizationDelegate = async () => _auth.GenerateAuthHeader("PUT", _hostname, path)
+                };
+                
+                var content = new StringContent(body);
+                var response = _httpService.PutAsync(config, path, content).GetAwaiter().GetResult();
                 _logger.LogTrace($"Completed PUT request. Reading response");
                 return ReadHttpResponse(response);
             }
@@ -180,20 +213,28 @@ public string PutRaw(string path, StringContent body)
                 throw;
             }
         }
-
-        public T Delete<T>(string path)
+        
+        public T Delete<T>(HttpRequestConfig req, string path)
         {
-            string json = DeleteRaw(path);
+            string json = DeleteRaw(req, path);
             _logger.LogTrace($"Received DELETE response. Deserializing into type {typeof(T)}");
             return JsonConvert.DeserializeObject<T>(json);
         }
-
-        public string DeleteRaw(string path)
+        
+        public string DeleteRaw(HttpRequestConfig req, string path)
         {
             try
             {
                 _logger.LogDebug($"Performing DELETE request to {_http.BaseAddress}/{path}");
-                var response = _http.DeleteAsync(path).Result;
+                
+                var config = new HttpServiceConfig()
+                {
+                    Accept = req.Accept,
+                    ContentType = req.ContentType,
+                    AuthorizationDelegate = async () => _auth.GenerateAuthHeader("DELETE", _hostname, path)
+                };
+                
+                var response = _httpService.DeleteAsync(config, path).GetAwaiter().GetResult();
                 _logger.LogTrace($"Completed DELETE request. Reading response");
                 return ReadHttpResponse(response);
             }
@@ -221,7 +262,7 @@ public string DeleteRaw(string path)
 
         private string ReadHttpResponse(HttpResponseMessage response)
         {
-            string responseMessage = response.Content.ReadAsStringAsync().Result;
+            string responseMessage = response.Content.ReadAsStringAsync().GetAwaiter().GetResult();
             if (response.IsSuccessStatusCode)
             {
                 return responseMessage;
diff --git a/http-interface/HttpService.cs b/http-interface/HttpService.cs
new file mode 100644
index 0000000..191add7
--- /dev/null
+++ b/http-interface/HttpService.cs
@@ -0,0 +1,136 @@
+// Copyright 2025 Keyfactor
+// 
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// 
+//     http://www.apache.org/licenses/LICENSE-2.0
+// 
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+using System;
+using System.Net;
+using System.Net.Http;
+using System.Net.Http.Headers;
+using System.Threading.Tasks;
+using Microsoft.Extensions.Logging;
+using Polly;
+using Polly.Retry;
+
+namespace Keyfactor.Extensions.Utilities.HttpInterface
+{
+    
+    public class HttpServiceConfig
+    {
+        public string Accept { get; set; } = "application/json";
+        public string ContentType { get; set; } = "application/json";
+        public Func<Task<AuthenticationHeaderValue>> AuthorizationDelegate { get; set; }
+    }
+    
+    
+    public class HttpService
+    {
+        private readonly ILogger _logger;
+        private readonly HttpClient _httpClient;
+        private readonly AsyncRetryPolicy<HttpResponseMessage> _retryPolicy;
+
+        public HttpService(ILogger logger, HttpClient httpClient, int maxRetries = 3)
+        {
+            _logger = logger;
+            _httpClient = httpClient;
+
+            // Retry API requests that fail due to an HTTP 429 (rate limiting)
+            // See https://techdocs.akamai.com/cps/reference/rate-limiting
+            _retryPolicy = Policy
+                .HandleResult<HttpResponseMessage>(r => r.StatusCode == (HttpStatusCode)429)
+                .WaitAndRetryAsync<HttpResponseMessage>(
+                    retryCount: maxRetries, 
+                    sleepDurationProvider: (retryAttempt, response, context) =>
+                        {
+                            var retryAfter = HttpUtilities.GetRetryAfterDelay(response.Result, DateTimeOffset.UtcNow);
+                            _logger.LogInformation($"Retrying in {retryAfter.TotalSeconds} seconds (Attempt {retryAttempt})");
+                            return retryAfter;
+                        },
+                    onRetryAsync: (outcome, delay, retryAttempt, context) =>
+                    {
+                        _logger.LogDebug($"Retry {retryAttempt} scheduled after {delay.TotalSeconds} seconds due to {outcome.Result.StatusCode}");
+                        return Task.CompletedTask;
+                    });
+        }
+        
+        public async Task<HttpResponseMessage> GetAsync(HttpServiceConfig config, string url)
+        {
+            return await _retryPolicy.ExecuteAsync(async () =>
+                {
+                    var request = await BuildHttpRequestMessage(config, HttpMethod.Get, url);
+                    
+                    return await _httpClient.SendAsync(request).ConfigureAwait(false);
+                })
+                .ConfigureAwait(false);
+        }
+
+        public async Task<HttpResponseMessage> PostAsync(HttpServiceConfig config, string url, HttpContent content)
+        {
+            return await _retryPolicy.ExecuteAsync(async () =>
+                {
+                    var request = await BuildHttpRequestMessage(config, HttpMethod.Post, url);
+                    AddContentToRequest(config, request, content);
+                    return await _httpClient.SendAsync(request);
+                })
+                .ConfigureAwait(false);
+        }
+
+        public async Task<HttpResponseMessage> PutAsync(HttpServiceConfig config, string url, HttpContent content)
+        {
+            return await _retryPolicy.ExecuteAsync(async () =>
+                {
+                    var request = await BuildHttpRequestMessage(config, HttpMethod.Put, url);
+                    AddContentToRequest(config, request, content);
+                    return await _httpClient.SendAsync(request);
+                })
+                .ConfigureAwait(false);
+        }
+        
+        public async Task<HttpResponseMessage> DeleteAsync(HttpServiceConfig config, string url)
+        {
+            return await _retryPolicy.ExecuteAsync(async () =>
+                {
+                    var request = await BuildHttpRequestMessage(config, HttpMethod.Delete, url);
+                    
+                    return await _httpClient.SendAsync(request).ConfigureAwait(false);
+                })
+                .ConfigureAwait(false);
+        }
+        
+        private async Task<HttpRequestMessage> BuildHttpRequestMessage(HttpServiceConfig config, HttpMethod method, string url)
+        {
+            var request = new HttpRequestMessage(method, url);
+            
+            if (config.Accept != null)
+            {
+                request.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue(config.Accept));
+            }
+                    
+            if (config.AuthorizationDelegate != null)
+            {
+                request.Headers.Authorization = await config.AuthorizationDelegate().ConfigureAwait(false);
+            }
+
+            return request;
+        }
+
+        private void AddContentToRequest(HttpServiceConfig config, HttpRequestMessage request, HttpContent content)
+        {
+            if (config.ContentType != null)
+            {
+                content.Headers.ContentType = new MediaTypeHeaderValue(config.ContentType);
+            }
+
+            request.Content = content;
+        }
+    }
+}
diff --git a/http-interface/HttpUtilities.cs b/http-interface/HttpUtilities.cs
index 0a134c7..57b8ba8 100644
--- a/http-interface/HttpUtilities.cs
+++ b/http-interface/HttpUtilities.cs
@@ -1,4 +1,19 @@
+// Copyright 2025 Keyfactor
+// 
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// 
+//     http://www.apache.org/licenses/LICENSE-2.0
+// 
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
 using System;
+using System.Globalization;
 using System.Linq;
 using System.Net.Http;
 
@@ -6,6 +21,14 @@ namespace Keyfactor.Extensions.Utilities.HttpInterface
 {
     public static class HttpUtilities
     {
+        /// <summary>
+        /// Parses a retry date from the "X-RateLimit-Next" header on an HTTP response, if present, and generate a TimeSpan based off the current time.
+        /// If the header value is missing or if parsing fails, it will return a default TimeSpan.
+        /// </summary>
+        /// <param name="response">An HTTP response message for a failed request</param>
+        /// <param name="now">The current timestamp in UTC</param>
+        /// <param name="defaultTimeoutSeconds">The default retry time interval if parsing fails</param>
+        /// <returns>A TimeSpan indicating how long to wait to retry the request.</returns>
         public static TimeSpan GetRetryAfterDelay(HttpResponseMessage response, DateTimeOffset now, int defaultTimeoutSeconds = 60)
         {
             var defaultDelay = TimeSpan.FromSeconds(defaultTimeoutSeconds);
@@ -15,7 +38,7 @@ public static TimeSpan GetRetryAfterDelay(HttpResponseMessage response, DateTime
             }
             
             var nextHeader = response.Headers.First(p => p.Key == "X-RateLimit-Next");
-            if (DateTimeOffset.TryParse(nextHeader.Value.FirstOrDefault(), out var retryUtc))
+            if (DateTimeOffset.TryParse(nextHeader.Value.FirstOrDefault(), null, DateTimeStyles.AdjustToUniversal, out var retryUtc))
             {
                 // Add a 1-second buffer to the retry to avoid sending requests before server is ready.
                 var delay = (retryUtc - now) + TimeSpan.FromSeconds(1);
@@ -24,5 +47,37 @@ public static TimeSpan GetRetryAfterDelay(HttpResponseMessage response, DateTime
 
             return defaultDelay;
         }
+
+        /// <summary>
+        /// Returns a hostname from a URL. If paring succeeds, the output string will have the parsed hostname and the method will return true.
+        /// If parsing fails, the output string will return the original value and the method will return false.
+        /// </summary>
+        /// <param name="input"></param>
+        /// <param name="parsed"></param>
+        /// <returns>A boolean indicating if parsing was successful</returns>
+        public static bool TryGetHostname(string input, out string parsed)
+        {
+            parsed = input;
+            
+            if (string.IsNullOrWhiteSpace(input))
+            {
+                return false;
+            }
+            
+            // Ensure the input has a scheme so Uri.TryCreate parses correctly
+            if (!input.StartsWith("http://", StringComparison.OrdinalIgnoreCase) &&
+                !input.StartsWith("https://", StringComparison.OrdinalIgnoreCase))
+            {
+                input = "http://" + input;
+            }
+
+            if (Uri.TryCreate(input, UriKind.Absolute, out var uri))
+            {
+                parsed = uri.Host;
+                return true;
+            }
+            
+            return false;
+        }
     }
 }
diff --git a/http-interface/http-interface.csproj b/http-interface/http-interface.csproj
index befe96d..0da2b03 100644
--- a/http-interface/http-interface.csproj
+++ b/http-interface/http-interface.csproj
@@ -8,6 +8,7 @@
   <ItemGroup>
     <PackageReference Include="Keyfactor.Logging" Version="1.1.1" />
     <PackageReference Include="Newtonsoft.Json" Version="12.0.3" />
+    <PackageReference Include="Polly" Version="8.5.2" />
   </ItemGroup>
 
 </Project>

From fb992f50f17d96d8c720198eb1c06af2cfe1255a Mon Sep 17 00:00:00 2001
From: "Matthew H. Irby" <matt.irby@outlook.com>
Date: Tue, 13 May 2025 17:09:06 -0400
Subject: [PATCH 05/18] chore(docs): Update CHANGELOG

---
 CHANGELOG.md | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index b37d52b..e5aff41 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,6 @@
+1.2.0
+- Add support for retrying API requests that fail due to [Akamai's rate limiting](https://techdocs.akamai.com/cps/reference/rate-limiting)
+
 1.1.0
 - Update Expiration Alert Handler sample to filter Subject Elements for duplicates / invalid fields and set the subject to one that will be accepted and matched in the CSR from Akamai
 - Additional error handling around renewing / updating existing Akamai Enrollments

From 146a66799e1b5e8af1348fa975fcef86bb03deac Mon Sep 17 00:00:00 2001
From: "Matthew H. Irby" <matt.irby@outlook.com>
Date: Wed, 14 May 2025 09:39:00 -0400
Subject: [PATCH 06/18] chore: Code reorganization

Signed-off-by: Matthew H. Irby <matt.irby@outlook.com>
---
 TestConsole/Program.cs              | 16 +++++++++++++++-
 http-interface/HttpInterface.cs     |  6 ------
 http-interface/HttpRequestConfig.cs | 22 ++++++++++++++++++++++
 http-interface/HttpService.cs       | 19 +++++--------------
 http-interface/HttpServiceConfig.cs | 27 +++++++++++++++++++++++++++
 5 files changed, 69 insertions(+), 21 deletions(-)
 create mode 100644 http-interface/HttpRequestConfig.cs
 create mode 100644 http-interface/HttpServiceConfig.cs

diff --git a/TestConsole/Program.cs b/TestConsole/Program.cs
index 7e4abbe..da03b3c 100644
--- a/TestConsole/Program.cs
+++ b/TestConsole/Program.cs
@@ -1,4 +1,18 @@
-using System.Diagnostics;
+// Copyright 2025 Keyfactor
+// 
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// 
+//     http://www.apache.org/licenses/LICENSE-2.0
+// 
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+using System.Diagnostics;
 using Keyfactor.Extensions.Utilities.HttpInterface;
 using Keyfactor.Orchestrator.Extensions.AkamaiCpsOrchestrator.Models;
 using Microsoft.Extensions.Logging;
diff --git a/http-interface/HttpInterface.cs b/http-interface/HttpInterface.cs
index 988cec4..4f72e1b 100644
--- a/http-interface/HttpInterface.cs
+++ b/http-interface/HttpInterface.cs
@@ -23,12 +23,6 @@
 
 namespace Keyfactor.Extensions.Utilities.HttpInterface
 {
-    public class HttpRequestConfig
-    {
-        public string Accept { get; set; } = "application/json";
-        public string ContentType { get; set; } = "application/json";
-    }
-    
     public class HttpInterface
     {
         private ILogger _logger;
diff --git a/http-interface/HttpRequestConfig.cs b/http-interface/HttpRequestConfig.cs
new file mode 100644
index 0000000..a06e8d0
--- /dev/null
+++ b/http-interface/HttpRequestConfig.cs
@@ -0,0 +1,22 @@
+// Copyright 2025 Keyfactor
+// 
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// 
+//     http://www.apache.org/licenses/LICENSE-2.0
+// 
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+namespace Keyfactor.Extensions.Utilities.HttpInterface
+{
+    public class HttpRequestConfig
+    {
+        public string Accept { get; set; } = "application/json";
+        public string ContentType { get; set; } = "application/json";
+    }
+}
diff --git a/http-interface/HttpService.cs b/http-interface/HttpService.cs
index 191add7..4ef8543 100644
--- a/http-interface/HttpService.cs
+++ b/http-interface/HttpService.cs
@@ -23,15 +23,6 @@
 
 namespace Keyfactor.Extensions.Utilities.HttpInterface
 {
-    
-    public class HttpServiceConfig
-    {
-        public string Accept { get; set; } = "application/json";
-        public string ContentType { get; set; } = "application/json";
-        public Func<Task<AuthenticationHeaderValue>> AuthorizationDelegate { get; set; }
-    }
-    
-    
     public class HttpService
     {
         private readonly ILogger _logger;
@@ -66,7 +57,7 @@ public async Task<HttpResponseMessage> GetAsync(HttpServiceConfig config, string
         {
             return await _retryPolicy.ExecuteAsync(async () =>
                 {
-                    var request = await BuildHttpRequestMessage(config, HttpMethod.Get, url);
+                    using HttpRequestMessage request = await BuildHttpRequestMessage(config, HttpMethod.Get, url);
                     
                     return await _httpClient.SendAsync(request).ConfigureAwait(false);
                 })
@@ -77,7 +68,7 @@ public async Task<HttpResponseMessage> PostAsync(HttpServiceConfig config, strin
         {
             return await _retryPolicy.ExecuteAsync(async () =>
                 {
-                    var request = await BuildHttpRequestMessage(config, HttpMethod.Post, url);
+                    using HttpRequestMessage request = await BuildHttpRequestMessage(config, HttpMethod.Post, url);
                     AddContentToRequest(config, request, content);
                     return await _httpClient.SendAsync(request);
                 })
@@ -88,7 +79,7 @@ public async Task<HttpResponseMessage> PutAsync(HttpServiceConfig config, string
         {
             return await _retryPolicy.ExecuteAsync(async () =>
                 {
-                    var request = await BuildHttpRequestMessage(config, HttpMethod.Put, url);
+                    using HttpRequestMessage request = await BuildHttpRequestMessage(config, HttpMethod.Put, url);
                     AddContentToRequest(config, request, content);
                     return await _httpClient.SendAsync(request);
                 })
@@ -99,7 +90,7 @@ public async Task<HttpResponseMessage> DeleteAsync(HttpServiceConfig config, str
         {
             return await _retryPolicy.ExecuteAsync(async () =>
                 {
-                    var request = await BuildHttpRequestMessage(config, HttpMethod.Delete, url);
+                    using HttpRequestMessage request = await BuildHttpRequestMessage(config, HttpMethod.Delete, url);
                     
                     return await _httpClient.SendAsync(request).ConfigureAwait(false);
                 })
@@ -108,7 +99,7 @@ public async Task<HttpResponseMessage> DeleteAsync(HttpServiceConfig config, str
         
         private async Task<HttpRequestMessage> BuildHttpRequestMessage(HttpServiceConfig config, HttpMethod method, string url)
         {
-            var request = new HttpRequestMessage(method, url);
+            HttpRequestMessage request = new HttpRequestMessage(method, url);
             
             if (config.Accept != null)
             {
diff --git a/http-interface/HttpServiceConfig.cs b/http-interface/HttpServiceConfig.cs
new file mode 100644
index 0000000..5fc5c7a
--- /dev/null
+++ b/http-interface/HttpServiceConfig.cs
@@ -0,0 +1,27 @@
+// Copyright 2025 Keyfactor
+// 
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// 
+//     http://www.apache.org/licenses/LICENSE-2.0
+// 
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+using System;
+using System.Net.Http.Headers;
+using System.Threading.Tasks;
+
+namespace Keyfactor.Extensions.Utilities.HttpInterface
+{
+    public class HttpServiceConfig
+    {
+        public string Accept { get; set; } = "application/json";
+        public string ContentType { get; set; } = "application/json";
+        public Func<Task<AuthenticationHeaderValue>> AuthorizationDelegate { get; set; }
+    }
+}

From 908c38d88f1eef040301762d2a37d0b19981999c Mon Sep 17 00:00:00 2001
From: Macey Dobrowsky <macey.dobrowsky@keyfactor.com>
Date: Mon, 19 May 2025 19:59:45 +0000
Subject: [PATCH 07/18] update to v3 workflow with doctool and net6/net8 target
 updates

---
 .../workflows/keyfactor-starter-workflow.yml  |  47 ++---
 .../akamai-cps-orchestrator.csproj            |   2 +-
 docsource/akamai.md                           |   1 +
 docsource/content.md                          |  82 ++++++++
 integration-manifest.json                     | 177 +++++++++---------
 5 files changed, 192 insertions(+), 117 deletions(-)
 create mode 100644 docsource/akamai.md
 create mode 100644 docsource/content.md

diff --git a/.github/workflows/keyfactor-starter-workflow.yml b/.github/workflows/keyfactor-starter-workflow.yml
index b779b53..d92bd57 100644
--- a/.github/workflows/keyfactor-starter-workflow.yml
+++ b/.github/workflows/keyfactor-starter-workflow.yml
@@ -1,33 +1,20 @@
-name: Starter Workflow
-on: [workflow_dispatch, push, pull_request]
+name: Keyfactor Bootstrap Workflow 
 
-jobs:
-  call-create-github-release-workflow:
-    uses: Keyfactor/actions/.github/workflows/github-release.yml@main
-
-  call-assign-from-json-workflow:
-    uses: Keyfactor/actions/.github/workflows/assign-env-from-json.yml@main
-
-  call-dotnet-build-and-release-workflow:
-    needs: [call-create-github-release-workflow, call-assign-from-json-workflow]
-    uses: Keyfactor/actions/.github/workflows/dotnet-build-and-release.yml@main
-    with:
-      release_version: ${{ needs.call-create-github-release-workflow.outputs.release_version }}
-      release_url: ${{ needs.call-create-github-release-workflow.outputs.release_url }}
-      release_dir: ${{ needs.call-assign-from-json-workflow.outputs.release_dir }}
+on:
+  workflow_dispatch:
+  pull_request:
+    types: [opened, closed, synchronize, edited, reopened]
+  push:
+  create:
+    branches:
+      - 'release-*.*'
 
-    secrets: 
-      token: ${{ secrets.PRIVATE_PACKAGE_ACCESS }}
-
-  call-generate-readme-workflow:
-    if: github.event_name == 'push' || github.event_name == 'workflow_dispatch'
-    uses: Keyfactor/actions/.github/workflows/generate-readme.yml@main
+jobs:
+  call-starter-workflow:
+    uses: keyfactor/actions/.github/workflows/starter.yml@v3
     secrets:
-      token: ${{ secrets.APPROVE_README_PUSH }}
-
-  call-update-catalog-workflow:
-    needs: call-assign-from-json-workflow
-    if: needs.call-assign-from-json-workflow.outputs.update_catalog == 'True' && (github.event_name == 'push' || github.event_name == 'workflow_dispatch')
-    uses: Keyfactor/actions/.github/workflows/update-catalog.yml@main
-    secrets: 
-      token: ${{ secrets.SDK_SYNC_PAT }}
+      token: ${{ secrets.V2BUILDTOKEN}}
+      APPROVE_README_PUSH: ${{ secrets.APPROVE_README_PUSH}}
+      gpg_key: ${{ secrets.KF_GPG_PRIVATE_KEY }}
+      gpg_pass: ${{ secrets.KF_GPG_PASSPHRASE }}
+      scan_token: ${{ secrets.SAST_TOKEN }}
diff --git a/akamai-cps-orchestrator/akamai-cps-orchestrator.csproj b/akamai-cps-orchestrator/akamai-cps-orchestrator.csproj
index 2617ec7..141763d 100644
--- a/akamai-cps-orchestrator/akamai-cps-orchestrator.csproj
+++ b/akamai-cps-orchestrator/akamai-cps-orchestrator.csproj
@@ -1,7 +1,7 @@
 <Project Sdk="Microsoft.NET.Sdk">
 
   <PropertyGroup>
-    <TargetFramework>netcoreapp3.1</TargetFramework>
+    <TargetFrameworks>net6.0;net8.0</TargetFrameworks>
     <RootNamespace>Keyfactor.Orchestrator.Extensions.AkamaiCpsOrchestrator</RootNamespace>
     <CopyLocalLockFileAssemblies>true</CopyLocalLockFileAssemblies>
   </PropertyGroup>
diff --git a/docsource/akamai.md b/docsource/akamai.md
new file mode 100644
index 0000000..0aa5d83
--- /dev/null
+++ b/docsource/akamai.md
@@ -0,0 +1 @@
+## Overview
\ No newline at end of file
diff --git a/docsource/content.md b/docsource/content.md
new file mode 100644
index 0000000..c60283e
--- /dev/null
+++ b/docsource/content.md
@@ -0,0 +1,82 @@
+
+## Use Cases
+
+The Akamai CPS orchestrator extension implements the following capabilities:
+1. Inventory - Return all certificates of the type defined in the cert store (Production or Staging)
+2. Reenrollment - Process a key generation request and create a new certificate with a Keyfactor CA. Two scenarios are supported:
+    1. No Enrollment Id provided - create a new Enrollment and certificate in Akamai
+    2. Existing Enrollment Id provided - renew an existing certificate in Akamai and update the Enrollment
+
+## Keyfactor Version Supported
+
+The Akamai CPS orchestrator extension requires a Keyfactor Platform version of 9.10 or greater to support encrypted certificate store parameters for authentication.
+
+## Akamai Platform Configuration
+
+In the Akamai instance, an API Credential needs to be configured and used to provide authentication for the Keyfactor Orchestrator extension to function. To do this, navigate to `Account Admin` -> `Identity & access`. Clicking `Create API client`, select a user whose permissions should be used to access and manage certificates. This user should already have the needed permissions to access CPS. The access of the API Client can be restricted to just the CPS APIs, but the API Client should have `READ-WRITE` access.
+
+With the API Client created, a new credential should be generated by clicking `Create credential`. The contents of the credential should be downloaded or saved temporarily to use for configuring the Keyfactor Certificate Store. Afterwards, it should be deleted as the credential file serves as authentication for accessing APIs, and should be treated as a plaintext password and not saved long-term.
+
+## Akamai Orchestrator Extension Configuration
+
+**1a. Use `kfutil` to create the entire store type definition**
+
+Using `kfutil` to create the store type is the preferred method to create the Akamai store type. It will create all of the needed Custom Fields and Entry parameters (of which there are many).
+
+Creating the store can be done by running the following `kfutil` command:
+
+```
+kfutil store-types create -n Akamai
+```
+
+If using `kfutil`, skip steps __1b__ and __2__ and go to step __3__ to set the default values of the Entry Parameters.
+
+**1b. Manually Create the New Certificate Store Type for the Akamai orchestrator extension**
+
+In Keyfactor Command create a new Certificate Store Type similar to the one below by clicking Settings (the gear icon in the top right) => Certificate Store Types => Add:
+
+![](images/store-type-basic.png)
+![](images/store-type-advanced.png)
+
+Custom fields and entry parameters will be added after the store is created. This is required as there are many entry parameters.
+
+**2. Add Custom Fields and Entry Paramaters**
+
+_Only requried if manually adding the certificate store._
+To add the needed Custom Fields and Entry Parameters, [run the script](akamai-cps-orchestrator/jobproperties.sql) on the Keyfactor database to generate all the fields and parameters needed.
+
+**3. Set default values of Entry Parameters**
+
+The Entry Parameters are used during Enrollment creation in Akamai CPS to provide contact information and associate new certificates with the correct Contract in Akamai. After adding the parameters, re-open the Certificate Store Type configuration and set the default values.
+
+The Contract ID should be set to the default contract to be used for new Enrollments. All of the address information should be filled out with default expected values, as they are required fields for **each** enrollment created and should not be entered manually unless they need to be overwritten for a specific Enrollment in Akamai.
+The Tech contact information should be your Akamai company contact, and needs to have an Akamai email address and should have Akamai as the organization name.
+
+**4. Create a new Akamai Certificate Store**
+
+After the Certificate Store Type has been configured, a new Akamai Certificate Store can be created. When creating the store, the credentials generated in the Akamai platform for the API Client will be used.
+
+| Certificate Store parameter | Akamai credential value |
+|-|-|
+| Client Machine | `host` |
+| Access Token | `access_token` |
+| Client Token | `client_token` |
+| Client Secret | `client_secret` |
+
+**5. (Optional) Enroll a new certificate in Akamai**
+
+Adding new certificates to Akamai requires generating a key in Akamai CPS via the Reenrollment process in Keyfactor. To start this process, go to the Certificate Store that the certicate should be added to. Select the certificate store, and click the `Reenrollment` button to bring up the reenrollment dialog.
+
+Change any default values as needed, and enter an Enrollment ID if an existing enrollment needs to be updated instead of creating a new Enrollment. This is different from the Slot ID - the Enrollment ID is found by clicking on an Active certificate in Akamai CPS, and looking at the `ID` value.
+The SAN entry needs to be filled out with the DNS value you are using for the certificate's CN. If there are multiple DNS SANs, they should be separted with an ampersand. Example: `www.example01.com&www.example02.com`
+
+
+**6. (Optional) Configure Renewal of Certificates using a Workflow**
+
+Akamai does not support traditional certificate Renewal or one-click Renewal done in the Keyfactor Command platform. The Renewal process creates Certificates with outside keys which are not allowed to be imported into Akamai CPS. As a result, the Reenrollment Job must be used in order to renew existing certificates that reside on the Akamai system. Reenrollment is required as opposed to the Renewal process as it allows Akamai to generate the keys on their platform, which are used to create a certificate in Keyfactor.
+
+Renewing existing certificates in Akamai means running a Reenrollment Job with the same Enrollment ID that was used for an existing Certificate Enrollment. This can be done manually through the Reenrollment prompt, but an automated process can also be configured using a Keyfactor Workflow.
+
+The Workflow should be configured to target a Keyfactor Collection of certificates that includes the Akamai certificates that need to be renewed. This can be done with a query targeting the `CertStoreFQDN` containing `Akamai` and can be further restricted with the `CertStorePath` being equal to `Production` or `Staging`.
+
+A sample workflow for ODKG / Reenrollment scheduling for renewals can be viewed in the [kf-workflow-samples repo](https://github.com/Keyfactor/kf-workflow-samples). When running the sample workflow, it will assume that all certs passed to the script should schedule a Reenrollment job with their existing parameters in Akamai.
diff --git a/integration-manifest.json b/integration-manifest.json
index 6204c5c..51bc801 100644
--- a/integration-manifest.json
+++ b/integration-manifest.json
@@ -3,7 +3,9 @@
   "integration_type": "orchestrator",
   "name": "Akamai Certificate Provisioning System (CPS)",
   "status": "production",
-  "release_dir": "akamai-cps-orchestrator/bin/Release/netcoreapp3.1",
+  "support_level": "kf-supported",
+  "release_dir": "akamai-cps-orchestrator/bin/Release",
+  "release_project": "akamai-cps-orchestrator/akamai-cps-orchestrator.csproj",
   "update_catalog": true,
   "link_github": true,
   "description": "The Akamai Certificate Provisioning System (CPS) Orchestrator is capable of inventorying existing certificates on the Akamai platform, and performing enrollments and renewals of certificates with keys generated on the Akamai system.",
@@ -29,8 +31,8 @@
         "supportsInventory": true,
         "platformSupport": "Unused"
       },
-      "store_types": {
-        "Akamai": {
+      "store_types": [
+        {
           "Name": "Akamai Certificate Provisioning Service",
           "ShortName": "Akamai",
           "Capability": "Akamai",
@@ -44,36 +46,38 @@
           },
           "Properties": [
             {
-              "StoreTypeId;omitempty": 0,
               "Name": "access_token",
               "DisplayName": "Access Token",
               "Type": "Secret",
-              "DependsOn": null,
-              "DefaultValue": null,
-              "Required": true
+              "DependsOn": "",
+              "DefaultValue": "",
+              "Required": true,
+              "IsPAMEligible": false,
+              "Description": "The Akamai access_token for authentication."
             },
             {
-              "StoreTypeId;omitempty": 0,
               "Name": "client_token",
               "DisplayName": "Client Token",
               "Type": "Secret",
-              "DependsOn": null,
-              "DefaultValue": null,
-              "Required": true
+              "DependsOn": "",
+              "DefaultValue": "",
+              "Required": true,
+              "IsPAMEligible": false,
+              "Description": "The Akamai client_token for authentication."
             },
             {
-              "StoreTypeId;omitempty": 0,
               "Name": "client_secret",
               "DisplayName": "Client Secret",
               "Type": "Secret",
-              "DependsOn": null,
-              "DefaultValue": null,
-              "Required": true
+              "DependsOn": "",
+              "DefaultValue": "",
+              "Required": true,
+              "IsPAMEligible": false,
+              "Description": "The Akamai client_secret for authentication."
             }
           ],
           "EntryParameters": [
             {
-              "StoreTypeId;omitempty": 0,
               "Name": "EnrollmentId",
               "DisplayName": "Enrollment ID",
               "Type": "String",
@@ -82,10 +86,10 @@
                 "OnAdd": false,
                 "OnRemove": false,
                 "OnReenrollment": false
-              }
+              },
+              "Description": "Enrollment ID of a certificate enrollment in Akamai. This should only be supplied for ODKG when replacing an existing certificate."
             },
             {
-              "StoreTypeId;omitempty": 0,
               "Name": "ContractId",
               "DisplayName": "Contract ID",
               "Type": "String",
@@ -95,10 +99,10 @@
                 "OnRemove": false,
                 "OnReenrollment": true
               },
-              "DefaultValue": null
+              "DefaultValue": "SET-DEFAULT",
+              "Description": "The Contract ID of your account in Akamai."
             },
             {
-              "StoreTypeId;omitempty": 0,
               "Name": "Sans",
               "DisplayName": "SANs",
               "Type": "String",
@@ -107,10 +111,10 @@
                 "OnAdd": false,
                 "OnRemove": false,
                 "OnReenrollment": true
-              }
+              },
+              "Description": "SANs for the new certificate. If multiple are supplied, they should be split with an ampersand character '&'"
             },
             {
-              "StoreTypeId;omitempty": 0,
               "Name": "admin-addressLineOne",
               "DisplayName": "Admin - Address Line 1",
               "Type": "String",
@@ -120,10 +124,10 @@
                 "OnRemove": false,
                 "OnReenrollment": true
               },
-              "DefaultValue": null
+              "DefaultValue": "SET-DEFAULT",
+              "Description": "Required field for Administrator contact."
             },
             {
-              "StoreTypeId;omitempty": 0,
               "Name": "admin-addressLineTwo",
               "DisplayName": "Admin - Address Line 2",
               "Type": "String",
@@ -132,10 +136,10 @@
                 "OnAdd": false,
                 "OnRemove": false,
                 "OnReenrollment": false
-              }
+              },
+              "Description": "Optional field for Administrator contact."
             },
             {
-              "StoreTypeId;omitempty": 0,
               "Name": "admin-city",
               "DisplayName": "Admin - City",
               "Type": "String",
@@ -145,10 +149,10 @@
                 "OnRemove": false,
                 "OnReenrollment": true
               },
-              "DefaultValue": null
+              "DefaultValue": "SET-DEFAULT",
+              "Description": "Required field for Administrator contact."
             },
             {
-              "StoreTypeId;omitempty": 0,
               "Name": "admin-country",
               "DisplayName": "Admin - Country",
               "Type": "String",
@@ -158,10 +162,10 @@
                 "OnRemove": false,
                 "OnReenrollment": true
               },
-              "DefaultValue": null
+              "DefaultValue": "SET-DEFAULT",
+              "Description": "Required field for Administrator contact."
             },
             {
-              "StoreTypeId;omitempty": 0,
               "Name": "admin-email",
               "DisplayName": "Admin - Email",
               "Type": "String",
@@ -171,10 +175,10 @@
                 "OnRemove": false,
                 "OnReenrollment": true
               },
-              "DefaultValue": null
+              "DefaultValue": "SET-DEFAULT",
+              "Description": "Required field for Administrator contact."
             },
             {
-              "StoreTypeId;omitempty": 0,
               "Name": "admin-firstName",
               "DisplayName": "Admin - First Name",
               "Type": "String",
@@ -184,10 +188,10 @@
                 "OnRemove": false,
                 "OnReenrollment": true
               },
-              "DefaultValue": null
+              "DefaultValue": "SET-DEFAULT",
+              "Description": "Required field for Administrator contact."
             },
             {
-              "StoreTypeId;omitempty": 0,
               "Name": "admin-lastName",
               "DisplayName": "Admin - Last Name",
               "Type": "String",
@@ -197,10 +201,10 @@
                 "OnRemove": false,
                 "OnReenrollment": true
               },
-              "DefaultValue": null
+              "DefaultValue": "SET-DEFAULT",
+              "Description": "Required field for Administrator contact."
             },
             {
-              "StoreTypeId;omitempty": 0,
               "Name": "admin-organizationName",
               "DisplayName": "Admin - Organization Name",
               "Type": "String",
@@ -210,10 +214,10 @@
                 "OnRemove": false,
                 "OnReenrollment": true
               },
-              "DefaultValue": null
+              "DefaultValue": "SET-DEFAULT",
+              "Description": "Required field for Administrator contact."
             },
             {
-              "StoreTypeId;omitempty": 0,
               "Name": "admin-phone",
               "DisplayName": "Admin - Phone",
               "Type": "String",
@@ -223,10 +227,10 @@
                 "OnRemove": false,
                 "OnReenrollment": true
               },
-              "DefaultValue": null
+              "DefaultValue": "SET-DEFAULT",
+              "Description": "Required field for Administrator contact."
             },
             {
-              "StoreTypeId;omitempty": 0,
               "Name": "admin-postalCode",
               "DisplayName": "Admin - Postal Code",
               "Type": "String",
@@ -236,10 +240,10 @@
                 "OnRemove": false,
                 "OnReenrollment": true
               },
-              "DefaultValue": null
+              "DefaultValue": "SET-DEFAULT",
+              "Description": "Required field for Administrator contact."
             },
             {
-              "StoreTypeId;omitempty": 0,
               "Name": "admin-region",
               "DisplayName": "Admin - Region",
               "Type": "String",
@@ -249,10 +253,10 @@
                 "OnRemove": false,
                 "OnReenrollment": true
               },
-              "DefaultValue": null
+              "DefaultValue": "SET-DEFAULT",
+              "Description": "Required field for Administrator contact."
             },
             {
-              "StoreTypeId;omitempty": 0,
               "Name": "admin-title",
               "DisplayName": "Admin - Title",
               "Type": "String",
@@ -262,10 +266,10 @@
                 "OnRemove": false,
                 "OnReenrollment": true
               },
-              "DefaultValue": null
+              "DefaultValue": "SET-DEFAULT",
+              "Description": "Required field for Administrator contact."
             },
             {
-              "StoreTypeId;omitempty": 0,
               "Name": "org-addressLineOne",
               "DisplayName": "Org - Address Line 1",
               "Type": "String",
@@ -275,10 +279,10 @@
                 "OnRemove": false,
                 "OnReenrollment": true
               },
-              "DefaultValue": null
+              "DefaultValue": "SET-DEFAULT",
+              "Description": "Required field for Organization contact."
             },
             {
-              "StoreTypeId;omitempty": 0,
               "Name": "org-addressLineTwo",
               "DisplayName": "Org - Address Line 2",
               "Type": "String",
@@ -287,10 +291,10 @@
                 "OnAdd": false,
                 "OnRemove": false,
                 "OnReenrollment": false
-              }
+              },
+              "Description": "Optional field for Organization contact."
             },
             {
-              "StoreTypeId;omitempty": 0,
               "Name": "org-city",
               "DisplayName": "Org - City",
               "Type": "String",
@@ -300,10 +304,10 @@
                 "OnRemove": false,
                 "OnReenrollment": true
               },
-              "DefaultValue": null
+              "DefaultValue": "SET-DEFAULT",
+              "Description": "Required field for Organization contact."
             },
             {
-              "StoreTypeId;omitempty": 0,
               "Name": "org-country",
               "DisplayName": "Org - Country",
               "Type": "String",
@@ -313,10 +317,10 @@
                 "OnRemove": false,
                 "OnReenrollment": true
               },
-              "DefaultValue": null
+              "DefaultValue": "SET-DEFAULT",
+              "Description": "Required field for Organization contact."
             },
             {
-              "StoreTypeId;omitempty": 0,
               "Name": "org-organizationName",
               "DisplayName": "Org - Organization Name",
               "Type": "String",
@@ -326,10 +330,10 @@
                 "OnRemove": false,
                 "OnReenrollment": true
               },
-              "DefaultValue": null
+              "DefaultValue": "SET-DEFAULT",
+              "Description": "Required field for Organization contact."
             },
             {
-              "StoreTypeId;omitempty": 0,
               "Name": "org-phone",
               "DisplayName": "Org - Phone",
               "Type": "String",
@@ -339,10 +343,10 @@
                 "OnRemove": false,
                 "OnReenrollment": true
               },
-              "DefaultValue": null
+              "DefaultValue": "SET-DEFAULT",
+              "Description": "Required field for Organization contact."
             },
             {
-              "StoreTypeId;omitempty": 0,
               "Name": "org-postalCode",
               "DisplayName": "Org - Postal Code",
               "Type": "String",
@@ -352,10 +356,10 @@
                 "OnRemove": false,
                 "OnReenrollment": true
               },
-              "DefaultValue": null
+              "DefaultValue": "SET-DEFAULT",
+              "Description": "Required field for Organization contact."
             },
             {
-              "StoreTypeId;omitempty": 0,
               "Name": "org-region",
               "DisplayName": "Org - Region",
               "Type": "String",
@@ -365,10 +369,10 @@
                 "OnRemove": false,
                 "OnReenrollment": true
               },
-              "DefaultValue": null
+              "DefaultValue": "SET-DEFAULT",
+              "Description": "Required field for Organization contact."
             },
             {
-              "StoreTypeId;omitempty": 0,
               "Name": "tech-addressLineOne",
               "DisplayName": "Tech - Address Line 1",
               "Type": "String",
@@ -378,10 +382,10 @@
                 "OnRemove": false,
                 "OnReenrollment": true
               },
-              "DefaultValue": null
+              "DefaultValue": "SET-DEFAULT",
+              "Description": "Required field for Akamai Tech contact."
             },
             {
-              "StoreTypeId;omitempty": 0,
               "Name": "tech-addressLineTwo",
               "DisplayName": "Tech - Address Line 2",
               "Type": "String",
@@ -390,10 +394,10 @@
                 "OnAdd": false,
                 "OnRemove": false,
                 "OnReenrollment": false
-              }
+              },
+              "Description": "Optional field for Akamai Tech contact."
             },
             {
-              "StoreTypeId;omitempty": 0,
               "Name": "tech-city",
               "DisplayName": "Tech - City",
               "Type": "String",
@@ -403,10 +407,10 @@
                 "OnRemove": false,
                 "OnReenrollment": true
               },
-              "DefaultValue": null
+              "DefaultValue": "SET-DEFAULT",
+              "Description": "Required field for Akamai Tech contact."
             },
             {
-              "StoreTypeId;omitempty": 0,
               "Name": "tech-country",
               "DisplayName": "Tech - Country",
               "Type": "String",
@@ -416,10 +420,10 @@
                 "OnRemove": false,
                 "OnReenrollment": true
               },
-              "DefaultValue": null
+              "DefaultValue": "SET-DEFAULT",
+              "Description": "Required field for Akamai Tech contact."
             },
             {
-              "StoreTypeId;omitempty": 0,
               "Name": "tech-email",
               "DisplayName": "Tech - Email",
               "Type": "String",
@@ -429,10 +433,10 @@
                 "OnRemove": false,
                 "OnReenrollment": true
               },
-              "DefaultValue": null
+              "DefaultValue": "SET-DEFAULT",
+              "Description": "Required field for Akamai Tech contact. Must be an akamai.com email address."
             },
             {
-              "StoreTypeId;omitempty": 0,
               "Name": "tech-firstName",
               "DisplayName": "Tech - First Name",
               "Type": "String",
@@ -442,10 +446,10 @@
                 "OnRemove": false,
                 "OnReenrollment": true
               },
-              "DefaultValue": null
+              "DefaultValue": "SET-DEFAULT",
+              "Description": "Required field for Akamai Tech contact."
             },
             {
-              "StoreTypeId;omitempty": 0,
               "Name": "tech-lastName",
               "DisplayName": "Tech - Last Name",
               "Type": "String",
@@ -455,10 +459,10 @@
                 "OnRemove": false,
                 "OnReenrollment": true
               },
-              "DefaultValue": null
+              "DefaultValue": "SET-DEFAULT",
+              "Description": "Required field for Akamai Tech contact."
             },
             {
-              "StoreTypeId;omitempty": 0,
               "Name": "tech-organizationName",
               "DisplayName": "Tech - Organization Name",
               "Type": "String",
@@ -468,10 +472,10 @@
                 "OnRemove": false,
                 "OnReenrollment": true
               },
-              "DefaultValue": null
+              "DefaultValue": "Akamai",
+              "Description": "Required field for Akamai Tech contact."
             },
             {
-              "StoreTypeId;omitempty": 0,
               "Name": "tech-phone",
               "DisplayName": "Tech - Phone",
               "Type": "String",
@@ -481,10 +485,10 @@
                 "OnRemove": false,
                 "OnReenrollment": true
               },
-              "DefaultValue": null
+              "DefaultValue": "SET-DEFAULT",
+              "Description": "Required field for Akamai Tech contact."
             },
             {
-              "StoreTypeId;omitempty": 0,
               "Name": "tech-postalCode",
               "DisplayName": "Tech - Postal Code",
               "Type": "String",
@@ -494,10 +498,10 @@
                 "OnRemove": false,
                 "OnReenrollment": true
               },
-              "DefaultValue": null
+              "DefaultValue": "SET-DEFAULT",
+              "Description": "Required field for Akamai Tech contact."
             },
             {
-              "StoreTypeId;omitempty": 0,
               "Name": "tech-region",
               "DisplayName": "Tech - Region",
               "Type": "String",
@@ -507,10 +511,10 @@
                 "OnRemove": false,
                 "OnReenrollment": true
               },
-              "DefaultValue": null
+              "DefaultValue": "SET-DEFAULT",
+              "Description": "Required field for Akamai Tech contact."
             },
             {
-              "StoreTypeId;omitempty": 0,
               "Name": "tech-title",
               "DisplayName": "Tech - Title",
               "Type": "String",
@@ -520,7 +524,8 @@
                 "OnRemove": false,
                 "OnReenrollment": true
               },
-              "DefaultValue": null
+              "DefaultValue": "SET-DEFAULT",
+              "Description": "Required field for Akamai Tech contact."
             }
           ],
           "PasswordOptions": {
@@ -536,7 +541,7 @@
           "BlueprintAllowed": false,
           "CustomAliasAllowed": "Forbidden"
         }
-      }
+      ]
     }
   }
 }
\ No newline at end of file

From bca24018fd07370a947cddaa4c5f937c568ff522 Mon Sep 17 00:00:00 2001
From: Keyfactor <keyfactor@keyfactor.github.io>
Date: Mon, 19 May 2025 20:01:32 +0000
Subject: [PATCH 08/18] Update generated docs

---
 README.md            | 351 ++++++++++++++++++++++++++++++++++++++-----
 docsource/content.md |   6 +-
 2 files changed, 320 insertions(+), 37 deletions(-)

diff --git a/README.md b/README.md
index 13c4412..346e6b1 100644
--- a/README.md
+++ b/README.md
@@ -1,52 +1,334 @@
-# Akamai Certificate Provisioning System (CPS)
+<h1 align="center" style="border-bottom: none">
+    Akamai Certificate Provisioning System (CPS) Universal Orchestrator Extension
+</h1>
 
-The Akamai Certificate Provisioning System (CPS) Orchestrator is capable of inventorying existing certificates on the Akamai platform, and performing enrollments and renewals of certificates with keys generated on the Akamai system.
+<p align="center">
+  <!-- Badges -->
+<img src="https://img.shields.io/badge/integration_status-production-3D1973?style=flat-square" alt="Integration Status: production" />
+<a href="https://github.com/Keyfactor/akamai-cps-orchestrator/releases"><img src="https://img.shields.io/github/v/release/Keyfactor/akamai-cps-orchestrator?style=flat-square" alt="Release" /></a>
+<img src="https://img.shields.io/github/issues/Keyfactor/akamai-cps-orchestrator?style=flat-square" alt="Issues" />
+<img src="https://img.shields.io/github/downloads/Keyfactor/akamai-cps-orchestrator/total?style=flat-square&label=downloads&color=28B905" alt="GitHub Downloads (all assets, all releases)" />
+</p>
 
-#### Integration status: Production - Ready for use in production environments.
+<p align="center">
+  <!-- TOC -->
+  <a href="#support">
+    <b>Support</b>
+  </a>
+  ·
+  <a href="#installation">
+    <b>Installation</b>
+  </a>
+  ·
+  <a href="#license">
+    <b>License</b>
+  </a>
+  ·
+  <a href="https://github.com/orgs/Keyfactor/repositories?q=orchestrator">
+    <b>Related Integrations</b>
+  </a>
+</p>
 
+## Overview
 
-## About the Keyfactor Universal Orchestrator Extension
+TODO Overview is a required section
 
-This repository contains a Universal Orchestrator Extension which is a plugin to the Keyfactor Universal Orchestrator. Within the Keyfactor Platform, Orchestrators are used to manage “certificate stores” &mdash; collections of certificates and roots of trust that are found within and used by various applications.
 
-The Universal Orchestrator is part of the Keyfactor software distribution and is available via the Keyfactor customer portal. For general instructions on installing Extensions, see the “Keyfactor Command Orchestrator Installation and Configuration Guide” section of the Keyfactor documentation. For configuration details of this specific Extension see below in this readme.
 
-The Universal Orchestrator is the successor to the Windows Orchestrator. This Orchestrator Extension plugin only works with the Universal Orchestrator and does not work with the Windows Orchestrator.
+## Compatibility
 
+This integration is compatible with Keyfactor Universal Orchestrator version 10.1 and later.
 
-## Support for Akamai Certificate Provisioning System (CPS)
+## Support
+The Akamai Certificate Provisioning System (CPS) Universal Orchestrator extension If you have a support issue, please open a support ticket by either contacting your Keyfactor representative or via the Keyfactor Support Portal at https://support.keyfactor.com.
 
-Akamai Certificate Provisioning System (CPS) 
+> To report a problem or suggest a new feature, use the **[Issues](../../issues)** tab. If you want to contribute actual bug fixes or proposed enhancements, use the **[Pull requests](../../pulls)** tab.
 
-###### To report a problem or suggest a new feature, use the **[Issues](../../issues)** tab. If you want to contribute actual bug fixes or proposed enhancements, use the **[Pull requests](../../pulls)** tab.
+## Requirements & Prerequisites
 
+Before installing the Akamai Certificate Provisioning System (CPS) Universal Orchestrator extension, we recommend that you install [kfutil](https://github.com/Keyfactor/kfutil). Kfutil is a command-line tool that simplifies the process of creating store types, installing extensions, and instantiating certificate stores in Keyfactor Command.
 
----
 
 
+## Akamai Certificate Store Type
 
+To use the Akamai Certificate Provisioning System (CPS) Universal Orchestrator extension, you **must** create the Akamai Certificate Store Type. This only needs to happen _once_ per Keyfactor Command instance.
 
-## Keyfactor Version Supported
 
-The minimum version of the Keyfactor Universal Orchestrator Framework needed to run this version of the extension is 10.1
 
-## Platform Specific Notes
+<details><summary>Click to expand details</summary>
+
+
+
+
+#### Supported Operations
+
+| Operation    | Is Supported                                                                                                           |
+|--------------|------------------------------------------------------------------------------------------------------------------------|
+| Add          | 🔲 Unchecked        |
+| Remove       | 🔲 Unchecked     |
+| Discovery    | 🔲 Unchecked  |
+| Reenrollment | ✅ Checked |
+| Create       | 🔲 Unchecked     |
+
+#### Store Type Creation
+
+##### Using kfutil:
+`kfutil` is a custom CLI for the Keyfactor Command API and can be used to created certificate store types.
+For more information on [kfutil](https://github.com/Keyfactor/kfutil) check out the [docs](https://github.com/Keyfactor/kfutil?tab=readme-ov-file#quickstart)
+   <details><summary>Click to expand Akamai kfutil details</summary>
+
+   ##### Using online definition from GitHub:
+   This will reach out to GitHub and pull the latest store-type definition
+   ```shell
+   # Akamai Certificate Provisioning Service
+   kfutil store-types create Akamai
+   ```
+
+   ##### Offline creation using integration-manifest file:
+   If required, it is possible to create store types from the [integration-manifest.json](./integration-manifest.json) included in this repo.
+   You would first download the [integration-manifest.json](./integration-manifest.json) and then run the following command
+   in your offline environment.
+   ```shell
+   kfutil store-types create --from-file integration-manifest.json
+   ```
+   </details>
+
+
+#### Manual Creation
+Below are instructions on how to create the Akamai store type manually in
+the Keyfactor Command Portal
+   <details><summary>Click to expand manual Akamai details</summary>
+
+   Create a store type called `Akamai` with the attributes in the tables below:
+
+   ##### Basic Tab
+   | Attribute | Value | Description |
+   | --------- | ----- | ----- |
+   | Name | Akamai Certificate Provisioning Service | Display name for the store type (may be customized) |
+   | Short Name | Akamai | Short display name for the store type |
+   | Capability | Akamai | Store type name orchestrator will register with. Check the box to allow entry of value |
+   | Supports Add | 🔲 Unchecked |  Indicates that the Store Type supports Management Add |
+   | Supports Remove | 🔲 Unchecked |  Indicates that the Store Type supports Management Remove |
+   | Supports Discovery | 🔲 Unchecked |  Indicates that the Store Type supports Discovery |
+   | Supports Reenrollment | ✅ Checked |  Indicates that the Store Type supports Reenrollment |
+   | Supports Create | 🔲 Unchecked |  Indicates that the Store Type supports store creation |
+   | Needs Server | 🔲 Unchecked | Determines if a target server name is required when creating store |
+   | Blueprint Allowed | 🔲 Unchecked | Determines if store type may be included in an Orchestrator blueprint |
+   | Uses PowerShell | 🔲 Unchecked | Determines if underlying implementation is PowerShell |
+   | Requires Store Password | 🔲 Unchecked | Enables users to optionally specify a store password when defining a Certificate Store. |
+   | Supports Entry Password | 🔲 Unchecked | Determines if an individual entry within a store can have a password. |
+
+   The Basic tab should look like this:
+
+   ![Akamai Basic Tab](docsource/images/Akamai-basic-store-type-dialog.png)
+
+   ##### Advanced Tab
+   | Attribute | Value | Description |
+   | --------- | ----- | ----- |
+   | Supports Custom Alias | Forbidden | Determines if an individual entry within a store can have a custom Alias. |
+   | Private Key Handling | Forbidden | This determines if Keyfactor can send the private key associated with a certificate to the store. Required because IIS certificates without private keys would be invalid. |
+   | PFX Password Style | Default | 'Default' - PFX password is randomly generated, 'Custom' - PFX password may be specified when the enrollment job is created (Requires the Allow Custom Password application setting to be enabled.) |
+
+   The Advanced tab should look like this:
+
+   ![Akamai Advanced Tab](docsource/images/Akamai-advanced-store-type-dialog.png)
+
+   > For Keyfactor **Command versions 24.4 and later**, a Certificate Format dropdown is available with PFX and PEM options. Ensure that **PFX** is selected, as this determines the format of new and renewed certificates sent to the Orchestrator during a Management job. Currently, all Keyfactor-supported Orchestrator extensions support only PFX.
+
+   ##### Custom Fields Tab
+   Custom fields operate at the certificate store level and are used to control how the orchestrator connects to the remote target server containing the certificate store to be managed. The following custom fields should be added to the store type:
+
+   | Name | Display Name | Description | Type | Default Value/Options | Required |
+   | ---- | ------------ | ---- | --------------------- | -------- | ----------- |
+   | access_token | Access Token | The Akamai access_token for authentication. | Secret |  | ✅ Checked |
+   | client_token | Client Token | The Akamai client_token for authentication. | Secret |  | ✅ Checked |
+   | client_secret | Client Secret | The Akamai client_secret for authentication. | Secret |  | ✅ Checked |
+
+   The Custom Fields tab should look like this:
+
+   ![Akamai Custom Fields Tab](docsource/images/Akamai-custom-fields-store-type-dialog.png)
+
+   ##### Entry Parameters Tab
+
+   | Name | Display Name | Description | Type | Default Value | Entry has a private key | Adding an entry | Removing an entry | Reenrolling an entry |
+   | ---- | ------------ | ---- | ------------- | ----------------------- | ---------------- | ----------------- | ------------------- | ----------- |
+   | EnrollmentId | Enrollment ID | Enrollment ID of a certificate enrollment in Akamai. This should only be supplied for ODKG when replacing an existing certificate. | String |  | 🔲 Unchecked | 🔲 Unchecked | 🔲 Unchecked | 🔲 Unchecked |
+   | ContractId | Contract ID | The Contract ID of your account in Akamai. | String | SET-DEFAULT | 🔲 Unchecked | 🔲 Unchecked | 🔲 Unchecked | ✅ Checked |
+   | Sans | SANs | SANs for the new certificate. If multiple are supplied, they should be split with an ampersand character '&' | String |  | 🔲 Unchecked | 🔲 Unchecked | 🔲 Unchecked | ✅ Checked |
+   | admin-addressLineOne | Admin - Address Line 1 | Required field for Administrator contact. | String | SET-DEFAULT | 🔲 Unchecked | 🔲 Unchecked | 🔲 Unchecked | ✅ Checked |
+   | admin-addressLineTwo | Admin - Address Line 2 | Optional field for Administrator contact. | String |  | 🔲 Unchecked | 🔲 Unchecked | 🔲 Unchecked | 🔲 Unchecked |
+   | admin-city | Admin - City | Required field for Administrator contact. | String | SET-DEFAULT | 🔲 Unchecked | 🔲 Unchecked | 🔲 Unchecked | ✅ Checked |
+   | admin-country | Admin - Country | Required field for Administrator contact. | String | SET-DEFAULT | 🔲 Unchecked | 🔲 Unchecked | 🔲 Unchecked | ✅ Checked |
+   | admin-email | Admin - Email | Required field for Administrator contact. | String | SET-DEFAULT | 🔲 Unchecked | 🔲 Unchecked | 🔲 Unchecked | ✅ Checked |
+   | admin-firstName | Admin - First Name | Required field for Administrator contact. | String | SET-DEFAULT | 🔲 Unchecked | 🔲 Unchecked | 🔲 Unchecked | ✅ Checked |
+   | admin-lastName | Admin - Last Name | Required field for Administrator contact. | String | SET-DEFAULT | 🔲 Unchecked | 🔲 Unchecked | 🔲 Unchecked | ✅ Checked |
+   | admin-organizationName | Admin - Organization Name | Required field for Administrator contact. | String | SET-DEFAULT | 🔲 Unchecked | 🔲 Unchecked | 🔲 Unchecked | ✅ Checked |
+   | admin-phone | Admin - Phone | Required field for Administrator contact. | String | SET-DEFAULT | 🔲 Unchecked | 🔲 Unchecked | 🔲 Unchecked | ✅ Checked |
+   | admin-postalCode | Admin - Postal Code | Required field for Administrator contact. | String | SET-DEFAULT | 🔲 Unchecked | 🔲 Unchecked | 🔲 Unchecked | ✅ Checked |
+   | admin-region | Admin - Region | Required field for Administrator contact. | String | SET-DEFAULT | 🔲 Unchecked | 🔲 Unchecked | 🔲 Unchecked | ✅ Checked |
+   | admin-title | Admin - Title | Required field for Administrator contact. | String | SET-DEFAULT | 🔲 Unchecked | 🔲 Unchecked | 🔲 Unchecked | ✅ Checked |
+   | org-addressLineOne | Org - Address Line 1 | Required field for Organization contact. | String | SET-DEFAULT | 🔲 Unchecked | 🔲 Unchecked | 🔲 Unchecked | ✅ Checked |
+   | org-addressLineTwo | Org - Address Line 2 | Optional field for Organization contact. | String |  | 🔲 Unchecked | 🔲 Unchecked | 🔲 Unchecked | 🔲 Unchecked |
+   | org-city | Org - City | Required field for Organization contact. | String | SET-DEFAULT | 🔲 Unchecked | 🔲 Unchecked | 🔲 Unchecked | ✅ Checked |
+   | org-country | Org - Country | Required field for Organization contact. | String | SET-DEFAULT | 🔲 Unchecked | 🔲 Unchecked | 🔲 Unchecked | ✅ Checked |
+   | org-organizationName | Org - Organization Name | Required field for Organization contact. | String | SET-DEFAULT | 🔲 Unchecked | 🔲 Unchecked | 🔲 Unchecked | ✅ Checked |
+   | org-phone | Org - Phone | Required field for Organization contact. | String | SET-DEFAULT | 🔲 Unchecked | 🔲 Unchecked | 🔲 Unchecked | ✅ Checked |
+   | org-postalCode | Org - Postal Code | Required field for Organization contact. | String | SET-DEFAULT | 🔲 Unchecked | 🔲 Unchecked | 🔲 Unchecked | ✅ Checked |
+   | org-region | Org - Region | Required field for Organization contact. | String | SET-DEFAULT | 🔲 Unchecked | 🔲 Unchecked | 🔲 Unchecked | ✅ Checked |
+   | tech-addressLineOne | Tech - Address Line 1 | Required field for Akamai Tech contact. | String | SET-DEFAULT | 🔲 Unchecked | 🔲 Unchecked | 🔲 Unchecked | ✅ Checked |
+   | tech-addressLineTwo | Tech - Address Line 2 | Optional field for Akamai Tech contact. | String |  | 🔲 Unchecked | 🔲 Unchecked | 🔲 Unchecked | 🔲 Unchecked |
+   | tech-city | Tech - City | Required field for Akamai Tech contact. | String | SET-DEFAULT | 🔲 Unchecked | 🔲 Unchecked | 🔲 Unchecked | ✅ Checked |
+   | tech-country | Tech - Country | Required field for Akamai Tech contact. | String | SET-DEFAULT | 🔲 Unchecked | 🔲 Unchecked | 🔲 Unchecked | ✅ Checked |
+   | tech-email | Tech - Email | Required field for Akamai Tech contact. Must be an akamai.com email address. | String | SET-DEFAULT | 🔲 Unchecked | 🔲 Unchecked | 🔲 Unchecked | ✅ Checked |
+   | tech-firstName | Tech - First Name | Required field for Akamai Tech contact. | String | SET-DEFAULT | 🔲 Unchecked | 🔲 Unchecked | 🔲 Unchecked | ✅ Checked |
+   | tech-lastName | Tech - Last Name | Required field for Akamai Tech contact. | String | SET-DEFAULT | 🔲 Unchecked | 🔲 Unchecked | 🔲 Unchecked | ✅ Checked |
+   | tech-organizationName | Tech - Organization Name | Required field for Akamai Tech contact. | String | Akamai | 🔲 Unchecked | 🔲 Unchecked | 🔲 Unchecked | ✅ Checked |
+   | tech-phone | Tech - Phone | Required field for Akamai Tech contact. | String | SET-DEFAULT | 🔲 Unchecked | 🔲 Unchecked | 🔲 Unchecked | ✅ Checked |
+   | tech-postalCode | Tech - Postal Code | Required field for Akamai Tech contact. | String | SET-DEFAULT | 🔲 Unchecked | 🔲 Unchecked | 🔲 Unchecked | ✅ Checked |
+   | tech-region | Tech - Region | Required field for Akamai Tech contact. | String | SET-DEFAULT | 🔲 Unchecked | 🔲 Unchecked | 🔲 Unchecked | ✅ Checked |
+   | tech-title | Tech - Title | Required field for Akamai Tech contact. | String | SET-DEFAULT | 🔲 Unchecked | 🔲 Unchecked | 🔲 Unchecked | ✅ Checked |
+
+   The Entry Parameters tab should look like this:
+
+   ![Akamai Entry Parameters Tab](docsource/images/Akamai-entry-parameters-store-type-dialog.png)
+
+
+
+   </details>
+
+## Installation
+
+1. **Download the latest Akamai Certificate Provisioning System (CPS) Universal Orchestrator extension from GitHub.**
+
+    Navigate to the [Akamai Certificate Provisioning System (CPS) Universal Orchestrator extension GitHub version page](https://github.com/Keyfactor/akamai-cps-orchestrator/releases/latest). Refer to the compatibility matrix below to determine whether the `net6.0` or `net8.0` asset should be downloaded. Then, click the corresponding asset to download the zip archive.
+
+   | Universal Orchestrator Version | Latest .NET version installed on the Universal Orchestrator server | `rollForward` condition in `Orchestrator.runtimeconfig.json` | `akamai-cps-orchestrator` .NET version to download |
+   | --------- | ----------- | ----------- | ----------- |
+   | Older than `11.0.0` | | | `net6.0` |
+   | Between `11.0.0` and `11.5.1` (inclusive) | `net6.0` | | `net6.0` |
+   | Between `11.0.0` and `11.5.1` (inclusive) | `net8.0` | `Disable` | `net6.0` |
+   | Between `11.0.0` and `11.5.1` (inclusive) | `net8.0` | `LatestMajor` | `net8.0` |
+   | `11.6` _and_ newer | `net8.0` | | `net8.0` |
+
+    Unzip the archive containing extension assemblies to a known location.
+
+    > **Note** If you don't see an asset with a corresponding .NET version, you should always assume that it was compiled for `net6.0`.
+
+2. **Locate the Universal Orchestrator extensions directory.**
+
+    * **Default on Windows** - `C:\Program Files\Keyfactor\Keyfactor Orchestrator\extensions`
+    * **Default on Linux** - `/opt/keyfactor/orchestrator/extensions`
+
+3. **Create a new directory for the Akamai Certificate Provisioning System (CPS) Universal Orchestrator extension inside the extensions directory.**
+
+    Create a new directory called `akamai-cps-orchestrator`.
+    > The directory name does not need to match any names used elsewhere; it just has to be unique within the extensions directory.
+
+4. **Copy the contents of the downloaded and unzipped assemblies from __step 2__ to the `akamai-cps-orchestrator` directory.**
 
-The Keyfactor Universal Orchestrator may be installed on either Windows or Linux based platforms. The certificate operations supported by a capability may vary based what platform the capability is installed on. The table below indicates what capabilities are supported based on which platform the encompassing Universal Orchestrator is running.
-| Operation | Win | Linux |
-|-----|-----|------|
-|Supports Management Add|  |  |
-|Supports Management Remove|  |  |
-|Supports Create Store|  |  |
-|Supports Discovery|  |  |
-|Supports Renrollment|&check; |&check; |
-|Supports Inventory|&check; |&check; |
+5. **Restart the Universal Orchestrator service.**
 
+    Refer to [Starting/Restarting the Universal Orchestrator service](https://software.keyfactor.com/Core-OnPrem/Current/Content/InstallingAgents/NetCoreOrchestrator/StarttheService.htm).
 
 
+6. **(optional) PAM Integration**
 
+    The Akamai Certificate Provisioning System (CPS) Universal Orchestrator extension is compatible with all supported Keyfactor PAM extensions to resolve PAM-eligible secrets. PAM extensions running on Universal Orchestrators enable secure retrieval of secrets from a connected PAM provider.
+
+    To configure a PAM provider, [reference the Keyfactor Integration Catalog](https://keyfactor.github.io/integrations-catalog/content/pam) to select an extension and follow the associated instructions to install it on the Universal Orchestrator (remote).
+
+
+> The above installation steps can be supplemented by the [official Command documentation](https://software.keyfactor.com/Core-OnPrem/Current/Content/InstallingAgents/NetCoreOrchestrator/CustomExtensions.htm?Highlight=extensions).
+
+
+
+## Defining Certificate Stores
+
+
+
+### Store Creation
+
+#### Manually with the Command UI
+
+<details><summary>Click to expand details</summary>
+
+1. **Navigate to the _Certificate Stores_ page in Keyfactor Command.**
+
+    Log into Keyfactor Command, toggle the _Locations_ dropdown, and click _Certificate Stores_.
+
+2. **Add a Certificate Store.**
+
+    Click the Add button to add a new Certificate Store. Use the table below to populate the **Attributes** in the **Add** form.
+
+   | Attribute | Description |
+   | --------- | ----------- |
+   | Category | Select "Akamai Certificate Provisioning Service" or the customized certificate store name from the previous step. |
+   | Container | Optional container to associate certificate store with. |
+   | Client Machine |  |
+   | Store Path |  |
+   | Orchestrator | Select an approved orchestrator capable of managing `Akamai` certificates. Specifically, one with the `Akamai` capability. |
+   | access_token | The Akamai access_token for authentication. |
+   | client_token | The Akamai client_token for authentication. |
+   | client_secret | The Akamai client_secret for authentication. |
+
+</details>
+
+
+
+#### Using kfutil CLI
+
+<details><summary>Click to expand details</summary>
+
+1. **Generate a CSV template for the Akamai certificate store**
+
+    ```shell
+    kfutil stores import generate-template --store-type-name Akamai --outpath Akamai.csv
+    ```
+2. **Populate the generated CSV file**
+
+    Open the CSV file, and reference the table below to populate parameters for each **Attribute**.
+
+   | Attribute | Description |
+   | --------- | ----------- |
+   | Category | Select "Akamai Certificate Provisioning Service" or the customized certificate store name from the previous step. |
+   | Container | Optional container to associate certificate store with. |
+   | Client Machine |  |
+   | Store Path |  |
+   | Orchestrator | Select an approved orchestrator capable of managing `Akamai` certificates. Specifically, one with the `Akamai` capability. |
+   | Properties.access_token | The Akamai access_token for authentication. |
+   | Properties.client_token | The Akamai client_token for authentication. |
+   | Properties.client_secret | The Akamai client_secret for authentication. |
+
+3. **Import the CSV file to create the certificate stores**
+
+    ```shell
+    kfutil stores import csv --store-type-name Akamai --file Akamai.csv
+    ```
+
+</details>
+
+
+#### PAM Provider Eligible Fields
+<details><summary>Attributes eligible for retrieval by a PAM Provider on the Universal Orchestrator</summary>
+
+If a PAM provider was installed _on the Universal Orchestrator_ in the [Installation](#Installation) section, the following parameters can be configured for retrieval _on the Universal Orchestrator_.
+
+   | Attribute | Description |
+   | --------- | ----------- |
+   | access_token | The Akamai access_token for authentication. |
+   | client_token | The Akamai client_token for authentication. |
+   | client_secret | The Akamai client_secret for authentication. |
+
+Please refer to the **Universal Orchestrator (remote)** usage section ([PAM providers on the Keyfactor Integration Catalog](https://keyfactor.github.io/integrations-catalog/content/pam)) for your selected PAM provider for instructions on how to load attributes orchestrator-side.
+> Any secret can be rendered by a PAM provider _installed on the Keyfactor Command server_. The above parameters are specific to attributes that can be fetched by an installed PAM provider running on the Universal Orchestrator server itself.
+
+</details>
+
+
+
+> The content in this section can be supplemented by the [official Command documentation](https://software.keyfactor.com/Core-OnPrem/Current/Content/ReferenceGuide/Certificate%20Stores.htm?Highlight=certificate%20store).
 
----
 
 
 
@@ -122,24 +404,21 @@ Change any default values as needed, and enter an Enrollment ID if an existing e
 The SAN entry needs to be filled out with the DNS value you are using for the certificate's CN. If there are multiple DNS SANs, they should be separted with an ampersand. Example: `www.example01.com&www.example02.com`
 
 
-**6. (Optional) Configure Renewal of Certificates using Expiration Alert Handler**
+**6. (Optional) Configure Renewal of Certificates using a Workflow**
 
 Akamai does not support traditional certificate Renewal or one-click Renewal done in the Keyfactor Command platform. The Renewal process creates Certificates with outside keys which are not allowed to be imported into Akamai CPS. As a result, the Reenrollment Job must be used in order to renew existing certificates that reside on the Akamai system. Reenrollment is required as opposed to the Renewal process as it allows Akamai to generate the keys on their platform, which are used to create a certificate in Keyfactor.
 
-Renewing existing certificates in Akamai means running a Reenrollment Job with the same Enrollment ID that was used for an existing Certificate Enrollment. This can be done manually through the Reenrollment process, but an automated process can also be configured using a Keyfactor Expiration Alert Handler.
+Renewing existing certificates in Akamai means running a Reenrollment Job with the same Enrollment ID that was used for an existing Certificate Enrollment. This can be done manually through the Reenrollment prompt, but an automated process can also be configured using a Keyfactor Workflow.
+
+The Workflow should be configured to target a Keyfactor Collection of certificates that includes the Akamai certificates that need to be renewed. This can be done with a query targeting the `CertStoreFQDN` containing `Akamai` and can be further restricted with the `CertStorePath` being equal to `Production` or `Staging`.
 
-The Expiration Alert Handler should be configured to target a Keyfactor Collection of certificates that includes the Akamai certificates that need to be renewed. This can be done with a query targeting the `CertStoreFQDN` containing `Akamai` and can be further restricted with the `CertStorePath` being equal to `Production` or `Staging`.
+A sample workflow for ODKG / Reenrollment scheduling for renewals can be viewed in the [kf-workflow-samples repo](https://github.com/Keyfactor/kf-workflow-samples). When running the sample workflow, it will assume that all certs passed to the script should schedule a Reenrollment job with their existing parameters in Akamai.
 
-With the Expiration Alert Handler using the correct Collection, the Alert should be set to use the `ExpirationPowershell` Handler. A [sample Powershell Handler script](./akamai-cps-orchestrator/AkamaiExpirationHandler.ps1) is included in this repository. The sample script needs to be updated with the correct URL for API requests, and may need other changes as well, as it assumes that Default Credentials (Windows Auth) can be used to authenticate API requests to the Keyfactor instance. __This script needs to be placed in the Keyfactor Command installation's configured Extension Handler Path (default: {installation_dir}\ExtensionLibrary) location so that it can be run.__
 
-The `ExpirationPowershell` Event Handler configuration should be configured with the following values:
+## License
 
-| Parameter Name | Type | Value |
-| - | - | - |
-| Thumbprint | Special Text | Thumbprint |
-| Template | Renewal Template | `desired renewal template` |
-| CAConfiguration | Renewal Certificate Authority | `desired renewal CA` |
-| ScriptName | PowerShell Script Name | AkamaiExpirationHandler.ps1 |
+Apache License 2.0, see [LICENSE](LICENSE).
 
-When running the sample script, it will assume that all certs passed to the script should schedule a Reenrollment job with their existing parameters in Akamai.
+## Related Integrations
 
+See all [Keyfactor Universal Orchestrator extensions](https://github.com/orgs/Keyfactor/repositories?q=orchestrator).
\ No newline at end of file
diff --git a/docsource/content.md b/docsource/content.md
index c60283e..cd51cc6 100644
--- a/docsource/content.md
+++ b/docsource/content.md
@@ -1,4 +1,3 @@
-
 ## Use Cases
 
 The Akamai CPS orchestrator extension implements the following capabilities:
@@ -80,3 +79,8 @@ Renewing existing certificates in Akamai means running a Reenrollment Job with t
 The Workflow should be configured to target a Keyfactor Collection of certificates that includes the Akamai certificates that need to be renewed. This can be done with a query targeting the `CertStoreFQDN` containing `Akamai` and can be further restricted with the `CertStorePath` being equal to `Production` or `Staging`.
 
 A sample workflow for ODKG / Reenrollment scheduling for renewals can be viewed in the [kf-workflow-samples repo](https://github.com/Keyfactor/kf-workflow-samples). When running the sample workflow, it will assume that all certs passed to the script should schedule a Reenrollment job with their existing parameters in Akamai.
+
+## Overview
+
+TODO Overview is a required section
+

From d6bbd7b48c5abe86d5c1118b986f16a4097f6edf Mon Sep 17 00:00:00 2001
From: Macey Dobrowsky <macey.dobrowsky@keyfactor.com>
Date: Mon, 19 May 2025 20:16:05 +0000
Subject: [PATCH 09/18] add overview section for docs

---
 docsource/content.md | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/docsource/content.md b/docsource/content.md
index c60283e..0a7def0 100644
--- a/docsource/content.md
+++ b/docsource/content.md
@@ -1,3 +1,8 @@
+## Overview
+
+Akamai Certificate Provisioning Service (CPS) provides ceritificate management and administration for certificates that are used within Akamai systems. This orchestrator interacts with Akamai CPS in order to Inventory certificates currently defined in that platform, and also supports adding new certificates or renewing existing ones.
+New certificates are created in Akamai CPS via On Device Key Generation (ODKG aka Reenrollment). This means that certificates cannot be directly added to the CPS system, but instead need to have their keys generated in Akamai and then have a certificate issued for that keypair via a CSR.
+This workflow is completely automated in the Akamai CPS Orchestrator. As a result, full contact information for the resulting certificates needs to be configured as this is required by Akamai. Additionally, the orchestrator automatically approves certificate deployments, even if there are warnings. This behavior should be understood and acknowledged if continuing to use the Akamai CPS Orchestrator.
 
 ## Use Cases
 

From f0eff0fd1b40c5ea6a75f016fad269a2be128f97 Mon Sep 17 00:00:00 2001
From: Keyfactor <keyfactor@keyfactor.github.io>
Date: Mon, 19 May 2025 20:22:57 +0000
Subject: [PATCH 10/18] Update generated docs

---
 README.md | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 346e6b1..eb1617b 100644
--- a/README.md
+++ b/README.md
@@ -31,7 +31,9 @@
 
 ## Overview
 
-TODO Overview is a required section
+Akamai Certificate Provisioning Service (CPS) provides ceritificate management and administration for certificates that are used within Akamai systems. This orchestrator interacts with Akamai CPS in order to Inventory certificates currently defined in that platform, and also supports adding new certificates or renewing existing ones.
+New certificates are created in Akamai CPS via On Device Key Generation (ODKG aka Reenrollment). This means that certificates cannot be directly added to the CPS system, but instead need to have their keys generated in Akamai and then have a certificate issued for that keypair via a CSR.
+This workflow is completely automated in the Akamai CPS Orchestrator. As a result, full contact information for the resulting certificates needs to be configured as this is required by Akamai. Additionally, the orchestrator automatically approves certificate deployments, even if there are warnings. This behavior should be understood and acknowledged if continuing to use the Akamai CPS Orchestrator.
 
 
 

From 8a1ac74e55092e9a34bdece58076b1d23b966681 Mon Sep 17 00:00:00 2001
From: spbsoluble <1661003+spbsoluble@users.noreply.github.com>
Date: Thu, 22 May 2025 18:02:21 -0700
Subject: [PATCH 11/18] chore(docs): Refactor docs and refresh screenshots

---
 README.md                                     | 108 +++++-------------
 docsource/content.md                          |  94 ++++-----------
 .../Akamai-advanced-store-type-dialog.png     | Bin 0 -> 42676 bytes
 .../images/Akamai-basic-store-type-dialog.png | Bin 0 -> 51443 bytes
 ...Akamai-custom-fields-store-type-dialog.png | Bin 0 -> 29882 bytes
 ...mai-entry-parameters-store-type-dialog.png | Bin 0 -> 56043 bytes
 6 files changed, 48 insertions(+), 154 deletions(-)
 create mode 100644 docsource/images/Akamai-advanced-store-type-dialog.png
 create mode 100644 docsource/images/Akamai-basic-store-type-dialog.png
 create mode 100644 docsource/images/Akamai-custom-fields-store-type-dialog.png
 create mode 100644 docsource/images/Akamai-entry-parameters-store-type-dialog.png

diff --git a/README.md b/README.md
index eb1617b..297fa9d 100644
--- a/README.md
+++ b/README.md
@@ -31,9 +31,16 @@
 
 ## Overview
 
-Akamai Certificate Provisioning Service (CPS) provides ceritificate management and administration for certificates that are used within Akamai systems. This orchestrator interacts with Akamai CPS in order to Inventory certificates currently defined in that platform, and also supports adding new certificates or renewing existing ones.
-New certificates are created in Akamai CPS via On Device Key Generation (ODKG aka Reenrollment). This means that certificates cannot be directly added to the CPS system, but instead need to have their keys generated in Akamai and then have a certificate issued for that keypair via a CSR.
-This workflow is completely automated in the Akamai CPS Orchestrator. As a result, full contact information for the resulting certificates needs to be configured as this is required by Akamai. Additionally, the orchestrator automatically approves certificate deployments, even if there are warnings. This behavior should be understood and acknowledged if continuing to use the Akamai CPS Orchestrator.
+Akamai Certificate Provisioning Service (CPS) provides certificate management and administration for certificates that 
+are used within Akamai systems. This orchestrator interacts with Akamai CPS in order to Inventory certificates currently 
+defined in that platform, and also supports adding new certificates or renewing existing ones.
+New certificates are created in Akamai CPS via On Device Key Generation (ODKG aka Reenrollment). This means that 
+certificates cannot be directly added to the CPS system, but instead need to have their keys generated in Akamai and 
+then have a certificate issued for that keypair via a CSR.
+This workflow is completely automated in the Akamai CPS Orchestrator. As a result, full contact information for the 
+resulting certificates needs to be configured as this is required by Akamai. Additionally, the orchestrator automatically 
+approves certificate deployments, even if there are warnings. This behavior should be understood and acknowledged if 
+continuing to use the Akamai CPS Orchestrator.
 
 
 
@@ -51,6 +58,19 @@ The Akamai Certificate Provisioning System (CPS) Universal Orchestrator extensio
 Before installing the Akamai Certificate Provisioning System (CPS) Universal Orchestrator extension, we recommend that you install [kfutil](https://github.com/Keyfactor/kfutil). Kfutil is a command-line tool that simplifies the process of creating store types, installing extensions, and instantiating certificate stores in Keyfactor Command.
 
 
+### Akamai Platform Configuration
+
+In the Akamai instance, an API Credential needs to be configured and used to provide authentication for the Keyfactor 
+Orchestrator extension to function. To do this, navigate to `Account Admin` -> `Identity & access`. Clicking 
+`Create API client`, select a user whose permissions should be used to access and manage certificates. This user should 
+already have the needed permissions to access CPS. The access of the API Client can be restricted to just the CPS APIs, 
+but the API Client should have `READ-WRITE` access.
+
+With the API Client created, a new credential should be generated by clicking `Create credential`. The contents of the 
+credential should be downloaded or saved temporarily to use for configuring the Keyfactor Certificate Store. Afterward, 
+it should be deleted as the credential file serves as authentication for accessing APIs, and should be treated as a 
+plaintext password and not saved long-term.
+
 
 ## Akamai Certificate Store Type
 
@@ -58,8 +78,6 @@ To use the Akamai Certificate Provisioning System (CPS) Universal Orchestrator e
 
 
 
-<details><summary>Click to expand details</summary>
-
 
 
 
@@ -195,8 +213,6 @@ the Keyfactor Command Portal
 
    ![Akamai Entry Parameters Tab](docsource/images/Akamai-entry-parameters-store-type-dialog.png)
 
-
-
    </details>
 
 ## Installation
@@ -334,6 +350,10 @@ Please refer to the **Universal Orchestrator (remote)** usage section ([PAM prov
 
 
 
+</details>
+
+
+
 ## Use Cases
 
 The Akamai CPS orchestrator extension implements the following capabilities:
@@ -342,80 +362,6 @@ The Akamai CPS orchestrator extension implements the following capabilities:
     1. No Enrollment Id provided - create a new Enrollment and certificate in Akamai
     2. Existing Enrollment Id provided - renew an existing certificate in Akamai and update the Enrollment
 
-## Keyfactor Version Supported
-
-The Akamai CPS orchestrator extension requires a Keyfactor Platform version of 9.10 or greater to support encrypted certificate store parameters for authentication.
-
-## Akamai Platform Configuration
-
-In the Akamai instance, an API Credential needs to be configured and used to provide authentication for the Keyfactor Orchestrator extension to function. To do this, navigate to `Account Admin` -> `Identity & access`. Clicking `Create API client`, select a user whose permissions should be used to access and manage certificates. This user should already have the needed permissions to access CPS. The access of the API Client can be restricted to just the CPS APIs, but the API Client should have `READ-WRITE` access.
-
-With the API Client created, a new credential should be generated by clicking `Create credential`. The contents of the credential should be downloaded or saved temporarily to use for configuring the Keyfactor Certificate Store. Afterwards, it should be deleted as the credential file serves as authentication for accessing APIs, and should be treated as a plaintext password and not saved long-term.
-
-## Akamai Orchestrator Extension Configuration
-
-**1a. Use `kfutil` to create the entire store type definition**
-
-Using `kfutil` to create the store type is the preferred method to create the Akamai store type. It will create all of the needed Custom Fields and Entry parameters (of which there are many).
-
-Creating the store can be done by running the following `kfutil` command:
-
-```
-kfutil store-types create -n Akamai
-```
-
-If using `kfutil`, skip steps __1b__ and __2__ and go to step __3__ to set the default values of the Entry Parameters.
-
-**1b. Manually Create the New Certificate Store Type for the Akamai orchestrator extension**
-
-In Keyfactor Command create a new Certificate Store Type similar to the one below by clicking Settings (the gear icon in the top right) => Certificate Store Types => Add:
-
-![](images/store-type-basic.png)
-![](images/store-type-advanced.png)
-
-Custom fields and entry parameters will be added after the store is created. This is required as there are many entry parameters.
-
-**2. Add Custom Fields and Entry Paramaters**
-
-_Only requried if manually adding the certificate store._
-To add the needed Custom Fields and Entry Parameters, [run the script](akamai-cps-orchestrator/jobproperties.sql) on the Keyfactor database to generate all the fields and parameters needed.
-
-**3. Set default values of Entry Parameters**
-
-The Entry Parameters are used during Enrollment creation in Akamai CPS to provide contact information and associate new certificates with the correct Contract in Akamai. After adding the parameters, re-open the Certificate Store Type configuration and set the default values.
-
-The Contract ID should be set to the default contract to be used for new Enrollments. All of the address information should be filled out with default expected values, as they are required fields for **each** enrollment created and should not be entered manually unless they need to be overwritten for a specific Enrollment in Akamai.
-The Tech contact information should be your Akamai company contact, and needs to have an Akamai email address and should have Akamai as the organization name.
-
-**4. Create a new Akamai Certificate Store**
-
-After the Certificate Store Type has been configured, a new Akamai Certificate Store can be created. When creating the store, the credentials generated in the Akamai platform for the API Client will be used.
-
-| Certificate Store parameter | Akamai credential value |
-|-|-|
-| Client Machine | `host` |
-| Access Token | `access_token` |
-| Client Token | `client_token` |
-| Client Secret | `client_secret` |
-
-**5. (Optional) Enroll a new certificate in Akamai**
-
-Adding new certificates to Akamai requires generating a key in Akamai CPS via the Reenrollment process in Keyfactor. To start this process, go to the Certificate Store that the certicate should be added to. Select the certificate store, and click the `Reenrollment` button to bring up the reenrollment dialog.
-
-Change any default values as needed, and enter an Enrollment ID if an existing enrollment needs to be updated instead of creating a new Enrollment. This is different from the Slot ID - the Enrollment ID is found by clicking on an Active certificate in Akamai CPS, and looking at the `ID` value.
-The SAN entry needs to be filled out with the DNS value you are using for the certificate's CN. If there are multiple DNS SANs, they should be separted with an ampersand. Example: `www.example01.com&www.example02.com`
-
-
-**6. (Optional) Configure Renewal of Certificates using a Workflow**
-
-Akamai does not support traditional certificate Renewal or one-click Renewal done in the Keyfactor Command platform. The Renewal process creates Certificates with outside keys which are not allowed to be imported into Akamai CPS. As a result, the Reenrollment Job must be used in order to renew existing certificates that reside on the Akamai system. Reenrollment is required as opposed to the Renewal process as it allows Akamai to generate the keys on their platform, which are used to create a certificate in Keyfactor.
-
-Renewing existing certificates in Akamai means running a Reenrollment Job with the same Enrollment ID that was used for an existing Certificate Enrollment. This can be done manually through the Reenrollment prompt, but an automated process can also be configured using a Keyfactor Workflow.
-
-The Workflow should be configured to target a Keyfactor Collection of certificates that includes the Akamai certificates that need to be renewed. This can be done with a query targeting the `CertStoreFQDN` containing `Akamai` and can be further restricted with the `CertStorePath` being equal to `Production` or `Staging`.
-
-A sample workflow for ODKG / Reenrollment scheduling for renewals can be viewed in the [kf-workflow-samples repo](https://github.com/Keyfactor/kf-workflow-samples). When running the sample workflow, it will assume that all certs passed to the script should schedule a Reenrollment job with their existing parameters in Akamai.
-
 
 ## License
 
diff --git a/docsource/content.md b/docsource/content.md
index 0a7def0..4bd675c 100644
--- a/docsource/content.md
+++ b/docsource/content.md
@@ -1,8 +1,15 @@
 ## Overview
 
-Akamai Certificate Provisioning Service (CPS) provides ceritificate management and administration for certificates that are used within Akamai systems. This orchestrator interacts with Akamai CPS in order to Inventory certificates currently defined in that platform, and also supports adding new certificates or renewing existing ones.
-New certificates are created in Akamai CPS via On Device Key Generation (ODKG aka Reenrollment). This means that certificates cannot be directly added to the CPS system, but instead need to have their keys generated in Akamai and then have a certificate issued for that keypair via a CSR.
-This workflow is completely automated in the Akamai CPS Orchestrator. As a result, full contact information for the resulting certificates needs to be configured as this is required by Akamai. Additionally, the orchestrator automatically approves certificate deployments, even if there are warnings. This behavior should be understood and acknowledged if continuing to use the Akamai CPS Orchestrator.
+Akamai Certificate Provisioning Service (CPS) provides certificate management and administration for certificates that 
+are used within Akamai systems. This orchestrator interacts with Akamai CPS in order to Inventory certificates currently 
+defined in that platform, and also supports adding new certificates or renewing existing ones.
+New certificates are created in Akamai CPS via On Device Key Generation (ODKG aka Reenrollment). This means that 
+certificates cannot be directly added to the CPS system, but instead need to have their keys generated in Akamai and 
+then have a certificate issued for that keypair via a CSR.
+This workflow is completely automated in the Akamai CPS Orchestrator. As a result, full contact information for the 
+resulting certificates needs to be configured as this is required by Akamai. Additionally, the orchestrator automatically 
+approves certificate deployments, even if there are warnings. This behavior should be understood and acknowledged if 
+continuing to use the Akamai CPS Orchestrator.
 
 ## Use Cases
 
@@ -12,76 +19,17 @@ The Akamai CPS orchestrator extension implements the following capabilities:
     1. No Enrollment Id provided - create a new Enrollment and certificate in Akamai
     2. Existing Enrollment Id provided - renew an existing certificate in Akamai and update the Enrollment
 
-## Keyfactor Version Supported
+## Requirements
 
-The Akamai CPS orchestrator extension requires a Keyfactor Platform version of 9.10 or greater to support encrypted certificate store parameters for authentication.
+### Akamai Platform Configuration
 
-## Akamai Platform Configuration
+In the Akamai instance, an API Credential needs to be configured and used to provide authentication for the Keyfactor 
+Orchestrator extension to function. To do this, navigate to `Account Admin` -> `Identity & access`. Clicking 
+`Create API client`, select a user whose permissions should be used to access and manage certificates. This user should 
+already have the needed permissions to access CPS. The access of the API Client can be restricted to just the CPS APIs, 
+but the API Client should have `READ-WRITE` access.
 
-In the Akamai instance, an API Credential needs to be configured and used to provide authentication for the Keyfactor Orchestrator extension to function. To do this, navigate to `Account Admin` -> `Identity & access`. Clicking `Create API client`, select a user whose permissions should be used to access and manage certificates. This user should already have the needed permissions to access CPS. The access of the API Client can be restricted to just the CPS APIs, but the API Client should have `READ-WRITE` access.
-
-With the API Client created, a new credential should be generated by clicking `Create credential`. The contents of the credential should be downloaded or saved temporarily to use for configuring the Keyfactor Certificate Store. Afterwards, it should be deleted as the credential file serves as authentication for accessing APIs, and should be treated as a plaintext password and not saved long-term.
-
-## Akamai Orchestrator Extension Configuration
-
-**1a. Use `kfutil` to create the entire store type definition**
-
-Using `kfutil` to create the store type is the preferred method to create the Akamai store type. It will create all of the needed Custom Fields and Entry parameters (of which there are many).
-
-Creating the store can be done by running the following `kfutil` command:
-
-```
-kfutil store-types create -n Akamai
-```
-
-If using `kfutil`, skip steps __1b__ and __2__ and go to step __3__ to set the default values of the Entry Parameters.
-
-**1b. Manually Create the New Certificate Store Type for the Akamai orchestrator extension**
-
-In Keyfactor Command create a new Certificate Store Type similar to the one below by clicking Settings (the gear icon in the top right) => Certificate Store Types => Add:
-
-![](images/store-type-basic.png)
-![](images/store-type-advanced.png)
-
-Custom fields and entry parameters will be added after the store is created. This is required as there are many entry parameters.
-
-**2. Add Custom Fields and Entry Paramaters**
-
-_Only requried if manually adding the certificate store._
-To add the needed Custom Fields and Entry Parameters, [run the script](akamai-cps-orchestrator/jobproperties.sql) on the Keyfactor database to generate all the fields and parameters needed.
-
-**3. Set default values of Entry Parameters**
-
-The Entry Parameters are used during Enrollment creation in Akamai CPS to provide contact information and associate new certificates with the correct Contract in Akamai. After adding the parameters, re-open the Certificate Store Type configuration and set the default values.
-
-The Contract ID should be set to the default contract to be used for new Enrollments. All of the address information should be filled out with default expected values, as they are required fields for **each** enrollment created and should not be entered manually unless they need to be overwritten for a specific Enrollment in Akamai.
-The Tech contact information should be your Akamai company contact, and needs to have an Akamai email address and should have Akamai as the organization name.
-
-**4. Create a new Akamai Certificate Store**
-
-After the Certificate Store Type has been configured, a new Akamai Certificate Store can be created. When creating the store, the credentials generated in the Akamai platform for the API Client will be used.
-
-| Certificate Store parameter | Akamai credential value |
-|-|-|
-| Client Machine | `host` |
-| Access Token | `access_token` |
-| Client Token | `client_token` |
-| Client Secret | `client_secret` |
-
-**5. (Optional) Enroll a new certificate in Akamai**
-
-Adding new certificates to Akamai requires generating a key in Akamai CPS via the Reenrollment process in Keyfactor. To start this process, go to the Certificate Store that the certicate should be added to. Select the certificate store, and click the `Reenrollment` button to bring up the reenrollment dialog.
-
-Change any default values as needed, and enter an Enrollment ID if an existing enrollment needs to be updated instead of creating a new Enrollment. This is different from the Slot ID - the Enrollment ID is found by clicking on an Active certificate in Akamai CPS, and looking at the `ID` value.
-The SAN entry needs to be filled out with the DNS value you are using for the certificate's CN. If there are multiple DNS SANs, they should be separted with an ampersand. Example: `www.example01.com&www.example02.com`
-
-
-**6. (Optional) Configure Renewal of Certificates using a Workflow**
-
-Akamai does not support traditional certificate Renewal or one-click Renewal done in the Keyfactor Command platform. The Renewal process creates Certificates with outside keys which are not allowed to be imported into Akamai CPS. As a result, the Reenrollment Job must be used in order to renew existing certificates that reside on the Akamai system. Reenrollment is required as opposed to the Renewal process as it allows Akamai to generate the keys on their platform, which are used to create a certificate in Keyfactor.
-
-Renewing existing certificates in Akamai means running a Reenrollment Job with the same Enrollment ID that was used for an existing Certificate Enrollment. This can be done manually through the Reenrollment prompt, but an automated process can also be configured using a Keyfactor Workflow.
-
-The Workflow should be configured to target a Keyfactor Collection of certificates that includes the Akamai certificates that need to be renewed. This can be done with a query targeting the `CertStoreFQDN` containing `Akamai` and can be further restricted with the `CertStorePath` being equal to `Production` or `Staging`.
-
-A sample workflow for ODKG / Reenrollment scheduling for renewals can be viewed in the [kf-workflow-samples repo](https://github.com/Keyfactor/kf-workflow-samples). When running the sample workflow, it will assume that all certs passed to the script should schedule a Reenrollment job with their existing parameters in Akamai.
+With the API Client created, a new credential should be generated by clicking `Create credential`. The contents of the 
+credential should be downloaded or saved temporarily to use for configuring the Keyfactor Certificate Store. Afterward, 
+it should be deleted as the credential file serves as authentication for accessing APIs, and should be treated as a 
+plaintext password and not saved long-term.
\ No newline at end of file
diff --git a/docsource/images/Akamai-advanced-store-type-dialog.png b/docsource/images/Akamai-advanced-store-type-dialog.png
new file mode 100644
index 0000000000000000000000000000000000000000..916866b09c1ba31f4c58af2047dc69eddbbcb22b
GIT binary patch
literal 42676
zcmcG$1yq)6*Dd^52nvdzqEdp0qJngn7=VOIh_uovA)N+@fQnc&2qFkbC?%~(N=iyg
zw{+J(pZ$LC_|G@~{JwJzW4!O)8=koD`&!ppbIm!|<$GOGnqtqfJp=-QLRRLI5`nNi
z5dTXf-HzW}%Sqo)ARH&iUb>*-6h6`AeEiMmmc(Y&=P*h#>GA_Nm`*BZT)#@yZkiF&
zz&x2~%5~s_eQZNv0^6H|$qgAM8YJw>8O%~LuMKFQPlop}wl3Y<s$HY2Y~hWM3@G}0
zudCHPVq7P@)t!Aw;moO1r$j{Zva%NY%L8`eyEo;Unwks@48Cfm<mcyCryJMhI!>j$
ze?OOLz6*a|sHm!PogJtQkl3s+YfYiw&QBnG^L+dKxniEfq`2GiH>I05H{0KABM|OC
zK7IDAnu<zVp#vY@`0fT}I)2NtLl5t`Zy;GsLLj^#f6|6Oz1+q{OCU&cA2-@TAjpuE
zSm1Y+_k$_$2#)^qCJpr~SFR{3*2cFC4GhG_#|yl_74o)uOd>WeZm2m)?c~Xm`1{z{
zm~Ni%Kv$mQ=;$cjKA#`GX}74HtyHdGpB`&I%g4v3t=+|M+3q$uhA(+MFfj1LXTO}B
zTwN$%l79JfX7ltfUlu1j)HF56dwcKb={3Z@45OBd6n9UY^CTfZQol@57bzx}&CSn$
zSI{_0+})%W@Au65&0}0kevDV<+BK``Ki~Dso{qL8hkgD$(~_*2l$1oPn|&qMx>rg{
zYWv);@82J^+$(=hFRy22miXbrhn$?8q$G2ElptNL_g<Rd6D?z^F$@wOZg{*m+0F<E
zIO1Q*%F4uC7wzorGt<+@J9E-AGZ$9ohIeg$ATyMhm`E?;aPZKf%%5rkv>QEk6zLfm
z>$z`s-k-W~<w{xa4<B=L^Q6Q?+*MFW2wVPJk_o&eH#Zj-E|8ho6&~!~S3+haBqp{o
zRkU??;IW%{QG!tEBd@fVFR89wt8<<k`VbfA7rT4cE(!)w!Sm-+1ACU$&+FtL5p&51
z3Thp1O${l@%@q#ZB~{@?Ms0iVUPwTDd%K^XU$QENjkmYAKh1duJG-a;{^ri6o*N6T
z_qXl1+xhi|k`i-xWMCkd>*9oJ(oM2cWhEuQfB&}lofeIN8`SNh!dmHOV;{T@4-e1C
z;MGn^Ol&Xml%UQExvwDcv!VhaD3CDCT5iD*Ky%;#Q@HIwMPS_F2938I+Q;bWYutD_
zIj^g#8j2ek7*q#yz3=_l<HW(iu{6~~BWs}e^!4k5+K9}my1MwP=g*&OW?9TEEm^(U
z<MuPPXtP~|-9oBjbz$6DltKIE_3LR_SuOSTw_6@Re!RKRs%t02&Td)u^k}i;Dcu`u
zi<7Eb0S_N;f0gp?-M84Jgar3y;qBiXAN=U84(0PFE0h0ynC$oL>}<MGO+$0DrBbf~
zLmj@+$fGgg<HwJg=B;~nS9wY!HmK8Ts;i|gUKFC+7gbl}xwRQCbkF3E{MD;|{{HD%
zS({S!f}WeAlT<I>y!pUZ%w<vPcL)KW(Q)75K4<hsQ9@c8CmWkD$8Hi5#W4P7HwDj~
zvsjrO<lXrB=Ip#vR!hzGq_6I4{ON8}-346wW%YxI+2F7+&jOci-<Cci_;G=H%)AsG
zb`OkR1O+Y4&mUwQ+x)~@K7qge+O=cHqo+^FbKO?wN00ItJsJ4)=~HK+yQ`L#*3FwY
zTT`^9pVO@*aP)b3c_FY)ojh4tS*fm}!J(7?m5Wb3`!2oq_3PIKoo87rFMq!EN!)$)
zlXl+Q7Hm(_-M>OZLpRozdUEa0o;>MYV-yw~{53C6^VTiSql<sL)~0(eN<H!Mk;XTv
zsJuqt=H#rbElq_K_C4CY9~<L2qeORYEr+0>;MueOlzm75fBsC5rxq2ut-NHjTo`Lc
zC?bEoee<TP&|QRLGS6|!i2LB-!++Z|$449E&+8VdC@FDsas~_9#Jqa-YC1eKI5>EE
zdb+y0dOxE$V#M6cOjuah#o1X_PEJittu9Pp>Tg#bud$X^XLSe<`?+&Qb&(3n#4S5g
zAARat<m=b3@d@*PyE>|>k{+ZS>AmY|Z*M=ePro5nwzszzTS8)edI$ZkCw_iZcRSB(
zX349oxApWy{phWK9VTE^R$6+Jg~h<w*m1JGxw_ioZ)Z;Ny&dCXO&5LkEi5j^Nwc!B
zuyAp4iHLN3`}Pel=+1Z6(9n36!#VaQDr#zYSUSkKI{1#EVd<wm`}Qfy$})Ljnd>4%
zTFcAh)6!m0_DxM8xHja1IK-T$-(hk2`T6%AK1V6!q99gGn2w;_-%)+$SlYtELfDN@
zDz>(^SY6r>5gwj&yv@!T;e*HTIX`lMsieOC`q$`-#tM14xqeSmkYySw;u8}?!^7pN
zvC$YQDX&}cOI5UIn#U`IvFcDikgSisxI0($-cU6Xw!gtw=eamvU*EVm)>kj1q9hD|
zzK*{Z<u{;}V>{THb8mFEDM2|^r{E0L1O){}X*}8T+8Xk-dBqDRq@Q;esyaG4ii;nP
z9x<M1OP7|FHU0UTZT<vLiO1YfO<TILKRIpVG$R$2RKMZv+kYa(TuU5#T3QyDdOTB;
zllgdg52_m)8`B&<d}Zx($m!CNh7VPNC!|sDoI>XLla%8XtEG*NjisffH8nM7oR^c-
zQoFOQqGbBsoK-_)m^c!%CC8VWs;c%KS(f|u?VHyx@X1w6)v<fqlVRF;>G{*d#If!I
z*WLT*ZduiMlVzvt>*<+@Xdb6rU+xc>pZNOqE9X6uvuDl(>mNCCM9_T|@sigVEOz@F
zAuy@Eq-0>A@>TWi3p~#`32thaR)1(xr70^ZojG$Rlt0paec2}W-Me>x@G~@YMItUf
zUczZwQgHY&1#Pfkd9OA0=*9TQzEc6#-{R6gm8Sc;&J9tdTbP-hiTvKua#Qej<L~O7
z7M7NlMoss+a_!}PI4^#+*Rg69=6T63FDol68aT>Nb5ld(3|*Rc`O_08PF#x;SE!?;
zPQzovXa8tg8L9~*BO_Z_%xLs0aGH@44ClPV#>Z!ml+>qr0~?O|l%j#SPOhCPf)n3x
z&)S-F&mOACdbO!W^ZBG5+qZk|;7>P4$!1_+knbVCxO^QUghWysArd6SEng#d^(xB1
znX_jlR97D3ik>k_M7EtDx;BDXl4oFTQ0Bc&d+Zo@zc?b{cZMl-dgs#<<b--Eg(q#O
z8}ii*C{FqL>mP5t56+YhU@&|;H#-~bY*t%aYhz<$TpNxE^K%Ljar|rW_Plnk-B5K1
z5*OCrBa1sjI@GLshe`m0SgzX&xAs0#Qm5tVUStrG{S5NT{C7J~7y9Pqtv#a^X!)d`
zZqfE7KVNjn$F=G$yR)-%pZ+$xh6P5?_3v(OixcWPI*~{zPPM4eoOgVm@6C5v@LTDM
z=Q_{B(^y<Ab>TuZb|JD1aYwv5buE~Ro0}V@92fg|Kck{DQXUG&NLF>kiw6(Bzn2cU
z+fzt?^r)=z-R^u@SLv}#he?f@;U&P6T>J4BodTB#VSB&0<&~ALeCJn{)=Pi8aBbAo
zud1u%g)J^#+dvRUiaJvrJzCjmc}_Fy(}Rm*sG3Nl-0p{vQL?RiJeH@KDAutqKKtlb
zRca*secMDC0un@dP8QeJD&~vyA}sMT#j97pq^G}UD-U3d7dToY{!iMlGVrfsu}Wku
zvFIK4EPF;PO?u<TjXT?~sHhxFzv(33iWJAsixL;?AoR%L9JN$uXQ#{JglvadVPRoZ
z@>6S9xn-fGYX|<4EUyeleTa?qT1&F(DP-q<e^phL@A&a|=B+6_M%5-AS(C<9R*5Ag
zmvTApb_(v^z5B5LhmRkR(9z}F^p^o`H0XLtOP7y~j68k%6nDI5=R-sQy|`O2na80+
zhbUgxiQX4*nKwcBOUV>@Yy|r(S#{+uBv6bF+)qnObBW4dT3j?@<!$m0QAJ5lvmd`H
z{3u$t$OB9DVRU9@hFLAGBHD;`cxklJ$H6?kZQ`?jdBde%TJN|%+nkIdpTaZubuI^S
zXveVi(F_N3>5p7MImP?MUMc$6hq`-h`{R0CTu#f4)tSf7vY3un`0CYC{FIkdOL;L?
z8ydxMsouDL{Wj~#U%irn+#%r+B92B>LUhj`K73d)VRxYT(KbAmLv_a~Nxkx(>lV12
z)S>82MTkDK-kq6{FiPY8F*GOnK=%x?4<bNQP}9`Z^wzE4ALN2cT&HNS-?~*X(f*cQ
zGg#e9K4$q{9;pcNCl8wzIjLxKb-b_CznV2VIvN4F+4Q)Yr|<3Cx5cT7w1U>RZ{I$y
zt*D?d*<B!#es$nFPf!VfHU&BPB{Q9=oV)om{pF2pu1JD|GftmBf9BP`aN!PWB6G;-
zZ_y7)NmcUc6+eHPtsEe^Zx!tHZE=47H85s~Z1>X#lVw@yd-v=CF#PV;`NdGqn)s7u
zo#%73)Ii6YiTlA#H}T|Y4!&?@ugFM-^mF3L^2aG}sjEMu7g_xC{n5Ny;n%Oh>Q!qJ
z%p#}PZwPvLl09=KllAb}obLVM?bGp3)H&=3c!tz@WBL8^rpK8Wt*_R1`pcgAA7+oy
zuD^Qq>f+)eqUCu&fHBEAC1qvr{c)s2hJwt-*Ox;~1G!8CFKz%!lbCfE2Ms(u!u7Dl
ztGvJKtIea)BaSvUfv;XsSDv%=3UMZDZf^c(Kh#v!)EwIXdv$fyjx|TdocM@ky#=x&
z=ouI`+eD8ZJ-VMkbfha!fciRe9e#oXZ}&?3p5C!zN4pqDr`+`$H)h&QO}>2jg7g%f
zDzSI}e%)NV1nd2asGRry`5_i!JaMcmcU|(?)2B;HN}lW%4Gg27(VcEFG%&bi#pktq
zC`#1X7CD<kJC_JbCfe?y^xH8+J$zV<T#G&M=Jjh5ies0SavwMb?_IL2jucyqkMf|Z
zd>0d=H1(L~yiTlpDb^CfV6+br`0&GrL9{6&<?HL~*PhYbx^=5w^7O2c@G9q_le6Iu
zE24*NbLK1N$6EuO!vk(iH5HX9tEkZNnH`L<IB?*A&2TM!C`UIJM}vT}s_NxauNv1%
zjTr9`mWNc;)Ob#0F{hVYW+0$tN=i-!QhsJ;ym#mJA@>ge-Ve6S2Y<eiR}`jxHrl}A
zMJH%|pW`46&EBH<*Lt?V!G)e%ksPgScCQ47T%AR`OMIzA4*v!e9px!}otG!#zTKx%
zOGl?0PYaJi)MXy+gZX$%a^H>o2f^&zbRDAdK~Bh2)Z`BzJ-T@DVi3C~zi9)@1Icgm
zJV?-;m6fPMfY>i`rtS#y1plc~k-u>x@OfIp8X-4bi^K6(%w?ppJ9q9B3+yQl=9(xj
zE<P#umUHVhD<9vR5cZFWiC6c>O)Kn}YnJcvaB$$CBRF2ZeEIryO6?(QLFUw+142#m
zmjJ2)5#Gt`h3;#I*)=k-&)?Qf>amvT<~cmedMZSx2sl)74|mH=^Je<AN4#RhKlvog
z7zn4g_d<`{neMfkj4Uj^sHmvd4?}(4#0YvCnsU(>{Xm|*y-Y8e`1#-NqrP(a@-7mR
zV@HoJO!Y)P4rkZQGB7eacI3#VOP8KxM~aDwnWle=jV)<wYin*^s0kC8myNGG#%=H<
zB7&a&B|4I^<|LX3NA~q|3$e1VMy$pw0#9sgY?$uySRFmJfB$}a`-MM$ZZiY~g@%p|
z4YAH%dh2viOI<zWZlQ5qWYN}UM_JjGeEVjn$jC^Ph<OG*G|eZZpQB<P<=HUnEAc&d
z*xxis8(hNtXk$Y|19~id;oBkm%#1jf(Ul>`19vSfEulxzN;jeqa|DQ`=QC?UGiAbv
zmZY;zVoS>^88wvQ;K55%OfmobkW*0j`}>FF?UAZTyYpk@`+>iIbqd{_0pGCL=+p&<
zoX1Q3Y4EHS)YJr6Ss&+kl!VnX`?z5H%y0iQ<CK+^1zhO9w#ZJgg=nZ|`C>GV9UN43
z=x@Mklk>oglY@hUa-96ibnlM260Z**PHyZMs1ZSN6yxOQU!0wN`Q}aXQgbZOK)8tG
zT{H#CI~?>o+KQh&{q<hj-#D1_&h~V9PwUoC>Oa=wqQqSJ(bNbCsI70r6}T+e+So)_
zfi1xGz7N}5{)hyKg>!#zy$L&AT5@u7$Y|l7J$t@?|85sj-aiTa3)scGX_KQhBgy<c
zB=9ws?$Dv;SlK%ZZ_DzNKc%Hj1B=Ul<LBhO_0^h*-rxfps{URYj&K31$mt3(9{*<v
zM*_-4(6JTxhHxA1q3-_MT`=C?|3hASc{01l>r^3`va+&%WK&E-W25&D2Vx~{jZbg0
z81f<(9wIYTQGvo&<TS&4kBRu8k$B|4MGD&|78JPukd8xfst&BIt<}K_HmdTt%#Xb7
zJjLa8zLi9eUu?D`+sb%5zk3L|wn;bY#gx~B2N!lsQ4L!Q){y>w=GXS-&6{e;A>6|F
zhV))+bK{tE^yhf_`8WFmB!U@CbJ^zzNog-$Q1+%+P*6Mr#1R$|X$+t!dZ($aEr!mx
zF;0P51dTw!-L70j4_S6(M0hxdZs9r6qroK6fLh#BQU|u87@z8Ttay*^GwjZ)8KBW!
zwiw)4Uw4@5X6N34{LX&nj9*q7Kv0oEB~@?cD^`W}Jje6e&!0W}@G3`3TYGI`{FKty
zm>9iFm%M_4f~MVHBJIu&R?!A8C`6^9t=DJh)wj;k0;w`RZEeJ&i9T*1$3cUUojv*9
za4jIFqEmg)k6t=)w_D4;2_*Y6qoQ<WWS&e9%}0Oj@mNcK5b7Vao^Zpn_t!YkpZi#Z
z;pXOMwY`kAx1PSf>-@+C3H~+G9Ryy@#%}F)a&(^R>grMMc8Tb?PM#d}Ve~NRPTp;4
z7#ABmy|VtCUc|46?&2-PrJ0$TrDbwtq|Oha%k`cMH*|FFT3B@YU3&-s1<ooVA%PfJ
z`yT)N`E!2W4s9KF9?6w9;8wJYfL$d^AK$$@&clNUQC3sS?hg9WoRpIC7nuYY8BGju
z>S~j`hw#_q=g;>fD4&`so|~IPQ3D|F%okEOG&G!7m~e4%St!&`aqjEy*Vfh^osCln
z8+p2$WbSVRZru{B7+!`e!OJE)vbR(o5O*5knRJi#YN<Z|H_uDX&MOjI>vKQ=3*)Uk
zsn-=`We?;;QTn#&CVU|fwjPyDux{y|Cy*UFe7G#X)f-5=_@X-D_=V6#2`K_gP=)I#
zU<1<d{6gXmLcM{B@sFjxaz@W^@FqU{8NrXD4-Aip7>{72q@$DX8RS?GXx>KH+{+mW
z&T?9}HGC@y|3c8+``_R?|62s<fALM*uyGIk!^RS%)%O42ldtt|Y;0`0d3y-c^cVgs
zTrJBZ`J|xJl%y|Tz1p>X+s5*b{SqUiqez;3nc-k)z~=$zT)td-Gu5B~uUT;u539MU
zrj{yj5laom3ml5CZ)K74hq|lRuB9d>u1ZO>@$k$IRt2F+v_uMAC=LT>9iNe*!t(3e
zxBKP&gTuqLw6p?g(UQmi*yb>gBGR#<7W`{fO-oyB=gyrweVS7C_1m{Z+9zl^7r=(o
z^FH7ewjB6S-9CT9AKjK!uDtwwHxLZPY{!lr0|rJWyQ?IGItX-#Qia@aIVs%I57-3?
z&+7#`MzrnO-J*;V9vRu$r@RIR2RHVrnmtWWjtB2}>B^Nw@S}(P#hhmcP`LK)-8(8R
zCs(Bq#&18`@F8Jv;`ir^moJ0&U`tlzl8`6@0QF-*amF4?zV$ig!Cc??xF#ru*#X(W
zdG&Ookl<j8uH4K_vs<Z1S{sWUR?NQ0`aqLW?Xmg!o#o}_jg5`f)t?e{PtER@A+>RE
z=+3zpk9$(~H)BusI7x7e(vUDxMmOtl?;g0y%DTFq&-y-LVI6bBbzx11n;IJ0zZm)l
z2L7T+jDCVHz8+wY<CAXDrn181)b|waJYu25E(I3G|F0m`)ACzbJ31Djp$-kzc;(lQ
zR`lgbIgM-=Esmv;U+;_AK-pn~_5jt7d)!FMv*{=CU)Tz`Qdz+}-x~B!S>glzG34F~
zx(A5nDk*r;uZ~mQ02vGO^KS0$VQLyx?!ITY{Sle}PzLTh6KMiuhMBRkfWyQsh5$7k
z9Ys&yxNA{&@7#%g|6bqH(tWa>FVqt)IocBePR=9T2BZq-I5_YuhQY9z#M?<q-pA)4
zA*QCDZ`?FzM>zrY#OhVAIQ8TSsgWu|Gv>1Y(`V1v+1Y;-7n|rQDn1A44(=LI-NY|1
zFE2CG-onB{L7@hW6dfI%ot+&N62J|Xa3)sPGO(ZDzTE~R4Hd#p^~Q}~4|nZF4B`g~
zr6hmf99U*sYimwi8?Q+{?%O0r^7!ve^B}A|&~|F76|(R+gCAfdI(r4k0|38bF7ww_
zR5CI%L5I=fmL|LGZEf{5lF&(jq4wC?bT2Tj@9K&`{qM|~Yt{8U=~Yrz*3fm7^Y*vs
zi#{e~2rrb0Oq3#M6EB!9Qc+RuV-PhlH5I!3?LGillP03Ew027l%?FSWn9{hT4B~Er
zwgWP&m#f*R57X0&xh-4k>+7Rp{rq_~G&nL+F+0XM8f38j{&P$v6%{gH+et`Byj~!j
z0>Ie_#iPGU{PYPAKkk5Idxj~V^5Wc_CioY8|2cMccX#*Q6vs+b)(}_KY?Li2+9Ip$
zLqkI#qtQ*H+n!ef&dbiqifcV}?>&#(@-(U<3UJr=@6o_8NbVOOlXKxYg20vV6yNCo
zph~f4&lfcE85yE>Ba{V~a2J24rmmeY#Wv?NZ>e_=5w;%#yeLieLOTNn7-<7!Ggy-u
zCsC;iAg5D`;b7X`^!59({Wtf<?~tT&PYB*X;f6v17J^>b&IBAIz#iiIlvgzf;qQ-j
z<2QTB$v-70NAQ^go;K@xZe&6{0Xaajdv~^JqY-vFR##P3726ecG(*}BhzJ=4{rz2H
z=Rv9|XJ^M7P!9bj9Jj)BNl;^bw(30ECLlA^y6PolPE=gbedQ%3oFZX?fna$vLCWGX
z<34<_$>~J6Bx_~^Y=uz1MAr^^1zHq{CWe3|@Scr5=O0LN-YND1GDG{;*Vl(whs1*o
z3Lz{C;2lo`NfSl2ySw|>uU}p-AP1&uW^)J#1X0?K)HCJQ`@MYml9UNaxY(C&pYg`(
zg55M9pac*YZvmG1#EJKDadF)|VEPTDo;-V2g9Uo^@?~dN*ICGbDOw3=AIHaCm#6PY
zRbVGVlmbN|Vr4Z2gf9Dv)v~9stE)>J*Hm8a6X|{c+fr6)B;t~d4OhYLpS86NTzZ!-
zU-piQV)Xf;4oGQW5Ia3o7bSs4U|?<qp#~Ir;NEbC(@Y;e5M>|4r5H1_9tuXX>uoY7
zvaPcsB4OR1p#-@06uMKh${)ce;^)?_V7wtLjF!ou*ozDs%?Zni9ESxXCL43}u+Y$-
zofD6Je9&muOQc+Lo*%j4;E+{VD9&Vn_5?KV5i}rKmL0;5fAg{Ipqzd&O(Q-KTGoQ$
zsAnLK9Yz}r@wt$ph;5I-uS76+pupOom!WwCSh<Id4(819&$kB%TPi6xu!wj*1{IXp
zZ~)BDj`GB%q$n<5{RjkRW8;jz2_g~F4`d^EH#d`B0jq8(ZJ=t7`}|m;QQUq1Qp{Yb
z#tl<bHqC0Vl1!AOKwm~Rq4qO<mqU3(MZ;^1ig2~a)2NiFYTF+iKXuA@xHbah0%TGB
z^fqikgscU>E1scU5`eK{q-YKz=FqsPS<`9$Fn1(5KfgWL$NXVvHBV8J0@s>uoM2{N
zb}I}B*uMc3usGFIXOxc0zH9q;++Lf-B2n5}0EsLekcfvKR@05tCwV;W%NM=$HpJfc
z2Y<lnTkv;)xjaq@Ex_k($eTB~4r~KMbMrM^FZL;@H~jzH$~x*)TH6Ft+@77=L9}Qn
zLgYoNAIZwdO725dvEUcs;+j!DI=`@hq9q%I1V$_Ps5oS}Cal~jz3S)Bk;mA~P*@L=
z?gYAPYHi&bj`G~O{X3G<X!K#yod5uMKH#32d&CWY9t@N-|M8dt7m2=iKEM9n{N{#h
zXb(6%kn14$*XQc)-o3m1!EMxdd?-@FA<~`b_N!&NczD9N^slI@zL7ls<jIqFY7@qM
zvvodyL!TfzKvY8F`P?>v4moUSqAPC+MFSUsR2m}s=Q`KFy#Ul`<iFFM1nP!JXxbR}
zOX9S<`v$(~i5q=bP1ct$p`w5rm9G#l3PpdR6VGdGpkp)1YE9L}BSVe-#lvS*eI(Qa
z(h@)gm!}@y9P9JsCZD*t&T&dnr|J7bcDzKXrMt)z3rCEsK2*|>BKM)IU(wHn)fC!|
zQq@q?(N!Cz`}_H!h*TWxo@m@QO(BOu>0h*lI*lM&YrG~wwv)&jK`7e4KLB5?uBkco
z`|}A_R@URkkF&9jR=zsr^#TImg-0X_iHZAY`9Fc60k%To0sA4=I4Q3w)zZ>3{~jeb
zFVFStO}-N+`ZqV$>>f`>d2X5-7|eqrKvV)}O<}+D);&3JA~rTQJUrZEYr`=VISz6c
zBMpt(ty@P99l9KL$?FC348H1bTly&`rU(2Fz4KDh`UNvMwf6*vhF&Gb8UaI{@TxD{
zW0^-Sg@QRaIjJB*0wTi1l8g!8W%T(L1fOIlx{qj?8oH}kEmfzE9;}^Sp6Mr+SJTGF
z9&~t!;MYudr-I`E$*FzZi=0mIg~KGbkIYV=A8nuYch7ysY8RW2+RQ=JW8~rHo}HWX
z=E1e!($KgnCr2%X4g+|>Wc8~}KXL>$EiEw*K$8+~OS3O6DXE|O;I;oo_T8?LhtHqy
zYn)=QuBdpza8jcg=u%ZhMXSgIKmZBjiYVmA1tgb?q+I;`4z{+T!uDsx(yM~b2LuFc
zAuy1HR#6?OrOeFDM_EyO?d~*vykTTyM3nhf=S`KAlsr5Nr}^ZEOMV?)hFHjZLtDEb
zBjfdE0;I_L$9(KC4`?q-eV|!~CZ=foqF!eM`!+WVIj~yXW3+MGao<9f>XxRa*v4|C
z$Id)QE2zoA!AH)XO+tYpl5uFIIy>_<v+vqzz53Cs1?C3?9x4!$P6u8tFHg>MF&-2z
zNz-|iX2eG0u3jN-JJw@!_gGJzk|w<)wQnQP*3K^9ZH3q-!h`^Hhs(d_Np1Q7(FCxF
zN^od1WV6?Y@zSFAz9CaHvxWdjMRu0j+Vo5VNYwMgFKgRU5)z_U4jnvbl6(;Vchx*P
zK(4@TMQPbF>*GfgNdClz63K^*$xS>ePEA$ym$ysZyNXBh$g0(7Cb-k(f7~lb8e2fW
z^Te)eFNz*`&dH_(>J1qhTtqNAa#-;-f3CH@;o(-GaO`cOG9WCxioD3g#6-~=n}BEG
zb)Mu-_0zk(vS!6zj4fb(+Mp?-$L7%bTA!*b0Z=-#4z?lDu~zM0+NL0#A~JT+IrT4Q
z&1Ys(zdB5|zh+ZbQB}oDQBg0m9wyy7#Cgj9FHM15ePiSMY~A@>fW-9aA-nt^h?~s^
zj$=&;ct-Le)$Wx=*1`mqUqv&DhmP4JAOQiFanmneyg&)JXwUHNPDIkhVtM=cK)#+p
z6}K}9c}}g&OIsio|0@F@gKU?qlpPv+%%!L&{u<-(*2NQj*y<tW&QW5nS4e&R{i(a(
z@_#b*f^44u`ZX@}(1sHrF7gC8>E4gm&kO%tCPJ2$W@vao)*gdD54ER4@cBwy0`NX5
zDJkGO@XYP{sOTSolQiqPuizPomL2GD14Wb72D&xch!6YQs;a7Zs2}3BBT_$%Uu-@{
zo5b^Z4#^!Yikzr&N@}XElF}Eq6<guFn$AuwkQU3VmC#_(+s(iI7!&jGd5;<lO=!1J
z1-?Dl0mR{GXD8~u%3CvM&lRA)x8GV2a0~J3xw#S#J5RqHdMnhX05n#xHbBY092H}5
zSN<rV0uLvr%+;&H5Z+L|&=Jx)pEmi(&&3tJyQiZ=6UZvI+<VBz&Mwv&@%BD8mSr}$
z%yZF>;AXFz7_ou8j<BJULWVHCj;14);$cQc25t>3lvU@~KvNSCTB@jjm6g7WmfVvp
zt9v0Bq*BoGpFVTORxlj!Ff=42vnBl&szH3jG>B9EzcZ$q16W{)ki=F2djTN>U&EzH
zat2<L7mpv4M3jhotUI+&4_XU?fyC}qQd5hk_Acq!rewu*`0!z96tY*ZHq_T2;k<qS
z=~H<VlMx8+kdzQQ=n;rDQ&Y2pjGFZmz$7Q<G>}H$wKLg%fWE?lg7V>lHn>;1eZvhO
z<lrMg27X_cdM~FF?F5?qURmcT;YYxw;NhW8hj8AJvat9R5K#B@C=Y0^{{H^3jf2WR
z$^sZYdyBn6@YhC3NC3s4y5UhBuH{720HBNZ8WG3{-GCLl6}mJJQrYR#GCDeiFz$T&
z_D9*W&qxI2S|+4#zY@=gdl?Fhx)o1*X{jN6H1prb%hV*n7HDdU2nb}O!9Yfs=_@Uc
zI7tq=Zn!Rr2&6!%LFn$Aae9^yt(=!vKtRH6ISt}1_)y}eMDU`xC@){Nwzb_uN=iyj
zK0i07eDfyAVI@^n?JSEBYoV>$QNjzEWbxg}pFYVu#XJKvgc{=HB&eO|vS21$DW|LJ
ziM)tV#G2WSQ7XjWyEP(LA1uU{s#^rBRjm0bh0xb%;WaWNM4h?AY9fX1#aZiJy}D;3
zWqElyJUkposUaZgX0qPUyBp|d4Aa}*UwNjdgo1^fbS?LhUEiDZbe;%-k_p8tS4e6k
z1!U#rGd_QgJ_&GzbQKXd)tU23=q5PSq>mpdNq34eSZ%Ja@TNnzNl#Cou8wH2of}dR
z5D*x8S{*L*Dx~=k4NYsNxmxJo@o~A~cg?OOAxH1n9X=w~W#{OzGDsu5*8&PWU~z_l
zFke7zM&iehx6|7IAgB|5BaKZ=Oq86huD(D`x|65`Jnw+*X4EE(+wdn0XTjulG%jc&
zfQ2sm9|qb0H`lP@&KnVOuqExv<_hN;2QwNJ<Pw^~7zpYBzb7e46O)ogy_et;f>p}0
z^Q%qqu7<WiJJwJ^{;&cpql?<*D_0uEUq!MagRj~{i6DB1YUb8g?hS=93f%3)RgJjG
z_9hm(E<LX?f(ZM@gHG5ECK9>Ps4+m05oiTj)n3ZIXM6Ef<>~RoBU}(54vFup5uqpa
za0>5MI3pyqvbR8TMj3?xBo5wwd{(LvSSUQ4ZuN+20j&qbN@y)f`O@j{-bq3~F@55B
z^X}c0=g({7%UH)z<V*BEUs_Z=PKl1=3gG%c@aun2vZ;v)Z{fNTngrYnMOe*YXV15i
z$KPFCX3k7pB8L;I^5@Tn-p4@k=ojop>U-s~Lzdk((U6sxpAKg_e?H(x?~_=Xg9l~g
z<ODXqfgX1IB@u;w9t-n?F$F0SBo=@Wf4!2Gq@tqYj@>?30&P6XW1cm{qSrs;#9Yu<
zthSw97o4AyotBpJwcXzY&Ye8@VMM=D4Svs_r|0R@OJ|(&(Ew}b*h0WR&BPRa)M|D&
z{I2@^o2fMSSpwg@fj>b8=;gtV-IQtD3I%k{_8lX*kwFrgPuNCS-WMJ5f7(O;Gy6$!
zURn9aR!Su)t+}QdDbPJvUY)A#z4f-lXO&2366)PdjEPRu$8nkINa$OoX0s>lw%QLZ
zTLoq`o;n)5CAgbVuY!$XrsR?FFVkwbz&;|g>$CKX_(rP#t3~xcU&H@TU+e#_H-#L&
z3;Pol14Cp)1pCX{LEBUE!D-gL#V*;1end-Eb@hO?AW}EfYx6sN$6iE4XoE>3Qcy@Q
zNgqBmFW2Z6x+S2}Mn}&ikb~3O{y<W+0012eP?N|Fx2~AR!Sst#QurElpb82Kmv4%}
zqX_5aaY`pwSN~5gXhgsUBH@lmANJ4m*l+>cA|+#CF@Zt^|4idc4c}Xz^-95#dMkt3
z0-XIhXe*KFYt3g=8$R0C_vQBYht~`v(KHo|!nb4EPy_q0<c`_dIn9IVKYsier}*tf
ziGq#n4)Vgk#NvTu8bBZ{zB_mB3=RnadYeU;cJ}6{cLzAQxxXOhPpT%;pyN!tvx5oN
zVOB9QcigVr+jBx-A>(HS5{{t+MNe9IdTybtLK>}~2f)czTEG`Sc@TNmUk|;aL&3H%
zZa%(4Q#{a+fU$riCwqz{m}0@OL99kGK7aPCi2Ya-DiHc$KmwSl;lqFl5~)C2JK`Ub
z@4U|sXHY0;h98q3wf);Ebno6AP!`%GFq6ocaPGpMn2*ow<GZ1v!pqGaQ-#h6pr!z>
z6flHnso|4=vDn7uGwe<<n}7`|(l6iFYgUik>R5+;-qfUpvH~W>x))bw2LS8=H9AHY
zCPhKLk|#h1jjIsS(OsR_`Z|r)N|fQegoK2Ukh+?hBcxB<tk;WwT$O*2AZDFlD5CcC
z^t7~`d>ej@Kv-T}@3>cQU}y*plA4MNcZV{!01pX}JF%eD*VjYsg`$4(qCOy|*9!=0
zg8;kO_s~HtY;C{5+X?s=P=1z!<N4F48EI+Y?~(iWl9BaV3!;5ObwOS4b0lLXf)L~x
zXh=drIp|rn3f;gKc%TY{k|R=1dU`Q3e56dUrlC;dF=Ay<Q`Pky(t%b72M1|5wB9k|
zk-|yZ1XKhP42&MyQ#8q~&CSUgnP<erBC>wHfBznZW_)O9v9A=yi~ZtJJ$;XmX?kA2
zt-bJ``NRoteRBU&TYLKrl_4Ojox66S9|MSia!n1Kg39_OGm}q1ptYq1n+F)k3AS}W
zed(u15bJx|4M1r^7mW!CIm$Euw?#~P$Cal?qEk|!k28b{8dSUh84E(v*G>QC&A0LK
zr<jN~^_7(suNOl1hU!)Ep&3iv4Gp&I%QGP%A&>$L6EDn-jE`G&=ZAD#PjqBY0d+=A
zE+N&^3tIodUR!n(_b>JH_2uH@gM7lS4fkAPbaXFxzdwJ7e!&nP<L*NDj_z*p<Hzr}
z7~p{;LLqw8h%q7MQJ6)*Bykx|mBa_ZHF}@l;u+eFHXzL5+8qauMPtyJ?|cuOT8Jp%
z|4A?MBb@g=CR$S&nON{h%O-$I4@fP$dB8M*Kt%x$q2S@+8Q)M69#jBXT2f;0JMB(}
zF>x(X%sU_!fM|zdaWa>t=dB0*q*^@tLfKPQxblP{r30A51OXmZTwENL-n%<aftEik
z0`2>FcyO?cV{A&wbIMs5{)s7?vPGCngy>rrVia?+!@a_9&UWSudTMOWNa*!Pg=`0i
z<QQGL`nkhQmr!UuUIzskf4+szcm6$^7^c|7L_d!4(a~Ra@J8^5v2T7r?2_-@OMR^e
z-8rc84)kXbM!<3G*uAew(-@3x?l+ZpTxj4ydfx+ngyePD|8jZqsQZpr(#pypdFO#I
znY`drLj`^iM|<Q5=Z<OUg(~AE6J_8`bFo99cLAWw5gR#N8byPho)DAQmDJ^Br}i{O
zd3kW2NZ$uIu7Xa)^MJjjwKXViqCHbiS~@<E4?J!Tq71qPdSX(dX%?|Su<Yk<HeuSm
z+Xvqaq=9OUW-Sz{Qe9d31pbSX6eNbBrKLiYFh~iFd?&7mv@EM0ae0y51j2!>MY;^4
zxze(OXig9mTt;q0pG9P~kP(Q!3eIVy2?kN8+n8^Njy`}zqNm@0M+<`RVShs~kxHSj
zUNs`&BaKBwL=*skg1_U8o=K1W@BwZl&>-lFfRaZ~3tHy!G@JC+J_qfYn0N-Rdk_=F
zqj-mcqM}ZYt)a7X4)*GU2k7x@v4=665%%UyrtRR*kr9(>TH^Jxn;D~#06O;^vq{B2
z{EM=^O7$WHZHmjwhe0f&rbPe9-L`Gp{I*2EVsyIo9UUU9tVZw#K|gw5r<#phWnsA_
zE$#DMn8&>dPU&S3J?LP7hf-o=2gb(0n{-tCOuzLBoFn8#e-af}*EKXh=-mR%coXEb
zSmJ@<v$7oS++m^@j|Ufw*5uyCsy&{Km6g>h=PhgNX{ZaM@&ZtH7#SI%DqZnlBM{t9
z#X=lKyVaimY}B<L>1xb<e>-SMbOt3okFLzDtYZa1DH!qdsj929QIZBT4S?|ipG=}d
zf0gmB$I@SVpC6{(Is-#PW~Qcqef-y-4ILoe`44E@7n|M_680284t}GzHAem=%b+kA
z0(^9AuxkQezEpy672~j2?7bJnEqJzZ_a5TCOB_lw<p~NAVU>@)r^yo23eGR3ZCe<n
z(p1*7DgCY2@QQWkIi_Z0*dZY@CxJm2qjy9DZ4}o<tf3~Obi82vNw&`|ox}cxZ5R-t
zc*jmH4mEA<jii>nm=99*UoFFH|L97tmCbDZcSeRn7a1}lC5${ihhk5;=~6L{39xxK
z>NzOOAuR5<JS@aL{^$9k|BS;3-j^BwrH<c!oO|rQCgF!JdKQSE%=Y@^$F#)##BV#>
zU|?Z{%sc8kNf}q$w#WdwG2J7pqr<=y3l0!!1KQ?qttqcRLR^7M4|5g(${^KIGhskK
z^u}t07x&Qf?_hYzTufaVL;9uija@U#O)cB=VJtK+2IDJhWev0fT9Oii0dk-OVP~e_
z(oM^Lmy&W9(G1{#-)nIMQNF~s!w<|^lam{li*jYDsHwr%1C{{B<Y?VR#lLXjf`P#R
z%9-o@^2_+>QXodS`_Ww#Ib6ncSROJXFrCIRTU<$?D~soeqXsgO0|$z#24oqIT3p)W
zabkCWWkT#$r52p0Tb@F~!u(UNup;W2n~OM1{023hX-#u13n&KuUG(^<1qfsO;9rc5
zhrtG;N-40+C8{P}a+qFUnFDQj6b4kD!d%cDo?DxsA);y^hdTiaK@nUWYxeKHWu4Or
zLE5T4gAG&~+o-4FMHCT;Y`9r(YUFxilQ=&=?@|TJrVyM>OarI^_+%!puQ@sN$ZFly
zU_}^3ovig8FiT^K@O=bxB)`RPJc(58yek)-@M$1|#q*qZ*aQ2pW`491&GtIycYKAm
z@_U|vjUZdnhUe(dFDwRBIox3xx>rdYm^HRK9wMpn@bbo10Ugw=jUo8~+QBoRg`IOU
zuRaYGd;wJttf`wSl9+_Y`Vj^O@jJykS#KPtL|xy#b0;Sob~R8O9J=P|<1qgotG%wI
zM0Mc6XSkkSS}~pisQL+*hnb=cDFEdLzI`bf=(*UA$CmeqM_o&@fnJ0{PbGEu+$~UO
zK0~U(SLNlk(r!N}DA)kqkM+fz2n{9Ww?SKsf6%JS{QE8=CTTA6=e%?r90*e0^8Ci?
z^|~1mCrcJ!VRzDlD@GG`pdVZBlagRo7{pXUe?O1)pKr+1AL8S$g$w>FD>FjomZx1s
z?t%v&#0xI8rm70|vH_xmGdG6;kt?J^j(@`+J=&oi77?L98Uo=BD!G}yK6D0A&&_o#
zGv;vi(Ft<GzXg1TN(;;dUgM{+<22+63f{oo`x(}uDq;3y@2N9vY)AJ%9;w08-Vg3Q
zC}?<M!mYP>mysh@0Xpj2bLyav^sTHs2PzI|NC7*Bg@r+~#Dh3?@35Yp9ySDR#h<=D
z+m%_vz)SpLH7ux%s>;f*IEVzIBNG%jR4xO4vORmwz+3<%gaW|K%#7`XnIWih+qZ8g
z*+(~mPXHa#oBGjl>Imk80OK_>&ECLW^7bupgg{hG409kO?Lf+qkulWb<KxqKa3)=T
zT#~dB79(y$KU@_clWxA#1=572GusI-?AZO<mUv{;6lPBcy;ku}aoO50TfxlQ&eHp4
zBoU5{^-WKrb~8K&>JyABKSBx8EJ`H4iDcKVqqMYZtE*H}Iz=Azl$5tEEejAt(8m!%
z<VU$<f#85|z)ZP9CcJ*V9<~Pv^O|7FFva*l@<mjXCycy~j*e&|F%3YR^8jvx$qs4X
z3ieB^vT615#6F}5{_qR3vZFA56|+IlF<gA^un3A1W?db4^xNCP{$ZrhYO*~O8?E8j
zFEVm+H+(1T8A(aw=tV#$0g}L<8JCc7^vDsQl(yjX7lDD_FLk<@nw$GOy6mSHhVAby
z2PE;|9UYB>L<aWVyZan4IqdBTln><v0a4l9Z2#>((Ke5U09qV60eB{E6?wP=Yr@cn
zq)|RV(<9QmC*NtNxS>HwkZ8#viego;KLK8#Gi(D^K*v>J9MS@yjsXm3<Uk;un@UQv
zOG~LqNz_Gt1VZ69EX<ibC4O>|!>vX9{X0gJq}!j^dz6=zMQ%#S%fM?H9TcPnpRlRv
zD3T9$8G4e6{u$JHv|q;|Zei{e^y%QB{ZzLYz7Xz3bW%``2SF|&odIdX`}_z0(No|m
z-QNhvg#fa&upniEC<Vlhi5jmL*yZiNe`76)+bgQ;Lfrl>Wk@gQ8frPtoY7nSiw3MX
zDZiiqQU|MiFudOAv$u;!K`0Y2Yx)SV{)|Da9h@jkOW;OQKYpBESb(GwA>p}cY%ViJ
zJ91<(9)>R89ycr?hUtt94UwDB`x9s2qBfZ6>FI@pgwUSi4tmjuE@3U#mY3l&geucm
z;<BXZl!PorG8DmnEA1WfIb`t@UO*`xW0(vfZZj>diT-|lLqqtwFs(6yxB2T{j_ML2
z+}|oZ{LDCLwxYm7FHw6-<B<bPFCQC?`9mKsFBDHsMg$BQ6H48DYe<=u(Ihx#>~~-^
zZ7r?fOTE@%K|$rOuV|X0otpPO$GShPhSdw`{V}B!4>kwCQ3)>^7SsDJ;{e}i&Z!mA
zGNEvI7KFgG0SX0)?SU`#sh^dVzlJQ}e}}MGgJG<9|8hTk_;8t&OF&@Df@0Lf4uy2b
z9hg8{=a27&53;qjHNe;RS3?6gFRukavwmTcj>P8j38qVcW15<nuzMx`SklVy(&F>y
zhS!nnnAxW=r;4JCpP~6otDeZ(t7}c_ab4u|L%x(T(a~I{4Y4qa`s!ZBAY@JV1w5Q5
zhf5~_Hf*=qaI;zt%Fb++8Bv^U$UfogBERZjrg8(+jThyrtNZ4<Gr;Dt0}$ik>S}6k
zMtdMbik887VN4Y^tl-bT5qI2kF(5Zfy*y#3i?i-EWMfMxn|kN;k-Dya+4MRd2vD$^
zk`lPfdgwGGuNpl(JRps~UpfmTDEJP<3|b*%mU)}$I@~r~cqYe<hKGk8$5iS}kKldC
zNgbKy(q|<x7K&CYmk1bw_h9^y_UKXITQmtaf^?y`rn<?jnxTM!zy{zB)xk)RdCNI0
zwXiMIEM-@GEjQC8$m+GC^$iVRDFxk@IU`D0Z4dDoNdvF+YcvTkj9hvf#TsfUQ-AG}
z`svlPRWIH}JxScI?hyLv-rbKo51@je<pVMSxQ2&fZh9K3<U~)ACqOVn1@NPwGlr`}
ze(XH-&)g7_1`V7;;O^I^imECqcsp-&vVeAAo=fy9Eh}?CQ<t@iRv%B}+~IM6XFGND
zzVPyjID8_8%e&hc2gTm!<l{5^d<&#?+_pllQY<<eIsO+++}uh7l^j36e`k`A*upcy
z-j<KSm~~X$H5-ck+5h$eT)m1Jx%U(|@0>e)78F=+u7)7jnKOx~{>;n|>xLWo1twJ}
zk=T+kO$W({IDZYV7CgInG4KQgk=DGu6yb*8bPoH&2zwK1DD)g^YJD_n9*5ljp59K7
zxqmn_z3q&_FiT&Wk5-7nV~3M!N-~Sm#i}RvX_IBM+x)(`xFz47ZK`r3LmRW=L*wIl
z9viC=nDJCF$xH0>YTZz3u$#s~wdFygL{P+)T3A_aftOF!$n;zEfGgl)tS@ZI&9PaT
zX+$qj+m{ajfqh*~(0wp=oRFREc*5TW5C%X1oXrTwCoqR_p8#fPBX9rytgn9Vt+#h6
zHuJ4>Hzg&%p^z(LaIxc4RC2zb-%nsTr2Fx~!IOm!M3A+$&O=W_iEjkqS=wt2Dg?U#
z&`YMVrltm5CO9ZLt7y1cLe{-rV6}a`y}8o!5`YjzgoVG{`b2bwR}B)!jN|;LBBpP`
zBLhVQ$P>zJOu;VnlnAMKft}2*UEkD+0}Bfa#E}LhWa2{r4}{e2lFCdV$hPj8x*+oA
z(h$QbTJ0xfVe`!=$Wmo(#SxklTOm&^TdsYOJPzV30@kYO{f@Xa8=IN<W0@E=!lh@N
z&#=cv0dI)-+*`Dp9h>6B3H|R6cO}m<WWdz~E|k=fe(%nQc#gcLj_5JqZ{vb<l0Pgt
zK7I*{g2ob-FwhY>-NRM1H?_3Roj<QTm9c_cfj8IFr-H<SO%Z-5d?kLy#g6s4o{GV?
z#t+xjEz3XWAP5&1OZBeIE$E;@pz<r+oqR}-pDFg;(`6lIM;;kkXC<A>s}9WL;j|sa
zZ%K)xhO6^z5zLrYh2FjSXo?nuX&xk47nfWZ<_!%$03Q)&C->%IG%-wZ+YZA0^RayT
z{BBWTk<go<?oCI@pyHlBmaaLx<??;Ww^VOqzVVuF-eE9x{#!qbKH&6#`;VE7{vXbh
zV3EA@OZp!UpX^<9%H#jxq>2CB3I5N}_!r_b_Ym231%(aFu_K9M@yrjQ!#!>T$`oP^
zLJlrd^-nj=8L}0tfsHX*sdU2>EBHPoh3&+Nt}~^$3z?Yq_T2XNv8AcKx&?mx0s_Of
zImt>EXG<o~4Yj7G+uPY`z86PBOLgta6^$!b0x3)REmf41bzz;sSWia&@3;KFfu+*F
z=ww?ab<ZXedt%q7rgjKdVE-FuW5DB&kBuQV@XO462K>F}3}2=Lrn7M#g!f>^X`>?e
zAXHV8y@|(oEDvQ`CM|-pIDEJvCK!WpyG>2y1@N4g$q&n|f~#a_k3C5n^!9CKMMY*B
z&iEkoVB{_5<;#YD-k`0l{H#0|zZI9eawRt|F4x=pkC+Mm`~T$(kZpVX#hL$EN&<yF
z-~TG<<)Xh{)~8Pxh1MQd#by5KP|?&pb@ps)u@oK%1U57CB+Xm6ulrUy3JRHieztq}
zn%=0ssb+-}LOO~;e-qs1Am0J-{_8D7X<S32^FRLb^QRw?y!q$DkehID0m`MuEi&Tg
z{VosiMy3UbWIq@GVXiDkE2Yq*d_QA%b{ZY=?+rftrywB2CM9*u#u#Ymcws-l$Bnim
zj6V^qIXAa0H+KX3c?7$pRC7y9bCU`vY`_H=4l}NPyBiU#K>Dk>c@lk|nb{cXi=SV2
zb5m2s)z8G|EOYaw;^oWga&q_neA~u8MP;0!SRJR2xva8eRpMPe`Q}=Wf3QfFjnn;W
zi`;$}@BhDLi~Ps2FBKWqYsg_Zcwu6~BG8T_NCZYzn9n`Ten5PH7YeE)CPetdw5=k6
z9FejBTe8w#s(`%&)`0UnFz^P*QuR+mov9gj-{9(xrC#O|!C?tV$-KPy1Qmm3aD*5<
zz`-fm+1bmFQGSVP{oKm@d(;PL7L${cWK8G|kh_t}dAPX1pY|d3_xJT_D9NIoF#{)9
zEe%BynH+vw68<(2U0=S;VhqkJ35@s$r2Oow#4itxz3fgLx&t8U12=}#UdDiWK>N%P
z(G^HxBsXOzr)9K85YTY63x?v6tVx-Go1tF-II$-LKS9|>PlmGrT#5D`4s8t#OZk_E
z!ZG|qlODASIr~6@5@`4Fg1z9&mK!vhkV9%y1a2#%SoFCMp+JCe8EH+8f)`U^v^gmV
z(h`ns!NY^BZgNTMi$Nv&5YxxFa5RcpkQUG;q2<ZAwg%@U8Wq?YffP{9r!e%#RD#;r
z&@hYk17VLQys^Ii-APP69FSUFnzAx7x<dLnJ-xB1>1jX!x&|;5i76?-E``o>tO4bC
zpg3g(st87Z!ChlBK%jEL$hq>#UAw%&Lq4Y!;D8qjy)K$WP_w-=PH4TzNJ-&)XYs<c
zL_dZC;QtB02pRf*=v`L=7$O1#KZEi`eC*n_3)Hc$t}fb!w{&iJ9^FK73S|r$+@nW7
zwp1RLe#y$hNiyJ)?HwFgy#$4X&}T)Ypx2v#nZRXX%pRQx=$HdisHQYjRK>m4Xs<9(
z3KDd*=7Nq+H(IM)yV02B<eHrpQZfJ%NE1NH{BX~J6CNHMgdzhDK~7fImw40$BRzdr
zwv{d{BN#bxa&kfogkJlA6nYw{FDzOgKqDVMbm)K-#4Y#_j~zI`1#8f@9VF{GX$DU8
z<6d6g-tcjJ0b>G(gy;H<w2O;y4dyL=;=Zs!(CH8lr9q-u4GIuNt;qckkt*c7>9I#>
z!NzN3A0@#ACzBf(cz|gDZ4J6axXRI;KoCT%dA&gT(ok0?+qoTC4f{k&#>C`fZtf~P
zJfut#D5~)4Kc^FdXHA;)S8HqhXfddIj75OGAdXkz#wNN8a83sC5Cn{4A;M7Kv$C`I
zlae0yf}IhzH4H$uK&r!o!CWFvv$+c!z48a3ZL%Pk7mToMQWemwOuJyIG%_*yiU+C@
zg3*Ux;aF6JG6b>LC{*x=-MC@;<^&GL>IrD^Z6lsrvU&RC$%TYqg|H&@Bg~_S_=PfC
zDN;*oECKdtU!R_MlrG}u{CSCcL-MTGjEq>dmsNBN9zQMvMG9II>NR|22Vk%S9R=ke
z7Y9EvvnT&sLlS2Cn+|U03JtP+dH)Quz|X2Gbam3yXiDn_h`tXfK$8;_uyT)L?$y}1
zHFy@A@klat`sjTd{dxjqI(^~oHBLZ0Oaoi`Q-AxTt5+rNdp^4p+~f7h>qtioi;A9W
z+C?_s9J$h#MaeH6-C6uslUaUVQBvthtjT@ziQ(q&tEGwaN?&eje$I40eL$0;Y{15W
z^|85!XL!MIB>hW=wl346DG8UF@NunS;a06wwW#s%@oG*1fm82Q)d!fkju!5aG&Vj(
zAjdHC@87|%p~K4+v4d7=TYJ~zHdlk#MP@uo4kH#$SqSc(m;iyLb^W?zTsa2(uRJ?;
z`ApG5i>5)n1SLS<7xxoO%nhc_c;cotxMy?oaikOEWeipz6fLnWc8KngB4wJV5v_ys
z6NfP^k0qrdk;Hn7GQd7`4{O>mC0|vWQFQ}evc^$zk`wbqnAq(eCTM4EV1^K>O<f}<
zK3;mLy0WzZAW=pcBHd>sYWQnp_<S!hcYTQBkR2TvsW-_$lkqYeygJMIOU%EZW`O0b
zn9V?&e)!-)^4JSrlu|Nd=a=a-h=alE>ds)RfbQ`o9UPJ6I#p0^z>VWsV)YwQRxq(o
zlZkUxZYnF!mD1=owX`r`h2gtv`0Nw~dE11y-S5y@@HL3px^SVnnR3QP6J97j+1)Nx
zpiKTHDmi1#VK4-zBS{r;<^2W@eZjNZG5Qk2=xfALfQjEWki$_%0;Nz+K-Yt(0DU$E
z<N46s3i`;RDQRs=Dbfx7jp!U3`0T+v(}+odIrE5;(1=M*-NMBo_D+NRiaCAk85o#D
zbabD9HCb~pHdTm&9EOIBl$9IBH5YNR6=r<?k*7}u%VU0I7>g|PbMdGbaxQd4axyYm
z8JXiJF}VYv0DChb4NV&=6KJcK4`y*#gv>SAF`OY|qH)Eu?bd!N@&aHH&SnCR>;mi`
zCXN=tYk^vV164|Ha}ti@5F^xM)IY*Ez0a{W&v7#pFO<~P+om>8D$a_SxNm;?i7j90
zGUeg%z$*p`C-=ttD}foWn%mo<9RAvp$w*4_FYiBk?AX5iA4p`ViD-^lqzwUgK?rLJ
zpXFeOGJ5jO?uL^DL6`ZDpr9~MMo_tVGX-Y|q04HR%HreaM~htLv7ds;i_#?l6ROeI
zmwmWt3F2!L>EM@h>w0KCrwW!fA4nV>8XksBwfKEE<Hw|=C_x*k<CHjOZYhU*AKrWH
z-S<ih7N7EdqELX*Biu8NkHE;!#Fkpk0V&expyKK)q)c81cT`$v<vzvTvXN9<5F?N4
zw$Tav({CFOEj~wyJh%-nd!hI3KVELck9`t*gfkr<!c;nK=6S-PVPK4DoQ$}A>Xh7E
z=g&5KW>$MNw-8^zd&~MR-T(K;+z)y7KVAX3tPy6Y_IMXZo2&$kL-`#WTTOC(fR_|}
zxllW?zU~HNIY$sSu_!zQC@kMCi?R`o9t+KCI}$=7Bme&WD-NXu;{xvUzogMg()qp5
ze+>sYDzU4pi1XQldjOt5dqe2}`L}zJ68ESh_b8+dBPD`@PPO4epo0((w2-@`8Qq&2
z8+o4ijDU{?-7@i^xo~wX3Bgdb)a?qP2DUHKSC#WiON`3~-v|M-N}#InolW)ig7=2V
z*`iPHA+S*S=Hxib$W$;&?8L)wZ9Z<yPq?M22^}3QvHR+1Jfqw6_wz;Tvt5oo?Ap1n
zo7hgDzLjNhltA>Lo;z2KnU1zLAtt761i0w@{pFmTzCufe83npr+aTf?)s}7_nEv>z
ztiuHG-?aar0f<465*)Gg*CaMnSg4ZK(;xrn1&+8ZEiK1F)mBK<mODCJfdx;%)WKsU
z53dPw0?OmsgeImV;H>odF*84p9vdyym-*A~i^N%dn1_MAP^Q5+6Fc$u@B6<PR-w`i
zipRjG0MjleLi@t33IjV-keQ;k)^`&S*qEuRgiVI777~An9v1=LkGfyKz%xNuh{KE`
zW$G~m&1J6O5cK*2NC6=B;SwJ}TOi6%S5+l<@nV0Fu7|0G1&jU8?H81lsR<Z=0gAzW
z4Q(v-TvJpmbeIgi#0=3G$Ch2h5p4KWaGvn%u(Ln&^|i6Ke)9Aw24{eoseEIjqd{2p
z;A{;nIGRsXm8FFRF@QK^8b~*3z&^m>0IZtrpOK#)NKV65Ehl$`{0caK%=kySW1fWQ
ztm*SV5C5#g-%e9hEwQUn8wshY@XYAlzWols8G}*(NR%uDH&9x(jK8oOyE;3+YH>u>
zo#)_q+lBC`_yq-w%?||5+|tr{tT>Ki`}h$=2Pqj@8<aq_sW?)LWG0cgn+~Qf3P|Zd
z#vw}c@Cir&3V<EU(fW(*r=!x=(&7M53<35zZ#;APFn$UGu=xaHeqsU#ir4`)LOW-D
zl><qWa9vrMI12db)6V<&FpuS4AHp=E(B9Dzq^2y(OME^Kl7pER5@6@IZ;~#@83J|_
z;QZVnw2NC3j<Pp0EPzJ%Xw2g_w6w5FqYocVmq0`U+yk8!pw$2p7NR2_KZzqN4K(qm
zyOx&rHa5RdY{5UTj;F!}+?2Ni&bK4z0N{Z;NktZ+I6Svv!5{Xt2-rI+Jbc}AYsoX!
zNu8Jn_L1<UdrRGcECZ;E&ge9iFPc--IdGnHF{{w*2E2i-=1phtV75s@tHoqCa&}5e
zEly#xU?zjri$H*1@};>Y>MMff2MRF|mN67O965EHvmy>9axVdVNafx>6vu|Q;FH<B
zy}W=P*WL$+>v4x5h_+T+i()l(n;0=tM!1byBzXqexT>b^)e14^?vQkJ%$_%WNJsLh
zcWSDxf5wFO*yS4sFXJSjmLESJb&_D>7LyJ4?k_PCGtj9=LIOBul4!e{)quSKgBb>#
zN03Wmf0+zKpCe4KxS4K1lzTyg-?4;9lYBKWJd92S4P!$C^GU+=$gdLwPHyh)1eEWb
z_gfgq#2FiSJkxV?XW7_<943P8UI7rn-2rEAMl6_D3^w7gAIBabVRCYEoGIak9vi1{
zq1IP=2v{87z}c5$8@*`x&}lk5Ibos^Kajxo63}y;Qd2m07*Ymw1yIHC@|X`~T|9lz
zHm4JYwa4Dx5L5zv9Z^oUc#&L@FQlTa5qv0ppqAiV9G#fRKnK>+5_dWg&I_awq_T!p
zu$DxpA{!fVW)SXWnL8+@uCA`ISY5sWg&0FX!U5$t(_(UDM9^X4NQB}k>QW`Bq;BH6
zEL0KV?(KDT*HF7*UWauw#fnzoZaz*Q15l2t+uB^40^qN`%?ZWSb?MnBL%alY+Qbek
zeX!wueul((v@3`FVs57DSi<oF_s2gtIVducLrvlIL8XHbjc*$ny^V<IYHMRV?2q?j
z^-)b=3kMUu;+ndjSR46+@AZRaMSZ}Nxs_vkGNhk^j12k=_6sr%fG4}UDo5T#$fq_3
z8yj_;YjU&};PY#4Zi7h%#-cuBiZ9F^UI_5Yfg!_RzX~3k6j(Y63z+ZIrx*@I*{J{_
zJvBDAhk(`yJ#SDlzkV4x$nwVcYdF;Mmq`Yaf;7(G38^M(Knu@G^;Xu_;27ZK;Mhk1
zdOSk@c>XjR{IM=Z5X<7_EnjLQ#mp@&#VmevnpR?_Jj<dDwi+f8-c}ehaRe27p~$IN
zN4W8zpdzv1ILQJ~<g*DFQ8Rv#a)g+_V}NOl?%oyu`V2K3#Is?^lLKG8VYwtH!HEeG
z`9OS_8Q#R_L&N_++B@^8p7(#>f3_iWY!Z^8v<Z=|l#-&7Op%$Wkd#tMM5$1j5)GzM
z$<($*DMLwR+zM%uCdyDMLrL>|A0N)|+~4_~-@W&ov(CC}-L-Ci{MK)6)A#%NyocB8
zIlX4Bfor0NMns0BmY?-8WXxVkNLY<5EbSqcGcHQ@@Ao_W*U%>k{55k&1}=6tE=n%m
zsi)_O=JLki=$Yk7Iv%SwYzSYVNd8EyZJ43LMtl2VXyy70k&^RDFItNFieD?<`k_-`
zip9hrNAHBvD;Irk71zAbMbhWqVWFB0VDb8*x>p<2T?S-YspcIkb^P(y%6i`S8-F(N
z>$LW8c(<}zHHDz5eW(=e6B|F;-_Z?6?*O~lx@0xq-K*`zUW*?kkFMwb=e{3`-s|%p
zr8@rGvgse{o&Qk9)pm%|FH@o*`s^RwRbQTM)tIZYyQ_M7PD8)LEjd;;HW)+M*_=wc
zVd=m}+1X3<^sdi`uNLz^*@waexKd0lP@pZ@!4x4L$K~1+sun$tlIy?Cbx+**xoh-{
z#~q#Y;G^o~SlPnh2~PW3pCPpkzjTSS0aPnG?+YCfpc^Ii`e(=Io&5HopWVidE+2f=
zi`!Hiiu5r;L!4s8p&!b%RTF4N_*uGmv6#qEnYV$8Hnn9?lDhk!0|R`{%E?%sdhkZG
z>$AP_Ti;qp___|SnlgFy_tWg*qPE-YO*5DMkR^z5p7tM44R9qgF<_jvy**f%$M@m`
zw(o!jkjk{D4{BSAwgFM0lhX|jjRWdxr#EfbaGNWMK82b;u4(P{$pj=le5bTL>K>H~
zXT!C9(R?Y<ng9AV@l9Neu&Hf^%OY3By)Q0S^*cqgjO=FfmMz>@h?4oiwuHwY!)?o#
zn6%<C;o;%WOsAv%L2d2x_`ObMc9C-;I0YBIM{z8*u(OKSmJjpu&Gp8p>g&C)@3XzT
z<{gi5!!C8`a$N7l%n9%NIjHXTf9M{A*Yo7%%cFO^X|^}4AL(!CGN7rs`H0M<PZy7k
zKIn2$<&zo381NPLsZbN>f5@b{bLZ~u)m+rgJ}<h2C(c*mzT-xK2sF95aS8WeSlF6M
zY1*=hDk}J4%bZ*mEbx0BTJOHZ&D|~mDDE{kGwY@P64cdA9Q>MFH&Oydr)HMdpyv{{
zW00Ytf`FPr_TaE#p+#@Ruh;j0g+rt=U0%svhciQtcaERBd(^IZ;q3!*g><>Ssn+Rr
zvgfACDa~<L<`p!Vab^n+Ac4+BZo~q?t>MuSrok&lMph!Tr#n4$`t<07D>(=;$VXeu
z+PZa;fXH2Xz<|Kr;_skP1Yo(a4`as`R<NU^Ca_iH>Q804v71Nidq`dgRP@MoQw9t;
zL90ya89%e^UKWPKZnGHO$ADnL&CV%8Sqxo>+VNRop(%E={QM>#<wOFP=gpZjVkVkt
z401J4sL!5t+yw#N@g6-h7e8h#P(}%X8lPH)!W97^2b2(n<RCY9`S=sh-Z>D!Hp{N$
z<HtMk@rYsI+EA`Zw#a|qez!1d;6gqh@{~;*HwKK&;WcGs{I06H>V}m++2eY89mU>n
zyveOYtDc-YC%<r!%Qy<iINQ95!hTwng9qhJkc&tS88XjUO2aJgvndL9v^|ce_!Py{
z<Mrha?BDO;<U|CPDOcUS`TaO&9`v!SOC2*I$9u~BvsV|nFUnG0&@fP`=Il5BmP>#V
z>)K~L7!DSXdYR7xsKILW_4Vzr8%>2Se?70AMI$wXhfP%yXmFm~wGPv`++1Db4HdBc
zkO}R(fB*0mMipX5ssc{9YnM>&@tK8BwFQ98Y5Wrp?t4IgcpoGZJgTiAZ{jV0I<UPI
z%@yH_1@k*koti)>M|lB-sEn`L=J)#62T-9NJC;qSqJOxJ(uYz512#k^#v8!3U+z(b
zadqVLn5RtP(gg$o^+Dj?xx;koaeaA;ZXHBfnC+kmk!j&D8{hZ9gNF}sY4R>Nq@F^t
z%c-R1H@2(5iPpNzd}0vq=h(O~MY7Aq9~6BG3SMcY@o{ndQ#4<=^QR)P#dQUxk!f?C
znwp(Ky5WIUcG{s-bcTz#;XhP2O3m=EK9*2H=g(uPyjyL=hUIvmsuYIfog&v7X%|db
zv804p>FG^YzZNF3C^t$yvhwPZG;`mnQ7-e`OFxPc=>a+RNv%ZQR8#5@?npby7Z4M_
zR^QRTGz)*`<F(h52RZ>6u*Il)c#D}cABbV$-M#sgppOdHGhgY%ELRHf;POO$C^ZA^
z%=R5SR`7aPt}H|b&gY@n7IxtXAaGnvd;ZDyMQ7zF{2ny-d(Y+>P<`u1_@$MK$vfGi
z>|De@Y?PIisl=!man_LBx&>TF5Ti}0I2XQymEdwdLzLc1(l_HqVUDOwY#uMj(nptP
zRs5ml@HZ_$INEe9STs-l59o7zK_t*#x7I8=UZe5Y2gJv~?#w*n#TW?(6`^GxqP0Dp
zUCRpKtY)?G#i_o@)*BBI>)xvA^SJ5T!`>-}4DIYHrrpuMMy{T0u#p+cHDDid$gHds
z<CdMoJ5IZhvex^TkP#pr2j!lBsViNuxW|XuroyIIq>XmmW2*NJsUG#LVNuBB&3lZ(
z154w3N<2(Yj|vOBPj-{Rd88j^X}gU^#gtjBQ42cIc^487&0wPrCYooiqWhv_-7%Hc
z6@<U91|0)G7go)i=W8LxZwP)J>8tdTymZ&_N_DQoEsmfMwSRJG&<LsSzx6%9r@aw%
z{d&fuM_zYB@Iwl?Up|$W6F3?8{5bzRsx@Ndyi*EOou?+4={SuHq{Mx=_BznFnth?x
z?rGDGckS6S-JX};{;URB`vkWpr@X$J!R|y19X!W<=Z2)vQQvVy|2}<&Up>x);R7U$
zI!Wwi<@1Wx^wlnJAXYicrfO+jI8DY%IF%(`VZd!D4l*Kkg&*jn+kH(}71vYUj!xQB
zFgbngw9oc2EB1BED)c%uY|W{ZIWn9q<rNinHZ~9|7ZhPs4j144vg{ClsjG_%1t0o|
zu0m$FjR3giiN!lcrNjW}d_Oh!Q-Hk@o87;?0_m;%kg{i&%I5@~I>p+k3(R8=WNJwW
z2vNT)-6J*VD7y>OyWt5N*hJt4W2wg<s+v|EBU$FR)jn-vA2hsvykk)kO|rIQ@&3@z
z(3qGlRGM%>T|)Ar)dwm6nO^FsBjbAu*C9BteQuPTipmy}X$1$oO`t*nHGr!m3kPV2
z_!&iIS>3pHZT$Bps@zN)xi_;-t+<nIY(jNBLX@<(6NO3BOIw9E=<)&};<BOxGhxT{
z8nmW7=%p6Edwh?z(hnyDxq7Z~+P|Xbsf~S(N=%7Uw)W~d3^B_L`3ypp6c2u?HhIBa
z)4#hnEe`OJ-(Lj?*sWDpa-%O$)Y|;M(`fXS-9yv(DXrRWF+<c&Q;8$*2O#I?gtA#k
zP*CHP7m%xyIABA&(_gNtXg30CBHw*1&vMEX6NSD@@P{`SwNss$;+VLML@}eVFa$%2
z@k`p}awkoigX*-*M|4vE&}UUvAKtB%ux;yBYGw9x*|d*6FBlw_ofV>8Gn(lS=w`u@
z%C?O4H5k!5pX<v4YsUEuLh)wE8&98pAB8mcDi0U&D*1bW2xRUnwk`)bqRK%F0%P=K
zz>xgH!bJFIP7|pa?0g4^n6=k)Vd78%@(**>#7gv%t7#haVDqg+3E5SW<M+vxjySna
zQln%+L5DBz-maCj9p|9Yvs>YWJ+%P_G_RoTvi<s1r>YmFm)CHatYCxZD7LytI=SfT
zKH!iB)4`|hq{ss5KXhm!um#O=-(ob3IK6>GdPzziH*yPHZwK2brtoH1@h~w;C}f*j
zpSc<qcAac(oGvt9g(j3@U@hZ<(?-!_Jz84@N<I`Q<$MMoUrftc^Kh^KZcEODD_3|>
zxN-WOPCag@Kt;-#mKhnSF=Yx)B^%Cniw?jjhYikih@@;SpqJ+oXZ4>M5^TgdeByJ8
zj}jd_02QZtv`xu=7IIO%^N|S46QCiCH94M$v5QLw?*=zBcLQZIK%$f8n`h5_=BiL1
z`IT1jXDv>2?jcQ27V@k_?0l@d34WV`9=_w(fA;&Jp>(0XDHal)I%(}}@YBjk&(3zc
z_-tPvT@MevwkcNObIiYX+g~U2a64()(|gi_SHg5_zqh@7BD&;voncI~-`b+A<ZrlL
z%QUpVLf;fH!sMe7i<d1sVW>cPeRQ0yogGNNW8n2jZ~!q*o@bnylcTPtM#u#YVTP3u
zbX~y)=@gm<Cwshb6K^&3jE2hS(X&`Ow`7G*9d@sJ&C0xa`}VV7b9>HLu2SXIT?z-!
zFcuS!R4fmDsXRN?y(RX~Kc5yAwI6fuay9K4(3|FzDZqHBt1tF=vRx|#cg~!_1AHFS
zXgYRmy>&|s#zSZOkY9Dn?7dqg^Zh_>Rkuwmo6(TieR<D5P7hT3<)*kbb~V`y&`-4q
zCeIT0(U-^PNqzLoVViE&mPeqe6kVITU&D}&Qa1YNbM(`sOFMYjYY_>eCZg#nP1O?z
zCyY5LMwG($G^eeY!GZ70|Mh77Z050bCcS56*MC9fJ^m`{I-Slk-TeMP1?K-N9p=Aa
z`v2{Jbj<`6F|Da?B4&P2)#1xV0lH>nY<{~5um4CCgBP>eC$Q26rainL^dGyFXm9%0
zg!hB)0cUdMk8&I9Z^(`!bKCUhkOyzxP&=$vl%fy>mbm*VPUI`1%RCF$(g7wWx+C>Q
zM!jm)844dVbe*pJgx>F&%)vfDHtn1%#!|oe8ycD?fdx@cn7P$vgE*SqtnPaNW~b0M
zY2%cH!AA`hB3&wY#C{R?LkF`E)zG!7tBdT*$+?zbV1M7p5Ov=Q$c>hp%W1Webf7-%
zL@WkkxP2-uhNKXqgNkCg(%}OKtT$~Ey&c>nv<pP^C%<zz6C8}fqFL+4wBgI?;JBxF
zV6)8Y3&;Nc`({qR3+^Bt_;O*$ro9-8SCh<(LNWD>ApBniFxxI>W<}JcTPDknKjHfM
z)i{BiysGMIqCV&rbi)?h^5(2<Zz<LJcg@Qm0|pF$1Uvfh9kV&|-n<cm!#y`o5<yn&
zy`Oe$gDeF+^3r_=GDo3Jpc&bycwB<!!q)}*`p%<HrNf&U5J`bVZ9Q>fz_~vFt2{i~
z>A!)U>C;t$=FXo#9~U1nQeecy$I_mW2%Mk4GHyh`J$HmAJ9oA~&d*v?nNaB7{8i*m
zuV4RFz|(wk?nfw8i-OA$5j~rg%Xf;6NblaaZ{GAhawL@SI?g#0lhX?nBM5gmAm-<B
zs{v3+>=HfOIXN@+_3u{wHP|s|92k4+bh4)?XTYsqMVe6)c;IUbTR=Jd*RLZCzK}!6
zV<#-<b^36Y)Iv`kb&R76%Wb$?d-U*WYH|@sJ>+PR?;XxH#0i5)jmr#-VC4Le=N1!}
zMJz|Em`l*+Yz3;W7p2v((U5+=IE8QApnu|V5F^MB=_i{38Bu@aeJH%UV-bcugY#}x
zj|Xsqj~daST~9no17rh?Nl;**igU%PxHg~1Xakg&<z{8YSZ9p{llM2YShtRKgU3f#
zjhK7Vf)fBTY1^e{h#YR{&hIHy(g?=Z59^-%?%&kn;b^(n(VwvGD5cnLV6Hj?Pjui&
zv0493Wy<j3)A$#7+o_h&0RFl%zJIN~ZgC|pJ|4vlD;(0rd+**3g6I8j_4O1ZsxrRk
z6!XH9Ew-Pch7AbNoegGEJkdl?Zv>aus8OYuDghlpCOtAt`9IYAH1i^Ffuf?gNe4{>
z?lS+Jz6XkfoeO^vq<v~xaMWh#JS05j+>$9H_>{9c3!*SVK&KJV7Z2wEx7l2q#hn9F
zzLb|kWB(qQ@-idimt6o|ExV5l6TgkkHx*Z!6k9cuYkmfSp<bji3l3!Z9Xy9}Ku+2R
zK@)8x23z{ciLQ0Fc~50zWQ0D<TG{(}eu$PaLT#ILa4ZxfU?g-&yrTAxr|nH|<Pdqr
z3=CwuI2x2vU$o(Z2XcHwd6t(a4$9*9XFflE)nMp3o+Y7t3#DL-o6bp;Y-0q;o&}0T
z^-(0Vat9ioV8gX$wX82nqtYf9W$wIr<kukI&<*oDr-<*2i8hE9kX(MBcEaF1c`Xe4
z!51w?60udTU*8PhjhIJyqsEvqpP(LSl4x<=Dv&|gmw);MWPa*diDcAmR;}>%(<kmI
zBA1PYGPu&!qNzDOeFF3*_FGuHK@EGhAQ+JFypGv{t{mQ`w}Y|><12a?SW>3duh7Ol
zAq<ZZ6F}f!K>S!mTCmzbfnnhuLyibC;idcg`}0q7oqq@QWopsuN3mk?VsGsR*!kh=
z>h&{RIj3i}59#Wt@{SKvR+h_h4$s01M7QpeLl=5AQf!=o<K~WBgixvH<@IA>GinR#
zNo@PA$Cp`|No9I^KyF7a{sf-emN|b|1~$mKcjwb-D|>sS@(PWBO)Hd^RvxHot1YAw
zt|P@fQuEv<8yiBee(N38{G_xRaK}~W*X{nqBf-TwqK5A&aXvPdt)zpQXwU1?UEIOL
zuH3!5N>NI(t@?}3p8Mv0{Y|5j*IAznU9!5>@68qNAL=$L)C7<7UoWaon$%@^V8qD5
zv7D;ybf_HKgj_=Ig4{g12LrEAS~=-OTfhDK=a><~IfFDK>5g&|O%!7_L_UYuG3UY^
z8{V#S;`v8To%o{d$@(80yn~_T2Xm3@|37f_|DpT5L8Z+gIZ!S4c;^{Q&W1^RO<QxS
zn||!>#J_~P#dCRoEPF6`p1-0LZ=AN{Y1_qqGccYzbK0Qv7sNnGG->RlwogWEJDq2K
z?S&1O*XH_lkDq#f)qqP;VSh+Jm07bzhH|~qXyBcPZR-#E_)sKqnS(dw*>2;X!QtlO
z(gc+}a_;tb-P9*dO5p7FNK5KLO~gPacNQfysoLpYg2)uyyb0(4s?zRSHwa8c#pAC^
z-_S98i{-8M?+v=-a9i?0^gFvDlY^#z7;4xeX>_9H(!|iT+wJ4HUQY~t4_U=M;pk16
zMk8t;i#gO2R0Cr3X|f%ljl)sLX>StV9s(GE;aDki-utFn7Ubn|*2a^mbm4;jwZtD+
zI@loMF5W3Nw7}0{5fs}<6v2}?vwzyF0f?buVcvUP_y}f;z327o*O0EP5Ppyq#ICA<
z1<?Uji+f7f7QHMzFK-8o<l5^EN1STwgY60a#N9SbV>}1No1X7pH}Jary7$WPYna+8
zWY6IWvuFD*-`ic{SN-duhEB5c%!{LnzJPjKZrnKAw7$(GKLIYc(3==CSWg%0^#{+H
zmLF;oOKEg`$o@)~(z~!D;r`Y<Y;%6VkhwUXI3*Q+J`Mm>rAx1_WJ_9DS>?uivqdm~
zV*l0*CP&!9-2B^2mx9vLR|VXlP{DjN7yDDH)(bJ+(c3cSZcKqvuu)oavakz6xd`A0
zWEh&guBxi>&FWUSQc66D`X+g=bThlIPx98Rh$`r}y+f{3lgI8}!jQGOXCyYI$>sNZ
z5M5kP>gJ_(rbcuUSbMJZZ=4x71Gq4K`Y!_Gh#H%kpbH*7e$24KpmXBLI)cQQZb7rr
zaT+~4>8yhq_#Ivk--&_NF8k^8IGu^-7P0;Oi-!;6*l?UI%j+*LwwQQp%jV6EG{eAe
z{1h8}bpvqYDEkt=2lWM^sx{)?ShMDxs8Rj;m9l`oA*tbg4~|s+W=HBk2Y^qq7MN}%
z;NqJq-~<uPG1}T~lz@T*lb0yLB=><(E;2FcA;9?g`1+PO#>q;KnmqYru^6HhA0MBP
zkU(1W+O_ZRDa#*u@_DMSTuE`Um?udpOq?TC2tRsy4~dmRWQG_)m`3f%PD<XYG-iza
zq>DLg=_HUmcHD(4i2$SMT2vJrGyj5HvIRj8MuwMv_@FoR#vFwJLdam(xqu;Sd$p+k
zs%t3MbB$$DM29V_W2-ymYnG@_YVF{C<i2k2?!!{-pFV%CRcEHq6Et>TufaqwgL%tH
zNxjU?B~g`IjAo739*N=1m=}=)bquTlL@4SvV03)+&$0AC=J{6xN{S`l#-wSZpYGAM
zt6$sgp}+oWymF<?(4iIO<w1Ua3jhlI4UvBU_0b%F>eiN=FyqRs@kr#1;%sVNOlshj
zh=`+!*h|i5SmAp;dYtivjNlPH7sX}&pba5zWr#pjxu_A~F;mp>=E%jy&xEsScpt)f
z3>5-EgK)1kHZ(wIY16fUG0XcaYH7Wu=+)MC2jr&f;0)^+w@1LmUg*(zWME@W`J%kO
z2hWl5$PeH$#Rlr$)2B@+fRSlZ(eO%v1qR5-j7gB@CMB4p8Ut5y3A#FlS*cP5so;kG
zNdXjQX9G^Oy_ix-!h`d+Z50K#dkcsjpsk{5HpZWrQ(?{xwRIxYlg!2m-o0F_n+jLf
z_I#Dw@k&myGYbhZ@eVPGoudiSh{B{v-1`(auToN|RpwZnazbkjA$DjwK@w!bUx<j1
zB_-TVVJCUrVG9Pz$Pfi+7_iNvRfQ_JkzV)s>C<zJ7f+wQ8w)G99*N0p9|UdDXcz=|
zhKCfOAeP{M==l|<TzxY*FhwCP%8dD$%hftG?o8x5SrtshT$tn$dY5FmXqH1vOgx$q
z`Wd+C?gHwiMUc?_fr^qXCZ_Db_6IK!;M!sQiROy<$`1Fq$%!J)|7Ue^=6s#?vqBf$
zO$OsG{wq&vhWEaGfmI11A%(b?*{KZE$}TKqg+Xmg_30CZf}Wm(JB5IZ-a0LQ&-cS&
zNM4vzeCNsI#~I}{Vj9cn(YP@wegj;+#gUAwV*Qks4t%R2@8x%H;DhIO9+ER|PA~=4
zw@>)Rd(!Z-Nu6{Y-tIzXT=SJis?14qN8&T{3B;>Wy&<_k5dwH!D_iC?(Z@*IGB9Yl
z@W-`lm$J$gqAotn<LQve9gxEkex928n?EeMSX@8lVH#R~{`|S4ps~Q&S-obCq7-kj
zu3rI{iM+pI(>6eT${!Xe_(%`xig|PACVxf_&~X>2NJxk&Tw99m3U+;F+D5?t%q=-t
z&9!<PCI)dGV*%u3LZ?B7oyCEB_lDI_lh!586@$Ym;7^PT%PMD`oLAh)0gSq2_)G=$
zg(7sdkq5&E$aLMqzf}L?OJVOf7jqI&ib0M&e5iM)ocN%PR#qpcIFH|9vwl6%b`sl9
zAt&s!cS1~f(6kjJVtqS~lep2Qc6#f{318<WH~e}j=<bDIhYSg(Fa(JKM>=?ps@Bl`
znfv2EI1~}wu2|7XZ6yp3KFf3%zlu2_&H-A_($Ypnrd$}`_|XaRS7T)xA18BnqV1`~
zqo7F?89G64($j~ht`mr&ADPyH#P3<NIHg&}PH{^aCPLQH3}daKk!ee;LB}$0mJ#LC
zL2#^;uWuEdz&`_zfa#pKZbhx<^fqXmYhcy6?r!7jId1S-11Q!p-w^s0iK?W)$(xmt
zAvY^BGSY)!^70Se$~#T*H2`XtkAz_ynIN5cwb&azj+w@k?kVp*Nuwn%0$QKgR{!q2
zrh{$4+r9b(sCcEtjCgInMW!rzxaIFX1LM>O8tgmy`0Qng>DEz!%>f3<-+%;+5y3EA
z@7y2SNhRWBzpw?{X|ci3t?!Dn2@THUXzb?wfJNo^VDzF(sQiK8haQ=^)ax<>fd73{
zk@R6FycQ`p&6oW`LSB@#ReDi;CEUFWXvS#?w#!|U)ZPl{_7!z`pg7}!Qi_c#HDg|g
zR*+G6$9pieO7mW`VXC*^rSzfn0%K)IX;%(R&a&YK=JXe3cNQ<EZNw*8T&@?&sX5bE
zW)ity+P8rvzn^X8%3_(T%8b+2HdW{grxmgCCgXwgGcvBn#c2?mbop{QsBz|zi*(w2
zM9eM>LD`uR#-{;t7G1-}FImM5EgB*1!(mMyPCoGJl`9Y0q*Gpp%E@l{Y;*5^$y>*P
zj@o-PKKd<^ygBaPP|5Kh@4f19;vtach~>)G`rvYG51uq)^j`2xx9x)2;7-1ok)_kZ
zM=2;EY&>$`oOuSb_pN0C!3d%Og2o;(oe-W!?;Hx<>fazDDu1cI;-mDyfw5K@@`$2|
z2PJZH;n!n-<<Ww2SNj|}QeR#DIiVJ4gw7$eapwcX3rf<&29(lQsmh3HkRrCJW;<|@
z)jx=b4(OvtCmv&Xt7cG4Of_(b2(gX)Mj>aVDmLk>ZVw?7n=IouZ&LDj6R3^jLhdGG
zl&k+*5Dt+Nzw~e{3z@+F<c-_JiA(TG<tAKY<4+Lh|E|0ov9nD7{>Yf;g=euEl2twT
z?d!5*sCdn9TM=b`pS2vfYP_#OVDNE4$U9D*M$NQX{9(4qD?ScL8rD~;%akp>c>l}p
z?4*sWS1(TT+;*qatB_q*y`$3iS^otwx4svYNw>nNWS6tP3#2&yUZ%A_0Iz%Up?1Y|
zd4Da}x<hkQX0uTc3~@~4JwUH1?em-Zpyofp@WmK-o-s@|&zLh6RtsA($}Tp@TvT<e
zgz`5A6ej;FL|XssmubWMBtPE7%7p!X-K~y=N3K&-=GM0f#!_2>@kxVDZj;PM%Y`kY
zrM1<p+&R7J?p%5QKiCsgSZZoZ?>HQK@_~Bn?v2gYm%q->AETabPs6!vS-WS>uZV?~
zCRd*AwZpRGv~^v)OuZ_v?0PIrABC_d`1Oe+QT>;3B;k9(UP@78s6d3@)-78Gzl}Za
zXIaO6wl_LFQp`Ny5FRlng$so)LZZI@uPu&_79vdS7onpZlX2yoA~|txC=1%pELqG0
zLKxkclhjtb%()Yv;PBs++#6ba`_N%_?IrzR(1HJlddz<=A^*?)(YmwrMi{L;wknGV
z<*hQ$Tv4`5={nwxTa~4ZGmQ$1yTNuImSvWfD`7KOdL~ThBk&l3{#bt0Oc%2eM<Yg@
zS6)E<U{BM|mFbyVT67<574QM=;L1!&0~r|?=I97#GpxABU|>{bz9Oh%Gq52O1~VFD
zHj-&_3EN*Mf<rGfN9U;j?{MfwQH44jRWDq}%QX`QLSNgwiqP2p?JYesA+P;qWQcmp
zLVJ^U33>$9&vOq|BuTn-Ng|8~Xep797CBqqKRI!pp&`X=E(3lE7(sqSup}@eUkqp!
zmbFV}2ZU%f3q3>g5Np}04Hl>zj>u{t<eN^uuH_t+)62;~VcaC*8ekw$bt3AnoIgJz
zN8A@qkx)T|cAQ1wM3*8jk8`@aaA|H(G>P79b`Av0ABWEYKOs<71j~#QW1uiYAi}<s
zm{|Da$p+DC7d{`m9Bl#KIvxCK+|k~;VT?)QAI-I`%b!;uG5Bv<fSWcH4d^unC@p`B
z9UpNS@+$^wclFkdGy2}x0$(=o%w+%j=93wVW<|$*6R{%z<S+NACz^l>={eisGnv$x
z)LMsgKJ&gaTj!@=k)vWM9T$?$=}Gdy`KG<~YPA@MQ_Jr|jSB8}L4jdSxgLB5{|9^{
zt}>*kqQWg$vv$T+x@M$gw3~DfqsNX#PPtGDoUgR9(hTJm@hI>BSk?OWjRq^@wkLnK
zX8a(s`|Rw-3p?9e>rvO7Ju3)EYnear&txmmTgho@_20j{G=IHKrszsDvthsf3h-fH
z^WqDgD~T~Lf>cH+DvIO1@nT|#<5b`{`l(k(zs2dNba^LR93XpEJqjIOORwI&88kAN
zwQ}|9kUdv$Pn2z)(D304&Bbi90;=!j%Q^Uj<kVD}rr%1$CkM_hOk1>Q3)e4qCu_m&
z*3#w6!Oz-l%*vg<e{*GGGMDxc4aW=m^3;GJ<%hn22L7Eqn;OIMH_l&LA-*>OypPv1
z++wD@KO*N*m?eJ*M7Gf43TF{|4IIcr?IzGxwStX}KFA30w&K9~;IeC=9p1l}&q+a`
zhJ~dDcPG|5epnfdkA6#j0w0lG4zx~&(up%?Rv8=rj=~WF;2I_erz7Y7V9Y%vDNh^>
z0tGN8o5wjh&gsfHy~1+tz1^@4(GYu@=(5wPB5iS;xb1u70$lq}I|8@QHwEn02EQrX
z@`2K%?X72TVcHMV;n5U}fG6+3QfSc(&LikHe#s|7G{Hp!racSpolOGbSU-Nv#30@&
zG6Y6E)D!K5B5vxzb71lakH&p1z>6#FviL+EiSU-<NHDjCd{vU31E+Z{u(r1L=PVOp
z0dYq3;`jkDO<Q;Vd65CKaCF&NS@9J8>r!?SAa?LZG;ofnHVxD6)%Lo9=O)fqx3^aw
zoa;s$#dM?u$nU66>Bu093*!&d3(=#A&m6A4gULVWxqC`<6uflhPCSD++sK;XIz$9q
z*>_^1D7AvFLbn`jB<6;L695&13pp)p;$sQZG$YTQ>mX1ocM>Hs6DK11KlZs81KX(8
zgErXNiPTEp>gd>2cBZC<KgFCEy(uUxwhkS17S$=sx!T$7lelF)Jo4&e9<Qz9O(R$1
z%d_Umk>z5?tobc-h_|lX3}cMDjDdjN2KilkJ@&>85n8x(2`iX}#kAM)odmw(X3l#c
zM_@zN7fa>E$=^E)%;I|Sp^9P?I*!xHAUrF@VoKPbe~O(7WeSKrvVjFszvWy6$r9~#
zR7e<$xpuL<^BDUJY|QG$o&JXU6Hlj=o;Z5+d8m%ro%7r_|6ZJ-u|4#6as54go95e_
zcwO1hG#c>>qBl*PW?NvNgiYo8?c1niw(Cp*uM+L3kPKtS%m$80Pya^s3Z(~uZhCWL
z{~(Pba{K9HSHalN{6LJi#d9~(t^)F)SXg%Qfdyo(h!TS4)HibpGA3mN+exqyjoyW{
zh18{ZrupCEuVPXn>Z|BWQ!(o2<kYipC|sqbrCH%ho+obgp``!2Le;b12l2(|!^$xW
zqb0K9ud&#%q`G@MmLs_XNljT?=QFzrPe1K-VRO(Osh_mH&z8|YIyms4i*vpjcH!~O
z5;K<pS)1k}qZDhlc(hq^3QJ5)$4hnZKPjgF98*(ML>l6a5~?#lWQ|DocAPn}S^4zf
z_L*y9#A$aJN(Scgf!x()H;BLN;cRin*CVILe;YdPZr?I%u<f%w=f<Qj@T@DHklIQ9
z^)$21?%U&$9CH&Axte0p-CLK%#SUpHaS%Vm#1b(`KQu|Z@k#I)i6h$^c6F?rzwhfc
z^X8EgmfTkvTKLkt%EjZx=CB25TmG_`*d;vDZ8R_I$PqXyzHTU?a<DPXe`x~YqVN4w
zp75;`uLam>-?e3Y-!@}vo#jeH^EcOBUTZjh&t9uPHhG_MjCB~6`|$o_S(*A>&(`=E
znpZt)UqU{66$>}TM#dM73v;dFkunaL6auR0=Qph_lL*JBbEa&8uBN!ay+M$`ZF-f0
zg650y$iN3Mj|R`!9E9DB?TLw@H9@-}B5POY8^5F?!cjR!symikRt`~+UEJqvW<mp?
zq~t!8drdz+D_wr*jr)5S1J6IIl=~*-<kY@Wdv0e*rG00Pm_Hiz)~dsZeXW*}n3|z!
zIY@wE@N{;#=d*Uos8LT+Q#a8Pspjtrd5U%IyF6?a?$q_!VZ4D!la{DOtp|PJhM;fm
zIk+yV9|H>%m6dx-O7dx`RQ7Yu_vpcVmda^&x(KMX_>M!(*Ylp*RrO*e#wqpK=GtMt
zaN4L{IqH|QdOc5Po&Bnz@2b1}c#A1@6wNu8F4xGJsjk~Fk_hl!wv4dAO*e&4H>#tk
zRS>u9>N_{ka8df;n*~Oe+$WN?*Ox2xJ-{006(+YJO29BO)w-S6K{_-6{SBa!&6OTM
z;*&S%^k*D01M4r^gAZ^BA`nv{J&KzZ(IwXZlc!GuJBY@{6)TcLK9P`ZSeH*RNCAh8
zI>vGyA~_V|9B}XqXj2QARfGA(F%iGbFT(ZZU&txPOH6@8zr!8r;o%{<uOEG)RClx5
zOo;D=`g$kx)UVuIHK0Ok_bsEwdGnH{y;~QR?)hM5>rL*by!`yx#*3jNPzB*b3=iMH
zSqx|bpUwe<OM~nq3k!uA#xQnVku=79OJF4m0;)}c5|v1c<w_$r<>%!g@Fh}!B;eca
zZ9p9mm351z1H(o~FKoJX;X)^Yz_;P!n6Y8PtRjwNRu-<w(F`;EQdY)7{YQfwS<f#l
zCi0Kb+7bdl1`MV39b(zJzdsfi8!GhOJ<Wk=C;psz;r0=Viu+S67-0#m!3d&+_I_w;
zYFt3^UM=t(Z5vyZUjORP4HHraE<e<^a=6c3#%WM3(_~QfQmlT1T4fx-V~VMH^Tf1Y
zEXjy!S!s;)BP#2nSRy5bs&QLkZJ{=_v#@yS(H=B+<muFk@I8>WUvyP~UBa{Y_nYjO
zE~V20nj<d-3>2LiNFB;NFjVoD!?qM38ykTytEMbN1l?*y2A|CZ5j!#K-a7}<o0AhL
z{ljt!`)H^AfFYGv$+rDX*6Of=6=bn;pdc#47A`c5qYeI|7<Avfp}DzwyOxZvfmp^w
z`x*{gmoz49fv6aqZ;QTWzrK9A3FI@9&aefFtDRm!OHslM9(=m6ncET@+XtE(QLvbm
zRlxX8Hp-1Wesj4g1M6Z*(%3PT(QBeN4qW-=h6w|cnmeI(8hsq7WxmSpXoINVJ6$#P
zv>q~Yu4})iGUlgdd5qghA<Q|mv!AAt($D;{;q<<sXqlRLITREgJ$Ue*dJ7D4-GqS_
zc^U`i3dk{=+*)A_q2j-Ulke|&Af?^N9EwM9D9`-OI)xsA)({$e_W2CM4aqltiIYQ}
zj1jz7j~;BagNF_stpIB3Dj?>}c_KkktnlYAyNudZ66YTgl~>kXRsM~XGh)!+0dHfI
zmQnNqj}X5Gw?X?zk;2`_BNvx9x$U{Ru^7&w%&fuD4ULa_dU_IK&5?p<iM_Ds6<?;G
z&tm}ZfGJ*R;zQF;43V!V3-aISIH%2=xdD+r4M_rxCtDozBW7f3@Uau$tR^->+6OU8
zazHJykSKz9#i%Sqt%S6d>PnsoB?<C2hHa*nR-@x+g+NbnJKs~}YqR<sE~uIG_N^nj
zNsVFmWw#`c-j{#eEGabgUxBahuARGd2^^rQsYy$E0Bf+o%vjd^_?0*I8=TL}%}q8s
zgbnVWR4i0#T;e|r8Yy7O7cSMzs>as`Tf}p6eG<p%=1a%*_{o#z#>U!0QdTHg?WI4f
zkNTD}DpVXS$+<nUD2;(&`HVskB1{tq<J?aCL$S4{kei>6Z_PFP&m|V_qTkNKZ55U9
z0>wj&8td7UK*ufuCp3RyKuu&#6n^w{8-t&P%g!=MhyNAO)RcW{;}2CL+b}^Ldmv^u
zy4YvZ2ldY(!{GWUteqk6A06!&IxhuMfQ;T^ENwXRs8M+gl(Mka@JSb)J0{Rv0s|!*
zD9te5scmK_2b}ZMpLXHKg@lCQ$7}uL+_XcHQ2p*_B#%)l;TVaa-Vfx`Yz3<?yV8BW
zx%H14IK0fudSp~!!IQ4d_F})zeZV;he5ueEq4b@&xD?+gwpLhJb?Fa@fLB}BfV_s=
zllgCQkN<Nx%MXRY-(3Fxm;UI(1?#ubstvQ(SCpdbzh5TF=f3c*%(FmthB5Cy(WUm!
z1&SDA3727Gt)CdA{H6-Pj`hfNPpZgO<8ulMrl2emee&R8vr?vM!UQsmPMk#qHr-}}
zGZiUMoHmgHlEsQ0)xWigO0U+z#m^=GSLMPSXKqt;gOdbKN{m_E1rnS<utjeqD&pA^
z=YUEX!w2p${1`(TOUuhgyYYHd?w#-XdTebMYS2$l%q_QpZ_*P=k^qa@MTm-tDPVjN
zyMlU=ID>x#E2!T=PwCTlLU5DO$HzxBs3Y(}w&F7t{WJuxQzX)MaeUF`G@?mjDm8h$
zT%<v#PorqR|KNc<3Y+RQ9h}rZM8BUsdu#uVgqDXWP?84u`iejqI6<;ow;<wsSM6i+
z!y2r%CYi5a%SuacV~7Qi3t0!1SnN-HEv3+5My3vlM;vD(0|9|KXI8FSWeXVqMuaKB
z!vob$m#QrEEj9C1PNv0>1uK{{t2DDOHwj=F^|FD!J|HkNN^u1+nGajeLMaF#(Q^Pq
zK|(Yxl%JwOh*uB~rhI_X^03&)3)xs=lnE*z!Yi@2iY7e$b5QNvTF~26K>&0B1c2U>
z!Y#Wuz+CZmZ!}Tz0#yN$z~0qWeB)OSx8?wE3*u}{PJ9H?$T$e+up;`vR!4MY^y!Lb
z7xi`{a15g}eh+FdDol`=u|!Rf_1LyP_n2R2le0_HgE~1+|4l9^`K8^2OBYYR8`n9|
z&eUOnSA@dpzQKORPYygkli6v}*k`IQ=h|kf-d%iFs?YI5yNWx<UA;eEzS(_pW&A@Q
zgOc&@*R>agmz;^|o%X#XO~bWr#ciGhnJ^+6_o4Cij?!SGmPH+fHt#b#Lc~Z^s`6vA
zv+Z2D2gt{Ui|N833-f!saON@?5h!9s+;KkoXfFr8ICF`U$_p58cXesOm1WAF_s`lk
zGEb3;6nJcnstlN2JOe#^9tWH`qlLAYdmM=i^(JoyU;MJJze-8fu#(itMK!&fTU4Zj
zG?iCM;uij+O{4I6E;cp2ruE87bz~rdKbD7vm?^=?S{6AYMc^>LR-^Nl)+Obv=U}xj
zn3pl=WIt0*ipVO*M@MP3S8_=H{hgRUgB!vngq9u}F?rNMR9hUWb*EntJV<ofcRMkw
z7U@Ow>MPk}QVEP{KkXT+xpj8e3^a@-zNJuFUFBeld68wfl&n={N<up}SFuxO+k7=i
zg#X@_df3Ou^<&V6FFHieMDh>N2R}W6j<p`>;@Fc-rI+u@q9f)f*eJZF&@u+$qw|De
zf*@P`+;Xt5f!w2IW^R-4b+3O0d!KXFq@Em>u5zYGiOCCDeED+g1#yat#}<c+hY>yy
zD?wdCiRnfL2nnn@h`^{`c}tW|w>MpYJnyrXH}EugJrugfj;(aiCK_Q$pRdIqZSVV~
zKJjL7xX-hj?N+onL!L7epo>Ozt8Id*4wwee3AV9U+1cnph-vIa<oJXM>1k>9@aB|E
z^pN5JFl4D2?n5`$LhK&%Nz0KUeP^jS{|r`)|HV^wQI@xEh}RQ$L^nB_%%f*{r8SjB
zW>=R+g6zVq!M<_e5PkW1dmE0Y$Q%r)P!mnGAPrEvM^BfxU1GCJe$-3)MUZs-z9E4^
zvkmneTuVuH9(?*Y)D2#J=o`QXMOyz#HqV`*y-TkwnRWB~qaS&CU+A`U2CoRuBAt~^
z72iQByZzz`(>utuF%6M>a_o2XQ`8iP3_c8Te(lem27=`VL^OcxYOM2SA_-bbTEwI%
zpj`S%xkva3Wtr<{7oxlWN>S7@f~D?$XcQx-@3j3P2(+hv#>VDaOw@3DjR>QxwrSfA
zY;T*Lo!evLuXB@A^B26T+6dAj3V)YrV>P4+LkH$s@Q{|TxT0dbS5%&@_^J^!#iW}q
z!icbM-;>%mlU`Mk?G`J^fy5#X&Su8TTcz1CjfeXPLh&?)Mfi10l@O*$8pYeU&@=M-
zIk&jpo+i8!gcf8nGWb)$G0$h@RwZP&@85E2wW+E5`$yeSx)NW-^32{CJW)vyCPpt;
z0x-0U(V*B-RjsL1Zp!<8lxj1)0u8Af#+u;YS-=<g{Wn)4skDcAqn_EMW&+1BWZ0{W
zeyA_Li@;Lrq!Z*cc11yo_?3C^?-~|JPHN`Ei3xAHg5Wfq+;}wnRWl-nY}{sTeffLB
za6vfRk#m5LFDdzcK@2@8XsGNNlErS{WdsX{i00(|dZ~6+Rtpm4`|)?&gJ5ZFnmKdw
zOWP~iPsM=EhB+&*zN&gWXL%Q<7ipyPpng6d&#YI2lTKxC6oIikTive5W|xrfL$Y;g
zi0cdR2@+v~bUfVSKM;_@yQo1PbNBnxv5Z<bR-@k6l#^QnY7SW&tiD7L?A(L5hqxh@
z1^7TZg-o3QZ@Rekgr)S>`Ud`;MNy3tH!s1}xm}Hmo+_34I@IOU=$JeuFDpAcH2jwt
z`nP7WAZS);nfyu)`KEl;5-~yxC|qRtOYExoOC)7f|9De{%kfiDQadySr8yI?aIdET
ziaI!J3PNz<ms=1wNBhs8GFf!yqY#pln;xFE9wc-9`s*)cgtsH>375&Yy@kX!>2=wD
zBl|is{ZLMttX!GMhTt+C+;cDOEb=lreWutf+${G9*)6iDi&_-Lbpy<H`XgsR0y21T
zL7qw{;ofv$6j!9?JgzU^+gzgTAGv*C(f0&E?bhu8QHaE9Q*^{{{e0<5^vbKf+L;Kn
zzIhP@Mud_y;~!sD&C(DA^#c^_mlyxZfEc6hb-t6+jONb|RkaR)MbE)Kd-KgPfB((3
z&3UswVuv~dn#2CINC`lnwzW>-7s26-<E<gY2a+@q-lf?<wE)a<m|F&*YCMB{C^3#R
z(Z$rXE#D>*uLTAyw_pvzvCpi_i(VhB-jI6p(rgrV^e;mO4GKDQM#+nWjrEL|1${bp
z#QhiHoBgZu)TNgfd$hmhi0vT<pmJ;jLgP*OH_G`vn3R9~eG2IZa{hwwJ2oTzni{#_
zHWm4#r^k=u3T=y-&YD~n7k7;Tdb@P={^wSeoMdu7gLbxbo`kT=B=GUt3@g<itDYr)
zwDU9eP8Y6KC(U3_PgXa3S6ic(aL)|#jhpbtZ}c@-2W{l3!dY;9+2X~;4LOT7U)tVW
zIRv(m-lxl`Uxa(($Xu!najj^a>2qjx;Q4yr=H}+XJtd;~t0oQ6-kB@90MpW{!p=lV
zu4D%<8Iw&rPCZ5e2z9sg%GRCB$wVcto6qvxatod5)cV&Sj+#%|^mXCSRey}Pf-Wm3
z$K>kL@SZ({U58Nd8--)clff+Y;l!h_XKoe7uDq%iH1~xJd-BFZO>%FOcN1(oyvwOx
z!Y)}WH9>GZoA>|!<Ntpk|4%H26W2ln;a-rKxJPE-wGeMTQfy(BHndkUUR8VhH}exO
zlC7o3tt?K?vQ`sbFN7I4L3N!S<FL5EQk=De8EduXknpfPcD@<6<Ffhp<*=c<mj*k_
z%6irR&qG2Ldi(D#G4YabIe{Gw&-Jpj_f62!lWi1Z^0;5VL}Z-tW>0yMbgN#pa}n1&
z5Fct}ETtDIBI^?Hb?{FCwoB>O0E&ZyBH7y%N)>QGERRBUl0J=5H~)@VXa{L5*sdgc
z4(!vnFO@v$nN~$&hP~(gDAe4|$6@+tV<=+sZj=6lIp1i<T@LbnLtT<l1rfIx>dw%j
z#a)e8tgw!KiuMrDyqAO?4MeZ)L42p-N3*k#DpVth-nVxz6`CYW6$x5(3F7ckTiY`#
z8xHq52jEFvn71MHW@WFgUDH3;LNDK1dG%JF?T7+8f=9hhw!k@R6OK!mOh7@8rLlq_
zp)*T=`r?296x;MX)NQ%-3@*_ipo&DqM6oKuZu{o@NNO<M{S>JbRNzH~lI`Tuxcz3E
z368&3on4Tkt(zEM|4riVom<Nnbryzm!752VgYu+J#r9Q{nYp(2611%b=V1XFf!_Ik
z+$AgnMnW>ZyAYwO7gMi6^Pi@sQi|Qov*lh-@>hwBh!6wUD5}Asz57rgi9`w5d-ld`
zD^>8=5A^KFZ>Si6!E0R-zDMAA6Wh$e>J>Bywo~#U;H1Z|8aR0HSg&t&b*70scUW3p
zY7KBjz}lf>NBiO{Hv3o#j|d<U<tda3C>+XZyF~Lys%1>H4U7OS7l^uL%noAn`3kHK
ztW-g2n@&YvD1*bN)DM%5Sa_LLZaqv5RsYv+b{iH*ZydsSY_~Z-CmV!o;X12ccVwzG
zjtyDamW-LhQbVSi<k?LOA}<4#spL?tvX37x*+wAZi-@?(LiwU+eKVgHqeQ3U`Wx_+
ztMlON)CkKna<g9cA%C(k4XNzmp;I-LmD8+L!36&R1lQ79bzmtIVvs3$_aXIHyjW&m
z<R;`&f0|MT8j(x?O$#&j!yk+PG~NWDxUKFv7~Ykv^2KAav*RO{er8ExP#EX6{r!Pa
zJQRj4e{mIYmiO-ijvu!y5=W8Bc~NVJwqA=&Y}#1RP7c|Xex|8rZ?#yj6?Z;gL$V3{
z+e5A*p}r6k6)OyJ!(UIHTv_}l>yPf_*zAi7FaHJK&vrr)M^ObTf#@O}tB*#nC58Rf
zWPH^fKN9}H8YG^<{f_PR<?IY%g%ex8&+&PD?rtypn=8jjKcf++iTzXdQuapC4ag{?
z-#$GZHodFy(xuW2FB;YkZcUEHvY~{NB-%v!ZVBln^g+VMdRsUY^Oyo;BIUa7eqapB
z@t><r{rBImlT`>_)Ac&~8`{PJrrX~E$hhG~z2oqa!drJgj-|}R->6i7W>TX<buadx
zNfe}*>Q2lDdm`$McM~5_yRkU%>Da!yZ1`Qfc2Ohd_Esdd31m1WC2qI!A0y6e=qTtz
z3<Iu#)bPjq4;(mfzyRk@FGmBz5Qla2=nbL+OQKM=P>s^_g%I+M4V^<vN|%h)``U+R
zU%Z1lyWlXa*Xzr}oL+sdjj>FfZDdqIgALdPH^p%^sDJ;9*&9(sL^1mcna}8%MhI6~
z)?c+Bw$hjvd9=6I4Ks87dJ_Ph&q}9<$O(0Rf@wQ_<=8Y$0xk+ln;IGvdqcS)+Bo(E
zp+a<M)s!KnlqFTDNsb>qN`|BYihXQcxXA}`Vh~JkV{>I{?$a(ez55XHI6xOs1IcUd
z)V*lQZVfxT@bb2Hosw-8Mzw&?Oa<G_heG|u0{etrw9w`A)imwqx#3wizg~Cj)e<;g
z+q(HR<#r-)f^Jt<g4cE)K0~{r`C=r+qa5HWY338$QlCt2<8HMtdhn?Q>h5F`1lP}A
z!k!)(c)6O&^{s)-q>V=%$JTCLaCtGRYIxv^{NL^|+U;eXWF)NBI_@Bk4LgqiY*cLu
zkJQcQJg2se6I~@obsO8hd^WW}hjiikb$^==jM<6KvxT7f@@d5?9niB4y-E<#MTDK%
z&oBOO%Q@}Oodv&L_sz>bjdq$!!FT&8pvAS2J?HZiIyK*R*|n7n#n`;jpU+mg|Cb9v
z4%doL^b@-dpG>vHmQag;m_;1#!o=pc`Gkfd+T9KxbOjd)KL8V)%XeIs@~iD6+Qh}i
g5;#vi-qPi;f|hycg@v2QvlnK~Fw(!KYrf}y09*;P_5c6?

literal 0
HcmV?d00001

diff --git a/docsource/images/Akamai-basic-store-type-dialog.png b/docsource/images/Akamai-basic-store-type-dialog.png
new file mode 100644
index 0000000000000000000000000000000000000000..d50d36da34aeb9f6e4057c0ea4e08abe316a392b
GIT binary patch
literal 51443
zcmd432{e~)+cv8CCuJy+d7d(5%oHL;1EEAh$yj8bG9^l=gi7WzM1(}<D6=v}Lgsm%
zDKhQj_kW(}U2DJV`}W@J`}SUITkretN!-8tzV7on&*MCf<GcbcsGr`ymwqn^3CVsn
z)stEzB-=yq|L+Og@g0qVYzh(*RuZ+7CoZ~1Pj$N~KI+_(nrl(gZsrZBy-1%ld_>9d
zt>3enP<v}CHmB(|75Vf$eiIkL%c`^m)FA=}x7nS(v*)N;iu}rnGK-8H{ZqZ_+2A5C
zruHqrZrN*Nxh`TcdQ{H*O;4j<thq^GP*6}{U}RKOT3Q+vKAxn6J2f?RVPWCduU~uj
z?p+WzEIukB(fZ@Zdh<u(?J4rNTRERPRW;XNZtDJLX8$$@d~@Zd<;|PFXS&xm*8Y4r
z?*4nd`S~{D&+6a#JyqLpYf|bcfxnV82~lPfzdueQLj0|#<o^qQCH>aeC@dtj*<Msx
zS?T8H7Q?Gka_i&Yz`51+woIe8pFbxiC)3`(^&Fpgg@-6Emg5eqH4!y6O<MSs^6uT#
z@?;wx@5+@cU%!4eDwM%OGky5*K|M}hkcTJFV|8KMj@=K7*GB522CIXQ9Xp1nZ*OnU
zSLSlzej(?*d3CY$U3z+F>ELtz%X5aOPMxwI&3XU+v$RH>{6?*DLVSGHV}|5}1Tn95
zS00|^FTQ&i=;)?9^D^JQeY@dwEBRJi1{W7sNcivHzw=}L$(h&#q@|@fPCsFkaZJH$
zxPO0FSZ%TMG`*!rz-3bR-&1-gPx_q<Ji^Ck=j0?IDk>@_=3r+RarAoGs}sHgf`SPN
z34DPEYU>8)$(dv>Ub@5;qU=JyX<eB6m{EG+o6Z4}Il-F7Mg`Bmjt&lD!PT<3s}m=D
z=8B}QExH!Jc=4hoS;HkKuRG$U=jOWGhnVp2KTG2+&NIA}1er)}IaNYhdiwI*oNj@=
zsk-_T)xR^{Mb*J9jb_=MZWS6|>*}IKZahd%HotzIP0h;ElBz?IP#+_kmzd~RJk^#N
z7at#=n97#%;e-9g-(_-g@_>K<1L5iZa{r${fBu>2#<dTrH#Ro@Sy=en=)K7ieVBpa
zmZ|CTH{nuoadF3uCW9}di=|e(5GIp7pNgWR8GA<NU3t`_S+7U!v|86PG&DSM;<fU9
z7b!D`g03K1;l0Uz_wPI9P^xw0SZbd;x6iHCIBU#N#w{W)uGDe7IXA&;O<Gn~!E0TY
zGsNR47SlDMq@*M#huTI~N@}XRsI9vCH2a~Im)4!RYN`H@DG~bv_64p{rxNt8TuDt!
z3v*FcR%Vg+c$jDO>CQ*TajpKeFyR!u_@%A*?-rafrxHROFI{RCzH*x6^D&=V6CtCL
z=$$tX<f?4Xy?3u{Vffp}oE({puKuIhH;j#Iwj2d;3rCM$kkZ{03k?lb{VXXWLb`vy
zsc6J@pT7CQYK6@e4)W;n@o}shURB&%^6%fjyQ;p@&$}(9BK2TnsYT=O-@mTyBoud_
zHf=hkzI%60L!-KL+qP{pGc);R{r&y=xmI7s^K5#nrup6mu?48As<L)^Z*Am-g&pj9
z5*SD?<2V+cMoZGCFMjRw-QjQHVT8x!l0Bd4sHv&t<m4)n3l-j$i>&?W^{!?Rpy5|g
zV6ibObhI3APGXm4U|^tNmV5c~<;qAsgR*kDWy>2+tA|p2eB%fp+;ex43yZY<(BI|B
zPVKNb?@c<JCX1Yh4+&jCq0gUxeE*)XZ(qgob<v2j6VDn)<D~2cHaFHfIy(04E^lvl
z{c>+t`Gfr&bWfOMUxbF<qr6h=YG-V0Y+{la8TqT}wKD&aBQ?77wP8H7J)dOF8=^@M
za{KxD6}v6&W*Zt9Ft)KN#VhRUx~df!7e|c3@bJrdx4X%i<sK@pWtMK95xuCR!;HII
zT^ubaC^&QGi~!B8o?^E!9t|49Y#Igz_x`f`_wL>MGu!)TszV!3_vOo%mKJSw^^CV~
zEr-88udS_>GB-9J_+a|&!G4C3;o<w*vB%w=Cw{zr^ytyAUsrD2xZ&X7prO$y`M}uE
ze*>Ab=1|r8>Z0(~{0n+|9SNr?<j5%L==iz{dW+p08e@-pdU(7%$E_X^9ISEf+_^Jn
zjvP56iaj7AqL*cSf9}_3ov2?84Y#L%eatr{XOw#S;)Tw|ixtLM_*tEds~vd5zdb~*
zT)J|l@J2Ox@h8N(X2PkEJS8Qi582sNO3MD^23f|HKhyR3`T41o<mKgqSrkg_2CMME
zyZ0TwW@`HJ&hpKWpOY43J4i~X2ChdH-`|m&k#U<R@OkamuecK{^BJs%$c?JL=^NEg
zVx;WYB_s~9B_=2HbbbGl_Qv4q)stpz<Bl><JRD_?^YfGO#7fzfwYBB7S`l7<{;cTY
z;xZq3fx5NS+q?LaRfnj8f<nl?`T6;(sw#SVdd{SroFDb|(|8-~(s-5<<I26opDez|
z%eu@w-06P&`0;tu?YQZ0;lg<zKi1dPRh+nmr65Mgj=_rW38$Ywd)C#}HFs9Dl9`2N
zc6gXe)cR5Rmd}now#EAh1gSeqDJ$ch?d{Rh4sQwy^fWXyhSG@<<L^IcXLTTnuw#es
z`}aq!t*z%p=S_cp_SsSUjZgcHl#~?G{=>}jKZ}b<oB65($l~YEotv}Wh!8VB*^|^V
zzV>G}FE6iJSl@brisMw@B`@qdc0uLjmS84XN$06{om)cZ^5d8o7=qS1s8#l}$TND&
zG&D4r)U*1RvsoXeq<n8udq7)Tn=v~*Jzb@w70W?IMP>5g)j`31Br9(oKJs_rx@K-}
z?jRNYq~1JE)`c9KNZj3hts~ofFdT(XBUX;8VHNrEsZ_OzsGxwrT=UWSMJn=k*XJKy
zCGD`3T%En1e_~vBW4rd>eSAZVv>mCKBRf`MYh8?vlH1RHG@U#>EW+wKHo-uEN&8h@
z1A`db&or@OC8&f+XT#@sPHxXFEG$G}dh6if;i09amBulhZyXU3QP%J0mlPcx9q08|
z%|rN{rluYC(9rN>hGPgyY1g@HxKpG7GU2gX%QF%l7Dh%!{ddo+r|0H6&kt0ZSUsS;
zeUp|p98Z0SU+3uyHi=9Wo24ZyE30+g;ZAN24l(lvMtj2{4PGIkCqrx@%;nqkH8g_j
z)=bRIcJJ8}Hm#m>l!U}lWsk9BTqBQ&d(|U4WNcJ4o>}b17gpIFRv*-@zdqwb{?yde
zL}bwjF9Nfetf55X8)|B5EpN`RnV8N!6#p5^kfNonZPQa6kmu>?sja1DSnMi-Y8m~(
zVN`wIfJQ*qcDCoZxA#_k)G=ImA=n+c$4XM)Lx@DUu*7MS#%*<=l1wt{xZ8rsd^EAJ
zUngxOEB4xmT<@(G$$a(dTKoI!;`H^OKeM9#V}EmS_&$3Y7nhlmQe&3Q#KdG5n4K*a
zRbRCh%Fjj<^gJ>$^669C)dkb&11v1Tr%zuwboel@*H+KsXyc#h&SS<E4^bX=Bu}+x
zamdTZny9L)n`L)kDR=GK<@#&4_fn=&X+up-zQ?L)!LN2C8HV%6t$*cU!-r-CBCe4x
zpFN{yT)B1YmPU-sa#p1Gfq;&yLg5!<1p;0ky?$@SR_Wx)lSm+U?)>#5J!t#2z+rSw
z<y5l%VUoGWl(Qy5nVhpJ<P}!^Yu;w{k@qRJG&R|_afphB7W2y`PYw?H%0_Z?b0-?9
z_xYImHBEJ7W82yq)pvHTg*~U5u_5g>Ulu7VCn2L1dKMBw#hj_Gs!FM+sgm4+#oxbw
zf4Gprue8gV8ZUY^EiElwZ~T0x2fzfB78n@F#>R%kfR&ZmoSp6Kqda&pEH2J_w1Fuw
z9&ZrU`20N<|8mO&5BnWGkLbiuf&3}ykKYk5aN9zSVd<n2CMQr(*eo}!eZ18cx@&(r
zd)ik^@n0pLYjb-aAe-3y${|fwxU-}>#30c8!^Exxq0ju&?C4>HV?{t2?Ovv&^z_Ho
z?sEy-=kmr7N>VE8-^PcA{1{H0IKjrt`!I3PGDbb`D9S2p$(gGjTy8vp)1T?Z<<16j
zadXSxSt77;dfX7w3pkakl<>VKo>PvASBtw=+M<ayw8li#QarL|!jY;hY#RdXV56eu
zv$>}E$+pbOG&YZis7PcK7rg&;yTmQOxoNM*;W04s&sSN;#Kc5ddAUtjKAZfV-Una5
zp0U3PY|fR|qZ+@GSo9DH@7&9yKIQ$KxCf7wIV_7wcvI7b%a_}Nr&VXDP^=T@5?ZRB
zFfmY4-pzBcw?B9Oe62qF`ST?QQ0@e1&L)ned;Od~hCNwqGTRU%dsPS+u1E@~2X#BZ
zq{?CO<%<_IdS>%L&KbnVH##SG&E3_trl#iMJI>jP3TGrPQ&Us?7KbqY!*GE3#ojf`
zmi=;Q8!bDTMP*yd-Z-sJX_c|Dv8UGarl!;?kLe|Dj?_i)Xv9`*4d1$Xv!<wP>wxr$
z{_wK-H3y4EWz{oh&tmi3Pwqr&R#hl^+*t*ncHby4Znm2JD_*ekOjp6}ZW+0q>4}Nr
zb^|9B6iQDAGl!4{0Z#T;QJ-Lbz_CEOw^vM1lt-}n$82w@O~QzQhib!*x7v2+^RLc)
za{p8FIX^qw0e7q-8kBQXFTCl;k00YSyGhn3QFtEiu`)0)C=R`vm}hYD;*Zy5ot=#(
zw*6&1i$kNM3T_J(U0u;Tf1r^9ED${?;K5H-Wt=rPmp{k5&A)tgNHphmcOl*3!+q6p
z2Klzvk&nta+FfS4`2P7)1LDZY=*h7>SYU&7uB@sG+#?qf#5BLv7n+or87wT}$1@@(
zDk@}9Xmah^HDpdRGv|Q{(&8t<rxKXtJ=&|PPN}I`cIDfxyz6v*P%zj2AUwQ{LSdaX
z^n{8^QY#a(#FOek1lr`p#2I>@QwhYj;n&AoE2fr~<JBW%KsOI|ysilwpR2$4vc_{S
z`*~EV$NFYVW8a6I<>OnEyr+{>Ql!vc6t@oyR0aVOejXp#G01*HOpcjCn7g_yDCYKc
zlFy}v+S&&rvJUBS3EA(^J$v>n;F14co68DO@w^MgTE~xny1Vt!bIm#QVCG2<<w(No
zUaz(NHdtqZ!V)!yw6IahRZUHwJpE5aYK+oC;ooA8*)Wg$Bqb*HxqD>oBBSY(wN)K?
z@L=~2;+OA_9~XhWJlB2)oSv67&aH8@8hy$(UsI!cU>`D?lCttKn;vv>9)a;SQrQU!
zgG04pc#}u?`D>jh=;~O%L|sHNqiTFVFiGO^0WWUyXZqsr-{ce&v?UiPPmR0>iaKW1
zuITlQn}^5$9Zh1(c)rMeVfvcawe4Q`#R8wG^8TrwPYgC<5$8gxXCI171dO5mlaZ0h
zUqJh01S|@8UsRGCB=9IWD5(7S4el^$;|jujbhxk)x6zS)y>);W=feBjNVe_(nxa~+
z6eJEL^d{yB3JaII&KvjJb}&y*nDcORhcejHphLy?LiV}L_Efg`g@lBl1wdzTqw3KY
zHgmjO)C2*VNxYtcPv#U96kUSoykbO6(e{7q%(Iz~QI9jZbxZbo*-kmGh}c+p+)44w
zl@-GY0J6cYbj0N1{QQ?gEB*c~_^5Yp-q0L4P&RCj6k*mFD`<cEh3n~J^Tt@$KMALU
z<vsuYK<+7aY4u`eX2z|o&>OF>%;OsF^8>r|yd<#ldU|@zm(lAMIgW=$M|WW<YDom>
zUU7$g@!nh=MPeFvEDR0~_V@QMEmhc@GHZyI_WZk)pD!g>75nmKJ~o%mt>Lk;eD^=M
zJ@!-45x?FhCtudqR?av=sT9V2zU(oFT-PVlZ!Zi#-LVEHnd|#9<TZ)5zq+y#<pkR(
zbT-(vO)v3nxPachQj)7eZB<of-{V!VR^|N)$B)MduuqC3M1cwW=Tm|`pIjAkDf1(}
zefu^N1dq$PM~u=3w#v?rUO_b!L?gMdv@`{Dofgc^boAQiz(f3~-ZJ#>kqT&LOzK{W
zD9e?16*$yNZu(Eo&T4EX8x`1dadIXmCZ1eheZz6;k*%|HRVQEp0A+O%S+%buqm=F4
zE<fLdkG7w4b8<Mpd0L8JQB@`MjMx_-du^<a#@Vg6{QOBn!8uS9n1~JsNtRr2@2!vG
z3ppP^YiK8{hup0<&O+Vv<<YY{V{JVhDRB$1j8D!%LnkXF(5|2h&6o$(;K<0SGJSjd
z1>AnEy`MpmGpVr0!8fU?XJ&qsfjsfs@q6rhLhWD+-M-zcieX`4Hr<8Kfm&X@vfcRW
zw4j2XYb4+xkLqW`9E<N20S7y8(*e*ni>j!oY;JCvq?iGe85F3q`;}%`S6Fo|?4e-h
z+{U1AZnuqN2Ex0SKoitjm0b~W&WvZfbCI$0jT;;hH96VYx0d~B7@3&Vo>hk32giaP
z!_Lv{YGl77?fs5DsNbfbs^a9_?1Ao9OgkyYbhNd}5ZdJAG}5bH8-F*}7aL2rHj8X$
z-4=#wvE8W+_dW7$0&cF&zEI)4=-Zxe$3aKVrP0Z~T6s)fZ<R^bdHwHXCOiLo#55Bf
zU4VPL!$@7n`|G}QMSxri&QphbO5Fbl8P*LC42a%YvIr?Vbm$N^-q`p!pGVBegzvdl
z9nDp#HXi<$jE&g~?guyh{P}xnso1uEdqnLEG~5N5Ol`?P<d-uIV<c|9m`fB6tCjQo
zn={9xZ7sfxP8W?GYq4wz-|e;x1M44Gi-&^i|B^Kt1|Jp~xX~zpEy&iZEXVJNI>e^@
zpf8-5S4qZlo*XaAIf&GSMsl%MKY7K&%h}mEnEAMj%eaqw1S<1(AN2Oy1}Lg2fByLK
zEG(?0tLt4tLW{FH)k?BFx-WFBoUS~&;4J{Sz#x76__1=&VR{CJ#f1glKw|HA<3&up
z87(dC<m6;foF;ZJ7^DXe9-s+LqcFX7>Filz7U{6c4GjE>=1Czpltn{`mzQ@Rqtu1s
zx#s3(a2qFlcRSraujA=?-0MKmlPBtFjV~vo5y=Jl`F+!Ueb<Tyd{`TWx<B3uPfNQ6
z2nezXKNTnMDX(*lxXVa>Q79BGWmj8~lpFv&1P7z4rbfDVFMIHX`i2IYf>_Fc4x^M0
zBqVbRwskXevv;<!CIJoAIv5;9yO+;LM#8Eh^P7Q<L{&Isv^nbK%Xj*DGv6-lAt903
z_qU@@Uj&GV#e01o+$E?%AXn`-=PaE(6|v{MUKGtyr0pR2+(t4&WG?S!8kl=25V=bd
zqrDYY_(M@fv2Hj1Ox*GR=fCb98Xi9Julpp?K8v0Scg)JfYPJJ^HgEg)UrPdB#>B*I
zB&E&WKS4%<y8ZbW)jtpIz3pKKe(<j2-Ix3Er|O>n>%Y1MgsW<TWT8>f+}a{pSU7%X
z>6&On41an~&JxxbVTX(!Vj-ar7@tyCcTOgz=TwZC7|P`v1d)PvQZUlW<9qkE`+j-q
zTKo9%W1#x!j%-wMWfKz<PD3xAIoD$Fx*;clCz+UHK=nvSNH{qy>$nWr7XZ|lW$B_*
zC>v)aPe$j}^y)-+q0?IQq0<Q7?LLZ}Az!YgynU;-uKWD?b6mkyUq>ew(FjV|sFsI7
z@|1+ph$|%{;|ZG?k~jF-7+z~&fPK4fj5fp=yw&n=m`5i8stTXWN|_Vs^KDr4@T0Tg
zLQY9%4qP`k&vTys^?S(5o2=M-%j@@4$B?g>xcEMD@|ly}s7MmGe!f$mS`h)Lq24mY
z)itS2Ei6#YW`d_z&_nL_4T+3A66*D5#$dPa7qe_G-CCW1%TZshF)DZ!KQ;i1<qAZs
z&d4t%r8}f(W@ZMsIIgr@bY`G;CrQb9JYqm_C|7SIH+~9SL{wB%SZFACWAs#LDVx44
zoqBZmdwaW-<5*LpcC}8lf_D#^QXZaBFk|!}M-`mAGPgz5$AT^S@L?hAMm1<=Y<)1>
z&a*w~si}ol9UsUKEw>qYANN?fFd(sS-@Y8wC}BV-N~O~Eg&=UM6~SC5kTz*875DFd
zEV(d?1Od7xM*gaYhn$isE9JB2&v)(FgB6hD;!;7*Y1!pmY5td+WX}5Uqs0zz<jeE(
zqy)m;{QL<5*t5PRe+rhuq9Rb~S-Jx5?(TAZ9Y22LfaJSg{s6KA$}I?i!8%kOP$F(?
zzXiSM4j#N=W7BAyg;!{|G^QEQR`BM{2%s&4q}BV}Tyiq9gI>2#??J4-dGiKDI~$L&
zrDa4|m~!e(OUu>1FTTLeEG#U*svbgkH<fh63oQ((AraC9nOa+K^nKY8ZK$I&GCqzw
zxM^eK-S>H$T>1rs5?CD$js)D=bbFTXx8YD4TSrIne^3Gt`m?F=EmRuZD!3ltB9zOP
z@89+EZpVPDeD_X3X$(X$nqAIpuxpzyQG?%{k3!D?D4vU60l02u#ns~{?mN@)6MCJ_
z52ir?mw;MPQTldvB9<B1=8aDnj-mUv0M}zBx#rK}^*I@Y;g6g90WcI)39+S8cwi7E
z^D70VrCT*29FHG8q7l5ZG}A2`(#=3m4=`YkXR@?(oBSylTH-Pb_^yqozIBU%mX@bO
zM}>e--2WFW`10TO%f_H<(F}rF>CClu$Hq-c8b)V`YrYWFm%QDTe~?H0sd0B#SB+8N
zQ4a#>R0I`TmS^9F<=ubpV?#5MKqqF_r|=2?Exxn7m(39zD>6X(m5*O*YR1~LZeX>}
zz7Y80P2|B7CFYE}(Aet=ya0eLa+#I1{)Man;#Wz@{>+)Zo7}qk`T&oEX?yx@wkz?n
zvzPt)6<KL~K2~lOl(FmS)2FLrWL*Xnd;pXhH|$7QKgr*yLr-jb?b@rnygz_%wwHIX
zT{JQ(MWlmlUq-LWwzR(L(6uFny$1FVQd#vQx|XIU+rG~}V`CP67eK~&d3mX*>{0?*
z)lgnO2<!|p3Op-0f$-UlllRDxKs3s~exY$b20E+WY;fuQ`}fev_F+F`0bjp<EoHYd
z*N^u#(VDh0479qqxQMX#0(wO^Wc_!E$TzZxTQq^(0?|RGgw(OM+UPyzSeTc0Ec_dE
zn!d$VAXSjp;0cTX$gpz0zP_0TMOCAV$m;-13xmN5zdAepA3Q)T9b#Kr7(NTw<fHf=
ze?{9gzuGNyXJIHHHa51VVh;573jkzFl*Bum>(Xk%sOo}(Dui^S(vsBFBfPv8wV_<J
z!iHU?-legzJ@_;#C4h*ZO-;I4#wxC^`JX;*gmRr_R`3GQaYWlTY>#L1{yUyLj^K+F
z=fkT3JWx;0L^a030I|8JNq7KQ7E(sPeE$4?DI1pmxbxIYbe+k`qrKi+(?df)nw!~+
z*U%<F`$F4cefzdL`8<LTYgrd9Eyl@t5)^xVeR@WQ`iK4cT3Vq?rE~jS(u_ziU%u@3
z6d6Auf#Y@(x<e3^xAFeYaW8_OO57M67{DI;S!Gvnbq2%%r4m?AU=1|j=g*(V%Z1#8
zP6L^&n&lRVP|*K);D~c0U!U`1VL#Xpf4zJ6F31?@D2uLgS6lDiB|%?HL=_;F(2Ld9
z)PMq1Mq`afomXiG!ywJr0O0rX+z2)b#3F%(^A8_Ax?1XWJgD+l){WEHDG*cUEA`CG
zMj#~m?`Nno5zWrdR`^rB?Jo72`AD{tlheG9VX4>j=%|0PDp<=oeQK3{=^y(UB&lg=
zdP=>wurO$O*cUs{5>&b&aLdcf@l?ldceOWI-gVaTLSK`nlOE3-Sl&N2F%jyv1eV{`
z&8^>Bjv{b0`!bl^n?HD?Z{N6)?XhYf7*FI=ZnX(T>+0&(TsykCGDsmeeTMrtwsXa`
zqv$AE<Xk^rI~ptR8Q5~n`WN-#!>)LpyL}-x?2kT-zVX^oL=$nxnwkCV>N=+h#CZr+
ze##@apkNgeiNfz0G=%6j+|<lk!0EgYGWa?;&l_0iIzN!EpT`?0V>hs~;gSC5-d>hj
zC$N6FHUb`O&Te0y(brLtk#qFhqs?1WF98R$pSE$5FG@<fUuS;#;>DwfAK?lE>!7pt
z?H)vqGm&R72NhUNx4yA4@9`Vm0o}eTWKZ6}BSJ#Ngn(V`9+?(%C8jYWJ$<A7^1XOo
z1B32ze~LkhCpiaHG@-}s+sz>>8x@~|=)>|!N=T5hkTseYA$AH2Wu&G1Z}ev(AcT?q
z78V!n8Xy`E>;^5w>HEcXX^d*~7i!=-Vp*#3J{j%deN_lAyG!#E+XCaSUcIV%$u5>6
zMy)^pKVAS9`96i#z`(uH)d2RWPb*QN2NBWFpC9VEZDsYNwRQRT@2b(Wd$+n+_K;{z
zWH*|lNECt>xGHo^L_~y*?K+xq<Zh4(Xm=5s{z#!{+ifqC{5b+Pt|3mr8$vMpUX(dd
zDIwd9id}suBN5+N;mu6Wj=iOzl*Pof_4VCBrxMrzx*SFukP%|zQ`Xl#kW8ZMzkUsz
zS}3PbIC<)nnW-rsFYnOMkgK~phaY;R1tfcPna9018G}0{j~yFaNBMPC20bL)*zomh
znSpb33F6D|0-(3jSY3qJXk*-ILch8R$W>?O->6l?Lqn8G2qNo0Su!V1pY}heoYVVG
zFZ&7e@jHM_`ud#^Z_Y(aX|8lXdbH24Dc^2z?i*s7)eqR~KEI8z@jc3kpXpJ#xsnkn
zXdA(WSTE~BDb0e4-wBG@wTZbrfgIw%N{~;doUm~4yRB-4+ozoKva-Ik@DEl!PG}hi
z$pGcn*4Fl=nE8_m8?Bee-E)hIifjWvd=TxS+&c4cR^FtBvKUzKbi(%xyaHrW{>vHp
z`T048V;cydd{5Bkrnhg)gAeh0nw3Qal*nh^8_R6~Q-H+%+YWgUR8%UV-GQ$_)qj(m
zJlOc8adc1)iVjoH;iK0SQSEQ*%3b>nMIA^~j^hE5a~!;WSc#PqVE=7e8rjzHz%~az
zO1<m_3J*pS)y&4j*`xJQ$>8uPuYA1O`u=)3_|w_0f*aSbi&!>uB1Ic#jWou2&vZ#g
zcYOO61Zh^my97i<N{R)*5)uc%UD>XIG4;*wxX->ZF1~zGbito#_te+dBMu?5<YJu?
z{z@^BewNyfdqBB$nf&=!J$W!1v=mS_^lfBGz_1mF{>lqsosVm#j{&}m)1Ob|W+dOk
zmYA6-jAf^!m$H3z|Nea}X>j#HW*+KN-;|);6wDs$D|SALtc+yA;3`p-MT0cNB_#SE
zqlJGN5utMW^cLt51UnjKS=&C6+6O@s9oaly9qIbV=pUa_k5f+$i{^av(at9H_3Qo=
z&4eqSWP6T)L&jIM@wID5i99^GS+I%gq5Go5BI@wgfMu&IDyDi%w~+I*va-<rPFuYH
z-Q3jl`7+NyMd^Wo8Uv_1#3Bs`3i{SNUS9Ggxd&+v9pZ}By?WKk-2Ae>zAShH2ys}&
z_2boZH|6EyW`~BJMMmB<HWmdMM~aV=aS9yz;xKo3_5H)YfA7e|$lLZQt{<>@>Kc5R
zp)ab-Z*gh1m&GQ`rc7au2wXM;%u|W7w~^hquU`@0&%X_;zdYKHfC!=yWOrld-~e)O
zjFJ5__MM}PgKDcZAvxJ!R?F2o=*0_gL)n~{)R=>5si;J->#MhxhiVVX#CVO=(V;2g
z4vTpC@}a}P-fP$sP%ZJ)SX6a&b$fez5BV)@V`NG%q>~Vi(<La}AxDLkup0q)0~}ab
z;)tYd%3xn#-{?PILqiCn#5ZrutgN6IKJwiU1@vHHD3M9=dur>N@$TI|Qc}110pi=9
zY3|=D+wSw~{d>wiWylpGhaUj|O(TuMLxL{mK&(pDCy@{5_#`CoykIKM=8oiZ+1VU8
z_6zvF$Z3+hOQpQ~<brgl#9aWPQV@oaBn}=p01H9>RpiNc6=^(tc%;?URnW1sZJE7D
zD{%CnR%`0(6a5ZGB_17}okgwWcc6>jyg30n_I7Ux6C>lJ%z{og%apV<eSQ5R({D6g
zo7kYOO-+>Yf${O|G3qEYOKZZHE?tr<WIb0XPfoIVJx;`|v$JzBsZ8ns)LRCIDENz5
z{ZJu^c^MBi7%j&<3t)<^VerAE7T=ja%xzf6ZiTW&V1r%(z<I~bjm^)>+M4T9ClC=3
z3J(uYC_4|&G2l`B-tg!sR6GfJ`AvWdq<0f0DM@shXpxb%J+`s&@E|Hn!NUOYLMaEf
z3}Zf(#;qQ$n(!T@U_@l(-%)rpes|iy@&qs=`uG$Xf#3=_igzq`{P--qF-0ym#k`i)
zPne+mx^4?GIUg-W)O(4Pr9Zl<C^2*L@NeC@)(lF7tv$V;++A+pp3zX)@bf=Tedy5O
z;9#D0=ZlaK&5IX73!t4rNx<_z3EvOhivI9nzXuOaoj#4H+Ou;fj3VT_qMVysS{PtZ
z0aQedyn5lndteBF7*hY8=g-%_R`!2z|32(rNREbujse9VL9I14HDO8nw;485J$p7a
zHO0RbBoJ}?`MrBe#I``0QUuY4dIhJDjI6B7*mb^qKKLUbeb{n5W!n>vE4UUHmXvH_
z`?%WC6_~%a1_yY80Ns>NR#sL>=yqk`A-q}w+rs%iTd9@E70_KsP*{RqFjp(AE&puF
zO3sqq=_MtG9+i({V!D0zP|THu5t;M~NT|SHVuv3=e5GKK7ceU6Lf|M=-vC%aay_W$
z3x>|GZGXQU$cFOC*k58!TeWg{1Mme=xjoryxDDyOt*fipe)x>Xm|nISHU^+Yn3ax>
zjtLjNiYC+pNinhV2(YCx0ByyDnx>|soSZvH)y|wTK6)5XpiILKoA}GO`JWjEK^hat
zIEj=n7})Q{KB!JNK|Mm3>ooaOEp^vXp>S-apG41xG6*x&@_{_uez>6iDftWdo#Nes
zTwJC=k5a%kjG4*q8-FD-%&n}Z&;elWZ66SSb06$AKuFTkbhPrgBRBwx0acHg)g2BA
z?3b``^@$=JJb1A9Od9sO@I{lOhb1K?T?G&IPzhTK@bgEBn(kfwD{^?>f<#MeD;G;d
zO<9J}O{e{lMMdrmMx^T>i6y!BGlcB^?HlXsHD|=BT<a2AZ`w*RF62bx^H)|@0Q%O~
z*CBNF8{kh{ZGg0y-qN@)*P@TR>m;V41>g+YIUlc7yfn2kKWNg6LTx9-7-F;Czg(}#
zS<tPWOfS{a!oqc~?}V0r<6k7*q&a%=h<ESad3$A~ym<q1`jo5C!35q^xZY|_a=-ha
z3B%i*Y&u8>sLo~o1oRd7%9VC8Q59-h+CPwTHySHVvOAzG>Rh-$sV*Qad|6BDK!hwc
zVW*X3k#ex_^hq*olD#{(&!6`G(bncraCP4F1X40GZ`tGW(M1K16-Dk7P($%PIy>$d
z%xBRbKwOH`?{Dne+m@T34~1>gLE&po42+QTU8O7f_)zcFg<&{YWG@Q@SKnIG#$Doy
z;NoU0lr?s3{{rBtQnJe4yOTNivY}x{Qc|lkQ%P#@j=RD_va&^~g}=X5OnJXdG|pYR
zN3-IR4@y8ws~M>ubkx|uz(Nuj(v{J^m-|a6cisH~%i-3>pI*eu?rjWrZCcEW+rYr;
zfgv*}bQ}-Q*hSJ8<m2@}WFY@VNNU|RxU%<O2GQ-2XdtY*^E>A5HR?n(TGUUR%9o}C
z6`AAv?<<r9tYsH;RY5csHV6_H0F!n0GKkvGTQ5<E{TGz~A#0zKGfkQ&CyjaKMtbOI
zU9kp<*|(+m?|=GV@Sy(h_*eg5`P~JBt}WyrTA{1p77nPv^%@IX1XP|17kIYfdH1q$
z^7EffZUJ}IjZhQP*}+y}mJK!#1pnDHXLtj_%un2jz&d<xOE@dChHC-yf`%X(hHCVY
zbK#wO#d{M@D|Q<}gTjj|N$}1Bkhi_l<KSQWuI{a@?3<aH3D^txTD`Dy&mOd!n<$<X
z`}SGgyeZ=}anW1@Br?g$#QU>ni>R~Vervk<`4qtu_61qzDcuhy0j_nY2*g6NxxNbg
zh=7DC3|S0tU>zV%!THs|zyNRqdZS#;2rxpBtr}v9p6R(uH^wcT_{;#XKGMI>nk`vV
z_o!nea%pXCrwQoOJKEd9D-D860e1uq7uSX$MHFmcCH?qu8HfN-%&xB&5)U+SJQo^c
zaGa1*sFV^;JziK|zNDkGIhk1sjty1s?2~4gfRP<QIk5S`HP<&dSZ<tEXkS8HLE5ED
z?@owGNT?7{it}=E@{5YhO-<p2{j)Y(TIw|U0(xd>X!A2ZZ3vV+8fX(ead)7>bOnBb
zbbz549Ie;ZhKpYl2(6wHPyVY@U=7gF6UANl;UuFz;qirC0`X~zmz|vU(>uc(<fEu)
zh>~82w!-@lG!{0$y<}u~ETjh5&xnZL?*hOmJ3G4+BfKjIaV;sxyr3nfrmP$s76Go%
z4A;LDxiL@?0F^kMM*rf)M7-v)G0@-Wd1IoY_yZh>4&0J`wG~s4h{#G|*crc22PfnS
z!tzAxB)&&@{qW&K$m@O=(9A2Pyn1yPPS`pqI0&U~Ae(GBfbH$27}X)Erd2`)mxoCT
zP+5TH+s~iQps5X{RPYgfWMSv(;9@f9VDi5yD3}g1)bA;70~kh0_4MgIY(KKiHRR(o
zM2P?&en3#8NWNlbbq@mr|LSJt=H?>KOTfdRztV`70=-Jb#3UH9_7&H@>m6%i?0gvx
zaWGH(e0=+vWT>mHklAKSx0u=RNb>+dzY#6*@!Q$_{CmsG%I+*rIDv-*lS#Jo9;l~J
zNl1#J0Ml?hjLpspQxeo;<>+W=fNDfw$MRmMCi>b*S42f*fn#K33PFRy{)S>qWN8s*
zs2L!{@Y3NykhE%l_3m9U;t6dl#3*u#SOwR)SAZbUMi8<1AD6VWWNiEHDzf&?yQVYW
zuQxL)a!!X30{v5fkME1doz?2bL-@p}kAx}#4X3ehyr!HpiGK*3Lbr&o!B!$Q4&n+i
zcZz^!46PnEhzpun0!(JZ)6;?=s-Xq~9pV+DsfOdP#BH&vwH5Bp%uE}Un6NO8tN9QK
z(M&7VfY<~+RoGZMDBlFEEg>%cpAEnn1}VkDqP-wy-k}M>_kF^lY5R^HrytX|PKaHS
ze_LF973l@ygj5!aCWul6p>%u?-%wK<4^wIV=W7|w%^rI^lj4NQKek7q<!q!IWz8R;
z5wCdmtiZx4L;IdeDc$*@JA%*ofzI0$;+JCvJ${Rr$To<I9Lf3)TZOeWS90QaN#sfY
z$70ui)4u-4e|>$UQAmQpaIWJfaq_`Kzgf#s_F3r-k)nhoqH?CFb<K(qfBxUhF>HT+
zsr6q)hVNCzn}1if|BODc*1m-C9-!!@k@v>)L`G@*iq_Uk_xy2Lk`lepS)%h(2n}&D
z0Kx%<o%rtD{!ov)pKWcuC7!Y>nq>jtso+fj48#`@&CueihkS2Ok31)*2@Hb&a^3@$
z<$m~ZCEE<G*O#KYsAG*^zuv?qB>KTCCP{HsRodEWD;pad$tWfo8t&-BFdR}6FjkO*
zoq!|^*&#3<(FvLeFBWA58Oe-`E9up%S4&Gvz_j4zFQw`59XT@7^QjYtgw9U=fo0<D
zCI$`NfQR&N>ZLT8Z%}+x<0122xB%WG3ruryv4^QCmpV)lNzb3R=2*5+Dxt~wh)z&a
zQXTT`*|QM)p++~iwi@8}!@q%G3U$3i+--c#S-s0QlYxZ|KHYIz`#p_GiV8ju?|51)
zSvZI>!cLRWA`~V98%hAaWMZB;Xi?uE+(4;RjeubZ{*AwkABj0GvCKT61D<>o3M}XF
z@Gv%nhrBmb4Gb(4VJHKHM0)!47L#Gg^4^rxRCd4kgaiaGmC`>jchKSDKl_m;ZgSHK
zu4Q;z!2$YF`j=A?cH#;kao|K4ns@b(FP-iNsf@dUQ}}0lJ8bm%;5T8hZoGI2H==mN
z<As-Gu5o1`N;<0_82+#@Z5X_;WVm8jZC!nRr5iMlE8Ul&+jn-#^74+MpdlfW(FkBv
zXT#&tKRMe=6#ENY#n$H#S2<?9ci*1rlbRRZ+zK8%sH#?y#YbU2q@iKNRw^zlPEZLP
z8*!qd2rqAGy7NzVD*-?8lzXn&j(Ai5UFKG`B66!-$ByNJ>x5cbJ*bwdOZ>qJ=mf-F
znVO2uuIB5RckTiaFX4_un!RpeAq7f9CPqEsJExWaewy_$dU6nsQ2o!HdxYi^VRSO^
zxniA=fB=+7Cr8I;Cq40VByT~bS%_aj%)=xc8WzSE*!=V7%$+QQ>GwbZ&tJTFLNAdz
z`A=AEdg6C6qhx1i*A_IPRd?Ic672ikyF}?a=Sx``yP)9Xb$Oj+0Ep3%5!|F>7E!?e
zTp9~As@rWB;y*wwNJC=z_dgiIq>m^p(p3#Nb~Z3z+WdZtcuzU6Vdns#G7v~SD-u;b
z_{G|QcpaYa7C9LT#XDntiI@G4SWcbtE_G8tWDSKFwGnTI6MoRD?(Pi-#vlS>mXwrA
zLzs_`l$<<P+_D)!iUm9HYMMqo??lfhcUN~X?|7hmMO2p?HwGbKNXy8)c>dfeB^Ct(
zDPX!bA~bYh#RyF@yoCL4wUdc9Bu6Q#A%O~~8L_{**?BB+jTC$Let=#iBC-lU7o0<d
zT9GGHu}h8EoFpzG0r)6_vLRLoVlv_!85-&;@zfuvKA>Z0C{)6knV4A7+)N~K@y<aO
z5b0tfU!tqq-XIF3S%ltH>!Pyq4kZg{<wQCYnS0;<{n+%drua_~#aaNN*l4s!MRtRy
z(365k1b+wq3R=^^_;|<b@&HzIwv58U$a*uE9E?7EQXXlDDFP`Bk`N<R;J?v+_S>lQ
zIDR^V0DcYx6fZN0+C30}Vyi@eEDXBQdu47L&rC=5X;8~HaL_}r3N1zDhPr^Ay}}j#
zEj=@nmar2M$Egom%i219P7{6FQ)Hx&kniZkwb4BROsO0Z1D6Yz!NkPPP+ZLcoEN7u
zwl5S?qM@Y&+$(nBj~_%ajX5~aX;OzK=n~v$ninC@0FruoeuBvm*bnK%)=Z1qzZ}6x
zN!VF-h*Da%*kTUxAjh29x|dJ{PqUY}fZ7*YN;Hl6&+!2e4Qh)JD!?9zboVET1Odag
zxLxY#AK?&9yk2niHlnd33E~Oli?Ty$nA)(kM5TvrJ!mV%UT<h*)HpbgKmeW6Tk0+B
z!49bwKZ^eXCJphQaIOwN!D)(T0+uRU18xXgWIv7VgZ{gmg~pA{o0q-U4`vE5NI^eN
zC!PbI-;+Zx-pL0SB*gm#kxq~>Wn}|^I)vAVh{2NwvH|!oy)rdD?Ivdk>LsX>{W1jr
z8@0-G&!?zL<MGMK!IR$J-ehEC#Y9f+tp3NFhdP2PjZsk^#PdR*1$#(n+ZlYtDBt#k
z)I4q%xF?DC3@hbRd2uCPR@S@mDT#@keocr&Dkapnq3)3pGnp7>dio>lx=vjNRhkaa
zzNIvkl{o|i9>u5VG(rw1lp>Vf(+*K`GiM{)P$^;KBEOns>7uF;UZXo@Qt*m?2Jj03
z8THM;@4}TU^gSZ1tcqxLqIaoif;r;$?|FZH$L1qPM@QScMv&@+7%v~9RZ4D2J{NKC
z;JD*oti$~%Px#W1@rQa87Osa}zbO-wk(miKS+w7w;*!0sEh`n$YaXVgT-VTeBz^|N
zH{goOs{rez)(AGc-3XLlc0bf2)#r#purt99^mKIn#`=N>Nk}%g85z`hZEYS`8p8rm
zt4K>pf%)!tWXy&q6MG3vww-Vb28L>$vcaW>$Ar(mf<hU6;4$)RC|KY=39kX<P(46y
zk)Ebz)M<>ChBIs(46q-j5?IKYiS~`R%u2k#$gN+Y7qk1pPz5#_n>>iJ5Dle}2Obj5
z3L3ZNKYw^U<v|_89}yTI9TS5l>2ZRn(ioUVjAxx7#DLc>?}wazUp*Ng`tgo4wF;Xb
z`Vx7aZT<8EFE@a`;bcKyzzO|US(#|~N3?Vm9Aq1so+eJvlrN%QL(pV7bO=)dm(#Cs
zQ4(|oXvnLmRS-@Pke@`WI6F%!jUf*R3JSt!c#@FSVP$V{pNxWx4AY>iXd0-LV3Tk)
zq6u0C*Mpb_|J8{R*JHBeqo5{IGc&7ccj9sKk7FJSpxrKuT?EqJ+?*}r3Cu4@+Vn&}
zdv>zq72!3Sp0*!9Dk>_P#vSqA7%^l8G3_*{WiT=isW@!CAcU=Za$K@^aA^7Q<56%h
zW?K+l#g8A?SAX4!c0{r5My}sz_WYI+kzPqnh4mpZDXIT`U_u!bE8wz&hYq!ZMfJO2
zVKIi86L3Cru-r%-JI3KB#Yo;z3~mmDfB(_<Kw%(%pnH{-mEl5QM$Jr2q-152-@Jhv
z7rA)whRfSyl9KFxb6FLr6ysxKP?dQ^L|_7Xsh$jdW-t$rCWm2{=C-Xw_-xS=R0h#v
z$PS1F;xe4)AMKpu-rYS4()*v$wnga6Fg~uXt%c=zczR+F&qaQK-Yv&vb?cV<^e+iI
zx(M{_hS<HVlrS9(VZF+jCUHA`RO3W516-loeeQm__S6Lh;O6byaLg;o#FQX)LLAY`
zLR%E^&onZKb1>=;FA^iRvQkA)&kfxo;Wh3Hw~1dss>dQAh69$m?-vvn($LV%bmnPj
zYcJvj6MHs<vJ%1QgRY()7Z1<3Z{H~BM0X~$`VpP-^^wDnCuU|gu^J#OAwyz&3th=k
z9dd{Oc>$s4(#4BdQy92fPJt(xTMnz6H9wfF5qFBPA47OVpuW>ZnMw)fHdhSlBGEC=
z5Csvy+;*$nCr`+q(B(6vzJ1FFmpG*s2KEwqSN@dSu_3~Uz71QJJKzBFzxCWSt*fh}
zR087y0hcQPNW*<|y#ONzXqe8Q-%n@O*3`tRVKX}>{APG$gd9&`(_$gc&z~mQ@Wdiv
zdl>*ZvJv1QbmTUuT%j2W3BLMo-@U7=sY$_3Boef8qM`@ba^Mm-GU`QYgGvTpX<0>u
z-&7j>+_bb1Y5XteAdz6|=cx-8s<!wpTE2(~Iz0xBdl{jjT4&D&sa^uYKHF27Mul>Y
zvOQ-ShMpFbQH>C4017E=OYm-iRj>v?!7?B=J{1?w+4NbVB%92%rqTAWmY%$2Z4GNO
zvI+Lo&0DuHKA~pD99(Ud4THl2BhiR+++k>|e`kqqBk7yusr7O`bLJ~paM-}LmyF;l
zcYSzhtB6QvBKdW9ce}|k$2DTYFfTVZBPGRkab*9@u7Ouvj1d(~81Y0p0H=f{#}F7^
z6eR_7J0_=5onX8;b&pF$6KQ|{-o2sVfG}>*-28PT6D-0VSJ(BeQz6s3+0fhK1a@U+
zWW*|XdtJHmtNLGSjs?#_Ud_ol8M$kZ72{`UWVRd}e#{sSPIkvX0MItZDQs1<ct3Ph
z?EU0^8Pjpl%dtOEb%|cx=A^Sj2Hat*5ax=zVS<T{mIKF3E<q5vUgif+O`i`Xb8z_6
zr>voDa5gq4s=2;nHVUNm;QEgjAW2Z~!_I1Z?yvyLJ9B;8ZpUGX2EIG_JuP0}GPorK
zriYz<pzJ;wb`Ed^rvXg6P(B;Eu<yIOKcRB5@S~KJc!fUdNLG)5lKJwOP3%wajg`UR
z#6^r5^uj9v+5iH+o4flU$(#82W_$wF_&s~}aQI;|Ci#{CKRo<EDk$x+E!}Vjtck`R
z$4C^~kbLx9SV_oDkh<=SHNA$z2zFmgDzHmQ<;TZ^aXJX33K*NNN(%QxMNpc;&*#-p
z2eG4_hH65Zo3(6gX3=%ZH8)Lk^ebv%^<($u>|uV03S1s_%m#ZCiXNzsd3~szGO!rA
zxvgSp{ah@eGNRQ&B$}9-?%8+vE~OSm<7YSL$|+!mL2VEa66(pd*0;76<a?jMtr7c(
z(%!`dJe^M3G4IZf4iNqrmSX#-0TBd7|Mu<d>C@(L?|?iyO-MH=%6;{!5BwZ#0EG^t
zPh5$U0T2^0Q#de;Lb`~cgTV$}5OMMj7}1bzzLprx{9IooEF5Jv5Ej(6H&F0kX7$LV
zjScaHOC8sn*X55<CpPt7@Al|@I;Z&qY1nS`Wqb-&fk>|5>-ooz5*a8X`wdmPCg{bd
zAo!UKOXIh)%_-CYXNla5IzoAAc{z!9Z(|939D{Ozims3CPMp}L=Q{%XI!3qx<3ayI
z$bj?9vW5HVvxo>iD=PsN&Gc9%70rKCFG1b+uYgI*wbM~E26*nbJq`;u5fqP6|1&rD
zIjEaA@TQd&CSP1T=vN=j>0#U@YM&#fy#PN#8dC}i-0CAGRs=;a`20EUG(p|d1KJCo
z%KK5>-@g<6Ix7an0_45(hfvvz#=+cy6ofy5S~|R}ObM8K;eJkTF8A4C5SFUHYyk#V
z$c140#4hhYfLx6a0g*j_Rx1h8TiE>><Q>$Jzq-UMO)>WOAALq(Ua!hI@X3>^nAhs%
z+Og-jvlGg{!=V6tX0s*iGZ0k<?L(M@gCn|ObP+qWt!k$;T7@SbadIa?BjX?M(>i!g
zO#uhsx8`;K@bEXOQ>z@JrG<i*Yfj@wy7L|kFCgA@!pG5>paFHxG6trDB-@d1mjL!M
zxcWwxF4_r@-IR^Bql?IzxbxbwUGb1;OoU360qs^jO6K0XwS5C7P#-(fRQFFaZX{*q
z>y55j23Loh1!hO0a}`uAk*x9Y`4XN%3odG#L2$<$16!XMhA#u2Jkhyy>62~$z1Ubo
zm~3}~1{)J6?S&fi5KE6__xo%c7_80xuj2kOaQlNa+_mfe@2(gkQ{XX}e>G!;zViv1
zWgSh;)piGEBE6!Bl$bM0lbDNsI4w1GpjV4X=O{AZzVF8wwn`fWcI@808;RfG9r4HK
zGQ%SxI+hvC3#qfgZ6Lj)O)t_Va!Y+i;4Cd6D6>;6PxxhIFtj25(9FF5rzJlEfp9D5
zT3b-)=M8uye*yQRjKDN~QB!jqRparg$vauN%H3x;j{$4Fyu6GLMJ5eb{rsX`>=J6x
z-#@c)Fu-28a6w=H+u;0vxP`gKZMbpuD9Q9m<pIBnSYK{_{?75y7ewx^FRV}6f_T;c
ziK*S^YwFE^+1#lwT-Lt-|H%0Mf40T@Hy+3a7Z37%loyf}$%>hplo@#5Ye;@DDMjGe
z1MFWI->H;HNlEdVrY$t#xWmAbkL?*l!yXXxIIQJzsQpk475E6!Rwm*_Qq@Gwj){w}
z<NODB+yGo<97Z02C&wuVXU~$UXvXkPW1<bl2U-mUmzk@EhRkk!l!QVZB4eQ_qbg;_
z;fLAIe=Q?qQ#kDY_LuKr)Pr9S=~BXJ;>XgGBQf2y!U~H551+tcdip@hfq7SKG*EMJ
z+DsuH@npZJJ6)D1E`=nFO-_QcHW-p&6&7wpwM9=3dJ!ywhkRV)C}5nwpWh>JU0=Si
ziHO*Nx&>1Shr*Y^-ykj)N9xfrMxt~8vI%~1#(k2=?@_Co!Xyuf`X9Z$-T+}ZBZW^`
z*y#N=A20w<I?#aQR0ezs{!4fb=^vXB^#V9L8t4r-1_ucYKFFZ(ry1b4V1K~S8ESKl
zX7Q&_9ahe|x-V^E_<5zsO7y}bXG4P-7#!paylG*9qcU(p1<nNd16~czc2IL@py46G
zjDSx1m86su;`kY|2hcxhE-{+sq*Yzz*Kjxm2v}%0)sXxFPJHj(Q}tg7H}awb_<+r{
z!wR$N!2tn!5WgS>V1XT-oNyY5Z7#+FT<_c=XOS-kKEtP=XtVocJlE*s%}W**78rL?
z!;b>0fEE4O(h?RPp84)w#W=EN4%SZ6nqJ8QwgD_FhQN`9Q0KrtfcghdgN5$5F93@W
zYE9J66h91c>C*U@zs<~afi7cjk4(M~{R$Zw1Z!mi)I%IM!{&z`goBa*K?$jrh|F9V
zMNMkZ;Lqp6JH$gFj;n%Yg)PPt#ac?`#EI*8t)Nx_g@EnP*&{Wxut7}1*SX{tJN3YL
z+hQZ|w|t9eyFfM^up;h##SfevjZZLxl$MWH^|+iI&K>~(xPK$pwgCYF*IudDW1|uH
z+WG=1kxtfze1LRe*aRVLI~(0NYSWop-`>80J{li*`N9QO>EU7hQeMqVmsALVxfqee
z7ZHMhJ~NPV!bkRHhndtd%Q_4Amv?+HJ&QF$g|o2W4XzeDc8s=BEg5EmRt|P{NP+)8
z2f%Uc!uQD9uV5yj+<m+w@L%L^S1C&Ff2Vd+!L}eS@d@w#@l4raeiP!_e|`8+dwy>2
zZ-5g#1)%vH?^3RHCn$6@4Xz__re^@0VetvCK~+IBeOf(8`lkka3IZhz!vOjE$GZ?X
zcpl$O65u7U@dz{Y4w$05eOssjQQ0y9gLZ09PY?K90HJ5$;lzCdXVB0UqKxrW4h9AR
z9A;BX^R?d=q}Sa&pF4H*^xgvG0ki4!rl+N8V|s_~^44J>^M2d8S1z)e)R$lkc>Q`l
ztBD-f@YoOUj5OmD&b1D|(9i>hcE8nN<*_afnmu@n2anqyG4=Z?q(T@A{GEx_p@e$n
zF(v-|FCJOZ>$=FlCZ_hjcg*3Gj3eS;<Zv_umoNKYzDwLyz1+AI0t3hgPwAYIc$)$`
zBxp;>QLsnDm(@J(NdK5S#F+RImKDSHIMDzs1-2BLs$Yu_8-G9j|DH<ry7WJxk~5tD
zO(naGX`12&Kj*zgLx%ABhcGV6$ROY1mB9B&el=k)q4EjQG$*~RADr*Y6~cG>!a#Vp
zu^4V|JV9Ix;(*!QR(sJO*OY~7?>?KBlS9nPp=SgvwF7f=!r0aJraP}W3LD6GI|<h&
zePHjX|K)65sm0f+a`U;L(61NM+y;;I6NB7m_KUq--I(9>8X5KBeAD`4a<#2)EqYOY
zmaf{Z-YxErG{)jM%lFhy!P<5{O7d}e|HCr?+Msn5Dhf}+`o4YpcKNX*xS_(3mAE)T
zN&@DcE?u|)=OnZs)+^wm=rAVo+erex7ItCbtrJ8$M$_X8?`S3#79%*hQ0ef05c7YE
zA#5dBW;ZdM3@Yx~ix<s#;6ihAb$F>E7=O1y(!y%h^CN#DqhYQQx%m|r0vkU~y;hCu
zuBbj#$c7bE6#5x#`#?cNo~7~!x>rO;L+tUW#!(QT-Wa0*$b{D!vtiiseot|)FnTdS
z=ED4NYAUE=bBJZYGqC)j&rNs^SvCXw7Upx0!j>d1Uf0;j<5!379IdDEmK2_!g;d1c
z8BGWHI~t*@7%8*FgbX8Nm&Z*V9We8)Xi%|%Sp@~BCni!~y#k$h1?1PYFZa+Qe_ty^
zH!lQ~9Uor?Xjfi-1Mmp>6ISHa;cz1Y8&Es8@Ad1~(P9Bq*4EeWr=Un)cG<|aC4RP`
zi1}|oI|3WJG-zEej*h76pBzTXV=m%d;HU#w-BMC`v204HW~y*zp=UzYf!?I*UOZk0
z#DFXX1mX7-tzK$M$~jDAz-|aRuHqpT3~G+{_JwHT0GRazblNht5Ed&d0dD(#K{Hn;
z(8;;JPZ<KH#|<tyfzEGfZU+BP^mZxLfZYUu0~*6P^j(~+aX`sWiH+?flsvc<;YZff
zQ+k+@A>`>Lm7bWD^}W2DLq;Z&()jl6hQawUoP|dcCuzrQ-dp4%3@%SVU}|*>ZaFzQ
zx#ABWLMh9PvoPd^AD)?-!og=CZxNcHNR6&s`HK>ZiXSAChXJRKhAVI<9cE(k1Q(2|
z2;_oMo+1qXJ&HpX>>K24s3XUDTUokjc*eIBFa~je$peO8ykeXV<%c2uu7a?tY-Af8
z--XD5fsDWg>^XZ|#P<Z@ds7p9po>dO0#M&-h&LUo9v#61Gc7JRa=I4q6e^3f$IAN@
z6A-aPUk3~_xC~ekXztLjE6vbR$DSt?xc|v`_Uy-&4P%1oB9vAjG8qs_81qF7$;rh9
zFAGL&jQ(@imHoC*RAlq!05L$l6@Iwmqc{ic0nNhC`K}V^rg-Oaq}15ODwmbSaL~-R
z;lM3<i`n~MuE8YbXnX=ijG_s$_1$3FSSl<9E8Wu$;{9)nKuKn$D||*&LGv2`7W#-5
zGL>U{CUb;LbK!8EVZb-%)X@=Pml(WDJR6Z7Pds*|rIH30@K^w9fy1*<S1nw$6H|r9
zkADgh#6PSIB_$_gt2t(c3Ykj!emN>40&;8Im;?VNe;v^e$IVTzgvN&PiF~3J{+6XB
zTP`;DuV<m5@fiL|Pw!q%t*~Vg2er+|_ZD<E5GfAPL5cnY;5ONchfqxcEr^Il^+hqo
z0ayWC?<;?=PvLSf-3ddk5Ejl%O%1Fb3`n|y&sF0D&xzHJkH>*wy~{#&R9W3N(O<4P
z{?#Mi)|`4i1?&TNO%#bEvZ}jHU|0L!`O5=}=N%|yEGZ*T1{YU>zPr1LU~Hb!!3_Qq
zRNX83`WjJ^_07%pXxFX^<qZZw_n!g$G_a|HixkACnB71H+Clse9(nnaphF9;#qh*p
z9zt9gw8tBqQ^QtKTgxXZ`r-BK>p1iSJrYndMwgIP46gE_^g0+fSV5Nl7j8QaAlcX$
zT;312l8eVYq;njqQy65edj34}Q#!8U>go#B78X~u7GNuA)2!<;^M>173J<)%Ya$wf
zE!EoGjNAde5z@YIdm9wvI59gj=MyKsVBI%1Helm{0T{g?Ai24PMa}3UvBMc}=91~e
zpd;vHQZ|M4IbYm-RJ|dvE{<s|E%i1v9S&C5#NIV9G%Ug4WRg)})R+z&P$Gbvd7qVq
z;ZTgvz5n>}6L|1Kr%7O^prErs%B!#;LE8bE1xCZ{DGX_)@W>`F;@BG*DXB-8i-cAM
zySLv{EG}FSHn8|uNxEYi27DclA8g42fL!&kAx(jG4{AP!1AQ`%v$6S5hT@c=mAUKR
z@9f%s!q#>UmP$xs8ia^rHin9dpTTyH{lEqR4-eu>#H$|>q(@~=?Dp<biei>XGXTzF
zOw@tp$6=d5XBO9?=HmTexC^DnWvYE1vw3Fb<}9+#R={?^<;3%^6udl;ypiiLG=|^@
zX2YDCpVD<K2S(fS@?7BW!d&PPxE==w7m<z;(IfS$8X7Fe?>H`of`yNK`4UAIZC1oT
zQ?mMcdK;T-vj9|>3Brze`*s`yq82xA{=$(6Y!xtVuu|@X6-+-*NLqRoXfr1k1}rQn
zjJh~g1?V0f#R#1MB>~Kcn_LeXK~gsGUl{T{clIp5kPx@u)j~&{T%!&g_s9rk(nF^r
zq64Q}oa5F$b0&2#2y2Xwd*JUctovROIwg*+Lz#g94r?-|JYfpa!(b^`T7ZtRb+j4R
zvpdju`ca|<MjV)!ob={@2!kvJ5OWN1>_-ds2;AjwaOfr)<&ho3;2Z(|z#3^|N=-+H
zC~jbq7qA#H!5yZjqjSn!KgS{j=8)-W+Ffq9u)DbZ_R)!&ppk(p1P2wjUqxl*`3TXZ
z!QOq?He}~Se&W2H-uCvIVSDU13)0|fcZ_fCuc5*8Ga$G+Jd8MZ2gY>NMng5V0QIkp
zjW$+R)PfSwZ2*B=+KA__`PG0~|MsnA)zriU?{F~^1hNHfp6aPn5AeD0WFV-ZFBt0U
z^K)=02R|ZZJIC#S(;NIKu}_q0P%Y5=U~mn%3WIbzw{MGiOo>HOBH&q2#z4ZO7|yP%
z!%v7P0k64^Ed~R<%Y-{v9#&)d2FasGS^cgS*sEN$#~2M#0sIRvSThHoCPRWGWy4V@
z4Gl9$sW{3G9wJ0T4)wGm+7Uiaw1H<6B1a}=qhR7#f#?sH(cc%<gByQJxAqeV$Qt`e
zNwFJx5Y4d9os8%P&=4m5*3iK1hXxkds=TI#7sVX>uy{A0j65ua5GmgIe(Hi90`w_p
zX!@hq?qW!!x<nPpR`Q`(He_|k$UC-ghsc3s4_J>mFBz-$qrbX08Wpy{<0IJKW@UxM
zIswTvG&T}vT+wc?dZ%AMiZunHflFWx2L1xn{y&g~a8#dTF&)3oJ6Ifvv?Nv)d#$Ux
z8@wZiqfTq2Kok6+`wpJ*$e)fO@Wla_<FFL$AoPhoibo-od3tWNx9c(o^U(WZAX3^#
z(H3tX{{#%0CvkW4J<L4!6<M2FTk%%#Si~uVUwQDt#>v|Ketb}gI0uJgGjR-}P&nT7
z4NJ>{>*c$ZYLFgsZF=Ql(FA>l9jf#YyE9QO3?|TXYk4^L?KD9|ObqPHVT}7OFL#4x
z^!0_W7c~PT#NtM>_8*Et!yx1P`1pYK;PQh?hx?{uU?AJM9eEMl{cc|o`yo~CFtxQh
z%frYu=L`)uljFQ_u3sb$bH#avu&Sbj;*dTxfa%ikoz<HiR3dU72?;o8P56rC;sYR4
z7&%}&U0GX0SP*AV1O%*b{N=z#Drjy8j(<UvN<$lX5h5e6EOH(s5Fbf^CT-OUv;+~-
zYwW{z#%2&ZyiZA0PcH%}D<{Ws^w;OXc~`ku6y-&znMZ(R02crLM$AC@LBh59-i`Js
z|EkdWr4gB)M4YOH=ToXdkw+rLTz#qYj5f+D_K9u5RS_2Rpd9(`Z`Y1q*(u4?$Q7vZ
ze>C?da6RXJ+qW5mG9+8Fq$1mpNQzSU3t5uJS|nLoXtAV7iIFS~vPC5+m9>RZ+J_`0
zZIp@<Qc1-WEmZgWYo6<Q?(4ai>$+d}`7FK8*Lj{s)AIX$zn|qej?eMAw(CBO+>X$m
z6gXMgbCv|3u+O3rxoy40KQm>;DaPgyC4fQz_Avffc9}5V$*y^^uj&{|E}QzcgQzwk
z50k8OhY@&s#gM|AU0tuF2!WLBfMTs<R$E0W()CfzV8oMDBjm=5THR~w-t!4DqT)ao
z#V@yZ?Toq0ybgG5{0h&`cmNk<3b-J0I>CN8d-2((@X^#O{J2n8gvRQ!)YO&N&V)SS
zl&k&r8<3Bwvle*lMO~sLH})(-FTmgV^GVIma&xO)Zui-)_l+8nQ)}+_W!aBUeyt0b
z90q$qm24I{UtOJYxSBRd3cT1`pDAS+$NsuoujQ)@7b=db&RoP!D!CYM=sVx5(|Gjo
zBbQ1pPKj{htwhMCqA|On&zB)7WbHmCes}SrTX#N+@c#1&cD;9QaO_oxGRX;hjCxNr
zufe5s(2ybDX^rHpikY`1apFveo6r|@K(G~`1-AYA)TpOV-Z!)m7--tU6+fVV*=S+0
zmCu^(CHJ}IJ6asbfQdr(`QvjJ&6~H2hd|aUKL1;HTZzG@P1jZy?1XlrR^*hz`+E4m
z*Xz%oeZbT6NNBreOLH?aH{0Tv>a=iv?2D7PUdZ0_<-?h(h-=(DR1SR&Hw}G3)q{-K
z%sgO*(hIsvo|=10#Q<Xq{y77>g<~D&a(W6g+No8OB73QK#UJA_<?N$J)r^IQch*r?
z{~be!n$0-7GCdEcoWXw(ywwZ@Eb%*71LaJvUt(%Hzl>^*(;T$;Vfhw)0iQ2hu|g}-
zBeNnbG!*RcN>I=~ABJdA@J83v(u(a=Q&frOjOOR(x45<w=jkt0yW65S+S)}^nM^jE
zx5)^L9XKvP(yE174<E{-y`w|o^Qq0C!7u`v#7q=Q;EIabQuyf%(sR8-=s+cL?b-+0
zAnX7)gOG-V#1NKDA5myAW2=iwg?t430^}-r$QLAIj`umvNy*vD4<*KrkoRl<riw#J
zzZVE24&M1WF)8Ugg)47Ea0<6?_mq*b*PA?cEOB`gG&o}nxY|1H*a41!#{iGfG-~Z#
zy49+vucUMIK(rN8rcT|pb7v1AQhL-(AJv#>UCIi2q;caw+CEbup~J-XIHo<K%pHvC
zwVRvw6IkaJ`ue{dwL8-FD=nFtS%QksvLQN7f6A&OO!)inZOD!Ik*Ef9=7BX)#w=a2
z;`osxCw+W`sj$cW2M<t03;u;RJSM~c=|_5bf&inv?wh#G|MRX{?I5qJDyG*CqciVs
zs%qcEsqN;Sb@gP=Q64xy+(FmW(N^y+t<2l#XIM+GZEEUgE&GxNn$obF%n*iaz{D0v
z_3nP4v3m?+aal=KZmQ^=7f&_2_M>;61xUanq%0?NI#TBEwO4-n1kb6>?LH5_Qo+qO
zdqcKReP4YZXqlTtL9g2pi2etcj1|k5_mMD#0EmF96q5)fTNLuq(LzB%aTdsAGqM5W
zN+)y)B_^3*w=}Ql#Y^#N25?5K#PIHp<j=hQfZ<PT1j4QS4%Y!HkziVaG^k67!Pc!e
ztuKu4{%_58?*nyQd!)tsy;1-z`N{w|*gMDIwF;mvIrLw*+*OeWog)sci3<w~GG4Kw
zvc4V!Dd$8e-%n3=t7Yu9Yd}I*Fd?Vn^s?VTYNF{RcXR9`A~FA1$NkDWeiA*E{knDA
zfLKN>@X0wzZw+Nx0_Z}S$V@XV9iFWuK?KrSyd8JsUwo<DH^G^Y{k3*tc})avv{%JN
zlkOuPU!TIkSoG&i{e6f`MovytqW@<ZxN+w#TdL;w#J-z{OVtqmHr|b!4Ar%>&uFY_
zjaS?n_fI?CGEiAjwd?*MwD*U*P@(9}*v>Ch>c3%{7p#1zf7gx^im4a31RyRph+rx>
zS2t1HP<>0}>F?BZKXwGDufle)sV71C(K1lnkdSBT^ZB>Xuh5StB=RqI3Rt>i3F9q!
zKmMX;j~*nr#DD(c^o0xdYuD!d_=|x(JP#jcT5$e9$s!ri%yCq;Ep1vlbJf-TW%B^i
zKxFRI3mf<_cSjcj>JYJF#Jr}NxY(RHc`^YC5=96vkf9F|^%ITx?yAoV3pr`X7x9ed
zE6yLcPu0TL@ObREFExm?&(L2kTbBOzb3)>5@!1FoM$_hBx$>f<#5sAvYW;ia{ufHx
zn-zr!U&)EQhX2;<Ne6|Um3NPa<gQMS_WnQdhbQC5Bf{MYJI~9F8(o;2>&tzh)AV0J
z2fxwEs<NU&V1DxQ1`8HA-yGN>C}F0LXawT2{wm)><HgG@)tm($NJK5Me7!B6)4thk
zJTdO_<-(%n7>ixLw7^$EUj7_yR-Zm%5M1sQ_|`3}?4d!6??8dcokCV}2bzBT*#%|l
z@;&HfH2q(l@o|)F*%AdZg|(p0lnz{ifIYyL$~4mum!!6REhz|Gu>podOyN);l$`hT
z@rfmr6;vP;r}tE_RiQb%2ik+Zs_mpGX=MQ49nQ|?w>Hf4>e09R0fg_+OxW`e(zK<I
zTE25<Gfh0Fh_X8&?_5)VurBn!?%R*n4xYG9f8|PfH(}e2kCY1+#si0Q-#U9Tv}-@U
z2ko`Pq^PUN(_-r;(Hh-|h#1OvFJd<-Wwci=E-oZm9x8D|OnW=?Q`g3o^^q`4P*Yuv
zAZR&;JWN7iDvjgL(BoPRnLw6MVm-KjAK6JUaMSqli_qD?orsoy`mfB{fd3*|L;e?!
zK|K?pvJ!AXXe~^4{;Jsa?FYq$43SEPoPvD`Nwlr`GX;4yIa7EYj@(GOM;mEuoQtk+
z=d?B5Qhg}#Wl#G0P6g*<K8<m1Ldhzs*_hL`Gbt&0Zdq$5kglpq$SW9r)D_>(#ClKm
zcN3GTxQ^0v(GV6E7NT0;I^{g6Sk2_teLOQ{?^QO?=|KM=+I7IusJeRIw+5&k5*re*
zi(z50mRW<eCvo?@-FNpe<shZDx7NISw*gf&JuKQ?dN}T!--TPMU}I`(m$#F;aPhiD
zgOu@>c{cLL=`2f<j_#N-kMMU8zRf2vCmb*!4gd#+<<qB6V8#*yM2B>;rPw(TF1N(L
zga_DYY1u~t9T>Sfp5_w)6#k6T%B0jl^^NnFEIEaJ^}#f*$5*Nxv}_;w>80iw88v<V
zDkt>|f*`6b*~uRRN((wk9s+j(3UQ}80REXd`n%=3bHP_oZ@4s6gZom*wP=vYEc_z#
z7cNAvvxZWJ?{e_q+(nCIl<()~PZ~MWlBSY)J>SR(o06L|l$x2gqs<3$qUT4zTvJ|d
zjA2Vrsxra%c*L=pmk^Qh_VpboJgG*?G#kiYfK*fkjzW+$Y7svrs2A#=ptfZzO-<`?
z@RGgv_H+C92BX~SPolmoD(Wqv<>%C-w7mD{^TD?%z57UL{w6}6gQHP!=6k}DFT}@i
zsPi7+d}^`7N00J@IXXM@yt*svo0;hX)ZwrOS5N;*mDFwj-7VX;1#hlC<TU6a4xE|Y
zdJdu?Idkru_2$hbd+d0$Y#QOhc+OB-J3$`ep9KzAfO`X&$q5b%(`4cjdjT{`YO7+A
zTRg({s{IDUa|{6sn83tjpz{6F(mm*yC|}8E3iSfhJnpemeK-DiS!MHSgif)7VLcZg
z7GfS#o8XI#ty6)0tuMm_^M%uL3;dSMg(8La8-by<vAw0`SLD0!9rzL$%fcNK5s8br
zapUB?x;kygsz$?_v${YkC?lU{4cjW%-yU7}%La2@Kz2_=k}ZM*y8by-H=*TMmkr++
zQTEgGkbgmRDd}J;VpeN(7f>MGEvTmBY@h=Qz)No%q?I|%x8vfl{#?VZ1Ugr20eH0p
zUY%Q;=+1T?8WsI(_wL$LDyez-+}iST<*{Qo^E}qAyTzd=o)9hapU8DT;P{m9_x@LU
zuDk*0(nfd?=W^l*mW{I;u1Dz~Xq@&Lz_4mFx|ssQ;DaCcckTHh_fj|I4L~%Gi}V7`
z!EOA)cg_8onBVxRd=>y0^=Ywf*Zs;PMm%5CSwAqCM#!$9D2&1B$C;TKxXxNx(E#UO
zwdNCZr_moX_7FiXxef;$vznN~$UMW`oDphrC>0%e4PMAG$|Z94iQA-)xo^t!0-41}
zrO<Ei;IY3M|Nc9}{*7CF?ye>N<oqr7wvZUQz?{t6SK`@YprnkBB6k2;isFC|=JQ94
zI3ULrWGFQEMTDGn4lg_KM|n(urF_aSEnP!(MI&xx1di_Y;J34xc5R6vSSzCPYLwid
zFVBwxk+Z-2Q{%Zcjavy0+Re#=wxDC6a;E(}1L3UtBs23;s+otRoHI%dVts(;-58Az
zNf<l`4H4kcG;R>heg_7wI8vA>$pTh|?!VrZb9z5Dponlo9f7AB9|p9#$B&z{k!1b)
zOI54?Ce)HBMNtaLqG>*X&T-<z&vZt@l#s3lbXIjbj%|Dm%FS&J?+uHG+il!<#@BZj
zeIkT19i`;ZfdjK^d~gjwQ-lo<m{8aKy=7&+&z~19D|+KL2HP>Oym|XJqh$<*z1cDa
zYRBGee^}Va{dcD@*(#CzoNWKiOD)AZ^(P+RJn&mXLtU(BPCY`^R`<F|bNvGlx3d8O
zSfA!3y(}rgFZxb={PThWYDOLd#(Mz_){xh^Hq6X=9X=eSD+@3fw*GZ>y(fddJDQJE
z`Y0Y4|K(^+Rh3X!+nwFb>Vc3iTXB{Gi}YZ?4%0z}_lA+r+do{7lv3v8B6%#KEtOVA
zdlc{5a?5%qrw(MdxM(-tg~q#(zXg;P7rS6{5hJWZNCs%%$>NOl@iKE}eSfctW@(+P
z>vup%5_&yMJDsD04fA}7)b7-5_{>ky(E)tcP*$D^&uU^4Kf5Q9tMSt(DH)ltw@*^P
z)#;!Pb{aH8DmOp>(xl9X4?nUVY1aUkZ(Vy13b}e!;Iok@E`bu;mnQjod;hgTT>$NB
zU9lv2!EZpqlvd{45)}wA>FZ2z`}6P^qUU;U&x-mX-^6oKkU2Q~;|&I7pZHC#A(4lV
z(uGf(j_Mjxp*eP=zn>q?Ekd{4U<^Ewqz2!-X}t7gKmcZPd*FVF0Ph?49iB1TGrFH#
z|NftMCdqvv4RU>Nm$mbXL>XQ}@+aOD)Vf;f(m7@gez~Xf&S|AOV{HwUWEc9XZ-f*L
zJ_%~@)L+YpZ{zZX0hX9^sX!%w^s|)%vr$S_;1-eSM31;;h)gBP$V~ewV{3GKAmKI*
zd)^AAcyauRQTy*+yp(L}ee$GBiIknO`_5nON@o~SlR1_)*_rm3htSY2b_sE#&7~^p
zj*R9ExX^(9v6Nsf#A!O(Y~M+j(^Ysunwys_UTm%VI)W=#)u&r0@6~1sS}By7PJft;
z<Ds`w;w23BO<%X;Q|s7yP4q%mmX`L#F;`pSyFx(Zj&>xd4l%$agXXTzp2yuOY1y1P
zUC(BwHwdd(mCouE=QGrm{&RmwDs#(OIH$rb%7-uHy5{%#<g&JqGPUTkI35a+TI11w
z3H$c%=sVA*-4TU4v?R>v(<4b8xc9z-){i7k@d=0ysKx((W2WYMk~(n<z4edk|E!M~
z)^4P8g~Lg_YNK=)^DO)oIVdW!QhsL%<g}iQMnDTYo7Z$I9{yBh6*3v+C3vIiNa$z(
zu3u5<6IKv@!gR>5=oxqcsRA+mR*@})RlySORR{5&DCImif5so5TU;5@VEjyT|I|^V
zGC=1EkJJsXa<%t5%UW6TQ&BWgmE4}XtltX{Z~n@;;DKc{gp$SP&0`<P^^s6NG7Q2$
zOJAjW=oMlGuuOh#8Ul=ADPlR0$Ld#M@*|KN;1JbSu`w4CI3JvD^5A4OM~u!0NTgMr
zFVe5qL(2Y5Ljn1hZ0Cu{q8&3>eunxRA8322$ND7W@kK%UwV@%+Lfdu9n`wbr7285X
zLaJ(bu0SriA@BEvU%fgNsr#{|FM{`*jU%D`-TGzo%@x0{Td{KG=;HIH>%|%@v=PB?
z`!g<%K!Y+L_3Z5nzxC_Bs`2!Z$2uw9o11|?kKDC(NX=L~L3`U`<zh|5P&`1Ugt&JR
zh>4jW{ybUkVyM98kOT5#qqGD73Gcj{g0HqCJLbyc2M^wZfZrnG$HYu?X&kM*0fh(M
zh@&SA+_+V-f6B6h#lgyo5rqM&rl>1sNCB+X5{PWdxh-9O-uFLcEXzOdL_b2fVmbw)
zOt>vx$Ft+s?c21{ZL($kzw6Lfz~%vBpm2fdunt;0`en4$aY`A6Q>G4)QN3~H3Z9x>
zUU`EZ#>Ea&*-MDx?LZl^odw_qWn*<%|9<^8(2rYKl-Jb>Aw|SEC8fVm$>T&$ye2QM
zk1iTNe!Sx(xU1Z_vOSqBo*6R4T5Co(XU9(_ElR!t;Ky|7aJ)z|c^HejX})SiPzCje
zP>pJh#w^ayZxApx>_YB9#-9)N7zi=S(xopPf^V&@pqPq#n)eO8LI&Fds|ur)%7hYT
zF{Cr7GvVe>EcW*Hrl_R6AW3s39;BxurzZO$;~?jWR|E3jSXNIbOL1IPf6|(Um6xr~
z3AlBu6{gf$u+tLBJ@BpCk014i^8>!5J7HlL#f9Pq&7>v#i`00)wBSV?Oa}BMIy<0(
z0J-99i;#nEE5FwzVJxcbzrTL1%fFn>L*gey;KZ%>X3|UQ^VhFf^nCjA<#~R7Ny3iJ
z{0#s0sB~>#L=iM|FTLYOcGixXjiZBDq{aNJOTo+BT-*f32UQP(*wWH=CNbdhPy*8E
z!aX%pF<Vc+j6oFdfff#(<o6HH$8sQOJvmroM~?=r9!FzHjR>$!sd<Ddpk~|Ft*it~
zhZCZIqRU$7+|<}1tFnS|6zEK4;i^G>+}KHsdAxk-%A6J7jD;mC9#X&j!5am@He$aI
zmE@~eo4h-roh3(8zvv+$zJ9%iVcn{){3a7X{*Wa@W+N5I^TmT9%`&>SwpLo1V{EI*
zbbl2<Am51};U&!+O$m=pN*QXuy7`!lp5nTc0xzmi<f2CN=R;5QR}I=n{f^Wg%Cj`?
z-VaR>&5g7&ou0Yt=L4{QG}^p-lW{(rLWEBgb?h6kKEd<N|B@HS+sw*dhY*xeHloGJ
z6a{pPVv4ec$CW>T_`}-)#oWW)<<ca6a+{$A8~qd}_~}zjm_kQTL8Hwbhg(kDAnXTM
zGX3#t9kt<tgk-{t)8@39KeH1IJ213DF1vSwNadz+N=|Yt9a366pAOev9@K3T?EoJ@
zWCGt97_@jNNa4s+SHr^%7XWKR?RS+K^5TSoLd4yc8?N3@?0c645C6!ps`0{<vjyu<
zFulM9XYy-iHy?aR_{QwK2yA@a4oyqQv~Q2h`?<CX!u2W`ud<4k*4cKo-V*Wo=2Nt_
zxf)+ljCbzZLw4hIgJ6IVx+%;OTQz^kTrJ^82n@7LF;N#U&Y-tnv%=@>S)4#d$x1<=
zCf+Vrn#jNmQZ1U&0dNHn2y`=W5_yIZ!NHOk<%zy__1oxQu+_VM?b_+nr+@jGckxqJ
zy-Z!z>jvegDO-(;+svQ$cmO;+_fL7Im45LH5Z(Iw>KJ|n=E#_+&s!5l;|QupTW+i*
z`<-H*s0U7Ky?tia{dmA(O(f>d1`edy!&N+)cg#FmaQb;t5vxl06&(^?dg@)FAWGdn
zbn4XjV@r3G-#akx)X1aX1aQsrO1K;tH~<i2J!-7%I5zXtk4y*)=m_SzbZI~Bq0@C0
ziY&G7nB9K;=FPBHo95>$%u%+e^4S@0?P!Df&b4Z^f|AHhj7;lLKhIE-r-fMI<oM}o
zpUSP8OfGxiM52|tVL7D!v7wRIulLQ$pBbE1Q;;DxE^(O|SZtI!mu0DgTB2Eej2=5y
zY(0APNbrhla-KW^q*xEH{*Uhp!^$4AtW1E>z{6hd;Cp7EdZMw`-m&R&O0TLuJQ&*1
zK+M;(`~x6(*VCF%ir3$$WIhO_)bZ@xo`W>#5NkN((>uOz#}pOuPnFNSI3F6^NG!8C
z?vFO)g&VvK?2*tnSt|{CuOw+jF9oOKyWg~O>}JIrc=-4+y6sm#WOptIU}%d&hbJSA
zuO9P3(|Kb*?1y9R{7Gs&#Z!+~BL>2`kH}}%tUlv!QTk0RofiZ9%gy6Q3U}zvTGeT2
zFEl%h?uUZ@f@%bGPQot%UdcuifEQDclv=rS4Ar<3p#TV5EsB4w--0HSL_m(0tKeX>
z?obTr+H_b9fPq7X9{Zvzzd8=VI$9h0=xw75XliVH^5~I`o7YAvEnel0PhI=eBl^X&
zylPj?F^1})H-ZC?JLKP0P;gx*RBWpw&Q1Du%6R3<s`By^7cLBymls->S6M%G+M7Kn
z>tnCUT@CY?Wv3!jGmVkjhX77ddV^ERhK(Buk|nRgsY07Owj@9&{ikc%*R8glnosv<
z7Pa{HSP~ZVP1`3U{lG>KiGSX~pF2Aaf0@{?lio&#5AB#$!($b3P|45(MaPIegb38J
z6Mdh6B)Oi`{5ffGomuxzfhjz_Z!Ikh#%j5jzTOQNg7zGwrmu5;r_#Ystvdg8`Ol2E
z?2>ZSj;ap$lm5CY+U2K&0hHr<TLY^44A|YX)4F~C9h7{X-aH7%e@NNk`)1@MA%a6U
zzy+BJf|0b@!{`N(3Ef32{>*X}uo?8%NVU$u*K1Agsj^Zh@hTmnA;zO5WAZjN#;d|P
zdt(nzf@(~GE@GF5|K0PaPOZ1H63!A$3V)dx8^aL{OR@Z80|?qV3~v0hs5`86zwkZq
z@JBYe#aZLW*B(Ps{PkBa3JG4&q3lXP5j@A7mrVMpc;wS3{}=IFs+op|8Q%J8D8P?B
z8!0P=UK8)##}(V4PsoJPbf|=qMH)8{>UOlZ0U#||wygI4n;cb&lJ(Zs@<?~zKO^Q*
zA{RV=zT@4fwde@&=o5f0VVx{Dhf+xL5X6F)#7;n^y7y^wueH58JsR{JOsaOp7w`t`
zXbzXE`#vE>^1|G5O7+K|W$4w7ss@M!b5xS*kx<i*DkBa|$+k-UQNl(_2#nNTcZ(@l
zgkvy;Hxd&hA~FZ_tILw;N#IC{pj9vVc`0-#r%N@@JlfFxmp`E7k1ZY1uRBy45IwkU
z-P^a!pCvJI$@h~y1cZ5TTv4sSGi`2oi#-WK_=yD1%j#V6<jJ^U!-Ctc33aZ@gbAN`
z_zW>p+x|9g9Bjh(i?x^AS|mZ<5oW8SPMz+jSS=s(#~*))gZS+mLNczkpRX@TI6EiD
zJG&C-*##ETR#Qhw3AEah?FQ5e#l_mwrkx+p;jeoAdV>ASDJU#lBJa`#^_8I9I?LLF
zQ>TQ~P17Gd<P+_xV^g;S?uV&XFqI!*?#d1fKyZAnDURn$wNU#ZI3-P^NkKu&=|I?0
zT{=NeuN2;$nNSK{;)jPf*^yg~a~hlk4IJl&pN0K<ha&D_x<bX@r~3hN8<m3?8?UQt
zoHHc&s1xl!N+MPvj#p<JB=Ow7ZJnMuUl0V04=NlRg%^|(3e&tU^C+P%f`UXA#7>RX
zvwl~@we}b22<7G!9UW#<j%HahP>S=yS=ql!*h~8=0m0<9_U|n}@B53CKy}W?54ZY=
z9i5r}`S|`l)~(|b_N8ZJu(R|<Q4!Ge)hr*NNd6>dzL-Mcqfs%aWzpZAU5k`76>a`U
zDnkGi7>Dm<j(RMRb#-55W^P7D3e$<7|1L8#Y^Tn07od?4s|)2C>U5`CQ^_HJ|G{4A
zro??}el|oP|3Kzc6du?o;po17z&b;9{TPYX1FNIhriNg2tdWYg6v4KZRw3U71v#gr
za?2FH7w~*jQ<Ea9eB_GQtkA1q$%<TuA!P$85^ti*7gR1bP$q2ng?YvepLTrw>N_)}
zdfSPel@y&Uh*a{}GUYs5UnWh8u4`A<TLPrVpc4j7RD6`Ma$REiA{m|iWf`VEf9{+-
zVv>IS9QjK$v$7IXhpsT{;m&%<9{CCp5y)taAc+eL&&sk&dJm@t#~gMJwSn_7fV~<o
zUcwnADEz=Gt=F7a5)eb?3?#K74MibR!wU!eMsyTg)F)^$t|8)(<3z#|Yu+_g)FG#n
zJ7pfvts9>8kr^4ry<;PC`DqZdyQ0sf-Np>0`R`0MfE8p>jF-{VL0u%-m1xrOgA(WI
z1rkMm;I@J&pyUAMlo_P)Fg-mK);g{HdyS$@LLg?<x{hH;3b_ir9sevndMu`-p@-B)
zo&sE0#IGy}9VVq<T&SgKL^<`K{GjYy8(%E>>6oRINqUzqjTenw&%u_&a+m^81npM_
zTBcMjWNvM?SIG8Zy9)2>#*LS5=4n=9ISv^s^itj*`}fb@C&rtT3a1pY*9m<ok_M_7
z9OZVfEFxw>Sh}S*cEhm&y^<A#TAxP4Mw)tq8V1U5z~I3;&?po~a4Bgxm`$8`GfOjS
z<qbF@-1OmvadI%kO$64S+5+QbyTR{-f#QuD_!!UYmgnVk@{Ziw;Y}w>y^Y`t;l0ql
zcMSl)WAGqXzOFD*@zql)WulZ&(FI%v&|^RzIfIxG<7@)OR5kV@h%aynTfG#FI18n~
z_nN?72`01`4f`a5Or>qzBevn~X|_OT!!Qa3x8UDW2T=&~K~rRlO11Lx+d@J!^)}&)
z8Bpq0g4MtttYn-AYpzx1I;*l@fOhC$)gQDB--|N<I^lR+`jsFGKp^O{4Hqp68=(;;
zEMz&398ssJ3!t*lTBHXC9udj4W<MMZD))~TV1PsNz?k@ki4!Kk5jBqb176emWYyZZ
zn3!j!r593$PTus4I-S6{DsHBu-2oa@w?*rT+*PGKOBJ&&W;Xsi?qyUD&$8uSOCECE
z;Q4GGfuf>4hFp_Yrc_h$0KmvQbtq<%fPAP3$bIZ(rPpM)4!SKgmG&2k8vSmfZi9U7
zEdiCv>D@Sx@m&z{ty{Lpp5cXC5^L$DV4{c;q_ibVm%7p_29Q&H&!6X=E;K5VmGEZf
zO9}BCtr#jF1Z^Nya}$Swb|6m@`17}&^fuMQ950RVaQ*Up1yvt4DAg>HqrGst?sxaB
z^{X5`k`ZMt>fy{kH(apb8(bsfG89R~g+|TJs!n>04?1jr8Bz81J#by4ij1;~j?St%
zbHcK80<lk@)tE55>0OEDL#M7g?`14J@Ag(9UiSL_0h{^Fu?okw8s{1)5KyWiD6eTQ
zsKy6m4X2(D4|l^A1hAM7uA<;Kop#bx{-ZH%?R(N*%(=^JJC5Fe7mPfDfQYD_YdX85
z*QcA+s8)3<tDA4TyXsBH`U_T*tSM$yq<-Oe^fzR_{u$$dw1^CzEG#x*U&>0Cr^hqi
zDooj;q@z=UVKnV07YTv_Go(iwK2%l7O2Ui++lkoF#B_T31}TJn7Z>g085mWjQ5~#`
z@wmH|yT+>Tb<eIC2P8W6P6$qSUbG&Y=P$wIKSSI+ZDZ~CY9Z#<jxFu+=h34&Hyb8S
zo}5gPgruD&Mhx%wvMkNi(K47HbINvW;K1e=hZ?5%XIbXY{L`-Vm;ExALmC|K6YcR4
ze_L5OH!_=LhcBZnW_j&mLKg>x<}9r;s2JiPhTZvlc6963&Gg;|bvB+Ny9Ny82VjPh
z6IK28ZQsFzGdHM{=Z%`8KlSFkC9uGnLaun)T_<WzbO%n~H*A4<0Ew~LKp-8;08`6y
zu~!7*43U835L20eRD^9p5HhlvQUf)ty{R?nD~Vz@hf$qT4C;!*T%70}SryTl>04JC
z8g#qX%W%O6AI#1vceD>ebNw}O-_y<8wJ^mr==LeK(EiBKYe!^O(wai5*Oiy!P5R1Z
z(qdy{o8$%*H=CkOjRT0IC}J<|j)meu3wG9iM^+`8noVv|;|ZBPZ>4XI<q}wrvaz=>
zEsyNmZio8l;DruZQ5^4falx!D=8n^1un8k02Ld@_rJZHkL|A^M;_63CPm}K*Qmjyw
zqHeRF=p7Op>vJIqvH>1woZPR;vlK-f^YrilT)I7)n&I-{!;dJ)U};r};Lo1}M)Rr0
z(t+9T&}R)LpK?pq=hkI8L5+aoy<aw&RS)5W*83S5>yxrm*V4S=zQWjB@X19V!?;&`
zC85w>bKO39prd^y2*j-2@nxH9YvV!;g9B7th2_<cmThpS;yAP_)KOv_3r6bIE1zsh
z&67HhryDi*%I7|5H^{j7lk2sG3l~z_zhy1ZtDY@?I=Zdan6o@>?$5qGKSgfR``WX;
z3ty0M!uziO<~ZyG_yVk+OYP_xO%h8wCR+kHaaO=8&!5{hNUnaJtf>hpJ6B&n$A4BQ
zN44|WUH2N90I8xy<iyOFyKRREset-`D)yC~UP)C(|MWV)ke3>#o7;cJ8`qGg!D#;W
z%KbYH*Z;eJ*jJQZLG-4N5-WA&DgarD$nZ)wRz)0Mw1&v5=oAU!PB%vch~crI#V?pn
z(=2&VzD3~5Jq88`1?9%K!kiNyFkwu1$%Nb9h>cFzP*Oe^7(8UuebqviMLpvEK<Sd4
zR;iskeL4mS4HTyFBl24`2q~0_W2kO@CM;)mB|c)BYS@^PGfAhxCz;Yh_)n{!5`F>k
zD@YF3exS=>x!kye2M+X>(8N)3i3r;3`&3k4(K(?hpNZ@ViHUJCG&lSh%-NHeRv8KH
z8KA?>n<SV|f_DqhiQDk#BqGhf{`xCIW6o+yO4$Jev?z&DdLRX6ZH?aK$&`R`0khX6
z?L5IYT4olc;`g+<;3cLSNLRwuZV&f_W*-%?AmiVQm_~UFnYJ^Bs+=LJ6omd15-=7R
zVfrwwS5{WmL23lQfM7utqp8fDn9KYN&NmR-xLTZL7bnf4v@&sBN$EAu50NIy2&9O-
z0S|Aw$fNY!<N<;-a;{b2qm;-(#qsWXWD1EB(;|oHB69aI4?#DIK@o3<)VAd`HP1#Y
zUcFj434p8-0N6t&3S8=o7&WnEnx2OeSH*+&qD$AVNNbqlqYrswcXX5o!#`&6+bSq=
z`79t#43^nnhlLs3`HUSqZX@IcdZG^+gQ($5Dr1JOKeyLTv?j8VTUqU*`dIk9lTcc9
z*5V${Z$&b&y15dxs)76`rHmk*oDb+^mb7!CS9<qey<llZd4P?OJ#mR}qPnB9M;ncD
zsB!f+X3(hhX(-`4=~W^k>cmRC<BEa2uSM=`Ejfjphl5T%Ere&>b!u!^T*f`T$$6Y8
znS+ziO@MN)VXsGi{*pzDcvr_{)ybSxw8hw9$-epc5k=aXl`9S0e@Y7fOo8b2=byaa
zDBcq95o0|B8}X|#*${*qIg2fd1P)-%qrE!L0wx_dTaj_m7`MBidGlDzK<0^^Y6YyK
ztiNK#*%Yx8>Bx~jhGw{D=q54~WC1QjDFatEozV$GSWGcsIcn%dzUt|Z9vx0Ar|Knd
z!@h7UBoApy$ad7-%tA^lLkG0Nw@72AF_8+LI;tl3(m{}x+qdz2C@s-r31d5r1ML7J
zHmV6#$swX3qa8dlN;>K#E{$MBq`;Am|M@3tGkM!WstusW1)4MG0aY%2l<Crv1Yr%y
zIV#N07YlXlYT<;9r05%ze^`2;C@PMzp@REBFL<^?pF;HW{ZmC8x6SR#=g<FO=ld$o
z!Q8lGl5VHuZ57>>LxO^Eg`+#3?$&x*_RWV6zljB!d4(K$M<scMhi2yHMwd{2ow=ZC
zj|YYayW>t<#$G8C-vxo9?zVSQIA}h3!jIhevY|wN@Zi8HTZ8Ef$Bg0SFQ6JQNpWqV
zUada-0c?rD*GIy;lU7E11cT&Kx#C&EXXYz+olOJKsq%urgv8TQQF#ZXZSLN7d;k74
zQ3RPx=VbrQZvwZkaGqs<-p78s?7(wy$MHn+kSQnk=JIY512Z#)Q;$L_Pf9B{cImm^
zSmVf|I#hR_vccGeN19JJMH_KFGSbK#v_E$M<vsTsCWwh(R8CpPKdwU7AkR7D<pC$~
z-+X|)BB9}?w|!x#UP(J8Al49LUiixZ#iSi?ZS0UgG}=Ly%$}qOBh7W>>yncAfY{hs
z;-DnPQV>4r9J{-g0e4E%g@JmnSn#)$7Js&RBlSX5)E3Szq1?k;SUnCHkXk!vf=hKY
z2M2;#TA6b|(D6@5aPca_tBpTmeLji?Mpo*W;`BxCzr<8y?M|CQH+GHD4b`Ci#e$}Y
ze1~}TZy;}JWoF118W^w<6SZsTfWyg!D}tb**G@pCW1y3Vl*=#^bxQ}1V;o6ha}<Cg
zNF0}9E;F|?v|e^o#d~wvvK{OW#gm!#`}nbA)Qa0NXW@~rzb35=Y{R+cx9196GRv{U
zBN}`~n+Q*&Au$n-<ofoVH9U4Io~-Qlf&Zln=V-HCW9adwSZzoxM3a?Ie79ra=kle6
zIuV-{Q~^X=`5tp-%$UJ)Z17HmCto@DP1X4ahYrKQEjlV{F=Kl}i@XvVOUhrr2FH#f
z+>)3WGdnBC*bjqgHV_Ql@a*htMtKw&zS!-W%3SE-4|!Yh2YkvWmpa84@;}8%UCtdj
zG9Mv(U|<;!gZ^7unaYJ5WzJ?$E-hyh-jcaGkP-I8vA3!?)z_54Q}Kh<ml+*j4OVM1
zPEPlt)r9u?0gt!|NcY9)qswA@AZB0Rd5Kq7na^TzI`b9CjSaqisMcKuYiHdC_zVk(
zKqxF#9-N1`K6&k5ozO6IeMmEO<3qF^A2Miy{d<7<Yx-@5!bv-W6cwl2<b_ZK^ND2H
z8)k`LQT{g$i=%$c?fr#c)%O(osKz1NN9BCGczf5XGboK2VsWQSvn%aph}q;yVvEoS
z#m`V;kfRD^Y`6M9S<AKrqr!w0N%6oY+}q-c(%wLDfS{Bz!5<ygoH>7fwb$4rULF68
zmYRP7bf>1*b5jsfZZE8#lrr2H^Cl>dkn9I7VfCaC1(vSmZY&jo`uLa3qAR}xGzQMI
zD|PseK*;FZzMgcktoH$$=gc2Hbm&TWxGwCdb(QdWA93M{X9UHQbkCkN=D4~lVv56k
z`8=a{r%u*A|Cyh+wtU<2U(eJ3CyT$*`hm(LFa52zasl5+Pwi?`*W|+Q^=FIfR|%u;
zL%+5@_+OXT{6{LBv~RkFH39!)9gCOq(NFRCQQZYYWEEU#@M=?2Zh0>KCoM!>SlC@F
zgdAh0Okp-Bo^zD0!m&XzjH9{ZlKj{C%KyhC;O_$hvqhLD<}t8Qa}}C~@P)k8lQw_l
z@}_;X&ioXaj~?xCo^`P&Wd~R*+i*Z_!Y?CiMgk7sdq>BwYhWTyNo<eY^ErJ$_$Wrf
z;B@up&K*2(;EuWZ35H-RAdAJ{9S$^|IdS4{#Wrc|*N;46*C#tWa-Q~pI=ur&Kld6m
z8S4kd(uFJUXoN55INMhaa)JzlWK7;3i$aV41KA?x8~rtFiFE<16kNsPTvWdfrJ9rZ
zg%N3zNQN)NX!8DdcPf%pAa{!2pv6_SwW1N;I{937C11gc*_NrdLqawX5W+M0ug!R#
zGE!wMZTFmehk%32Ix^zDvBLLm`<!S+ddg2w8Zn~6Zj!*k@N3+E+t5#=8ijIjobZ6d
zUyli_!V-jk^BOFvhU5khF8Q)))vq!#Kz@<crso3!=p+wFf+8d90rtw`Z&>RLsGoi*
z1XE}++g91~k<dL+zIGW~JSkGO*I3~EiCnqL&a3_Fv6_c}P|I-{MYBdTOWZ-67sGB1
z@b0JKz4g42*1%rJ8KU(0N2as?HiB{niYW0R&nw@(L)CX&c38je>CMho|K=31Y5ND*
z0v6I1Buqoty=>X!kt63k>r?z&!iZlFNVZNs{-M!b?htlG4K3fDWJXigk*RdnSTsyO
zBH!@_BI3~o=EnH|31Ez56K9B%^yXTisBt)==sE<pPPtE?Od;v`J#axxfLBxC=loB`
z$7hP&7u&aQzM0G*3X^|_vn=WR`D*$1sC1C?M-|z2>vqt+z2%@Bs8cZ&5nks&0x>EG
z2~bmKS>o=9p~j_MJe}J=rm}y~4{d@~HcM!vX7=!A;E8Qv|IiMsFqb?e=OD&{#o(uV
zgW@wMXGYv4B>Nn(0#()l{GZ|=TIG&{rf&5p9<jIw;&@^Em04yJoY(!3@L4f)*YOf2
z`N4xQq$OEL%L%reo(s(Fq7*{C(&D<OVY)M@4E+xej#<ICA3q8(nX!4OH(oqY9mEn!
zQ=#O^TE)l>4~h+MD1uISdw+_3fYuD!A;)K$d;2t|^9l-lGAsH>7%QRRpJ(Myql`z}
ztGn*9%@47!0h8rsJuN6ef8f~_zZY+w3+k%GL>;zFx%0*Lz$Eg4D(*>9k+1CEAB!g8
zFke%%8QU1T>i6%LuUO&C<Z%D7%X4PaDK%uOrOHY`3V=;FZ|*SP-86K-`qqwK-~AHj
z9W=bAFz@6NmENHnLOY+)R6ck<^S8{5F|%49o?Oy9c7)rJqx}ajn3^%t^tSdDSskZY
z!+t-x=;WYD3YW_i3oCVw?=d{7dT{sj$V$bblM3C+3f*>OyS=Laru|YY=;OfKSP&3c
zghw5047<E!)fsafdYnDjSbQ$xjruKP$m-Q6e}@zXlXjMjP$+#LeXNL>$M2i9XSTb0
z2aE^UeNlRP1v!Pj7HI&*9&ilZ3%){ps)sj;iD&qy;`9sImB<fs?U?ugU}d%&HYovp
zaaa-ZU-7sw5a4-GQ>cy^vvvD+sLHI&%o4%%=U(DG882B9jRl=cF+?EZVXS+(HkU&~
zdrPPr=ruq$H!c``!hqJCRvIziE92;H7u)zFWf7VS3ZDQUpZ9fj<ISGoFWj#?orbh<
zw~++VVMU~$DyQw?%~AWH<70kXsGM83qxk)2kn50sFy!LRl}S7ubc<Xz$jK*o^y2(c
zR+egWl{yO;iL8tyjdeV^>mFfA$TSs=;%%H(8FZ~|VEk)TzwSJ=c~bGHgs8qp$a&%H
zhV4DjZ1KvOuP4Q!<5NSWBNTeEv8D0bt;jGG-;5z)2-ME-BvH5xP%qrP%Fl)Ap7yqH
z^l1QBz=kkPcd%Qcq9TXnFB!q&+R^<|u%M-<8Z+jwV2a2;qR-kr2e}F=Now0Y@U+Zp
z;2;+OD-t~03+kI4#6;OS&ZbM3YLNf9=yWd{7!su~Xq`JP_+x`fhV9Vfl?*Bk9l8dA
z;1ZQS^B6&f%)*j`qUR;}5P@OejKvf?U=pZQ*hNIA%6CV}LJ>m?OsC3?vFZ4o0e*l=
z5GT}({<Y&(RIud`g7PVQzTaU0hN6_e#@Yj<40sZj6p+B-<(-+|>{1B-Oh^}T*I4|+
zVno?KP%4n=^xQ>#^1d_r%jb$DmfK4uMhq+AiJ_}2ycA9wsMIH|Osa+OUc55dMMOBZ
zj^Ju-=G*>~vdeJ$3u<Z#Pv$kvOighdDZIWy4fiX{xUDQgM&#h(%>)hLS$=`*B;W;7
zI>-&Ok}s*uxDsc04s>h0uH-9M3{?6sF0yY1!uprc;j~q8p?~~U841GAxdUVb6&W^6
zvSy8*wzdn+68zHSNt3oaI(|ogU$!f#?_quTD?Y^h&%%X_)qtlYI#%Z~_>7B#*2c%D
z$=@SXRG6|omswFtf&gIwNuir#$_!?Ue^+(QHfd%0PT(j|j>Sus(DNh4Xa}z#<6+Rb
z?em-23C_&w!9Ri6o331$^Yux|_;WeIGJ6WHrx^z7>GI<NiDMFW@l>|7GW7}#*=Vzw
zXs;G6scdM;3#VY`K;y?-U1*W!$xj4}Nw&h=emjg9xfceLHHvwL`olPK&)E~fHy$SE
z#a9}{fSvuzJ0LUY&8rQEDZit+@bKna<V1pC_-oqX!LnfCLcX}&O%FQVkseB>?)Hp*
zg!B~q1-o|X!ge)dr^(e-Pf8Ybg}`au!L!7XA~<lPyS=AH)vUfe5{I$BgT^5w;;vU6
zRZ>>@?Kc|c>qVQ0Y<UA8HcF$=8AfqNi7%REG7H25B^t|fqHf&^j!UY)p=76H`Dvmc
zg>toz$mC7z@fLdS?OOmq7f%a{k>sQ#A(@kuBkij8>yZ|-C+N~F3G`!7rBGqv;hh|_
z$WP;N#00PrXjm{ge{5yB+3>E|ENlPJW})w);iDh8Wz|nPgwWVn!`Xpa<NBkHU|vf^
z(7k&*;T1fnuv!~AH*LzM&wotiKKF9nYw~gX@gfFxv$N|7;~*G-AISVhcp&C1hsGW0
zf%~N6hi8XN-ymPTaKV)hmf5~<gp^R#3-qP=rR)i*rQtzMDb#wHU&7<&S?!`O*p5l7
z_6uT340;0|6-Qx5b>3_Yd+_Za;XzTy5W*c!zlSWpK|&C#bClmfm2&T>00_LdMucpB
zv+rPb5qFF*G~Vu6UeRes$Hm&SE~lST*3?{{@EnLJ^z+KEmG*9)Bl{~TK+g*rt(7W@
z4@-*IEYUhKigC>Ga--Z#b8~kpBnmyQ4*BCK%f2%+SH*AJh{$8rZ&I#^A*ym?3P-7_
z!GxblD@U|;fRXT}ONE^c=M$X)t+JROsgf3^)})mJHAly3B~&0qL&4_HGnzhqx=W)0
zkR!Mg&Y|2{l|H#!KVz8UY2hiOV2Vm)_Z&PIw#9e!94)+2pIyx-vPmgZGnui2ng?e+
z*=G5#rb!|04`*e%C=_Xx`dImOJlLL%x(+E(<2WXo@^W*9DIOD=e6U$&H_}}&Ur!6}
z#{G3$3AOA5wYQI;FlJ1NqlRCq-K|6EZ@9P@w0Asa{<8G*<bYR}h(7xqrt1axpx?k!
z6Bk=@GFIOlc^E4)CR6JGnDed9&x06ex`e*v9-dBX)}*BONvRL);n0viz&vStKy2W8
z-Wp9NA3yI?VhKlP#r(k;F*Df`LAl0+)x5rCPU<8<bbR=Jj2=I}F1ghI?u3Qlu=$7U
zII&SUt~O7{y&V0+3A<m!tTnkvSvd%e4o%7XZR|8iAV5KMQ{Dk)APJ*c0G?nksKfd$
z`@ULdniTp(pH;_DjrB=KkGdf-rdJ{1T5Q@hU#bYSgmghHu`X0lzR!jaUL#B=wofKJ
ze1NZ2sX56<5l#@M(7lknkqFx;{(0sM<&H6CT<pSO@Kp#25CnT#m`=k3$a4L9v0sH7
zz-$cVjL_{;vJr87Ua5^gSATtYNl{FCOTN)`0-d3g4defg0Zq5r|G{YQ(LG^CAK~!N
zSjZ!$V*JR{g7T6w2+$ZQA3APGc<a<w+LlmVO~MoXxD=(7w6wCvxHU;DIcf>NLVqJ?
zxDZ=iEmc8iulo3y`Q9$Sh!1QS?Oxt7j@_15u4of?%~slGd$?-WIO_mbcad6vonO7l
z+KJpAJPmJ}!P}X1ZmhJFpM!f9W?xRKzoU(4JaG=<Kj#bO{i<mL(H<oyCy(eekNXZS
zX|Tfn>-M<jLxXCU22QY$tXl{A=n4#rw@8fFN!dK~=R^sj7{YC@wDO#3*ra0i%kXGb
z3J5-9$yLELD}3})&|bP`%?04k-XpMUj9n^g-HYtRWDSUlT&3c(f&zGd7FZv!dt%3b
z^PEdk+!FPNS;#-Ye*s*~Ll(mXh6Ib}v)xUdSM+Obpyc1Q02&&u-<v09nP7v9BJ0bq
zuS#yLyg3X_@uK1N=-qky)rz42%A8F#wdn{rqoO82SjPnzGn$fj$`!;FEdwJFRcJ`7
zpM<a=`^1HWTW4n${W{X^#QB(!v7axt9j|)Wbg{PtXc`sJY2fmYPmiUQ3jtx#t=X|g
z@9W_mS$|;TQXb}T1u431>tL3Z9!Y=0`!*1D5~&hMy<`|QfeWl+wDS$bcO3DgLa!AY
z7f30rBS8pPkJPv^1Wqa+Iw;Hhl;T<A<S@F|NR+mAQb%LEKUM{7F#l^wmocr{$5NY0
zlgZeRAI~qIUgV>2o8qDjEq|12%QhsAH^we%t;=K0Nb(9#A=p@x<ef~-^JPBOnT?9v
zVZ1YU)b9w|OhWEoJIZ1G=MC9cEC~=KwUU#{oN)cJ{RMX?4u0+4^Jo!ysO?#opZ2<|
z4~m}Ngr#_3Jm_=2O)^r_LF+VUB<9?-fFI}-9Sn@~;wQ1zcCW&ZZGitj_`|-Er?t!i
z5lg|x{6mq|{bQM$X@3$;7;M;d(VdB{9>AGa6ZJ&BO#Q)bx5wl0ILm(e6vx%c6DC-1
zJrKK-CKA(nIzQ)m*gz>pm`&6H8KS<NHjP!+QANQ#Dwf8e;Ez}xf2$}MvMSbuxrRq1
z1Wdc1UAX5eMcGM^2#<?vq7w28Lp&UAdiw(*E$=jZa9fRe$EFe2sU(|QTH4T+dwAo~
zLd--c>7o&~D4_UF782eWOKOi4f$FJtwUrzKHV3j4YR$pX(#kl=QN4`tAU6<aAQUJF
z5pKs^o}ei55`BLHQ&6b+DB9rm2)Oumi=AH%C5R|Kb8j0PKt$-4sw=UU0hn^T@dq<%
zUbn|uB7TpPj~YXrRiw9l{;XM-Xet|{iJ<%o@G!HbcF~_8Jpuq9-RCf68WKiKB<4y1
zU{A%W9V+2?#;O$8c<!X_8!&VzABrd8N+xDefYHGtl{}aUVTW}G>M1%W=^j03_3W&z
zC!pW_^5uDME;!68G=l*FW{!@HV4;YzW=SOD%~KecL}<2ZoV$eu675^b$!=7FOf2sG
zsk63o-MHHF>EKEHf@6RC4e=#Ok}r(@&1N3xNJ{I6>vVwgRr=sx04xnKL{8qCb8#m8
z=0Gj`)r{isk5L-1TAb#7rWB~5@JU1lgPwGgg$0+~>BF-zH&=edsF38=M}n77GGUup
zkl4!0EI`OEyBxS5-7f5uP(mqV{RcI?ZO0DQ*#+qj6K37?lBfwF1bISum9a_=@D&tz
zV_&8fc%Yms$+sAwY6v@u1!-kLoKi0^*Mp=4=&UI+rF9c0nks=(l2{8SO!vhv#Fq73
zYBba{#ORLpwo!(Dj)Yvf%xUb=1<^xXL2=20AteKe=g1D`VGbFBhf*{JAE=)mO4h(g
zhPZ5P7fOBp^hth_We;RHpLfEqT#g$9KkDI44cUQ)6Q+lP6)^;SAh^95VTNhYN00vL
z^K}_v0BiVB9VYQ`5);2cLnDx44yPg4T?+vFMX^q|quOq*G5W(!?Aa*K{8Z?fFT%xu
zX%vY8DP{5KkhFw#H}5c{$4AV;7TU)bbO^LIoNViJn7P9UnjoK`L-#ri)CGFMk}8Ip
z9q0Z7zoJmh%BrQ+1~>AjAS5B%X#GVSOi^A)c9a#42Q#~!fu0a#Xup2?QWG^b*T7fU
zwp@mwogf6zz?6Ip^z;Q>;g^t7CX!Q@Gln}nixp+#G3X(SK?3kSA*P3Wd`AvR3_!bL
z?PJGl;F~Xys(u;Y&};g443tHN2wL16*zw&8FCXC)0w~IXweEHB$dShk!(ko=LCo}|
z&O2vurc5&Ke*|38Xv68;^mq{!+prUdM2-#w2jNw+^w;ZHUj&)E(9-kG=#2*|hae9{
zw+u5&IW=u)HkpJcOcYcdc??3FAB%pTp;^{mM(7WV$7F-Odv0#Y;o)|cmLrvgn}?4D
zx+xFZ+aZIZ5nL=BT*Wa1JvA(}$^ECt`y1X443L*H6m4uuN@;$6G%Im&bK=<LO@<mP
z*(on%{0Hg!`bzYN<x+6Tdj{D#N)A!yu3kMvc>|3j4~||CRPT0lv=}29><mrt@%hAw
ziBVCXk_)I_*F{e-N{eP9oE<=9TAVczvm3lUg~uQIc4|rDm}p=a_2)al?Zlm9v%L>8
zP1+OOyjk<BGHMjk9z*oO)K8!bG13d1FJHX)*MuGi(}K*oLpD!FdeDn_j$|!urd$fL
z!YNaBLTk_R?16#}O-Qmh=VoSa-@avrQa?I4PRYX?y?Ab?mvWTrjr(Jk63kG*Tb}EX
zvDgyd(Z-JIk13o6qBX5TEsz=osklEqMwP-2c57{XTl70@@0ih}Me2rdM+*jyIaBI{
z0fWwC$PtZyGgMk=PCOpb=Ml-KVBIj~`>g-u+N-HKApOC1IQUdTwZWvU3B=aAMM|>Z
z5|}%NZA6&GNBq{eUE9QwE80e<%`Sm<PG?>}3Vv+yC;SOHbv6^nvQKT(fpRz`w|or(
z7dwcy6)i3;NSoh@6EmmdHZ~4fG`4+udhG%~WY~{xv)DBR-M|^WOXptQ-n>F0b}JCX
zKxnHjJ>iLZcvC@&6bE$Exb-TCQIcxzg9n~-?of;&G?tZ68>4_+&@BoZRx%9cm_UC(
zMgu(uV#gD`PPlY%1(7NIyl*X~>#YjPGhF@9W)w5U3_!<11vY@RH^1$r?Jp!Y)K?Ix
znc3M`Z`V`A*wmPCX2kfbTA#y=>p=mH@A+5wxoNx9(<TtX;N}~V?am!_G56R}4Aq&P
z04o6XZtdeQ)5^Az*OQ({q->>HC-W!QZjBWGvqDK|8o8=Mj-#NEHQ@=Fj77LaexM~g
z2M5KWL)+;ca;*}Hute?+eWjHtuY087UY#S4U>u-%t)=B0s|V!naC9>K%pS4`Do`Ag
zAd0QV*B)CFZE0v?QUqR66%rNZ6(V$kwZ;A6f(O4@J>Hp<2{h|y-NDiSM+|(9j7V?E
zW+jC|!X<(@r^&Da@C!5uo;R%BSPm!U7w$MWX3}{JdA^;uw=AeHmiI%CUyh9Iz&A+p
z5V(-rI(Jn5#2(S`OkkBw9Y67!4X2QCa3uJ?dvJc!MP_S)()k~z0gz{=J70?lCX$d_
zcs^OfHgZpR>~LlD6*Y(J*@9yX9okwWNna-%NJ?Ag=OR5ntUpX=of!<q@4v$r=WE==
zB2dqJP6Osj!iz&!;L+?1w}TLIydg{-c)Q%6%L~Ytd~j8icME6!4i$hL*~9v^o2;N+
z7(gPs#WbgU=D{XA{54XT*2Ycg#2l;9?$k2h=0zHtVwt*`r#<{ef3zi=Cnj@FvwqgB
zU3#`ILDhE&$4#vMpd=s^x{X|wV6bf27l+hJ=+l*#&1!9%rPi%qPsJ?;CwW^yHNAQr
zH!>S0vYNHdU{M~w-adEzS1Sz%!MK|46N`8LlKHV&=i}c0=nwTxb-%wYk5{~bw^gT(
zRlmfQ)qg3e9}r!p<;*{*8eJvCd274<*gN4gLrg>c@BiUo(>M3z(yNFdfDu4ihMmwb
zw345L2=n>1Wg>RH(Ea(ZgLEyja&lt0mFr+DTAn|;{7T0@-8i>XyYr3>Pa?v@1MvMK
zlX&eDqyAWVj~T;*zS`Nj^(y5mB?djBk(un?UVlIySXuRwpKuYHI!lhK3*>zgP$c!3
zUAFA9t{2<1)h)rA+RzxGP<B`qL<pvckB*CTw_47%LE3hDPsO%)+V~PMbshg|{t1r%
ze%M*>RtNZijAFbexC^^kpQEsnR;G%gmH`r~eRN({9WNjT!CQST&Jm4JKQr|hH>u<+
zgMcVkreQ#WzG2k3uC5wHGDJ$F7M-7<rRA{o00MT#`5{MckBEy~=G*Hs)j3M~l~j11
zo^!@trxX|ShBildPB4;QV^bZvh?zmqs8Dkx-{%7YV7Ufsb<CjD`x`8nwc!={a-G{_
zkNqj+c~<8Nx;`A}$wc4g1<PseJiJ-*h@hE;NgFn96rd|r2JvFEk@SiiD=Bu5e|^U|
zKbSOA=x8Z`=}3ir<%LxyDW@BnPtktYJ~{6<$?6!LlKwDJ#PgX1S{mMG%2VUIwHd#5
zpULfFfB-nVWcgb8_aF^+PipO!g}r@TA^>h;-2_xA1uHh&+JfB(Rfk3eHQCOR$L^7T
z)W5iSiK|a>LPDb%7|5n^WJupE^Y-~2HT}89wP1S=6F}Gmpm9T)GUw=^Wvf>&lwy3?
z6sR5!6nvubSTl-8ig2|4FUiFeM$F%G&@@445|B&pKwRVDjr0-pl9vb7S)cNaI;Ry=
z7*ZOA{7n=%PEILgz1sVthX@U=pbLR*${n|yj$Cv?JQZ%e_)7$^XEUi!@FtMz-knuz
zY@slZwH>I+Wd4-e1-5R-vm99r!Zkpd2t5Eq$#)SA+b<kmrofofquz*Jxu{4KM3`#y
zmVgPoL!r{=u$1yoKmEje+HEzp%g=Xlo&bp{d2#+{Yh$lvbH>ThSN4;`+Jf?z=Y&#_
z%t!llcAUvN8yhk6B&<mfUA|mN=ZAqbAH9Z5nb82!7qYAra^!0*m>lTedMGwVa;b_(
zdECL*yrO~?#f*s+Go*!@jFK(uF{=-Q3-u`ttA`537aDx9aO9=)RZfQWccm*q>UPPC
z9?3c&IPsKSDi!4derX;Q+ywToRA)Ge9z4j;jFB8diQIb`>FEp&tOBpTbBDc;Gc+r>
zV*D0iyPo<^IvBf#TA$Q+Kw?od_YzecpgG9^3PhLVaj@fVdFR#}>z#l{fs$Z*5#w^)
z7^>YYImEOU9Tz#`<C{0z_z`#xbX*k`&pGJ~tdw&V05NE<sJ4P8UJwL5`cP?Q0y1|O
zELsxui3CPbN{gAw<T$H8ae#%vjEq!Me#eiAmXs$(>GlQfqzkVoEYuJ21fA-oOY6ZJ
zU0hlzJeVG2YxngVH~2Z$ZQR(Ol+JEpvKXDbBBKsqp#i&XjY$A(_k=^{P~TtonaKv)
z5x5uFU$FP@Sb`L7dmP3wLT=$JdlF#P#AIHF4^$deT0v$JWeSZ26TPk9zA<>dr`ddP
z`%Tju>fnX&n8@2@e>XQ*>(?Dz1A2u{NSM~VN@QMG%*EU`T(}UKRyBbbJ2x0ADP{U4
zf<yyNI=_LikYBxeT)*zXwA74rgh(Lf7pDy9egL7T3B4QE5<FN4!r~jY1b}XSj8+Hl
zhCKg{9u>-*jqGrYFJt}~(7*pbL@mE-1W28p-UV3@mNWkTn=LI1-t>krnBw&DoPi2n
z;olf>#2i)d2$UF*tHM#EbdHX;wpeb99*$1s))*LNq;I?~09(FwqY^bbX`Q9@F?%$i
zm55T4uqxLJH0qeKHd5w-R_RT^a%(G@vzcvmiS=S4^n?MElmM<>DFE0$N`J%DA(&(g
zGQEt9%S0qDhC^}w^X__q_@4-IKY$uF53Lh^VRS;oR0Q*I_&ogLl9CR}V=j-O7V9_H
zQ1c@hbmkgyvcFd6TTz1Ym*@pQ&{UF6C|Hpm&_nZqA1QwXTrw@Y#E4<O*)QG1M}9WV
zA{U7F2}#E#Sa<Wq{rku<gstzb3KY)v(fzoN%z8==%}}ChXGW}wLvCnzl&2FIXkJs%
z@3219J3;Hx*;JV}yK;8}uVrCpw#L9Lu{>lm1A?gE95u3@J#%EEwTCy_CC(S5A9bwu
z-Fy6F&_!^B!Qq!F1%WbyR-v8G@!Wx2h9w#L`X080&hVg64I$=8<*hf0JgVoWt^5vg
zIyos0`C0$-GT!d=&0zh(X=%c$Vx%F+mzXdCgpU3mn(XEw+qds2dNZ;dNO?L=KfGC#
zz6q#iYadaRQ`o(vQ{Y##olhQM2P=>=7crC-EReRiBl`GQ0<_>N(wYmVMA`Vcu`#4c
zj*OzvRB|ult4YR3{Okc-poVRDn+(2L%6n=Czz_VEY`%Qy(vNwezn;wu4KSsFc3A%&
zY(M1GE9=uI!%(XbA6ZxmAI7<OMKI^8(ED6mz}<ov;??m1oGX$1!DGjAIlNb6Y%*;v
z^6EVbSbf6Emc?gSPTUP;2Hr44MjSBek4tGsK$)SOf&ncK(7eILS}$Kzgqxi|Iu|<V
z69zG`_`DP@A@`m;Rgj4^E3;yo&0j;YD=BOJ>8DcDjd=Kn)@Uf~Vakl?G|Yp=PPx9T
zHHvdXNi$C$KZYof<CmKxM#rd9_@Qy^80g7kvPp2}>w-loOlNTN^II?`?$~C{o?>8f
zdPmD~+ne~7RCQx533D!%3qtePjWqOQHMy#s7ac8WXPAGlz--`XL>Pt7pNCFfuw==0
z&O5SIlDfurnS;?t!?+FOO>XJqcAs5|4a-c;blf4JrN#WAhD{!!5ig+`N?V+r-79k`
zyU{CMt{A9kE5A<jx?6$U+tZgWy(Oz77Qs9Yk8JoIrlk-AZ`$+$>Rm`dg@<NgAv5Lk
z2lcKV;tL$x8lQgHK|?lgl+n|`=|+>LL9o(q2?;B0AZMLJRtB*TBIjfO1xSLjKi5Lj
z(}J`~EJhA7&TQXP+p}RP!Sqd&R~4;~zQyqe8fD&<3UseMo7fQu)3Z=G&B`2p!eB$@
z7=M-pi|Ja<3M>O-&ae(zQ>PX^e*7Vz0#*a%q<dTIWChKdJ7s;_<C4N3=QwG)>Hi^P
zX3X<K>gnMv1~xq%@?FF{E+M;N=QKu`P8g6Ht2f=Ub3S3f=vgC%pAPg=AQ_xyyKzo6
z`8K4t>TZB1_?m$3N*}m~M*mR+tDp@SdZg+Y6lIg9OEHA{nE)Mhs+b7FIiSVs!~8$5
z0)?7a`WwqJpim4P0I!gA2Tt7<f(HhtI&A`9)vYo&hh5RkY6S{a<b&az0xwg4+U*)z
zU9TH`zp{bIP7a0)4!LwmNSgW~upTggaM%P@4dAt2{yni_*oi92E62V>x5N6|h=>ex
z7EgVNN6~-7Y>p48Q)b7@n>TqkqOSuh)BFE314xO&^(Gty?_b#?4YHA@fpJ&z2@Ngr
ziq*DpCc|&1>!vhF<#cEHJNy`ahsrKCr&O)HMkq25%EiRWB^Ph!@n^sBv>B9eB5Hrx
z#*<O+u^pT(Y;OPdxiO&^V%5_VuEs4J*m}W}Uk&sOnkvj6d}HD0e(XD32m==D3}g(K
zfcUHd4@_P}tM*y$AA}FPc@FCfgX6HNENA$!&jiK_asa3u7*~r02t{vrVdqDN+%%L6
zf9=>Q#fI%qwEz*=cb7i!TJ^)d{{d@Jtq+_rP;vZFMLPk2S$!$$))<O?$I;2RZslQ0
z%J@0KmTj~H(<anU8w7C*`pSbrS7O-h=e<X@Z#kUTi*FVngUoYF>o}*uf%fmVOv%HD
z9WaVKD4bV7&mmn=E<h_hp77`4!-vrwrcHpuZft14i1S9{)+ZKeo&yIB8jnYq=e(kp
z;Kq?lY3>ROwHW9@fsIy=y^Z|ZMn?5qbJAC%W@_~;AIGPa(6H6_m!gfJY@Ag@7~r`N
zJ7EnLK{6uYHCog_cjP|MAG_PN@~4}(ZhfE}!(zAXdi?4-9w)KR|I89Fh1hqf2Qc6d
z>s35x;6Tulst+IXE-yA6bJ@?Yn0g9)XHkImY=@H2>D|7+r5EJq1#XRfk^Vb+coc-O
z)0>~IJ5#=83e^$4J0D<nHVN&-1nL^*mGWW={R-4c#@bP}%vs`xjZ}X8S(uNhZ2SWQ
zt9}gdoST>TrlEy85f(W{5d)`kaW|L8g5u$xG^h291;b(eFlO8xyI}0j=tk5z=?@;T
zIOpckxx$2<pNymsV~;xP4F~f7M*6~~m>j`+f)6?g3Ua29Q2J0QR{hcskfq?bC%p>M
ziyjxF+4YD1TIcw9+1z-X1-OcYho+7|{zWJ)>IR)nb4fTMlO~67z<J-Olyo;eyTS;G
zUo$3LCkz^&zWj%m)E{Q!M>E1@D~+8;^9_>kZwID`k6qW+c<>q%X;PXqYJcyx?He+S
zTps!FvYJXkU3T63Q#NsS5}ghwqE4Mg9~iPsD^2eDp9U(y(POS6`_les#)d@0^Q`iq
z*CpyjpGt+5{xToWn-Q-T;7|EYZsqd)?&Eh*08`p6|IOH|%Hw3%7y<@$g@a$J?fkK&
zyEKUZ#d}QlW;1G0K=jhtDdPu@<t9}=>y%q^@3aYE5J*LA{YL8?jh;P3W^Sy*3}A&b
zg*Wncms%cnyc57`-}=N1=aX(;8@wuPliy_}MV}9k?9{Oo-B);z-`aYrF87toUdG$|
z_8`sjRHpSAhvYu<w01=f$~_X+|2+O_PjPWUR|uh0I(BT)bZ?7umKk$3L;G|4DEM5;
zB=@Wg>?yT6LcD+uIWMHObB-saIz@E}h|2re--cHq&Rv^oNZ@=t(9pmz1UO;aFN!Eg
zOd!U@;Pd_zeX&8bxEfRw6u(Qh3-DDZoeSB*h4KfaQ}8c>bpEvf(f?OpZRpaN+)kaO
zw$0O@xs)gLufn_jH-4Shdp=;{KVvRx5z5-fm&eae#N!{=s`;&77_UjCBpIb@e2@j|
z>vwC;1)gi33%>K1!bxw(nBwa;PsE`5%9SrhsV+J=lfT~Uo<dV&Wai=Yxv8n+bB1Dx
zuk-`qJo+C|>+N2d6%4|=e)#>n8x@1X8E)S)y3x561;&D#-;0SSct3t~R7wq?XjF-4
zhVq2H6|y+MG8K;=;BSmk5xfkwIso*=yeTSH$w0-RPux&coK(rgYE5-@ZV0M^yig4H
zXn_Fr@=jBCu{Qv&(O?PX2bOGAl_YIE>e;0YSg{4zmKIn=NYbn^$$j|n$rB2v@ngq+
zlX4%q4(D#!)~_*C|Ei`j52?m5lcDJ=E5i?&3U=5D=5<cV{!M(R3=l)12}_NPU?as?
zxy88$59VZyr0dd?lq1wcf1C`<0!ziWea&wnw&sN{pb9~Tj@RBWLyB?=Bm1u|$Sx&P
zQyr_knS(rdFeA{tomGCJYAMa@&|c)}?1e5@nLLqwm&ZR9PCnp#jZ>HV>=~1l__xS<
zrIW^~{LXg$4Lvm=BvdjF5_j_fa&qJ(DC*TbnsIV{C3NS=x?Ek8m_<bK!S`vIxBy}8
z7Wg>2NoJD!O6D9J5)TUp{|}f&wFjrjK1UY)J$U*w;>HckuyVusoL!)YlnKQzUT9>o
zOVpN*gG}dvr%|Ht=VHk`(?uY3i2U52q(%%BaYPAR;n<-=2pV!Bub9Y#o<Qd?dq6lu
z08KXTV+bHJG7kP2X$FYd(~zarcqSNN1Xb6?vD>GdhZeAjWi-O3bJMJgYMT@YcN$_u
zmjRTEfjnARQ${K@$e;jn!elgzmyTN;9@)Y&n|G;klc&I{CWd`aTC#DRnG(bL9@h43
zHydGw_sYk*y7rkJ8YVv=Z77=Qte|6aJB<vr6nqIb8o3u)Um&JUB?jz&Wuj%ukVRDG
zAVfCnpK%E0&9fn4YA7-wn<A~Fli17bZ*nUj+?FXrie}So0dpV>9VzCEN8l8NO>%-G
zpf(H&^>*HAupP-Ev}z?^h2c%Wx9RAH6kkW~>J}reP$OfN;IKS@4_O2i03}1GZ260`
znwGZz$8uE;T>uUSY2^!<R0o>nZh<GEU}UQ*`uEFOi?x5d0kbl30jH(|Fo<(#Hy+I<
zmc*<zT#Zr!d7MldeHVf|q29)rC?f2~a`rmViJXgzdi^X+6jz|G_H$=mFDOX4jptEr
zRHAjvi96&CyMz|JwT1eV1@r85Rr0`B^j&2o{Q!aIjH_NMJ7=>i`%37ZFnIq)-;#-p
z4q10#)H^U34{tD%1xvUlj1UXdhjI_!OsF0%lM?hcg4-<Z4?-AhSFF)Gptpnz4YmaP
z7BZGOCT$&^jQjUp?@zxn+1d&n36rf@56xpZ0!R#^8SzIG$Qf`T(Fs2t@ZJ39%!c@k
zGs&a<=gV*bn7ERa0AYo+ATDNvQ8R0*NSAt5?8jxB?1$RgSAhI@08zDbFyUNg&rYX*
zf^r0e%$rQ}=H}|^r<<0%F;k8nsk#vM3s)QT|M4J{NYHrQ(}p@gH#=VERECvMa^&^m
zGtk!t2MQ|5?z8ihA8&mj(^BMT;Y=s>3nVPW5ffS3f!SvbRPy#3Dn1+Oabr!gpKKqR
zNbcniL4|g8ckHk8I*u=@Y`>WDtu7HZx3#&s2ls<!34RIn-&9a+beVn+))#l%gMx#f
z!P*+2<bdqG2|bkW7Zf=0Ezyx{sjDLyfp!pn=o($K{k5_aq-_KWn}?<9{a#IHw-FLy
zz?;j3#k68R{eJb*52^cph}OsjZpAD1GJtWTx`!I;kU=0~lP-kD#GKA}dwYsvts6Kv
zWQR~iwV4<<c4W7gsQIFG*#~r5#<t7vD~MMdb@Ekv3NglM>2jVG`K8;BzwV@?B=*Th
zbruo)zyF5|Ur3R1IRypn&t^9_ie%JoOfx=xNAKe6MS)6f=DMBgXYw_gU*<Mlw3zm<
zk&~T6l44{g>L_bi{xcwy4VV*9ZX21&i+>0Ye3yeR>{6cs4g&zPkHwtbfmau>cBoT_
nB9QX<vy3`lzj*OeN2iaW-S#!5sa)W%I?bECNIycd_K*Jppig(G

literal 0
HcmV?d00001

diff --git a/docsource/images/Akamai-custom-fields-store-type-dialog.png b/docsource/images/Akamai-custom-fields-store-type-dialog.png
new file mode 100644
index 0000000000000000000000000000000000000000..24251977e7dc031ffa8f9bfb988e7568b405e76a
GIT binary patch
literal 29882
zcmd43WmMGR+b#;CfJKUQr=);%ilmgZG}1_SgG!f(h)9bP($Wno-7V7HIpomi=KsEX
z?Q=ftwe~q{e>k&@0fw31JkK51b=}u9VK0<q?%yG~gMxx`Urtt16$Rx+4E+6xc>}(q
zTwRKdf<lENC;3#}BYAVmT@T-a5@naM`*9OqXfVOpjS_wSr?`^@%>^&-^1q(?`}ePg
zZl$KJM((%4+=6*=shf^3KBGy#2p0b*L`5AbF0prsC_B!Q6Boz%-nbJY#@;95ek>f{
zb+MhgQXQbKr>Cc`-n@XAuJa6l7f0Ep9vB|}6dTL^<cYev`X}#`z08yp{j1B1vl{j5
zpMUt8pU=w1*3;1;C#|bXdV}}+cYd$WG&WXLxG5?|MJ6Wd7!smiKa^ZWP0jlC>yK+2
z#@AndRiiRTgZ~Fnjjw-+iv0h>mm-nBjUEsZR`OL=Rq^xjRg&h#c~`3XidX5`85mGR
zv~Y2A4-F2kZ_Izq&CQ*h)FX+K{yt!8nz1+jqojn3gF{(OZRpo8aSe^~q6oN_L27Pp
zZaO+iO-<g%kNf}qdueL-^y%-8SVm9b)W*if@^aVszmq91Kc=QmUm1Rvj#@u|H(IFQ
zB(JTl?V9Yo+MmvEAuHRitL1&TK2mJbMnX&+MapN_8cEE{%d4rW8G=Rr+SYc<XH4*s
zu&^*EXAE+6Z7r<J^I%nlhEqsrVq|1wdV0F8%>th32??99aPmJB5d*r-mI%UlcK!7j
zjkr&ry3@pFIy*am|Nh<9);2XYH90xi)3enYMSA0{IGwY+eAmEt8Eb26Z_}Zv;441;
zHa&g)vx*NWZ<J93eq-LgJ%{jMV`F1fPVMgNBTS7zbCZ{s*VWaPm6g@nsi?&-<<P4V
zS6EqI7WF>LkG;Eha$dOn02}YmOIA&B@n4;BETyHTQiI1^6MS})RV5`QN_L0>E-tPt
z<ur;157b}2l%=aEFAr0o3S90^P*YWv@EIN*)lyYm&oK@);YzR`Ej--Y3y+TWKQ3=+
zX^A4?S%)}ceJIbL^4o}2w_@{br;$)8GBlJ(z-dug>|(gTe|I~{k5G@j(*7=l$d`BT
z-a)jb+F4oM#=>Iw!;AY9AtN9lASKnpUQpM?nbb6QezKDG=g~@U%EtP0ug>86q;^v^
zQa%|&YY*-OA=`}}e`ePocO2fSOW?K;_1u%Bi$NO8(&42Vm5vb*5O|Dtb#2W44$!T%
z+lskSwvuGuu$Cia6WAXucG*7Xu=^xI!OhuuXkdVPIaSnGkewY%d1Y~tRli0Zxt@W2
zxG@^N$HA4LkP+KqN~5o)R;t{EiGrl-w=9DYqanh7rAueT!pw}0j!r^E<YKj?zunj1
zy7ACasqN37KYqwLj5(tdKRN~mJk*K5e~%8<hMtf_^{t3`?wOwKE%7^KWo5OtwbfQv
zAF2|=>c368xwy3C818WI>~y23r@Pys6x9xeTH-7utiu!@JHM79<j$^La+8q%$rG2M
zEJgl{?WtN1|D)lS7tx_nQS@1qVt&FVt@ng|57#xkz0Vq02vKI$Ol@q)h=^n*Ey*en
zH+#SS_(6n&Lp42ep{f6VtnunnDD~^m+C6kMWy1y^&$Yo!8iAywq-Zh$JW5K#7cY#g
ztOQ)whmR6N@$vDWNl2)wsS!MQ03irjGLi6cbG-bn@`sK^`FQrZS|(!Rg!E@2m%B~a
zRl-k56!}A)swZb>XJw)(%*@PGa@4J@H*Vd1$S){}N34|0ACsIMiL-Zn9335vefKUT
zbxCDqQDGs&c(`(kAOSu;xA&2ayZbR32G)ZI52ylte0+pOL>f<)lSYdS@vSEsd}}{`
z94s;Gf;EH7efR9FsPXc-sS#H~<N2Pvm)GgWXi;2T+?vbjWVLgBeSJ_{zLcb-UY!T0
zm{?<0mb9XxqL$WZR~HKtldPsD1i9-{XPlgz9KVH+&pDx?&)n*2mCYDe^4@$)1h++R
zMrLO5OIFB3Lc;j3U%z4{8V4p_l$Vu-vP63BFYDKN#B`YE{`fI#@aE^w$8$+%P$qJ7
za%`t+;-tUNeG0**gq>z&V0cJCpsk}bK0aRfvRJ~y=4-RQ$g4krBY9d2BK!M&Vq*T6
zbw7TDDrHZ=BlN0Om6eOQF@hx_l4pF6$x{t#T-H8NKMU2yz#?n!?3BP9o0uqiS!}$&
z+@rvNPhIA^@fQlgWP|V7+E8|DYb&kHd%g14aqZI^>lElHJ~YiuyqtG2Z1C}8?eaf=
zN=UG>vKs4{JUKa`m5%&1#Hf^viG`&kC-)RHAu;jJ%<8Plkf^9AP5s7$JGW#+?*x5J
zNC?9Z2neXOonYW3l~@g-^m|!i8s;H)^TzKtsA#(fux!P?XKpd~uqj2$Dk}btjL@qx
zGc!MA)A^K|%KmYG!oE?z*!WheL7j&qv>w@?d^|h^lng)Nx*?&kv7;j+?~#>h78z`<
zuF5`%#D7mIR+yh(XE{J~9<yrfkKCPu{g$kWaztK1RdB3>on1jJw6)}knRkCFwdmXP
z5LQ!Di_zZR-cC<XuOd$hRlRxlZiMqnFEI&8coDv#`F%3}4@iEiK{^hOB2JUm(CDTa
zSS{!WQg}Pl^{~AWNgI8sA}n0-66s{3KL3V>@clnk<)x&gAeb8I<v)jR65k1Onr{w+
zqAbr^{dn$dGc**_CyfmUGdVeVx02g=S;4s5NKFmD7~6dtmUbm=Vr*>gi^%I?rkL-r
z@27*A@{$%$`Hmi=%*N6TQe3j53bC-{<>cg8UyS*mBQR2_Vmne(Q~mt>kS2C^+e6vP
zLC%*4L&}oL-v=z8g<!QjYii!0CHskBvPRg<KbMyeTYDOS9%ezrZ64|HtF<@*^WW*|
zsbtYgp?+;B`m1-lQ`OB`uHP7Szd&{Opc$}X&u?fj;5WK^Ol(-~w6wR>g(Ri9QSttL
zZ-4r;FfK74<YP`w6=QiJ_LtJq!4CY?e^lMvjz$gr*%}^XWn?^Y-`1O7*qW%+D%7(w
zF<Dq!tG1sJokR7-OEYLnny#=-a`?rN+iF~VesK|2LHusF@Cbphva>UQeJ{2M{aE@k
zAJS)edHLwh3@2XL6G-xJ2F=P$f`W<d&m_I>Vc5V9ew$&Wr8R+lXm+_?D3rPg_GTOQ
zc=_f{h-)agN=dv?U%W5RJ&kMf^CO9}d94OBkVs^nR?&35x0X*z+k0}_EPL2l=-SQA
z%{gk>4dsukq)0Zp(bOM3dITHuduXD<R$fWT4+?RW<AOscRMHkg?Vm=!FV2qLH~$qo
zF0=xkm~Zyoo&61W5Dh58tAboyACX8{G5ChPy*(lsDjWSDylukvt}fc%GydhJl@%dD
z!H*rL5Oj-+i*P+znVGoOMvsY}KYtE2FqTod^$`>kRu-0~E<7y>7eNtvdU{^oBk05Y
zOLI*jRj!iXDE*L6&rj+P4h~?q1%!mI4o407muhz!ypg-qG1QM9<>cpgkB<wAiBY;w
z%od4qaB#4(ZNW1%kF)}65c)TwmaQb>y8d856Bllzq)AX{(ZnKJ1R*xP>HS$~%$@nk
zzU?-Dz;t(aM=S?I@os5tg$7eoTf6W{>=KD)XzJpPjfNtMJI^;ZPuo$OdzVuec|vJu
zXc+jRrbZC=F|@bP>Oa0U&{tdd5-TbyntcUO`B-TK&(F`v$jEl<$3L^_PU{fOow3cW
z<d4%%-uvk=CxI76H)%jlO3K3ZEnFhqW}>2JaL@@_4hac~y}rMei2o&-GV=7)%gd{?
zy`AaNBXWKRqvP!<KKtor3x7yhcr{L<$R9tL-im+t_z@2ePvRz2@+_>s%EE8>d{13`
zeSHJ_cjubILXIg#yoRUWc{qq$TK;He+|epBP`qdPA(Ti%i6Iu7Trg1P@jXgWpQhmZ
z{36uUPZu#Cj*T?Wo<sMVH@9VuI~}t~o0FWo8&t^k<Vo|E2vP$T$yDQe#;b%Y#&6O6
z<*oa>Z{OwtL&#<<*rnL*yh8bvE$;KF3Msp1mtS$$q~C$#(L+kgv=1NN;NbZ^jwcF}
zeh>r|I^d&&``32Cuw;mTNt!5W+Sm@7??Y0U?&zQ5<0C9^FmL`*Z1eQ=oNvLImISEn
zfOh!xX@J*Z`s?`;>8g45|J?qJt#52Rd-e?Cn{C=_29+UJPJIh7PV)~w8kM>s{lMDm
zn>VBpv`js{$(|&>Fe#-pQCQydqla{<xbCj51b(jLs{`L55yG+o0B&t=hHBH)Ci2sL
z{P=OzrAD@c-fuL84{}r3l!KW$ylD=yXx4=*LHO05n=##0_7vQYA5#TuLu0NxyY4K_
z&1i1o;wWK~c*JtkQSY~Ur!BNJHK!Z>(~usJK+wa<_#MQN4I!&7bOsL8TyHdegbN(v
z1bZL-X>Skx@{m%K0S7bq9`PP5e2Sp!owTKm_4Ux|WdAVr7s&4p=iB#FJa5YZDqQS{
z4XT~6wY3d9+r*+E_1<5O+Lb|^RuHQEX=-wZ5^ml@GI_HgKVR7I90^s5k&X_B{NdQx
z*dHOan+Ptl82cB<1gjWPs~CO2b3;!%W)SoOYFP@u>E|5yk9TGmNm?y>lXJd)rTVCC
zijBX3r=zP|TOWdoLRk+Hhj?RaZ2V5<W5lE_ApwD_)ly1*UxNo?UU&a7QDnAqT1{0I
z4r*MBF(8F+j4zQYG?7Z#3(Jmkn(rV?E3ux%#>ZFw{Q0X$tQLL=plqP-&+p&9L2ZB=
ztUNHZ(pOFB^VP0g31qmq)D*jt>~76{vm#yH-S-S%W4d=|XJ+a*_>4jNK`Z(Fo0^}W
zD0%^+2nrr4)c=x_y?@0fjs-#<A=M5Ot<WsZdlKnCKGoOPpMQ6qMz$@SoSgeBeT;55
z0QtJQ-p9snqlAJwzQN((;?n%~#bS>O@)fhfqQI>feOpV*(Btmwd}=$v#0$A}O$ESJ
zW;L{H6d`tXzQ5CW)w(u+e}Tr98wiNUV}S;P&7<pJIDj<^qtJ~}nWw>iQ(j(<@TdbY
zuXa3k<Lw&{L+EsCy;rA46ZT=r9&{uF8DTi5Ta`1rlKT27yYkAMG%Il|TDf_7h_dGF
zq-NZSB?o@!-}KwRKE}o(xEubxyLERLpI>r0I2irz^)2Glr%%vPpjL*-Ah3)pWZi9!
zaTMoYy?Q12nBQUc7jz7uHvIO}!f(aJ%ea+Og#k3_YHKHSnBt9!NSdJI)`h);rZ7jL
z=|ld8#oE%c3Koq`w<0h&_>LhHChh6Z1cl`q*NssB=dmd%ijfa9UNCuB+%bHDlf*E7
z6cHXCicyu6n0T}`5t427B(Z(NUDAyQcL2yzWMrhn9K2vPJRy|+hO>X{#zsCaE>9Y`
zvj!}Cdwb^viu9@_$khMTBOyipd-Wjy8XLv@IC4BT_#7+Q7#UY~b~wn`g}%cIA`pmX
zG=a<i+-Qi6jg1}nUcG$zuQx>q=z?@4(c5RezXLG#_xAzzrukn!@;fHO!Fglf^^)~(
zhFmPv1HcQ2SS9<Vxw*OR?f12GP$jOhO_lYWMb1i3Qb=C`G>@qoR~GhP`P!w>!vW$#
z?*5u{C@C$yI6s$6ZO3cG)lySyiU6{4K2~Z081q46?RwptH`mD5=RPMend^q@bMleM
zj|b2KF){JH0h^%U>3<q$2>?_&5~DEm*Wb92(5-<%X1-v8%6=ac6Ji(Ra$EFlv(#!R
zOG-v&f%gcydeB|M=d2@;_&`!ail`y>;ijOdcwHg#?gaKXhv6f7aqYIJ%dBF9gRfhl
zt&L6SN&zqwQgU)zBO@GK+^1w>^Oe0cwWolw+b~c<nuxj0y8+mDb#*x+l@%4~(PLbb
zA|fIHH9B~!d(Y5@G&#Dv8<ttBC@S7ZGzaG8v0P&FO-(cb?S2~<r}5&&hq}7DX02Ef
zQc?im-yq8KP-{z%$NumU17aiWdu-85W=xXi08rv-@=%d}t=sIcx7QWqI7v`Qs4rOn
zUpfBMCqS4)9PDJ+g1c~C_}Fu^mTY7{K>!GyYcS<H`SljfBe7|YOw7**-V6WbHHO8&
zb8HUH`1bAF&!0cp@85~7;+?lOQ()NdPT-dOl{K_x=zB=8ZQAmP_2EWdQG-skQ>H_o
z2xoW{6H!Q0waXe_L#TF{B`)qXR2yFVX@z?-|7zWfc7O4`N=!^_j@5Z-XIJR(i$c_g
zA93o!9QWKO9T-teOw2v>XDTX)<({PGw;n*nXJ?IQj5q+rpCb|EJH$dlLdJa$2ne?R
z6$e=6CW!i;*6K0h24at58S_r>%e*I}zQOC4a4&Ur`adjW)x`^A2QPcTatiZbO88h$
zPmiR`a^P)zy36lDfW+}t9=bo&(bkrdmd0Zn^w6G1)qDl@rqn_08l*yKF(@Vmin*P?
zvtwf`=<n|r@jePwH!w8xheZNDTe~||T3LAvR5=g>ZGp-KP~yBk)BM$bz)!ymuWtgM
zJSKQ!41MMcg08k}cl<66wPJ8z0@{XxfyDAY+8o>XTY#S`WItVp&!{xJ_T>wa@Ru%7
zaDaT!uz>P$9YO)`-USxLwwvx{DJBUL9Y&@71PO$ZVvd%GgarN8t!p;8+VMFqj=-~!
zJYGgwdFS+SqoJYUPf7!bK%hn;!*a0P4&8y%!IRzPcuyHVQR{AxK~HGt>|KBPr+yS_
z!&ZH%4O~jIW2ko!Bsw}aMWmS9H7XOYblsZDocd+Tb@$Gl>C@E*@m)QgovJD-Ytxw+
z4PD)xo%8!AK>p@A+Hn4kk0++2^eiBt6hX7Sag`Shbrbjog%4hSMFlS-qYQMx{{9zr
zZ_}%*1^D>1sBm8D=(zQF8GyQ_r)Ohs&S3Bz)T#4xA7~<IXlP*^X0bmC3JS`~%JTCS
z^!0rquD7BV+fwd^hlgKtbwf`nDJeO*u<B~h<5tt+F`IJ+H(FZSu$?a(seyqvDJdz1
z>n-{ygy-Li*VVc}$A)%fQ3@S;Oj=s{;`GqkKIl5nQ2ITQQ<?P?rKm{pCvfBCWng5y
zLM}u%v#6Jrlt>mbN*cRS5<EmfxkPK*WWO@xK*><Iv}8gU5VA5cVN!J7K#`3pyokm@
z$%t?FUIWB1ny)?N-hztqhCSfSW;e&d$w>zk4?tPan+poIpgz*Q$A*r9;ul}LE2fEo
z@&+6Az~WlZq^#LKzp{ZlC<g?gWANV_mp5PT!~e1v|9}4SL3>Y6(0^SgYT{em=IeJL
zE-2o8E!}3I{U7+U{SZlV>&8=a^DJ?yUz8f^>JVkJbgEjTLlAbcvCp!HK;HDK`!Ij=
z##3o&^dO1!0n4qWj`sGi1D5OS>pSVf<g4|@p!QmrnSp%5!oosMo<d=GC6t?=Z_1TG
z69!B`M@J_iA%PCBV|=`(-fYaqO+_UJlwYVx?fIaTe*XOV*dc?5kB^(^9>N8>8DK<;
z8M4@p{QUgpArLY_egJuH3Q2zhMU;xa;pi*yi*^68@o^9fGx9b%Iy%x-b8g?hEuvd@
zB<yt%`aBar-0q1_7%@K?R^0P?pOd|_N6Ow_IYgjuLes#x{Oh(oIR=`1eK`a=fa@X)
zc_tjp3cIQ21kR8QiHRh_Q`7E@IGA?Rb#j@i*$N3XqSno!xa!P2qM{9LcUk8FlFTn<
ztLAVRHf$Q@Km$z{@vb0Enkco1ZVv|f1m%4?9eszHk+E%bv=aL+%A14E?(Rrs+4Yk%
z8=J8bGbmS}paKN}3=j8<4C>bheIr4`hUO1Iz$+(^hF!19=+&#3l#~mg20&)()1v&S
zfH;5>mY|T8o<0Z7cBak~pMv6Yqo@(2D&NBqEq#4mC#St{QW1idg&s1&!NC+16wNXg
z78YCyn=31$@<|(x-pAXnz#o)2d3m>~u7EK8Ezlj^>Jjll;!roQ?86=&Z;s&;5q(Kc
z&d<pi+ahR)z`&+xZfQB}$U;T(A87hlKqaiMJ^^AgIW;AAw#khZ0u|^D4(!zF`F<Zc
zIr-V~&d&1kLvr${eM(`E{@&jAO4;5X9<$9gH8mz}@8dpyrU?Z6TVXo^JZc$qI<u~a
z2=qaBbuBGI3W^30h*iEzLjzFq_zMdH{d9A4^Jr%#TFvidi4cgpXj-(`bd{sY@DG*4
z!$Z70O?CCf<z=_EL3(U#Y{8W6g#|Tr^*};}=g$*iW8&gQ01CmA2I0rX#%3#}JkK7I
zi6S8&AsK(l>D3Rf01Nv4yNRmmASm1}pbgnhRDcrxTuSN|b(#0E9ZWGI2s!4vVG>|x
zX9t8IGyTJd53qEDYc7H*AhUxi{z60Ju!Yc&DiD|eg!P@fcX1_@(?s<_UIP&`FK+{S
zFCykcLc-eea)sO0IJ^W@%<7sN1JH2B%dO#wp<sjL$$0b=Q%0tZGBA>aC%kPz#P{@x
zfB>;YXhg*R!2zh|uznY?;mxB|IGESVp{1n-?Ev5|=yiCd&DO&U-V^QZ?dOfa?QkRj
z%ZRzIe*%T}^62XF%s#Lm;5R>6FN{JOK#6_#?gqR$-?Jkamw<{`U0n^Y_n>GWvI1r)
zG=7SIb{Sxl1Tsmz%bF@y$o_oGT|G4)g~7E0j>dDm(F0I5&VUJs2n&Oxyf8m6$e+=d
zCMM>#`4TRw+<FvxXip+fS7#?P6H_RET}$*LD5(^}9yrvnVV`4TuT^7{Hmq|tR)e~#
zx;iore$Tzdsaki?+&sO!9ug8_+`Rb`E)Fj5^z>SELXM)oaak+)0*z+l%a<>!tE(W#
zY|b>!Oik4rHu_<v1Ni{_;sRQ*ko)!`!sG4Rx4>>39UUPkuQp5j01U(Asm5~P8>nob
zKR-kdfN5HwGChoMKuypsHkJZB4w9l*MHz?=^sya~Le9(GVej9wgXpsc;Ax`KzcDJR
z2Nn`Yc@%z1ax#eO_;`4`Z4f1|t*mnL^5pYLLYiJZCIWB_$);avr!OJ#2jD^oPG?_V
znvlDlw)Pm{Tn!Bkv>P`dVxaYADI^RI4<Agq&kR_WDJJpi1N5smKKMF3tRDCwKAtcJ
z4+qBqw3bZyc$&b@t}fzx=#D9$;^JD29`lnaX=?thobl7u&{$er%*f3pfh>YRfg%?k
zekVEhw-I#vjO^^QlM?`CB`@;<Jpw1|NfwChTLB3dL>bVKZed`=b}Yh=H1aeH024Pf
zq_!CAS2@gqPV(X9IH>j*S1hco_o!hONpufgG~L47yf=}DMMOkjMFoas*CV#(L!9e}
z|0}m9Y}n*?UcQ(5O9Q`1C3<J;dNJ?FDJ!?FLEO*yUx@@sKq0&v(sUaWbJnREK!glt
z6q$h2-eL#xrJ&1dKh!snHD14dU1(4r9$)Xep$XWwwA2~nno$D%!K4NmysE0ozVYJk
zpFhSh|Aa`m2ZZwW?WdSfVuAw$L1Ir#N+KmDc6E^Tzc?I)kxLT4<2)=Oq$tya&O{z-
zDAj&f7w%-EEzzccq(Bv>4b&{q$;`{Eg|Pr2NDmK>o40O>_?>&e&=63FM^$SKtqd7C
zxz&?#U^Y-z%Hc0?Y0&ZPTfzxME?rTm%%-3D^Ts`oii~`Kc@qW|5QNw4T>v1rY^Ev<
z_#jD?GgS@iJl+avMw1I^YG_CuSX7pky~r7E3c+5;?1dx(xd%3og0-}^_AK7eFHGLj
z*ti7BQL?CUbEsL@=ecWaI~mixvQJJ%_P5B80|(PVdHrO6Wg<_<&8@;=4wigtb{6V{
z+s-uT9)th>h4O)h*bP+%&~d`^OieAVg>G0iGH!DP@0Qiy>oB!Y%^3!;t~NgjQJ|7D
z49#sent_1<nja8Z*b{Z;5g5tAs{{oF0owlUn;8}s=3$D`+XyN@a~yOiT{X2>P%NWE
zAo>B@-&4-c%Bm<Un;j|CE=Av=2X(H8ZzlAUWSyAzVtY(;<(sq8cs5<>OjY=|b!Gp0
z-kGV&sPKhqFl}plTPaf&-UrOk-7ZdD>ui7md-JS6!aFNPXtCm8LU9UfnC^<_P|F#f
zpEs^+g2fE>F8!gt4k_%A3KOOA!9l!efiD8i%jYNiQoJE&r7N)b{+B++KP8NezKT;-
z0jn@FqC(I*IXJwm_bL~s+C4rd6lE3S&v4`fB_ybE<GR-EY#qH{1m46P$Bcss@<xvO
zI+S$BV17Ez;{V|V$jG3ZXMJUC%mp*NWC|jp)%p2%qxh7R{-+0P6z75{AK2?B(&~*{
z!nI4yZ{K_eupH|1+1c5(LJSQ6%4}3<=)VeEU5I)e9TJJquBG?nLZ2nl6_WV}fHZe?
zSp&a;(q~fq(nAAz+0oN;-(L?jZ>U9HKYsv>0NwTRlPAJ31CWrFky(LMd|B&OAWj7e
zHYzGA|3rHXE#hXF<lf=owVDW;If#%^IEjL;xsdnGxpPw2G==dLgtW=YNRGJVloaS*
zxDrsJkbWe5)R2lK7UqwMV4ejO0xx190FeC`1#@3t-}uiYf-X!AGRH?pSudDk85Ch!
zf!BA0M3@Bj15pPV0&ddKc0tchOnhx*^ah6}w!>p(b$uOXYIA3gh0AK|-K+#tL?P9L
z3$n8rxsG9ei<u5Q9mZ>=V>W>=l$74fLi6y3<pg91Ll*sl0U>Cf@w@kncd4*}#tIKK
z`uhv_>iIa%zuZG01VFx!ka!mqBn9;s22J#Kg~i3V(WJ+Rhpvu}2{4V7upBS50{t7x
z|JvFbXj{m~O(y`sLYqngo{j(g`;ZzYP4<?Svgf?;7Iym{`roCIDRIczjTYqO#O0&g
z^$<=DZN&2S_D;5i2|Ls!H#av(VOWNv!^5p@1B_YP0bNdAKsMNv+<biQj*jU=Yar`C
z3%-}YX(A1^A661T9ds0!fa6F2!4woEsSF?&^+AF%0*`cZy82X5ScsKI?v?YS>i*FZ
zgu7uwb2c_ZtS6}JFa?{n2z21}(fJL@@t#5?@yi#Fh1RGrd`4BK2kh}I#jlAH6k73{
zV|k$$L1fX;zbYMjaK{X=E|NC&S3Mf+qZ)8}J3IF6<z|Uz&-_o8;^A8C{{2MF#$mL^
z3JG9LPELLo5D*Pdo|^hzw-j*t&QvX9$sRP&Kpcc=B9PJ;SszKvxgxMGoE6NJr=&~)
zu$)MWn9#b`XmCn?{={Lgb0FA_|MvB(I76)Cb4Kff_n-nf{=%1O-oZ+39~>O~gRi8d
z^dFnW<lx{(1qS6WkDnU*eY?<m>Edz#sFvwLI3Otq_P{oW7fcU?2N2YXrq3{Qa&yBU
z=+4Kmp0mxe+y<^XKOh8sz}eY3CN7#%>=G{Idc|O{DIp=@;IR8$CfaMEnja;j<;)}d
zj;QxX*$f!=fD8$W+X>_Zlr>Hm8_?>&5W)p9-vXmxpySgut`SXhl9G}*5eqiZ!;mH(
z9!MCuU0XXcYye|`AtVv1e5^lUs815<zzLwN!}PeNt!*J0ie$5@xw$!n8fYBe5R`z)
zC>&{vUvJrt!mvb0h*YeF9S4&^In`&iA6gs!!-#TF(Le%+6rGx$HUOaa?AdpK1P=fK
z2fldulBj{P@W&5+m(>?4Dg)3z5%@=#>4}LXfiIpuMJ>Lz4VjxSLw0~KAgt}7nW-rt
zLg<Kh40U0GPZPL3Ssh?c25&L2XmM9>zB502)?3uja0bwRvVb#8yDdPypdmzc5hSPn
z^zq}no!qdz4@a+uOX)YC!c-Xu9NZw!*9V^wgC+>j6tV~4k#2<zacoEPsNkO(FWI}X
z9&~s8@A9idSS;LwdD`dr__k*Tf!9U|4vwAdG{5JHic=+K@+vC06yB)681pK(O92$Z
z>@zrxw#H%Z2E}}!E|;^D(?6RdfLGAT6ekbJ1YKmoS2Hm|TA7QhwTfh)92+}<=TcQw
z{Wf3;o}QBOa{6uFX%$mbx{xMFGxQi578W5G3_wE%rT>vy7Kn1^pt(VoBI%TV{YHt_
zqb0Fw$qPpN!VhZz8D<Z40pQlazyN5=fF0c(95Au5XMVnFf?lkxr&kAM9GWn7pdgcU
z^e)s>0G(i3h$QA-brD2NNAp<!#hH<kl?@fA!f99oDkb2uiW4NEUFGmfLxbQl3;iC^
z8&Y)OOv}9~wZI0TCD7B+1qKERgU<&n1TDsEtE<S96Ek!3BM&JY36s`H0pHUDC}I$B
zz+)h~3E6Z4lN2zaqmKd91`QeT1TF!=;a`$No7*NPCQ=kWKPxNwI61928ozxrc5-sk
z)clNOg}D|KsJ50C-0!DCfXH^Byk=%*!lj%YZ7n$PHwQ&Hq_UF_{xR=MWkble(k_1g
z{#_=L=#{-aC5-H{hXC<{HzouE1&3Tb5E=(`v5mF0fwco@!9G0wnTa=ci`NjGmNvY)
z9-&cTVI5yMP1p_ULRai&8pxx0xi~omphHpo3c@IubrI&e)p#??Bm4QQSLuLrua!Gt
z0Oe|#hx_}b<>dsPgcuZ?rI5T7(Une1&+GJIipd=3wbV(FjDh`4yV8!l_)~Lkz28OR
z^GpVM`Z;0PEI?AtLv7KNjMFX%AWQSjpx)!LoXkgXfJ_Qv21d*3qo}B;Yr4f-Z`$z@
zNC{pkfWzR*2B7DF?*IkW)d>rK>}_cYLK-;mcnVWcEJ|gn!m5H`0yD{g05m1U-rk@4
z_dJA2IDO=hEesy4|8h0*B=1z)PVh3v)%ct^#T<-}>&&_5k_ovfRMB`)-idw+>uczD
zLT}Iv`8Aj!*Brx8EG-g5<i>adyP%}3Oc>;=-mo?Vz<8X6YCxO;*j<Z@rgN@JUmpL4
zn%K4wW^V_Yo5!#CDu6|bUmm~Z{|5F9Q)_D$9L&$G+BE0AvAtx2&|StVY)NDMLAUVG
znU6`1kGHV00yTq{h6cDPXc`jtnrYE%!OMb&MgdCvE^74Xvt(%$<jpxw%Z%=B1<0>s
z&$wSpPM`>2+#{kIv}#*&0)_qly?f&uy*~TP_roM<yu@dcfR#aY?5*o6t<NpbhGv$Z
ze=oX~X7}WLa8MP1LCi(}iLnbQMI`{<mc|<lu`vFQlwk~G;@}tsY_@F%5E(eNprGKN
z`@q%X02R&GBkP}1;e7i1d3|lowV$Wgyi`|5hi+RLL2}5(o5Th#!N_nb%$x6CH3cgs
zKDjL>{tu{>2FOZyjcO8F*jBIbqD|T3C;t7DJr5tV;SFiRwI?79rn~|N#_qhv?js<i
zxxP*70U)k<xO?!o0MLm2_|d_F8)cR@*u>5L5M)Cy0zcF3l{Ek0H}`*Kqk$n(^$|aR
zRZ#>AipR|C)qixw|AkNTRwpy_e>o>rzcx0AMv`8&3-B);yW)!8?u(sENkn;LfN}g^
zGUV#G?-8^YuL8QSE1ANT!7{ru*hniBl$uvie)K!B|NCKYj-&pgV+x)(I9B!jAJhN-
z7gFMXX{BH7T@J4-+}X@&1Er%VW=5nybwr_}IZ|=aB79rn_`k13K8sH~JjHpO&|NZU
z3{uhPt+g9m36uVB-oAhTzPXx>jf}T8y&&p%x@*L@q{Qj<>)h~g(=cbT1`<>h@wC{^
zFZ!A~Hm|G-e*E}%{i_cnG+zF)<S;KCyAQSlC#S&!R{)kj$2N~>Cfl@VQBYQ$RmXUH
z=NvLvjA#Ry9z4gmk7jEtymrSPlNz)|EW7Xj^O>(DV4rvYZE}6usl(yjTu51wncc`w
zd72H{h|=vldeBoMabR>gG(1cqHa%qDE38ed{V>mNTF)?9Mny%%Fl~K>&whB7(^u#G
z3LGAy5gLri#uj}4noVZ|Fphx_;YyTnm6&pk_4l`TPbN!#e2NL9v2koSpZzReZkA`J
zwo1M1WvJ-&`pacy!{<Ke5}}ebkC>USnUs#s0{h}oE<QQAfXB~(!a|Ce-X$km8oTg(
z&&`+7T1A6-xy(|7A|my%AMxl4s|nXJP*zFx*tLvn>gs%sHQN^uvRri9#AEME%MlaP
ziP_noG}L{ZIFowJR~Aimu}e<Qc0#td@k0;plQuY#^5o_e=YRz+-thf!=|;di&3SEq
zy{i1&EX}@L@0e2%#!O0_O2BHiSxa&r^8Gt^lr+9F0NPB|Gv{hyH#8xUEh&~tFtNP<
zVr_0`XKwc%=ed%Sriw~&S(#6oSyocNt<Bc>I1&a%V`B-*6k-&-J~y||?TQ5PppeBV
zTwZx_;>nq>_P_FgX=7o1y;`H6Ab)+HH9CrH%B_71o+nR2vkhx0s3|JOY>o<&MpwG^
z`+wg-Lp%5Ny<qTCwBvZ@=Qo`h;V<l;nxB!exFynJe^lqr<d@wabx*Xq0`X4<+h%JM
zs3nmrpDKR}9W5;jZC+LuujL2Z7yaQAm45)GAXtfswPA}D6}LD|+7u5GU6%GTMVV`F
z(h-CGh4x&gn>ywiNtKnC+1hLpc~%QgU&&})h+X-MH55t2%F+>o{gsCY*s{gLyuymC
zW!sUMDw2WZs}$)!)~kbws3@uyI}J@T(JB01n}MYfd6}66siJVV`E0W-8lPrIx~^*(
zz|Q-vnd6OY@6+y`BtCyiTu1Kn))9B@SB$<+$79$Ollw^`qrZQj?53lcWzt_@$W|Sb
zSiTO%VP<3dJ2?0-!OYIik8%F*8T00ZhL)D|RegmxCNU9FSoB{YXPD_=pLBKY^yZk=
z{UFQrdVM`g@jm97Yl&dsw|R*Z|CP>;M_`8?{yCG$gNBmvK0O^b^@XP9oTI1Yik8=D
z1b22oMED(7m(!Ep#I3oxgc!v7c{MkXi>Ghp-7d<s<kdF%<O#QD8rw`Y0jww|aQUv6
z^#zXlaG#HVm%%=w<flpgk(G5cw2kKFRYUhNG9f6au1><$_0apra<=O@GY1FDqeqSo
z4j>RZJCfrO6BjS;qabXUJDE-CGX)>Y3!7V8ZNNkc^X57BqIAKwB3pJ&7?NLHHKYvK
zV)8o)dHFnKJ~nEC0z>EDgms+Uyj)Y+41djU`IC;_+t+(Q83N6Me4??mxLmgix!)XE
z^<4%FfF9_M(aw~V<OJ2mOIojU*XQO&fmPS}oWT1&9Z+$97Z6=rbuayhQaoQ$PFq_|
zP2Oh-bVSVbY~|Q(DH+G=0t18C>1R=*1z*U?edD`qFPzM%Bz~m7jl$7cysAd-zHQBF
zUCv^t_p6z={!y4aJUo0ZeuGy6D#LsMT3Z!N1<Ez#<kox%a;-tSIy}trsNo)=<`<~O
zJhpJpmxomFAuBYj1vq<raV!MUhT+}T8NS!$uTRElOc!NN#mHfAEks0}k)Kb7Q{~hB
z&k>UvTz;UG&VQtt`vTjwHa9mm%^=a2#>UJ{_M}}?Tk1q)cy%aztT>v2_2sI)x%qn>
zJj|P7+v5oSN3W0$1E^-olwz7%*{kboe7xcBEoJ5Wf^~Z{WnDGs6BIO6FL6x3f~|&@
zRFIxNHhK#c#V7E&d<2;4Lu*;RF|s2FC8YKuDaDHG@(=#@kXBb0IXf9tmX|wL>w8oV
z#(Za7Uw`d?iU^@}v%|L%+qqBKc`@(3yRIRa)RX$eYW?feiU9Pn@qhoKi00gmx5<UI
zeyvm@CjQyDJ>M(+P}-=N$`!Y|v$#Joj<n?|?{06OfMJC~nrNx=27>ZNgE-af-78$@
zn>YL*5M4D!@*?9ITu!~cN#?e0f}5pp0Rhg6{S_EajaRkR2drb>ydf8M?zYZum9(|Z
zgz`%!FQEy}NYIJ`5V_sFH(5`L`{2M+eVCkpU_>e+-eqCz@%{S+9ctN)ekncXr8D*2
z<Y$4~r8`nHuH;<m$TOl9(N{yQJPPJK5|%R!l*e0VDnM~%veQ;>7J(#%KekIdem!?Z
z@Bf=WVQOJ9Bg6B7ihfD^c_;V$_w<<JfO=Yq)wLl;<cSTv89nVY6K=JAQMP6O$9u$)
zKInkJSeTE7hA2&KpLM@35|op>E%~jwIx{DSSb~XpU5xgMoGdx?DbxJ8?lrQ>%Fa$p
zO_laxWoPF48g>+;Uxg!R65MBem5E9HFz<cWQbl?FMWUz>i}Ud|<$E%L!mPsgIInGt
z_D_5Sstp=>P6LgPwDLwHGC+|JnW>Aw5p>*(Y?fkr5T#rBeMWw*#-#g;Bi>Nk`$J3n
z7{mhO9e)=mx3wTA*XG{dhWd!qqg+~5bDMF047YGVvw7Ut!92;J@C7-0Sr5gR(Zj1=
z*4J<2?|qJ<4ovD>o-J9et+~0(w&b=N1S73k(!vKT!#S~-)D$~nv~Hzb+;{E}(O|#U
zeW?T8(x47md-ah6gmJrILw6S!IN@-}zNP%bmJ9{u7h}s`w_QTiuHIA;o(cQb>3T7E
zcjnu5L73Dm*46|BarBq_1{M~5hCf$5pYNS}Hr!qA8~kbsgLHz$mAgfY9Ybvveb1|k
zbc^@$&V5?XJxeuNub{|m<ner~461(%PVBLhQKPBrk<==pUN584dyjv>wf$!UyHvdE
zi%lTiA|e;Z2H)IAo)-THeq^YVHb!ap46kL=a^;8gnB&(^AyaEf7yKX_%*>X8ynBQ=
zj#Li7tR<Kr@E?2e8vbii3^>Sh`(s?p2)LS+39-s*YVatwx9;7)e>>Xlm?Fo9lrgqr
z=aq*+-@F4qxv&DbR7b~8-!|-LhzL_CYgSBIH$)dn!(@IXWAEOG|C^_(s_&XdfBXMb
z*U*4K8BfW}0^7#G^i}4`<BqPbW9zHVgM~a?n3@aZM2-PKUudg5(<HHy)TARNB06$?
z<Tdy|5f|3~9ZRKK+b--elZ5r99_hS-AG}cxstcFaB3yIwKl*umxy%~)V!kxnw?rR)
z_7$>-f@r)I74EO0aFW7*AFyyr|M$N1VGi$lepZ7yYl4D-w~9L@^x?mO_Z#gqY38dU
zEesD~id3qO52j|O^u2Mh8%hNeNZT6?U%k8VpeX2)8ft0=OMbNCxOKpGE)|j8<bJaz
zcVS2c1BS;*`bC)qQ<<5e`*LkbO)^#Oh)Dbi-Jcf9Y6Jvk;djClb;j{l8a&nHX*w(|
zT~0Dn)Bdcf%gFDWM2yY&m4<Q5E?AY&XsgM04LQ$48RK6{vgc)f^vHImA&=A=OBBIE
zn^tVzQ*(J?HN`%CamE=FgL~?Anm1b5))>_m9sB1Gd-O5n$xz-z-Yt>U%>*^=G41&^
z`FM1lmoJZ`!rqjvBVC45f7H4g8*d|S`EaY1zWKGJKTbo-vD4gPSWtj*a>gNrIr2Cm
zC+E>N1%BYZUZWe&qes6x20V|FJtgNm@Eey`xXpVH$OT=hGH9fxBf?U-%uau(e6Llf
zaI`(IFnkZV)9F(?aZ!2sp*ixf?0^tv8JN^ygs#M;ZS#!u-_U>oPPIFvo%hH5NE__W
z`vHf=EjBh#2k3}Z?`G4lxE_JUOn9=*Tj@X=v${G;{l$ybjluNr&hU_96G=bWS+rO7
zJN$2?pJ9q9%jNj0SwjshO2d+n)z#gzMMWXE-f^Le5&sn(<qK$SfzR5m(XVEwWQwnx
z2mE%KM>`x&xsFawa?hW)w|lfKIV~+M;YzSR%=`IO+(5~1*XYcB%-G^n+-FA}el(24
z%j_Taua(p86y_FkJ$?)TVs3u|*zosnJ6uGb@@Ve_u_k1q$#QcG6Zr>7JE&+)@cAlZ
z%23g~Y9IQpE<}#uGbl8-83Wjy77>Hh0;PB4??8v=g-(n@tEZ~!N0V(SI52iNG{VEl
znefCaH#u3)z^?ajLrY&T1ZFKjEM91+qzIcOW@g5<pOTW0(Ckc_Ki&fmn(N^~9fQ{p
zMk3TPZ*8kJ3vP>qFJGtvjg7ylrDaDFZ*0S<CWAj;zIX?0k-NB@hGk@D(204UR%K*J
zYG}BA%^54R;sz1ZZt6~7Z)dWwnU2fB)Os$n8aJSs8Pd@rkdZ7mR>6%ouj|j7ME>wd
zOEe%IF!JW+{5I#Mi7nN-hSJp~U*ey4@5cGcv9PdsdEIW^y0y}qx+Z4yD_LM4k$F+n
zNTxy;3sS1*<#{!U`QgD@+Eg8Zfv%c~t%zl-g(!0H=Z_z&tx<Uzad9bizi&`x9x2Jp
zi~R#{dMu-#m6dHwT#T>7RqAoZBV>gTH%qLxenDoz*1Di+b7%}^dVjyOMjU~>=#_+;
zT11aIM%uZCu8aj@zAr55Kj)C}^(ZR8)t&#k6nWaEmCKYjs|~utxXw6FIZr}D5m*Fp
zB{&Q+_HOyG+_k2sHw(+Anp=lS2-V40ECOE`QIhQ^^xL@ja}iQiPOh3e`)ggDo`AN%
zGg_0mW+bwzGxxcW&>0+W!VQB5##{)V?fm-(+Ip%GAq_(7A&FOERu($73$p)GE;bwH
za*NB0{pduqJYf8mmXYBms)mXXU}IBPpWWWkar@?Z0LGEZ*)a%F4V3sjc19CpSgE`h
z+yVmC;K~3U^f6I2CN)Gft{rVp53AQ)s0SnEi2zu%^mS!0sMYu3wbZpWwDt9aa9-Ql
z)wmtriEeXtabk#(b#(L>tMbRD9`3d({E;8}KHMkuV}9;89c>Ly-o+=e+H57`p%Z+R
zVsfe)YD1%=98B%lw*|mK_G1{8AdbMws?RZX<xxkRMw|;iK0;Mn=cSY9<WCm=ung{m
z5iRyBZA}AniEL*begG5E6w@-8BgN~?%q)J`BH2H_0=kU<{JG{VTfe163LHT2um7dz
zZNt>7qlqxkqh4FSu0Tv|OG~v*Mr@Z~oOW<Ne)7X&v{6>k*5<V&rkT0fC#_E#mK(r2
z%FB6{2$ra+vnM=++2hYxPu9xwv~Yj~xH2lAtLo`JG5Ym}ue^MvH|Q~ur>{PCe|(^_
z%+`g`$+`ddAfmZ6Tlw3LRJj9xD+5FK`Z_3i53diIy|%W7iv=`?BLTBoc)vUfS?$Xn
zw!(oQ017%)(>!~!Nlu0X==aLG<hio{TO21Bm)AQF=-^CE;kS|-m7p2GJWI;#mLb*Z
z;v*(8F?*D#U=Cx<xHtk#YSM`-y<x19Vkt}*fX$yiKaWFr=)Dzx6M_X=6gqG1w~}wg
zIk)+^lLZNqQ!gc+K7HF`4#VZmlYMHB9=MnUVq!i!y^-O;c}GvVXmF#X(FD%VQ$SsK
z%*$I`LGmdn)_E?vA0ougccgxmHhK(`T7!Tf@P)o@frGK8+r#XjA%B#fDPNx#{dXwS
zv@6`)nkQkR5S7%RUFioZtr}?~8#}wEX^P9Kc;9XOc#bQlu|1AMmqUIwGB=T~>FKAz
zbg>CBZ);<i^O!-&qkmuen7gv<ab<f?m+vW^9DjX5LC@5b$-uY1i;H-r1d#sK^)Ifv
zZpkpNaNPLp>8<?xnNEXVx%uJv;hnuZBN`evP{p{pOY7<)?Ia9K%`bxQClL@lSeU<h
zcs>!2J{^-EnO_j44_CE6!V>sG(;QvG@@G9-%<qmd&#js$>rq>(7}>tG>?gcDt*xS#
zOBFTI`<OZvPKbH>8*gU^zGL|6-0nXP9g1nD%>P(2IDSZqE78f^Ny=+iQBtBg`W4i6
zyOVH@G=GZO)zv_p+``<|?qE1i7|(uR5);zz%4`222!nIgN=odQ>6`fqSRraKM^S(I
zBR|8&)^-T-=!XfO^>C{_euw7Emqx}CgmTS<WDi`!9lpUa89Ux9|Kb)uv&&2QIE_!Z
z5*vIzwzeX&9*DDJ6HsSDu!t+xHthL)FA8dEyv)tfX*me{mdYF+au}SRte`HmR?`N8
zn2967F*LMfx&)^qc!%8o(p=H|`8m%x_B+}mXYULz@UyXDQkQ`E_zks3{Hej*Qde0#
z$Iy>cb)nkdiHTR(g%Ax$hvKplIM-($PF}9m+bd8lFj^S2#JvZbh$~T7QQ@aE4kLQc
z$hz?GlFiLgOzKHDx`9tQL(bUSjpUBj852x2D$2@+Dly5ITwA{byie|d$i(Q<Oxk}B
zN8<JRYfNf=eG#sNNE}sFO*s3Y$6i!dcaLykxrY=k4KJa^7)GBTueR=@?6eOItRZ4E
zw1|t6lT+Z}2^>K0?(PYzcB=@$l@JuXa5-Dk)YRb0ONb*Nz)bJV%}wI7$Gqu-7Z#}Y
zD?5^(T<-jL$;KEGL+LSJDfGgy=!hPZMFN6{^HP$3$D-u-{VrUro&<dSI3K@e6{V=?
zgF4gNs;Q(@xS;l;Z9Fe#7jw6>GrYA`TG01vdkOM<a(I|2`QPxrP#o2Vg02x)o$8V5
z<1EUrUZF~~cZ_LhO2h2@<riI1-=mDLKYs-($zVQeXPH$}U?V3Fd|@qrSEBvjzl@UH
zz3zmW_Ha{f=ew1-c9gRx`wP)yteWH!vKx(Pq0nu8aeuNhFfeoQRn~p0gFhK%fvfjF
z#++oIJk^%dM!voO2S5%NmqA3MCFB3_0<0Ykl~b5Dfuk;uS&j}*qW$;4qv)7pE)fw9
z4y|Ciq2F(?fD@!Q1;co-rB##$k2tc9JKKL@|77{$!}m(Pw{JUg(cy7wX@d!kE<hHO
zI@3SeWU!I=rjMw^kGDOoigIv_AO6hKV@yH8hGP$l%XPgSJyvj9cwSK5!}8wRjFr!k
z)mdf7`;L6`(hbMsFMs?e(0((9@{?<5Xog=IRZnWhoWo4F&UGUgNN5k0E>}WwLc&u#
zLB`o5XFpx{#G%bCa{1@sFz!thAoGzs{j2ujv5&`s<Lp(2tl+J%;n3ghv2ig3jeUOy
z|H9cOW>(g+;uC*w3z+6f$ja-6$l_kbxxRSnbEKwm!T5va5esdg$E5$m7%k*V8xza^
zRqL|Vkl6PZOdTD4uU}ga4jI<@BvhF92r?fwkqjKgv~5}_r~Q1%N^VQeT;Ay5bw5@c
z#)w-YaxyY}EG!E}VjN}`X5|%^&K?Bti35lU0Qq<C?%_)4T-nYP78Z84dt?@6H`-k=
zOg2b%mz0wFT#Szpa;RSWCu3CFqKUwsnwcePZ*zW?X(nOpBX8YxesUKB+YN?`in5{B
z_Szr+VOxF85eN?_6X$+e<-oc9b#Pz+MBnX$!W;HaX*&LmjkUFkMppUWr8c#=O1sM?
zZSX!U>~?e;3kzEdW8zyhMQ11HU@UT8pDJC@NbKyeY{ie$@NQC~&JE#K#xY(7j0_CS
z-Mt(_oFC6%o5^xnkJ^C=veE1CPR#qFtHdOMW+QS(Br7$Jtj8D%)}T9$-O}<hK%D#c
z@1Op9n<9KGhM)s8eR<jZ{EenblbFS0Ks{i<oHN_sCq7lrMfPkM)&AyCO%qdk?&9F^
zi}p3l#i8v`2a*MPeQowPYi9fG!E-ibInuq}o!=c}cYz}zAW(!W0czKlk3eYK!V)3)
zNuD%J*Jak!tlOzCMhvfjOcu-Vw0qk(TRBA%lLtOWL0yw7u#Qpjp{LH*WyPLMdH>b5
z^{9QKnc;t+K&z{3gtq<SXG;b;kv@bWs`OkEQ{YPI1Cg4hN=$sLMe$3p%z-x-(0~VS
zAe;*<sSc8oZe<DlFg1~y_(D~cLTq~f^biJX+r6HL>zR>}3NFL?!lKo&8oW=q)M;4E
z%*-XFr&|{W6)_UgZ?bP3h@#oUhX6bvJ^NW!2IzRCdsxBaFA%IK#VB|kJqmX!->*<r
z6ROP?r-VQ*Dnp!93lwp48T?j5rZI$Ne^<IR8X18j7%cSk+8_rB(-TuS&y~%#+DePk
z?)4V@KEeX6?D=HjyLU7aq1yW3pX?d<-WKj+1;>Elfby<uuXSMm>~AcOH|`cnPsase
zRik6^z+XLRkTD-)2ir#QU@_uA(4?Xw04{oYdFj$=b5&eT4K*zd=Hp9_pe(OSC<ldI
zbvm%{Nv!@YaPan)nR6BVCsd~(U+a9PsR7nyGbvBcgw(>+sDc#aUrsm>^<|YwTJ(Ev
z&3JqJkDPQ=YB=&fVsP28=lK3<m&xK1=id6*VQ{cCv@=^<j0jUG!Ml5jV4`9_$0hM(
z{4@E-`0~7^S&v(d8!zl&bpVYbdS!_x>~cotw#Fxo$te+8t_;BFMTQna{QNY5&%+}S
zdfpf^fgkS4nLC`Nj0Hk5+t|3cs<B7@#FdtA&B^KGFhH7oh>ChwC*kR-%_x)y2}*e8
z52;Ck@4Pe66ykz^%GxNfo3GWkK9iP}ofm>rQe2EbR@oFBE&E)7m8qTb@tfrhA=2n@
zm>`>5%UdI(tWWL*fBznP=HWqerACKv8SbFmL?TiJ#|10xLu90-?-2{$qgGediNtYo
zKVHoq;^5=pn?EX0`QFyvCAaD}(BDraOZl(c>Qd-P#n(5*104f{QFw0gpidIEDga{w
zW-j$P-p&`}8f<K~r;Ycg><b2x_{zaBhwI6ew0ko63rImnM;8z(Q!|T49|=Sl6_Oi`
z(j6!ehQtH8X&-Pxj_<wdr<xFOUI8a4qlgkKGwTy_%k`bcvH+QSIl2Vx(q-sLbo30#
zLWF<JOQ)tpphEnGjgkP9cv;!z=0pn3wg}15Oj7SLEn;lQV4OXvM^jam1|6fpC&6u7
z57X}%PDBeF7_qXSG$L&*C{D-4*1$hPI?l(j_`5FLlHMZ7$%Ek-03pDswUtPj{Hpxn
zuUA4m&M*c#+P*A4Qry~G%2T-X4d3Zczc4e)oUxhymYX#_JS>_1Lh>`%+tk#wHrC~t
zeq(G*Vbi@zIr$Br1)##TK95^p@AAridKl#M4tFzFDOfb9MR)Gp!824DF^B@cob~Hm
zR~Hu{b_HKwkuXVBwX?pLb?^Pn;88F^L7>!lxWe>A(Eqv3LM0CmZ`gycd=KK|K7Wey
z^maLlvjwLwXbhAV6CNwByDgz<K0zIw?cq0p-Q_noBS*&o5m&}c`8!VwQLxak8GX&x
ztM{Vk;LAQzWQ#I4qFF2UhU2$kZ3@TJ$@fHY;kql_F<qDY2ZuMEHtgVH$sg3#Ys2NH
z5ckph(b6f*7v(Sb{u|-W&5zvl#{4&Rl+$K|3wC9QUz!C5K{+a%2M-_q05@nAR?I&O
zv<#j5r8UJl11?{IqWcC7ovEF5!R`6$<eMl5n8-L>(Zm0YM!zc4iF%KZR5%iSzX^iY
z|GRT0A?%H6^sw>Mk2)}Ft|hWrw1K5BQzsa|y!)-C-wI42FYF27+pF}r#}uxvxNDZA
zeP$1iTtTTrc_Yd|{vQnu<^L(6-RK_Y`>*dj`uaU{jO9u!sc*%w(fim;nxVG1IKbvL
zGc)gB%^?vHGt=3@Yw^t^!XRvHbZ454`H?<<SNylE>8HF8YcE@;er&k!_$@DukhZ|1
zP(&H(odV9dXq^*RZknK>Dc*mM;opjmKE&wN(A~Zn#f7r_9!MEz9j7%9#KRq{C-?T8
z=1p8(c|w|~MZx*!%EgEh2(Pr+D$T=F-n*!-rLj?UQAf&8_8txchT_tCxs{WHJ)R+K
z094P8)+Hx7I#n>*oUxLw!sm4`fg=N$9t_-cbtk~tc|6+*N2`Gfc{>EnHmQT*B`%H!
z3|-(x1kw(t+ricfO#t#@WOS4}q5D-+Fx&x7;Qpbshy_)YpYoN=9=K^-TwTG^J#Ar0
z7ux|b2}fAKKujpX1jldT1BpaMFY5_V4j%9(ZLO_=$#4?PnefpUAk>2E4#bL7ohvv>
zpbjo?HET4=e6SON^%~CT_a<<!092I!%nBcTp=4w<3w9nbqi!!PX=rLLZ*O11Sr06y
zBUk!g7%Q}qV-|g>*9QoSigv){EKLVT9-4r0D=XWBDGiA7R_04cH%m(oFRyu)Ne~r4
zNV-1$T2lj`S|F$JTbAx)P*4z9dy0!WB`}qT)(*gG0D}y;-9ks_<>A3S5g_Y@gPAMc
z2?01ze8@z+%AhgU*I$4|4oAZO>f#tIi1Do2-_p}x+1ip55*|+<&u2%p7*hv=H55`B
z%pPz8Z?r(Sa(+kY923r9-z8)p9vX6Xb!~~a2AdeTPN5QkCoHF^2;OM}JbiI70&Lc}
z5;H#gir`R#leusZabT3-R=xGypCB;Ofq9V>9N=(p84ha*TJ}=~zJR5IqcYd$O6KOC
zGQ`4B?dhkz4TU$6yQb#mcLcZG4w`yRbsK$UTy1SFoc=cCT;Er=h0}0gBB2Q+y4MOv
z8Xi4(?(AGDPW7KpUb#LlQ(RmO9|L9Re^LH_wRh%GO`Yo+r)r^9fwo!)5OJtlK*WJT
z5E8`-iVT)2Dzl<YhJZ4U(V|6*h^<j%j8i~{fRz~poH;TG8XyG1AQUl#nII5Ia-Z$F
z_MCgpxp$p)|G8`3RsUoO8TS6Z?|q;5d44+xgK7n1cUWs-_<|L8-Xfffa}Za-JKtkz
z`CceorbkVBy6{V+fgd^CM01LFw{UI`4AHphhB_*wu>N54`_dRDIM|^I@83rx#{)O!
zmMvqWqag?%{<>x_;#DB6!29-vF)}o`mGDV@PoCr-8{ZKNhw@rucl<xZ7GS=4a^b7k
z%ixt<kB@h#hzJKtW8qwsU@aJ&8{h12E7en1_k4A07aWDK9P)DA6iMq*+QD!h(BJ&3
zxw)B>Kc_4cvMn6Y8QIyF&Y#D}fd>(@Y54eaa&i`bHU~HKK}^MvxntA~ZCy9%6gr{$
zwSTf!#Eg-dWV`zcXG-N4*_Em*Y)a(p*BEnrF7#!bC~2X-F6(z-S=8>b@IKsLPfajo
zojvBz`qk<M)*c#P-!p$Q&TF*(Zt3gLi#t?~ub_YO<(W5Q;%?sx-(u(U&$pJpo7$TE
zayY)us@FH@Wf)17#6IV5=#`Lqc>OiJ(~?Y`P*~{UD@;grC<|$H*QU1Q?P2F3199a=
z1CN*G(Sp<sVna;<yJ4JtaSU$ui?yz;Z~(t@r+9jT^n~x83`ZoK9&oT?f@&x4Q94UA
z5jAo0_3L*Pol5-DUmSa#2#Cdr&G8i7#8eL?Zm(Kr+_>@3HTUY(t4m{^<KFM9ZKAOd
zYD1@>KqVRMLIZ?wV_4V&NqK-|W(o!duZb_x*dCkX+i??zXMpvA4F<6rc(p9pNtS8W
zp7<QP@LA+y$x#Pd@)J_eMMa^A;Ib1xdpJhD#dR2Ho`mB}L6yXV!xNMxOn$_}L3{SR
zz@9f>HZr2d7f}eWs6#B9(zfNxmf^i(L&C`nR?__lu?UzGQxt(FCd;?_Japcer}SD<
zg?k-Zq##x`sPmK3Hk{^n=tN7_Iw0BuQinBjzq$EEE(L>m8g>sy#}w--ckPhSPz~nb
zgWR%;xSeU4EEddF3{*I<!NM{-1CABu-)J>vdre#}3!P{gc#pL!SU}`Hwr)M7_Vrg^
z-J-*$`J=Tb_9U2cD7v(fXN$4njtHNBa+$SPXBrmSMbT^E&Bnfo#lR|TM-~WhkdcWA
zjv_^!iO#b<M8GQ8IcwG|AQe(8l09%su3r!6*k|(c*bc;fnK^?n%_4QjX>80_x<#W(
zR_@rbqa$LPB_TZ0c-iXey<{~>vrDY_jUvq*eb)T>`^~rm0pYIzMXI+tI^NG^i>1y*
zKVg^VY}54i9zu2_q4sT8S64ykc~XL4jpg3GY^{^nWTLFAIy#)x^5NnO{}rZW!k*<<
zEpwj3Oc1w+4j~xkSw&Yvpa}o!NYhzdN;^!U*a#5!5(9sM;{*V!YP_!dwr@6U7@QpG
z#sOlP<_l7dNG_d-@=dgdV)4V1*raGvsPr0Pl$WB5D%%3!zr-cA$;77Ni)e&s7+i#g
z1|ksxZUjG#>=ZhXuW>NDpPRdG)v7LR+=YFr^Et?(Ip^ELzXq2+=AVeky5w??y129s
zuCz?s0yvF$q9X@D4S+oGn_vLgkMR+)f~6W;FM=ir0!+d3h^<7OS%RZ|kf$&Hi@pr+
zdbS^_)m^(UZN38>hIbgdBHo-^EF8f5%xd&()MgD3`_sFf;C75h?`RM1Rk`xwjv}_M
z(zlmw6jTiE&`W|wZl!uG)^hYqUO@a-#Ity7vx+Pad=VzMM;@P>2ZRs17mLUy>(EV)
z7Tj_Uz4z=$&so1P7#KRph|g_FtOZ%1F{-d_r;semb}Gf`?UAquoU)XZ>{uszdqYa|
zMzMJ%=A<xoYFi|33(U4wCzCsFe^_N*VFgh9&z?Kyzj1imM1SZv)Ea+NaFi&olDKCi
z5{}AP7qd?qCSV=Vs%TKF_Hx>}GxEus`q*94`pcLtpvJv6VGQ;W(0lzx6TI#cwUE}8
z1Ay;vj5JvuMEqy4e3~j=xQ!|YfB*&~RDYKw+)ojnt5>YJfutoT$qL1FPL6l=6%|Z|
zu<7$$RVOc$-poU=wxO}HxF@2!JY0lY=aP15$@4d@X|dayZnBo+9IhGDiQ=8CRAEJ^
z1j2|-lS&2@J)BH8tU^$hJk6~$AX)Kd;ef?ImTUpOA4Tp!O<E%<mDWFa$A8W+yX%^(
zqOwxCOW@#Hrx?A0P&syAON-U$=uh(Uft3cB0zWHaa<6oCL!l_7bi8^r)aCcbj{%TK
zOuGC~k1|W9{zB1Q7!H@Zg9y2~9ueeYmtXatnQd%X1~z6;v%FJez^$iS0-J;lr#_J>
zvf%mTu6`_A>Sod6JL<>p{N!d~M6rxa(S`B;Ddptvp8qx?C3%et)lt(P*_;6X-5-B;
z&fTn%-I)4*v0``wt&r#a0CDzpdJ{pvF(W&^e7yMc*)l#3RF42lDwWIiy-*SFDfAl3
zyq$SsnQHIbp5Nb&daaU?v5&JObuQN`Fuy20;O=v;g7I6j)HpJ7ozXJdgXXSF{&%yo
z{3<CU?C+ro+t~^D`KO)X0`9Go4ykq`LkcotX#|Gmg3jxwqwNwLe5dZ?(wRPgz^*J5
zclYX5@%@m>CG?PQzrBmFA(B%Kv;mV{yTm<OH0W;HOXg$wsxaOl7zBie0~y)QXZ0o>
z<>7V~{tM<k9#{?36MlQeiiaEy_JARyQ@`(C_wqsG@^jf$IDP1J7+2a{bK!Ffn`jF}
zLQfMrrG^G>IGjv4mIAgeL*Y7bk<X8L=#`e4yc^8J5KJKfq(i2SG&B4JTLoDxWQSDi
zSfK0>bw(;08&f+6dveO&+Xe?03o0GULhw3=)?Wj)k=cOktLCEWGqdG*xjMtAv4k)n
z?2x=Kw8_i|z0=Te=1r6;l|t#ynksC$U4P)Xo10alt{0+qR)!-_fxE({gDfko?pbiq
zs_LKmX64F9uDM3S`klD>z1+;LyysB2Ib?7#F;)#1eh&`W?O2khwvuYt@S~cV8vF&P
zvXBF+H&H6VYcKMyL0~Bes7+*|K}r!#a|sa1WLLE4VTV*QVVO2|Zm}cuK!hFYYHAvK
zk!pgf{?(#Ii<Fcy=&w~3mu&0=ux;o=W+L3JHUZwZURx#%T9wN~`!B3Z*=L4A1E(8&
z_42?+;mVk$=ah^3@G&jT%tpt?P<OgxY!fBv8Lq%td(|4X2u@nWifPjWg-Cd0RHS-M
z#N#glsDwlbd?eO1WxeB7bd(#SsVU9F_n*G;F`WAS3O)j0Bv`pWm=(Xj`}nc3mG`$i
zjZK?I`WiEd0$0a#KXzbHGghryMYqlc_6YnRF6B~mw4gDQ1DHX}QZ`%pOl$13qpuA5
zb7!=+ZEpGTptX8NhQVgn#%FuyIqu<S^|-pZ2@bLf!#&~irb)&a=(Fh7fC+6w=-1j4
zxiF-9iI&B+rd}I<FP!(~V=uQ2l})5rdm^iWqvo4$zFD(|i5O(#eCbFm?OmFojzws9
zjNU~P7i5J%kmFKPu&b8e!2M^Lpbbpw449xuL@m*F--lEc(h%`<`a;wJ9xX_12q)$e
zDH<Tz@FxxK$NLmks?zM$zE)8wgR>r)RQ~Lo;yS#fypr~}@JJ%3YjXRyTenti-uxPG
zP9hSZf44FkZ$P}9gs%~CUUepNwgWA<Hy~}#XPphj@;G+<IMlR$Uhxm?yhu646a#-E
zYyZZ_Jpt`rV}1QSWH*VlaOHQ4n;zxy*DtCD|E>)O_;Y3N>*lE^NR1g>$e3%d@R0%0
zP4ohJ1Qc4nAJ(!F$Vj3|<hal!i6YT86eb_3b~QCM1^lt^3GM(?nZi%e%O#kvO{`7z
zXgTN<&ZMKHxyPm8Hpjt+8X_cj+^GYnJ~?l+=oyw3(rR7Z-QyGaxO2U!)bh6^uvh=x
z(s7{wdzlDNqGarA4*Kr9vu#xGV3s#r2w1nmjug$q|5zb{v8l}5UlAb|eu=Ay+Ep$N
zs+N+93X2@kc}A{3pp@i=utgh{qxcNtTy-Y!BsH$SSk{@Dnb<ajp9cR?6h=SM`~j|5
zM@JF@D5x3`CYnN85zBTQFW)k_1q(gDbpSU<)4C*`6E;3R_i)BLcj0t5O9v&FD1o^%
zNXDb|sAMb4Z7<l+NI+$s$ozLoL>-F|H}=syr7bH~I5*!rB1()yi-_eCPSgV(Pfr2W
zQZ9aPCmum(UE`V?7Z+#ki8?9P=zX)QWH<^}8RSVO9Uo?KNY~TP#m5eySEBJuZeKy-
zsi^%7J_-`0^%UL37!kC&318W3g=4=&0G@7b6e8SbHZ?u1!9-7yYGrL}TXM47B$m2V
zW~5|)E?yaRj}V#h2oXOGWegAX($8OOz_E72NvjDnY988muuPIHdx1tmb#Bi|&wq_7
z89O(>vV`^*6oshm9ry1)mT!yN7a$$JE#vPBI{kkt=#mTh@3cX)z`_J4@Xnn(@NpwR
zkIaLvZovSl+s^=c2h!7G3>I<Y!_d}RS68RQ0Eh{<C;)qdNV%dT#a?_TV$JPx(|n`%
zvt>Aq%mfxa1RXDJqO_wn#b`RabPyeHimsO}R=9-z$k``G7r-?Xbmob=wbj)ch;w6?
zLUDm>?yY}`$}2jF_?2S;<#6U3(RGnj+D(?MUcbJ-e0p%6y!`mcNN{g*p#AN0XV0!j
z+rW%-JY|qf6APU1u@P=0UKWvZEb{vUU7aVTLMthq!Kgs8ZFqQ?AR{6=P9UV_%`1IN
zy3Kf^Fn4Z(w#RGq)I=2ZlvOL7btt5`6a_^^DGpnGWP~`&^8<$*v8&1i&qsr?etlM?
z%MdSj=$E2R92Ku4Rrh!Ky2^>BodRp3<1(b^J8a5ktkc#PG9f^rn~YeftgM`wk<rrr
zCG#qJud;Uov2T60W{29^vhyHf@WLnB8bt38+SviH-D6W)sWY(@jo24o4DSrx{jsQ9
z@oyJ(Z%WqKn6;svQ(0Q;t{rgff=coE8t08O{cdEzUwEA-KNNDP<Q#n&o8rv}YD_EW
zH<=29-^<khY?oj}ai6@@R=glWr@eVl#XR%G3G$0-WnFEaiU35I#ogCjt$vQJdr{kV
zKipKVBAWfjk5M^#oid))aqn}P?d!VKm!NvPf#AtswxiIxyu&0{PNC?G_XAm(8v=bV
zBi|>S8_C~})Trng<=e~1P~~PD|L9%B{qjg;Tkhro{ooS6;nPhM^W|i=ZxC?D^b9Us
zbm^9cxAgH3z+(C2m^PeyAL_%uy}~2S31w_|m`WNsQuv*LXNPw^{!pbQBwtCi3wUqe
z<(;Y&-a2i@?^CL*EDqK$E)GllOh$&&b4{_RGFo#%H|=YsW&J~Ll-`Q^&dxnx-DwpR
zxu~dXXtZr=y@vW6(qdcL!l1c1S`l|pv5)miClr0a!^3#qfsC`j-^cvnGtJuU;xH~q
zEUR7G`Q5FOkul{SKZC^^>_K}{0=*;0sRE~WUqt{|ev;9+3K+wb=KqBA>r$N$$h<g0
zS+Z|?dd?x_I%f{}mZ;pyh_(FGqUh~cCpAVyU6p8jkzpc)A1(#57{E|%VB3Q4gmt=1
z!4#HGoC+!mM903(B_w3EPb=SZ-LH_bQb2FJb`9tfrXqP}7@`t%!@TxW7Hk;VNt2zC
zmoF<9g-)HwDYJ2OY(KRd+BoRO-n41E%tl*#`(>cNfYz)BvsTmEJcm`(HI7bxKSL}h
zlA{o%Q1WaIoAd$M1V=L<cKO(Fk?6;n-%KfpS{~w#DA~tya<5KlR#rdiv#OUbBZRL^
zV@$du6-m&akkuQ8xY)N^TSrF|WNm58)JUZ&Ae;?#by_5nBaMt|qXFpP?^P$KJEZM=
zzw+V7^A<%PM_&ouG@FTurUrA>>eZ0%RPlzv3(;~Y$;-|jOc=|`$+0pw?{6&}LNXm&
zDcu?@$9R3;R0g91g4r^K$}3hResAw$C8ZK-n*o!4;sPYil<BCMJ>BEG(srAhKL{D`
zL$yI9%T-he7Bgf6W&?mP2+z6bCW1+V|DXfDY`}A&(4_M{qVstQ)9a<xmo64`UZww>
zk#XtbVgHfWsI3f66eHIwIw0_3C~Z3Wlp&qz#U*Dp;H-cS$)wxfbKZfn&fL5Pz7uVW
z=%0VytQ0f!VC*IChctRiv2R+Vr~K!igSdti&8ng!u*5EOAf6H6uKzEpApJUQ?;!so
z>X&6-jN%6!$af|tN-@t-tH2~Ml%AHNr0rh6juCbrxkqLL^bd!<h$5Ua)m=LHP!O$}
zbMxj(NY03MqLfQWRY8Z}kp2TCK82{AY|y>3aFU{c!M{TC+LC(;sTLTv5+xRnV7>OB
zC&xBBjHTPu!dQYW2jN(-zDffI@R=YRU<sj;=2W8cwX(9}s8ZS=6gTqzu9PwQSjre$
ztYrhso^EwDB?ZtiqB#dT$RmNx-*1LJ9}_Mvr2wi2%c1mr)V1?=7dVR_YWggw4XEx2
z2{!vs&*ZRJI6+=Tp#dW>9YD``>ZCS$qOL$JKYJyF;uz};G+d%s)QZ4QChSdTvHZ6J
zTTz3#pb1QKIMG33BjYj`jPXFkYon^7hnCzH?2d~t7Jn>8fZsTz+Flwsg!0h8y+V#E
zo1=BQ)h5n>5e}(auujEcCpa3a3l<<!8*k%+)jnTY*PJ%?8hoEahwfUn;%paeSc8PQ
zfq^Zpe_)^tP~2QDlGeO{6p=e2NRdwckHy7vOYy|R+RpJ$eOmjhYjMok=DEMhg^a{c
zV-Qen^a~m`S=TonF?M$s47H;h*ajQ|rWkC#Jz!^ujSCF&Z9b|rH%d03;quH!>=jKN
zoQOHN?Ok(GoE9XfvH2HcVu;U$0H@+|!>xe9lF4LFSO`)SsKx;;AqoXDErL**u2Mx`
zjjzru8V?HpgjZhjdWs@8|6Nr&X)5l#g9ZQ<8X8RD7*|=B;*(t0r0w<M*EOPw?Lk3B
z5&TLxhM|)Qr$8)H*U>q^&ckp+ory5&>r-mjJZH<!uV1J4QOQY8lT;d;sa<)I=h>)k
z!N#^QzNJT$3-%6M@fo^HR(kr2{HGYyC{Q;WsNnk8b*_Esri@1t96EGJZgz!lUAbx3
zbNj%&b86L#YU5Sj4bj>*X*p&{>I&O!$4B=j-{)O}3TCku)EjrVq`%5I=+p|xnK<Q<
zeJ+Tqh3XA)ljk{l;w76}2*l7#{h5iXDl;U%Qvi&zzm=1tRd{4#y`z&1)qkf4!bq6p
z`c~_>|C3hpUypT1-y*>91xE|t6RK8AJk8nJSuXCcxBS3!&D!O<+F_N0yw59?yeSh3
zsg3#hjNg0Ym6ZlB`NIbveR6N^x@VQWzrUq&%Wp?^JmdfI<5GWtuKvn1-pzAlZY((Y
z_56=g%!i|P#ceJc_=kFqvt{bnv<>UHuQRhOakHSZduGY_Bo@7KH9adIP?v!0z=ESj
zp%RmIznr8X74Z*e^%*?*W5w)RS()v!&}B}~Cyw*K6Mg=6sQ>vN|NMIXQwjX@rucKs
z{6E_%9Q6zyy)>HU<*vn!Y^2xJkHe<O%K~jy=vG~YKljDIjsX5#`2V*HKQb=uAWrc3
zrfi2q24jeyKl%OhSXF5nS^Q$Wo9M*$?dyD{)29t^*=THhlI!g4albMcG(6SHD(6{j
z<9#loJ<vCoJ0x4~gcRVwsC69^s?U5|ji)|9H;hgCyq8c2{=1{TlNJ;l+~!+nl;Rkj
zcn}WD!?}dp!QK5`R<Zvgln?s=I0xqBI1Dgk$w(~puy6olASDGF5%8~EE+*fpbS1-}
zd$q2Km|;}E0Jp6G>M%jCYbp9vW5~|{{PhSZ+KS4$gvexv-V1<v0avdhj7`yn#9ycL
zJBnrqLKS}eUr(IpQY2_Tv&lq1Oq;59QdqkA8|YI`k{&0^6vK470kAs7F`&$2f)Zc*
z7Ja$hy?7KkH-x2WP_1gfJc5P}XU>I~7>5E%ynt)EJorv_HuYtazF9hEwZL;qS}Vkf
z0xpD4AZg*T!DDYM*m-9cLEH6yR7DJ4(0pM)yIxI=i<vMc<q#R(g#_Sh1z8#4WFL7<
z6JdX(`iEYDX_wjHBo%QG+d?M@2N59S<H-7M+VpB%VFjL_;xvyK5@|M<Tq{bOE3+MD
z1k4@kK<C4=Lcramg0rWwA5&;R_L4RquY!gNffRNKJT?GoD}>o_KysM-L4<{h4shI-
zqfbAxU?cG6-IKt;FA;qQ)J<ULZ_+W<Zot!h#Ay1U?dHRIM08zkR4JZZgB}`+3)s=)
z>1eaZUzw^}q!<R{87rE-*HTg>pz6H5zG<f#o-37yUK?f&&dLc4rP15ARk2Q-Lt)tf
z(xR?ci(g+udUs_k%(-ywG&MB5vqF1Xcl5VqxDirQUEyb`Gn%mX^z6gMND1jv6JNW9
zF%WIKwL|!eyzCROtQ>NQnOU`B(cq1ayZ&&?WUqt_3MSk=Nf5r}Sds|SBV1$^NVQFF
zjBp#(<(Lj3;fp99*2KU7OEC)*6wGs>$2jC-7Q+EfOc*FD;=z6(OnXpPCLMQ@HnI|%
z7F8mW>IpGfI#VYN!$UAu?)>Qi2K$h3-~bQF!`C(f0J%C7IAMJ}RwMG!K1l8M_F1$g
z7<N;jtRN7@s;hL~X!zRL-ae_6GlM=9V+NQt!u#;bn0|vsdCR(wQz040g3z|`HJT=t
zFff0R9J5y<%xIRr4FW^dwX1mWM7OjR5`%KVTZ73YEHSiI7=?lMf51%KwYZ}BLGT#t
z6L?p@(CNoEF0sMmryv_dKEjX;!1X*VE-24{ghDX(#yyQ$g{X3$IBOWsqoVdCC@$T6
z2X?3I?3d#wi!rB0kgu04C1_{@fnc0HOnjD{9I{X6c6dlgwlIY>WgQ+%?3gi$Es@0D
zpo{QT$SN#*mp~weG13xN;ttJri;Wr6#~K5?mjO|LEXk3Ia^Qk09W2?ahL#onJW%ZM
z&fj9Z?yC^hUEG`UgIV~@NF_ux%)~^`v?A~%9}~swV6>Xnp1|E@uf+2RfblYf>khls
z@{o5o<<XU5bO5?1){A%M>~T!IFi0#a-({ALeh$Rfje2?<9b;h9;1(g4sa?^Ifj7Ro
zGTX5k7>(5sBOpj9k+Sk;=H`Z=Y~kHNI|5~kEPA&(JP#tZTS_qTKq6ccV!XAb&hR!J
zgq|xWNV1V{B-2CQ`fkzBx|+y-FrLhGt4fQUAI(BHdH3#Jn8Trb1OT*;kx5GhO)7`s
zC+4z!F2r~%dXc8*xE?R(!D!WNMZ-?fNeF>ZHI@KlPFMQ@8&@&-)ej#&#Qf5nQRSIm
zkkoW+GhY!KVkzYKzS!w;L9gg(2miwzK@3mfAHs73LeSGg|A9b?0V)Y!EgVbP&H~z9
z7CiwbJZsO!i~|^ce30v!o8KwnCg~Sd2&;?R`Z}cIjx>wJ0swMxCCi1c_hRpJETp#K
z`4}-KF4fBgl@Ag8v9k>2I0TlBR%w`}LrPF%5*GrauyJUHMY!}SVWThbBtdwnij|VC
zU*DSgDJN^KWzsvP$(}f;67Rk8A0+#la6CkiXBKNXdOkvJ++yRB`Pe7(Y*{H~pEg4a
zwR3!P6?idlv43eLqDFIMWgW*t@|68SdWMAuHi?<Z!+haTT{%Co1_B5i6+~-0OxCs_
z2B2x2uD3Yo{F|~MCm5WtNj~q={Zah>mq**AotDgL83<PF%+6q(4JC98ctQb!%Cbr9
z6xk^HsA@wO4-|#hZ)N;1n?OHA1V)6gUz~oA<rowi8aR#H2fK`be-*A<P5}040wxQO
zfDc3{2rp1wVOIzaVL@e=z8M-C>gj33ZG;<JLXKlwHgZWP7=#gb&o0aFvW=a8{12;5
Bu~+~A

literal 0
HcmV?d00001

diff --git a/docsource/images/Akamai-entry-parameters-store-type-dialog.png b/docsource/images/Akamai-entry-parameters-store-type-dialog.png
new file mode 100644
index 0000000000000000000000000000000000000000..b51d4e57a49bddc5d3bbc18162a5b06756c4a9e9
GIT binary patch
literal 56043
zcmd43byStn*Di{M2vUL|At@mUNH<6c(j`bMAR*liQi32Y-7Vc+Qqoe=CEeY9CjP$f
z`{Rsp#<=H>`^SBUvG->0&HJu3*PPFMo@c#ZWu-+?k@1lc5D-w`hzZLhAlwdtzlBJ*
z;T4&x5_ALv5`;Ix0*dx=8&h`bSj*Q4J5=2-o4-&q7Ylok{B3eiA=`4FQzG=$Rudh{
zF5^(k^BC@@v6)vg_duS@et6$E>7jd}-77&7ukiEBU1z5TmRoo4GM+dzIG<MY98XSJ
zMRvJt;n~SrT3K0HTH@p5^SNI5!tX}dVU<%>jtmK5WMTOp85!wtycHi1AQeQ!TV1Vq
z^K%110RaI)L65q+y6+holy{BcwZAz-siNpoQa#1ROwS)b4$r55c=J}(l$4aF`Q5bY
z>L)i(4IcZB!GE81KS!a$|6+*$_fKEl*C~2eRaMn<b4ba^n6-WS$XB4K6>@fV_U+q4
zG#?#3y^Q4K{-IU@3JQwV)m3;M4te=U4rYq#>Tw|<$@%%F@82io=1vZ^-a<g=2#$+$
zK07cpG+bTmiX<Q)@bB*F?BsI2uon{Y%*@OT4}TjwJelw=G%9LzUaR>Fs?ntfyXoXl
ziNmd_n#H&~_t9E7WfJ)=JBASN-w%4i*wo%`u+Sc&kSSeOUJh?LcE59fZEa0et6Ztt
z<=ocVn&q^AXy|d|{?2T(uJ)%-pRTViO-xLtrl#(r5&kGBa63OT+4Hrr4=JoLo6)Ry
zt`brTkBnqDo35R%bD9_%tE#D~sjQ5OjYY>}S{Tk#yDQ+Uo1d4*>wIGF;Nak6Ts^fj
zlVPL+-&#{1jPTj)mVYak%bB&1kdTSV=I(qOGc&XI^4w<)HMNP+QTwxl)$-x;39J$Z
z%~~;OxZDQU%j$3x<hvf_OW5d-nm7mpBO^z$-{#0GD2NOkZ%(jVF0^}icqp0fhJ}WP
zW=KZQZEnWL$4gPNv9b9{l6dL$Cd5ZZin{(898{2%UHPHyt5Y&&G?H&)W##|v+r>p0
zuiKULXyFG4r#W+urqvfXMy-C28!q<z&9w~-R{D~K+|D;Eva_>$XAYKOIJU=c)&nIK
z6%`#_K&FwA(Vg43+Y6--jW6V0zkaQ$SuaIvX4Sp4f2y3Xjw#LQbY!fiJRmn*pyhVF
zrLjlu*_hOCupo-#UuL~J5RvM-E(KEs^Gx=20aqwlcIR$n7aa{v)1axT>DAR$eSQ5?
z`Oizn)3sHppGJ|AwcIYldza@8X~Ma5+cD_q=q$H7!l)AY-2yWQ2L>YOHE5je2E0ql
z$_%el<g;|S!o?{DhlYk~O25Itd(_uo?Jah7yqEl967rdjfdLkt<()g8Y<aakmt%I@
z(-Z}(?__2B@-=F_JQpJ|pFV}Fq6~A`TX^H*;^O{l2R<B5t33A;kC>Pk506u~Jy@Ei
zIZv&^JnVCB?h9$mzz_VF2Vv3Cc&2PWQAu<SuDOcFHcn3LdFrf|f4BPM&fmU|h-f-l
ziJ8f7zk@*B8(59EhS8hAOP;A!YtLx2rpWV@kkHu3Xu@XkHiEPNw}6011}*8=2889i
zcYl*GFl;X_QcMqBzA*_LTkcJ4!+MD5*{VIe3X@5vQLXq)A69#^kPjI-c}a2c3pzR~
zshB_NSQggS2djgb^YinI3kzq*+YPpx<HO%|kGH1mJ;c)?p7BOf($dlp(FiMzM(EXv
z;8JHvRJF8-F)()EgWtbnbH$r}{K)Edb>Vt>7J?V}lp6=uB*xys!8cgn$jAeIeT8LZ
zFc%aPell?!n3$N1M#C>~adG+i8(>(xf?<8+<g73C#PU0zyvjE@KiWh_My6HD4Gs_I
zwO+wM+jP4+rHXd%(Ie({WMO37ZT3O;^YeR%sPj9HbN*KV7EuWfKEC7XKzes~H)ONN
zj~_pM`jnlW-OS7kazu4?_1he!)|QsPkV-<jBIwpf3TFHs)0%fqRG7)cbA<;7|C}|?
z&CMlz`V<nRnt>mt>Cs4EAIbL1rQh*Rs{<5lv3Y4}UQV}Q6?xGf6R;V}%E|2>9uAF+
zv^|$e;Q0!d85sDxqob&_RF^55kB_fO=T0ooADv&{RO%dA`Iy`;cH3gv%`7b~pFBhi
z>rgNI6b>29NctNkoT|xG^<x<ZjcV(kpKmR^fFXea^$O0*%L@wX&5(*6HD(iR9~n7@
z6+lW#TA*3S#KuO%WxaAd<HlflFz)De3t<Lnw@~VL)2)e?mb9li>CdRB)Kpc=nd~5~
zhJ|4z@Y!y>d-dv-x;mj?`=39Gl_{R0QZVBF2l;~rEQF^9EUK24OwtdLkVeZ*)WXIv
z1Z!+JRcq~w?B5`Htc;aVC1{o#j~#7Jh%oUu?6q`uii?W+NIs{bQLQxppsk%E_M1+v
z{N&{1@2ZGDj<>h>*Sk&%3JSX)Zo|^-iew;W{iFz~98EPxxnOIgfOzbs^x1kr1NP&`
zxb*72{Gl2fFoG&Y+TLOnjA+*|QuhNRx$U+t;5{vNGh<_?-O<dbsHhnk8Du5u>gu=e
z+_B(h!%G*#!NJk*O<-kV!PcUx?^zql!9BIOIN61)@cZ}gx%nMP#jY1879lP7(TQG0
zOHQi0Ep_9CRI%W1{%!Qk&(A;63G*3mY`hh;rv}&B9+KQ|&=&ZVfX~@Ji~^TZy%!A?
zwe`^0gJffKbGL#S(y?VXNl+Vk(CqJc?#LG^+B!O(I!A>cnuULVqNUA&3k{3Ex5?22
zS;SAw>16rt223MS&`9~!1`00y-v>0|P*K)qXWjWTAY(foigPTRHC(>_#p&X53FT%k
z`NP~fIbq>0wb8Ee+}{3v$10!8nXkUNtt}4PC<j~EEj1aLppC=HIw$rq63IvT@$6%z
z(nq=|3W|!@GS6aryx%G*A>TKi<(r4-)~c~ZbraJ4IXp0c&tXoYvP315AS^1%J~j}D
z67l`}GeYV1!tXILXM-~QUm3igQ&Ynj`&>ME^r-mL5Dg@3W#ti<^P>moD@J>(thK8q
z6Xg%?8(WS*Wy#E>8e<cB#P?@wYm1eY6+(R>gjC}9ta)u+ozbUHF|^KI)YzT5Dkbfg
zWNw19v$MKHOanR`?_*<PLNEE=ym{kvyhV{YVF6M5*Q%6MZ)9X7jM1s{`}4iMy)Y^n
z%H;%ZyTCYlYHE_UtN>zuJ|-q64vv#X&--)hJeCVcoKGJ;dPGPF3zgS!AWa4bu|iBI
z&*3u-J^dDxT6@Qda+9K>qV4HA0#3_k(qkq1K__JU%e`&~EB%m_*o;SIWo2J!R$g9S
zq97x;oZsF_T0cMD4kMnab5fR-eQ7$$u^Z=uPE6VSXbZQ!y`7}soMY*up5D>=NRW8C
z>brL>zkUH^pnCQ!*yw%HJ4jOZ?%l(pl>GU8FjIzsn)+u~sGZ<LL~=MC_}wrM|I$Na
z9=X(bnNj4)zSGyQUjZ_ho10fU9@0pURokq?MYlg>WMqUdQc_Zij*hOJKy*9A!^3;<
z-~oIA)ixWPbzf6*0*m3mS1hXba=*U5J_!8QU%%#l_RgA1$8!y-ckqAxHs;Ki_=1P?
zSyOAPNG<0qR3fMw{y{-@78Z@qVX6IO$J^w)2~RJ33N`0v4r*njdMNzY%sRgwdIe`^
z)8M^??ABh@<Wddmwlbwdm#M>%^8xz{axWepo{fzSbB)dAM7Jy54_@nPO}#3tqLp~>
z8$Iq}Ba2klox#<Tk!KsQjF+2CKwXKX*T~MuIO;g87=pC7)A9|ESzSXTJuM9z8~fto
z;%H+G%H31vLpv+08mD7=|5jua6mldo7&fRUx;yi`_H?<4&Io1@7mkjONXan&Vd&fZ
zE@!1x_jdn&{`vDKWn!%sq*l(P<TndHENQ|W|Ngwi<MCnVZzF_%+p3(L9GQM$dotzy
zWpqLg40fZz)dR!9j9KAX0`GDr7M7Mx-jlbtPF^5Cc+mKKj%xW&mcp(;aAf55;fPj;
z^<>`Q7WqSj6CB^5N4UgqrUQq{KRm?WqG*M}nVOP<A=rez6iVLTo+6v2Xes+>3k_R^
zDtd5oGEVZ($VjGq7Fp_`2$CHlHV%%TJ_(Xw<thg`xlrwsrdVoPS}fC~EeMuOK1HeN
zVWjQK)PIM0d1q%QTvl)}#_sSrPT?4=wu{Tl4mmU36#L8?B&d~e5C!4l;hkQb?n8bI
z_K)Lnu$-=S=%EwiBcE<?bDLGpL?z~PUj7|#&&A3*^y}A`I10-j9SUTWlwTU(`+l$O
z*sea*>xuF9*?=s)dwSvPixelFF5mVIk31CbxJL&O5pm(AKh(iqeuxuONuKvk4i0kE
z*dZYcn=7NHCcFS*Px@0u7ew9M-1z?;vySLv{%`943hE-{o!G0+YJB3%L?S0Aw^Vh0
zhbMq>2k~JPo5?uD?atf!loXG+uItElG-NmIz?t}DRt8ciA~7#Nc$nL9hjlz#AEV=8
zJKCKWoei2hpHLUBf)td%>olCJ;u)I+by75ls19EG@q@a!nT(b7?a6yT60I-fd#K3#
z%ya`(be2E5Iy+UVPxb4c>Cd%%t$gOpcMWH&+k65+1;|F2$)E6prMjSohDJ@$ON69}
zuC6XD^ifJmO8aM3VkX>FRG9!wO?b}-(j^kRo3)EH>l_zXR>Tk$(R`X`&D#^+&x(G1
ziRkGb+vctIz@BHC$|t!4e&f4$e@7Cbd>dY#9X8R8e)#YKKs_9=sEPSq)f-%SPbUFp
zLJfP2ZcoO}J*T`A2s!188LJof64s+f04DX|LmxkW)Yr$w!1&y@E0^_$Tr`k_o12z~
zCh!U4?QI*B?U%Tw6Yq+&TOm`6F#X8RW~=%e&uwR}W+5!xQtPna?)fTR9#Yv&D{@iv
z<HwJxD-Qr;v#+T4^tdiwKBnA@^Jq_IgUA=vgGI71@0>>Ib5)k$;nB3v5w`o@pH?~l
zV!xN4L!<VCdYVZ_c{vU`W!tg;zm#EGke?s8QS=y(f_@L-osNzUbSAM%)7g$}0vHSD
z;!;vlc2^@2bZYH!_RsLg(!OGxoo_en3X6z%??}inGA$pjk4Q*J>{^G(uzw}5=vv-i
z?v553{s|>?m$`lv;&~T~Lw5;s5X#NrUs=gvX0{Dony=_Cj&`}2o$-0F)EqRhx-WP3
z_qhRWe?cVxWF~=eckDOMhbAwJ`Ckx8#bd^M^*+YkB%bUlFCm>yHv4Vg+4&7!a=uE*
z667wlhYzvq<uG0!eJB~*uvs4tar;im${J2cCzjg3(}-PfNWv~vzPY@x5R7iVZ(j?s
zHfso2H)Lenm+%u)N?U6yq~+Nrm{jMU7}mBR;_HhdjfI~lJ3Hp;%)=uicIM_7y$+XW
zHhXE0wpzD`a+LoQXF4yRBqSu9)TPbk&FGq_y?*@*8Z8d>^4B?QV*p4O?r_47;UL2!
zBO^0s{{RgJV2qyb?zp%(^Y-22<KFIW-Iq^px}^eMSdz1!@O+x__+4vjYMfkM`CJE9
z!(IpAFV4+*)I0+a4;{izrO~W@7Gwhdg1j(FslCI))_YN$R)9P*zkK<Um`I%1D<dU!
zxU+-dKqgU3mJdr4_Zk3~CIqYXitO(A+jR(F7{gg7-w<+9=@^#PsT#Y5og7Z9C9yYe
zLTt)*c6Oktcq1VJqY-EPnS$U)$M3&TIU$%MUZ<X(ojE!<Y>pP)akCo)3=5gc-k!r$
zC+OQZ^}_c8Vd=2yo9bQ8cX)-NAj`@IXJr|Rh}?5fcE`Zywtd0J(bO|Vz;3FjpfFMR
z!LzK4^|ba7Drj?aGwQ>Kf<i(a`=YgLFD!om4)c&f;7i=z*r+w=PiblrB)ozV=n&A|
zTv}N%FfgE=BpRALZeQNlP*=yHSAVCZ^qP;cAClz-uIael4RrPZ+yDop4z|-z@(|m^
z#EH-_lp}5o50`k;;wfZEV)nj-9@P?G%iL~bR6ujkY_f88c^POHsw-E8`}cirdZ*Re
z+FH;1=yR>!^8zSWC-dlgq=bZd-gl0INrl>H>lJB+dVA4j_D?SwuFj00v*NhI!^ii#
z|Hxv&Hw~saDJh8!71_wrWMQIn)c7b%A+!B+&-<6IC$sk_JNy(l2!EsVUlam3n@w=C
z#3oRA$(QJMy7$o;tHgX(kf|1W8{_fPuY`d+u<%gOov||V^QHN+ywfu?QSNWtRL=sL
z%)!+KTzo7ntLrNl9DfQ11~(|dd&0GL+nTRlA>b9_(y6jI9;`$JK~st9pbNc<EnF?z
zkYqH|qSaQISW~7E3L^pWsgMs^$Sr~fNko~_ZKOL0^_UM4Q@!oJuCK3GkiV~>(Hr^m
zC-`YJv_6J==yZ}%FWtWtSC$k)?|i&HL#39sTfA^5x9MhtW;2ZG=<=|rq`wjK6S*0m
z-kXA@>hA6i2=Vcl121nKgdFtknw3X9&=JF{56}^R39L+3SuNDawp=gWUu`3HdloCy
zQDG8x+DgTzasrL^)#-8~8F?W<7C<xRs5jMPeK-#bQ03O7PFvvYDil4QsII9g7s!HS
zv;g`lEf@VNDk^qd9)*ifRa)qvq}K0ZDc!6~a_47|=pYqIMAC=wjtvY9koA_$@2#w@
zLD{wX^$o8nz8-k0OqoO+SM6+Xp*qMZ{8uMJ_7)eiliLl~(}EqXBa`X{4d&Zro}NNh
z+b{MH4=H+uCTX!TG5agbv@VLKM1f=*&okMkH@VLi8y_Bi*ddy^w!W?)FaQ1f_i?**
zccbX%&!69R|2aDP?qcyt6Z8;3>k#1ML(8f9`}ytbtRNs>AcpP!hP_{0Tm()G-U5q!
z4)r16b0E|13cQ16u&+xKmRW49k)9r9y=ZG|D<DlSE-onfQuW{S-UI{$oSvS-f`>1w
zb3FWH`iy@|9q<q&vB;B7e?LEf=iNO$6YP}!U5j(<MFe<wtfzrhM_>K?EbZ*t24Qwu
z$%(`kY9!pQFOMDemn^C#q16N=01VcW(r7)vDTF+q8IAE(MuN`;!f)TcwXv}=Hr^;`
zxDu}yWTl`GS#TA6re`Pj0U85-^KR4qnZw(!1n(gthHl$5LUS>j`~u<gUBihPq+72n
zzt%=3bm&4_&sg`ngMeUycxb$nS6ES@Rb}~6MJ2krnk%e>5Ylwm{2hRsJ2jKu*M(dN
z2+pWU`~*Nvos5?)Z|lPc5t4FVbtA(6&+fF`P@=Dx{(t@Sm7^oqf6nvv3c(YB|HGMY
zY`vhMNYC-VxxD88H`n7S=~ECw;=8b*>p`+33Y08NBeM6v@Zq1Kq4e~0#wQQ&-Sb9c
zNaOGz0Y1@yC8oaK)ye@L9vmLR#5TNgQ0;SQ{gIUgwXn?3Pkg4{Wnwqn<_p9SWatoK
z0AO$54n@eI^Cc#RgpejA1GmyV8x<XGqn8!(ibPCW8b@YiczC$Kf3<cK2N$<w%$Ntr
zqr4wK#4-l~CUKkjBYb8+ZW}>UR8e_z%|ID;3f)e5{tewIohd3JVq?4;vwyIvz!kr>
zvO<l46x024d4JXVtjuVnUeY0EFhjfas*8@6c7JDwq=897qN~p7xIEP!Kp3!d3fwrx
z(vT4~x}iYvIXKoj9S2HhLh=8awmn+Z+}~exM`AS1&kuQ58=8uz+_t5)@87)}g|swL
zH`No%?r+@R(Xk2-HZ?zpKBuLH3U<Q)R#%fCh-EJ<EVTcK3M|mq0d@;&D6pjrG&Ee!
zCxt#fZ2;dU6m^D&h7OO9w>Qo(R_9v%f#t}`$_j!E$!WO|Ikuvll9cp*ywnidg&Vel
zNf#-y3l$A*y21>q)>-k#uJO`r;2U73Z0sKh2?|0MX%A9WRV^+q*4jHTU`IzspAChU
zsL;C`8fAE=adLWQ_>+gffZASPTT4kzRe3R7YB)GIH}~hyA3m$H#O8^K^V9w1OE|kG
zCWOAH*7CgEBqX0DIh~GP#7i?ge@==-#?9@tJJ)J!Yg>tkfrIm9|K#+PF<KG}3k#Z-
zxTvtO`Go~+VqzH#Vc_Qr3JSu)!s6qn05FP6NN|^T1B6H$T!jR^yR-AI@V)yEkYN14
z9#e)@-SCZ#yp{{Tv9W48I^@62_m^%6OiPY9N;^7k?g<!aK<o7M^nl`_tLpvz`xnY<
zQBfy*dq{e}qZsD_NO9}}{)93E#33H=W>r?ps?@KIj&j1aw%`<2tgGAQP?3;0EavX!
zSDTC$-lBrg3$3w*G70B^g%x(|4k96sy(|d^Tvc>bRNv|Wqs}jkyN$Ev(3$_#WrEPe
zeeo_hEKG<fxJ18~i<=wRH^@zt{QPcEBqAarfE=Pi4>V_7v3C6UF<q>BXSH#8ANVPV
zP6I>3D)ZSU50Bd+j<%MTdjRDnB_)3a5jQ|#FHWFy9k#(PP6#+wy#e_E6a)nYCnqQ2
zEtJx6Q4tYJ>gwNQh@7u<KYj#~rl+IB5So5T%E7TQ2WWws_@f~{IXF3=@;WNo_f#fa
zPT9@O20`|>_l5#@SKtQm1Mq}Xgz<xt4S24Zst~3JCaI*PBtBk4SXel043;+hYAB`i
z>+4;*Ou(%cXw={k5^g|>fb%z<;=1tvyK8?Uq0bZz^lCHJ&<(Z4Rs}F{E);tIUo9;y
zK;(6X(^i&}ovXcjXTSC*3x+l7-|<4LKCWxg_OIRD&$^9=8^7^Ak7k>Fe0_akeSjph
zInyu$l!lrb0cq){p={*>%{<kzPk?Qqp@M-e$jfuNx;VYMJkOMhU0Pnw%+0NZ0fqH3
zKCX)6-#WjGA*fbi3N!qK#UMB+NCwa~ENrgw(#FO{MH-twKjdK2(9qFu=$lm_R;C)<
z8p_HJp)0vzcCj`$Hvv&X*T2&SFu>5j;9u`$1Y}FAcAiE}x!d&>01T**<JC5_g4E2+
zR=`O^A-y4qm6VS5_Bx@>?C6N*upkR+o2a(Q0g2&P06~FP!?ZdhS09j~l2TG-rKMh2
zkwByBc0BTu)zs9qwPlljhUC$z{Z>(N$DT(<Mh1|no7*)&xoyy=psgi;{q6nBCy*YX
zaT7*5Jvq6HhzPiqUZr>em||d+Kwmled~q-+1CNQgZ8zXmpNDvYsr@jISU5PgFldw#
zCqV0-xB*Ng_wtenl8R-6crk_{nVy~obt#I=<`b;CDq~339`{gyWB{qjktQ4;*7#s7
z&pOw|=nd^whcP)87ZLGGy9nf!PQ8*-=PMv#K>ku!R#sM2^orCjdRJCf1_0v)&Uz64
z)%%h$$l|cdUf|GDQzIQmg0>OTsy#L~##&(rz!q9q9us5Z?nO%&lACo14W^f@wl<lm
z@N)(R{i1ibZry^UC?X;<K0Yp`2W%01FH`_{S&@bnL=XVM$Gf{(xw#AG9Jp{D=Cil2
z+(B3=9@_xCR%5p<9m^I#;u{+JNc|yOtcIfE_qaG7tEKLi7GVd6Q^<SJx&b4IOZu$1
z0g}^X@kfa_Z@z*wP+YvXIZ**!K>w^32EwBylmmUJ0gxHzopx?U-KG;_q<{4QKnD<9
z@BkM1qq`xou}&Z_!mlfCE-o*Rkj^CLvBzMr*_x~Zqy*xV&HHHRPt1qB+U6m_Y>buM
z&*bLh%zIaKTSin^_%Cw)E0V&JlJng*Vhe_+@zVTuTk2Ld5iv0|>L+lfATVOyEz<8L
zf?Tz>_NlfX`jHs`sL*&d9Zta$Zf<UN<!{3q%CrsYqM~g$XR?s5{sI-9X<>E-U!d{=
zXDkLZ8uNvA%!@-h^-6Of=qmZ>CS3?{a9(E)f;QoW-VTcf$>T>(PO}b@dBS%6Iht~x
z_t#^6&~xPMD}@XVpT|qjlp13FCdR_@>}4-baM@py;)+iQ32|qxtg4!&V{;fTTQV<u
zZFM;YEENfoHpm^;TrP)eLw5xxD=qFQzp@zg-?^nyZj2W%T~Sg39hoCU0;m@8((H_k
zSvfgQr+XBd;<_jI#u5VvcwRayGBYuio6Q9JJO^5Kj_0mG9G4BUzJFk#>*3m4t1)P1
z14>%k+5k$-9TupRASMpM?}GvY(3e97YNC`>Kx!&^ymXMS?@ub`cxec3E&&WE%t?c*
z@b6DMBHaffN5}0U<knnMJw2OH(;-Fy>TZsfV<0?}SU%D}KRM}+<HV}?9na%1FgUmm
zGKA2VhnzA6g>(Py1ptv3L{i{I=jP{u?ZFT{JUoQO3mPZ%BV~n!=2lj*tVR*#<!nC9
zjX6z+*`z{W{ssYQ4ZV-+eVjumyg-`+q6ZzL#U&k>+;=s$bomO<V9y#uGuDcQjr<Yn
z3}nQK5`7slF(g5QfwVWkO-pUzYo?ja)Z3>3bq3AAiBd;nqkx<oCTUty(&zO-=(UiN
zVgBd4U*O~bWdx!~hqg5daGVgoY;@Y%+8z^}=)`<Hprb$-f%c4~|5NmRi!bI$D(Fi2
zT0o1VleXwGVG07gfHPcR&q+=ea9t()oyae9gbeD^tjfuOZ(v{oyBU$-kL2WARH1cE
z9UUDk_yLXY{|3R?*ICRX(#M{tjAVHB;j5J!H$GO91fe62h}{&_s?JVic0`tnFVGL;
z1NCAkB-9Lr2u>C9G^tmHOycz9jw@ec5C%xOAoIiZqi-!}mKyZKRe?HhL5um@6M#r@
zL7lg;BF*E(ZfJQpIXOW-Y+FX3_J$56ZWDmdg5B<H^Zk%pWDuCIkUr|_=4#f(K%avp
z<m|TFOU1|M3IWQ3ZvyfXAVt%zqWeh%Yq?Q*si~fA_oHKDxw*KQo_qsd9%`CoJQpiH
zePD+!<R(=$wL}O>(zJpCVj?0}fJl&gh<NOGMvHWklara4u4&bP_NcG7lb5rIorWJm
zHuYg(F=ji5L=Q3+5~;HkDZ{I%nwoPciNF+_O;xjknui~tq@^{pkpBTLN+wu&6woLT
zq#>c^RqFTw!#T<f7nm}Cmu4va`{i;$M<nK_$3RL;yJ{#{Sm{p%4FWP&8(k4c5hSB-
za}ZFWj{1E00%R*J{1On=OZ0lkmgnAvoC9GkkuKjcg&SA{71ch)JF^S4msWIKB@K;$
zW<<Qv7cX8wU)b>w@;e+0(;+=eQVBKyC`>pl6WI(0o`HH!sXtp2ER!$_?fpV22#*a7
zZV;t`V?eDKnx=x-n<}5xM0*Vr0poJ&%;(t{#cfB=xA|rvK%{G|-QD<P`D-Lug&>id
zbKC3GerPyO(B_PR!?v$Xfq!>U>8l!!j*cMx0|6y1DcRDqy}P>$foptfeygv}<*Qxx
zUoA>+!LQKe`um^H2l2xk03)FZ-8~_C0-wu`a*RsA#silR?hj`^esIyK6Y7(j&BE&8
zHUIk)Iv2F(YS79;l81G6zNZB`Y)Zd@{_i+BB_*K#fY@r`g!$>XQJ|wFmjEyWWSE?q
z+V!2Gw9Bj7gz!zz$e7C<ec%xV+!rW*fZ>4F0Vn`90&=UZnwlB_D^}LBCBJ?-M0BEW
z7)`TyV8n2Bb%n4{P*REr3u`_`tt23lNz2UKo@sCc5CsYml*_z?1R_%!l4E>js~e*O
z*8JSui8Eimg6#{!?7ZCE9RamE$1>pc%>%|dJN>{NLG6KY288I2aF@PDWN<_TP6Hi)
zKJrZc?kIP)r$GHYL`Cg5BEW=4G&D41je8)?JM#eyTZ9Yq$Dw<qmBu>O&b>-Gi}m1I
z3`%6J{q7u$O-)r*2)i!F%lU|KJZ8O{yaB=rD21RX=^A!~^0-~`aB@0qj+em|?H?bv
znNh+L|Fny7yRXMaiI<y{^j5_yP{A~7?J-FgmX<Pda{MP6E7i9^r?&`uYU;pk{`d2j
zFTW}+=FMyHR7P5q-GF|ZaXps;a#&02`ltIHNlJyvy<N_&nTFow{Y>e2@eDBu3BbhX
z5L)0{0Z{CAc{l?3#Ms1S_pPTF1B?9vzAIB+heosV2McDs?n*E}z@&hJg-=98go|6@
zcJ0c|T?1zTknO5wyS}TZ=Wury1nYZ(KfJZAeF2O0Ml&yis0<4L5<AF-NDm(_?4N@2
z_3Ky?G<#U;u(AL}plCt^G!G0ujF@_zqYbE3u>4J(VP+-7#r?j1U7cxY@b+#6!wM7$
zAV};s$3_0p`Z8ax18<B+Mn+EHdqVX5U}n|;{3~$Kzz2s%M9e*eT$(PQ1vu|yF;WW#
zFeEBUj4igpeAwnYv@1yba~uYJNvWbiY>{{)wE$O_x}!@>CfMSrCr>`;>gpO95fBpx
zO$1LUJ_4la)dv6$L{d*rPYbd!b3xPeMPoV;^>vt{A$tI$YzYb`psH|jm%W7tRYszL
zgwQ%z+1l~}IS&q;x0;$n1O%}O3H8v$Oy*LkheCk>Lch<T^d1V%UpZrdVK5}dgPM2x
zdaRv!31(#P-@6AO77pW?`nvr5-!n6A?ZKqbmH-r`l8!4ZEQHpu5m?aA1!$1JwIIpE
zS_O1I0+h2sKiTAvC>QjJ(9MAP2?E6NXydES8=p$+)zFBD;Uoc1FDzKCUyYbyT42ea
z_3~eXbZ~d_Sh9R(j&=!JUh}e~DvjpTj`a4gP=YV^x)^ROG$RGjyaQN(w$5y#d=nBh
zNHgm7&Zk}vuv{;8MZIKET34tcb>Ea7V1V_0$5nyS2rU!5@2}YhNG%Z201LrQ1wO9k
zo^eQnKmxBryLulLp9MTUu=3UafX!=paS;%BK-c2c<?#%Z55ORxo~eq6v;uJf+=>XA
zZ+oL*KK{tw6##ljG#dbP?JO+;Ui+Xu9q8{TWrxgQ2f!Z4XwXD9r)nZM$}SgFjyc<J
zTXDpZk)BB3-p)9YRsqQ>!xuaO*todtReF>8gX-Nl{IzLs!YBg>IYXOgH=yV0>%*9-
ztaUz>KS@aPHkQg)&{gr01zseq0~(e(n0(Jh4)ErfS~aDAEP4m|(9*(U3}QT7yv}k_
zTvIb4Hg<xc;exDw55oC+rx_hG3FPN`%f(JWRFIt?Zd>1(;Sh%$<8wS)mV2W*S5`t{
zCsTHZ@R*!bhtjd+8gau8$Wm)v4PgL;0kBLKB*>aorC}ruaVj9-F6Nf`iln`_cVuu7
zixVx60r5GIUwK;eu{}6QcjvZ8UeMDk$;ma^J#2yyw6?bP8U&jHk_U+boDR&yxZ=jq
ztYwumUxT-WF0^eh>|~;cVfs_JuQ7z-BA~^#VjwvKRvC;!(6tQJCrm-LMfN6R3M`l!
zi&1#{7FtZ<-zh+x!t2E$o+Q2(7tR_QQ!+%Sz;;2C3N6LaW5mx}q;O&v<e4biY$w{|
zm?e$M>(FDu#6g27g!B|Tf(pc2K&Nx)*(tfPAtdQ!{rCa(oR^o^&d!eK2`a))o_iGP
zXWb|;;ecdUQ;m)AIsdNPKSDG3Aw~)KA`v<e7;pH^|9<*FR#x%ue_lc0Jvewj$$?;^
zqn|i7B!ZB*LphuV9O0|X&yH;H5fZ#{rQUj*b*0SkyVl5i+sW>MI)i>ZNwkgO$YOrw
z_13r6{>uh>9B@ONYH?rGTm1OPp@!bl{?9j%=-vF}|I?>et~X!Z$2xv?Trz=Ef+^Vi
zCCGH03|>RP*xfL+SHpELw}2=A4~bi$*u=v#{KByfj|+9a#F?RchIeSf$5S)iVVc9N
zjEqjzP2cM1G~+TTpTCjl0;RdDOCdIH;_?Uy0iilh_}9(nP$Xz!M)T>#2+TR+HeM)M
zF~)Y~0Vf|85|UPs3W%y}kqvjYdWPs0!mG%z_HqlpL<W^x1f;^L{i+5}42+F~b9cUA
zghoc1CF4*1&o}=w<P!YXWIcQ|>^MehyFDHeb#kQs_c1`$xVbuK3r$UWK{2pUYG~*j
z7$^sgS*53^amM*oS?T@d0f^%0XpJ6J)%=Cq&T#j7CX6bGBMx~Mn;^EHlCqA7-}Rk}
z%2$lgh|moAtS?_)>n$x|`(X=G^IX)M%(xQsM^I%x`<mM`-6+?PDWD(8NlMDc9OjLY
zB1`@6n;l_<Dp9JcrXHX-%v2P_2L{qdYk~z3-%(Vz2dbXqHD6I$+Ph~{LpJJ?l8RwQ
zTV9uU5UlfG3#2B=ktEQQlLr)7ZoVU}S1peVAi0Z_d}NZ6ijDo)<!1O6Gt$#l4~wpr
z6RGIwb=nUO*V)nW*uE+E0CB?QcpytrF)-ouIKgIij`ic?aB=C@iIWOoKSLryY%TG}
zZJc(9FV8qv*4O<rxw(!q2c7<mu$$*petlrJzP6s5XVP8;7Yl!ol0ifPIvWUI1{J+8
z51L~P2S=%ar+y<P<$5~Tn$##=xnEN?WjGMUsFU^Qnwa5rvKT5M2a=4B4?h?fp^+qW
z(=kzH2J3X0(@1$FgLccHOU0(OH6eBAD78VY4YPgaK9W>GM%y)+7aGy%%xGWXhxv#l
zCiALEt7Yj{VNoD=C%8GTcAB|(l4vL?_j*%(+Ku(}aMaw!`lqKpJ^m8X$c|f*$m`Nw
zT4ZC1Z%NJ}#-XPG=F9XnV1mvLJ~%p^8;{j~*wtp>0mz`LDz2)bG3e0J9yhtMK0@!t
z%NR>0Vz^WvB$zA)eU{-T168#NVG+KP(o(Yf-XZ?7SLeGZ$+Fbg&++iU^ZnS#$tSqR
zuCuGt+S*2KGM-YIoFY`^gxq^?CdfqP<~kQQFQ+a}{V@dl`$I<ZHIMkspJcAD_O~)e
zMux|8;k`5n9$Yr=?=_Qg(YV|`M<eqJB;;GEaO+*7t4B&sJKhFnOW(2k*O;QBBELRu
z-a$|627ngF?id~YW%HfSS^}<`K?zcS>KvnENWJ#<t-#MGq6aP23`*U3I`X+8=nVjb
z7DVsdA>ZvEXTe7$ZJB?YlRZ#xe~aH;FhpMNZQjyb(zJ=rDbmFSy{;>6<=3x&|4d5%
za><s5hp;mQRZ&3fJ}H>p$UtMVwG99MePgDAijfie;14UZ%ijJG0N9MDONmGix`q>Z
za2W`A><uI(7g|x=0g;G{iw6eYsf{=f=1oIN{_}m|&i$jyy)Lwn%0j&!M?4i33K0sg
z;4c|^nx<&dz3pOl)`WlmzWl7LktcpGs61k}Ui|jmJJ8Ye^_QWqo*#Ald3m1fA8G$p
zUqN0mg@#(uoMVnrO-Lc9y4sKAuGX9Myg41t#5QvNBjao#RR9jJrSr?nrJaXIK8vS^
zel+UY3Ko|TPow^RohK|;v=}v&!FmUnh}0yD<-ok#9w%EqWfZL<BLx~+c{v(Yd*}E3
zBQ`EgmTMgnl$2bUn3-)iC)v!Vn_STXw;y5sj^k^5$x5)y=C1xVt~M?s14l&sU|c#i
zi`45~?tv&Kx>k#Dp5{Kew0;rO-P?^|B(Itj&*2*eY7>lwTN}KW<=VFPC!S|#)!RyR
zqDXJwT3`yI@J9Ng^Zr<RJF;V6J<c^}L{0ZxNm=<?{5IHFyC>(u?zDlvxxT&zR<L@-
z<Z<wIelh;@2`+47^QrfFiQ4eLOX|vrWQ>l^74o^(ekqA5==BQYiM`%z3Pl7?1QMwg
z3JNQ00DzomA}hU~1Ro40_L7t3v9OCt_1W;KsDts#_3a*$xuZM+M#lcmP8!v5u1eM3
zMWun&gY9~?`0p22O{Z4(FOJI!?L|+^wU0_NgO(X~SeThbkudM>u5UeM&`v=_$JvZ?
zJ)HB-rjZg=E~u^+*Hu#AFq*Wa7Z8{5%Tmntm>YRgV)V)Wt$Kb;jH5E{T?CTGJxeP?
z7JRhPljl*)`qE3wOW8&S!48muzI~G<BWnVNXkdU3xcZoAwNh8CoRQpuoE&bKv+aQO
z5%pSY4N=kM@k2FaWIv>2BHqKC>}=@^m)w*Tbt$RT$FxQb1?lxC_iEh|+ZQd{f)f8^
zqL;`JXOxu%gbfDYN8g&Q@_N-rZLnZjWl>ZhlX&XX)bd6bz)>G$rWdsOGY!OhCl)Q=
zpAXhp^Iv&lVB96exDx$MiX;GXoZ*{}^E5lkhrg&2bx$k-9o+@oLWs896Z;Oh*YO4o
zfu2n?0SqY$<e0JJjPkJ!_uB|!JepDgp`lEtyKYi;^4POHFO<#(C{XA%k#c8uCntX$
zuYDXJ&TH@J0Iy6%Q4u2_9~!CG9k$_$0y@DTDIWV(PJ7R1WO>g&oOoW{K?HUo^f|f4
zFXPF=FFo`kNShPK>-8=Tov<^*(6A=ZB9_;QC>oVN1w8pPC7D+-HUz*B*BGG3VBj8e
z(QmPy_V=}q{w^mLT)9!KzY5(GxkoOf!>q7RPq*Y&$fS}hiQ_Gp+}UNczIIqtOsUUW
z!Oh4hr<+n$m7bM_CrJHbqkiYp=EeppYCz0{ft3*=g7qD1uDT?WhTOP-#MPVAgKK4D
z!gOV9K3rEu4fy7IJw<G1s#)V0P2ww)Uj=^d@E~YC#P7FVA(3j@l)WNJlBLdi-T_lH
zQ!;{nY}?>=EUln0I69gZW_O_GH^!fPCHE}d&Marbj)=r7@G1Y$0vSup_*C!?gM9Uo
zxh>I{?wK!UYK)rh!AemR@#a%P?qqd3Q0+{%GBT^CFrPECIqa3<lr!mlQ!^TVh_FJ0
zh-S@|<$Q5b#hj4P#i!&9NU;*)11PiFI37W2Dk=#fAq5c;3I_Jf<YXW&)~@Pm92}}5
zBI>-AoAe_2+^&oleC3)ve}Y>sN-~yKnIR@t4Fe1lZb0|c$q*BOdiCYYnMCAo2F;D|
z#6+iUS6@$|Ylgzi8QB{#x{nSptMO#%VV^*Qi2o93WV++VqbJOQV&Sh#%FD;9nxQ!n
z38Rv_431&4`~48?R9(|`fR%T+@!p)CI#6BlL3re~d#VwYEXDIZ{<~P_+q=BJvSK=2
zECro1X{qJV8f_$fcjB^~LUW0ox%xuY2Fk{B3Qo?d!-7U|(+(HTrgB$_B_8dGSYO}r
ztggm385S(^_xHE9Ijpz;%BPIdy5;J07vbcrXe^zECY#Ldq$oyNDqVgzDgmqv4i4Go
z%GR_)e|EBSa#|CY=FDk8u^lfG^y(|goCP7p^yAV$Tlf9L8^AUt93~?+Ka%`@lV~I_
zDQQ&q{jbY0t#87C1YiPHr?1G7=x4j>EPTGEr+-{qs~@mSV1bbrP^}(ws^6**g%MkP
zwud~FnkfL7>23H*^Pm><jlj))uD6^`4dN;6FmM|abiq+kQ89_9)a3TGY2dw$@R^<}
zgi%dG!sx(YB%fYHG^JAkd{NL5Jk2`a#6&=_=KN|*a34;vUf{p_g1+){3l)m8m5~Cj
zyqEBUpA~{iSv@+xCnghlSNt0|QAn{b&)!BF<HFBYo^AfPBQ(JQ4@vO;FEPERDQyKw
z1N0To9>sAcxzzuRzVl!G$HrdJqf@&&RbWX!Q&G!f8$Ms9T<&Zy)h{5p7vS~TV5az)
z2L=lpa$0&iHFnmL{7>934Jy0VC-Oh3%A6YwZzc9FThg+!uuha>JG2@&Se<;w;dHmq
zwnAz079%q-{9#uSRrhiK^)1q$gNhE>)nC5ktdH`!L~(rFUqS^ge4=98v@PaN;AKar
zZk|d>z9{;oE$()Is_*%+(4qCAQo$wWwWVgQ?*rs&Hpf3vjQOUUnsg_G`qJ@YZ=^6~
zw5qMEyuCjve@7Dg7Qw*L^T5fRfov}MGe%T&j02t4SO#4&6I0;R>%q?Kpv+}?FIl|U
zr^Lj|OrO4)C&aRQ=xC>GoO5=^@J34VxNh`zOAa5bGQ)nFNyU&Y{%=T$92TA65|~gV
z+VQrjhzj834oVY~`*d1nNG#tQ$I06Hv2=aZ0x212iO!A=8=F;GIg9=<QA{#^=DxSa
zCg+ELMnsY7zWUQ%zcba*$;r#}#u)hXXJakpR!86Dz05avN$rm|vcL+^*3CIS&Xrg)
z6}0%#)wN;J=>VfDYIK78SBo$OMIDH~k>TMYNEXo7<i1eB8>@FQ;n(+1>ayvL;??VZ
z=bQn6<f{I7#0PU04egS(taO0SIXF|^BB8Q!)Ys<&;K^|=E}(4Y+hjsRLOR4`Y8;qH
zi>`kT41~6{RCJ1WVo^$$mu}D%UqQEgek}Md_ZtXSPc<|uisqlxNit|~X$2?po1EP^
z2fSp3h3zk5IhHZ$kB-phD8BjHkB$sWOGv0a<E5uRI?TZZha#lqI>{bNnFJbgax2hf
z0H8g<q5`xIpo5W>+0HJ}VtpxKVd0q+9i81VUgcWvqNS%tzFzT-bsr5akUsUb5VNw;
z==J%sesM{0Cw~NpX)0<HP@>~`t+GXX6F?hori*qX;(aEQp08fDHd$5jabw`QLdH~;
zQ%!AdcV~9*AH%H^&6iYE%foqpL+9p{hAUnj!?259P^oD2aJz08m}umcem|HOMQ;m8
z^v#*-c;2xwAdf25b9H&2gA-K*=^kPN-E(@?T3s+MA%dNQ<0>;FVmL)aqCEhp<@<LD
zbIg7)(7ZU9Xc%!?qyfaq(*=!;f>23r?F-J+x_|&W!IjMk`&*<dCLhuv4K0Ygwzo^*
zaUeWDTU=qxw;#iDBc3<spmnK-?R{SUl9B66K5AgpQIJ3(RXi$sNUEqVudb@<fsvgx
zJB3s~4NJ6l+FdXi=-OU5YfM4bi<p$Tl%2wJvpMbX@bCT-e!X#g9eR;|xoj*8zx^W_
zJ85XZrw`66@WL4z7$glk;XKBrcvjo!Fx}FM6N$|Xq`bsO!w)Jmvc%Sx*<xI=8jhFa
z;T}!5u@F7Ax`Mubbv#?Z6#U_#Ag8Eq&9{?V8yEL2S5i>$B4NgMd1(nW_obyJ^(sre
znOg9d6@is7D=UW`8K2l|D#-rHv|(G>IrB@F9}7zL0YL>zZ^^wv6+)5yk;_=hAerp#
z6*r|c0pG^P#sUWYhCmk^@)IrqAt`ewMX6O)oIpihywh|&+AzeSP0cyJ<1E*N8@J>d
zdb{y@d|<a_U74Yo_{-4V=`Tvkje&t!c2C$nhatGQ_)(-)1T+Pt<X^vj!2mI_sp(pw
z2B0F5dXNCd75Sw*IzC3~HC=l;vq;Uj3$RCv|9pv_sfmV`*3Zx1o`>kFU9ZI7&;Rb-
zTe#5$0_;I!NTeSrD7<7v9IDK<#Xli8M9idS*86uEn3)mV9Y;$N5Lm(jpZ^jNJ91f>
z4Bz%zU>=l0;o*+=2bNEnZ5KPYm2xknl|>`9x|WqJjZHSwsO3A}yr~S!s!SXG`BPRS
z_3P1FW-AF4EB}LU2g(dOUW2fGRzv+YsJ<<OR;w*<6fgwS)34oXAOt={kN8>4Q_kID
zm~m;)I~*ro)Ln$`14$6J->ScR_w(h4T$TO#v%}bh#f3!CE1`>tLBw%!Rq+@@lR;_&
zN!M#4((j>hUKndeMxuI!cINMDOq<7T)}Lc{#<E)s)vkeLJu);>^^I_`PJ1Xt#Q%W@
z>}|D(+`7ARd*NPYM`D^sO4B$oJBb%|IQEFy=%1R3@NE2^F^2{5#O=rzyK5u8M5KzU
z@_%Ab!G=$-QB6oHyxl*aDaB7qON-K5R$(WMl%DYnJh!k{FmA(G<emsE?Ro?Q6P=M|
z5dOV@O)lxA_-g%$%9pMtbb`LwNhEOwNoFKew6F`csmAVsHE(r*l$OomHF`d1n~<@P
zNV}$$EG&wQi>$_{8%gPSH-7~rNh-azc*6+dW|5ql&|pi;GtY22MaAHlvs<KIY7sFk
z76ad{uP;fH?R?PiUQ>cMv!hD^YlZ@}k(Xhuf=H}LmqZT_P%#8)vT2Y=pFY)~3HQU0
zmsR|0&T)8%>g|26@(CED1d-$({~$!mEH4i{Gt)va$Z@^g(5n6Bka#c+C&J1q^5#uP
z_hek0QS*jB2KZEm`-h*?Ki7*a_V@S05NxHOfbSqfy5%j{`226Ipr(1u#T!f7suL<n
zXq;q~<o%qlUU-IwgvAHoVyftKo7R_=*&H0A?(JF5P*5uF+us&^Z_@KUB*gHPY_NFg
zNK8s9FR%5^=J2Hsn~#D!#=yz8JsBO{=0{ChXmXea22uQx;m`iwetSLH^Q>!Derg(O
zWd7d*Tvkhp@&is!O`bv*dD}gyGA&9lnZ#@3Y)rq9X_|skPd80ME=~2xR&q`byLn$y
zd;2m-HxyVZx!)A1u7S^8!oj)Rc$$)uAR$M+pe_PSB^Wye;^V6BUh+k(I|dSl;9GT5
zX=ye=F%1nN_*1)(bSU`*oUmmFrRavMhQJ@+IYY;G75lQc%~Jo=*!Tw((rxhVSA`>y
zl9TIjs*L5+@~z-Q_@!08g9NUnMHPCzI!Fb|th~H@@m6!1d{#%t8|-8)UQ>Qtmh#NT
z?%{GRO-)m0XLZ!XpltzuhY-v!z4{lyqu25=)$P99m<!V;djIVOSW%qf(Q9x$1d83j
z@KgUPuh(GL=mz8`VC#(xSJTp-Y1CPAvQnhyZ@E!v!B$2f&s4>^xM{IS({^W$HldKF
zr5!s~JFdG<`l=<itFW=Tm`x+Op0g$N=n>%Kl{ufUuC3t^UuRTT$4Gwl3(U>SiDx$x
zn5nmY@L*R?t~XXKg6xQS{o|*=rmf>Y>>#ONZq-A;z{MFKCf`m0Vu*lX0!VnTFOwoj
zW20BgXy3v^^t83X9wHkILi<49pS7Vb7CK&&zdr>)?#RlT1^3YEvGKKz`>RI}w9MDm
z@mt(NK`^;J$N#kV`eI+$kF3mg6A>&#fB&xQa@Eh~WX*;(TeQrsBM7kU+TJ2e+xDJ@
zy8_^1+y;XGHQ2jq+hrHCkdk9!@V#WAIkg$O&X<$Y)GaM7<=c*OFJDbyJYV=akCY6H
zDP@k#tFLkwOIVX!_NZuMZxN-MtD0OiVCk(gI|~c-bJ~y~_g$k?(I7(YmyUJ5Utc3}
zUU26>QBaf*4G&o~=YUax8xweoc-v!o1$%g;z(WX7ui&1{ge=&XK*&3OxYYBW$vZ<_
z2&vBPT3TG3hG*jzQT}A71{({LViHZ-GpeZuVvn};*dwMx)%uj7wudZ@)6-Y5Z5A3D
zz$bbcdQBxnyneulKp`7u|8uN;0BkWcb4Bg--|6`_%z)bhj^jQstvjQa>?s{6(zI@&
z+1V^;K46~ANqXgih3k(ow{K)I&qf<&b3Hv(UvAr*z-MS#18zYiQd>hqvG(}cW>H^j
zL-24MtPQOTjo<f@g&DX1Y-dEz6r(zhl#I*R4@}krv-w>y_R4l=it6Pjr4N-}BhsdZ
zs)40#VYTXe#|CX^<79VJkI8KT3|xl0(+#+vOg}K1O_N#XM`z)A3pzk<2K#30g#Bv<
zh1rkc*x~BxujSIH-QD&1oyE#Z)_pKKyLwu!Og7I*y`b#4#BO&}q7t&alTi-3;IIz{
ze%!+OB31&I;h?BIA}pNt#S4Rv$`OE!$a*OtyJBLZC-ONoz5LL95QQ4_!8wD7_rS)+
z8dGq1n2qedRp0x}sFju6-0lS4Ly)PxeFVU1QI}u71uReW3#A6vBl^@?%nLKYFx)t$
zt7oD?wnGDdkRMdJT)VD(cK5^(bU3X-BE^lA8&@4)#am4#wevx>iwHMNNfd!}hMTI4
z+OU+UF9W5cg?V&rZ2p1M`L$H(64@X$r0E~GgB}yZLL2Vu(~Wv*&ZVwfkN6$Tj}l$O
z^&8I*W(NhX^Q>L*`U|vd25hU;^TEz}YCi`x1Xj|oZFIP60t|moU2dsd-#d-B0Y2Fe
zoOa31&JJ@n?d#;ML_Pu4Ljx_|jZ#E69lwCHKya{f%4uYP&2m-0JhB(GNUQ8>wzsY0
zbRTVlfx3OBc2)o5<F`aXqN)AD5!pX}$jZGnT<3n?I5NNAOZXx0^o^3DVxK|w+-^aY
z^#|bgVS{pe`Nth$hzG!ZptwoZdm+;^^%$;4V_lvNRm$bL?5c~4BL}suCz#CVWu~MI
zOupDPDtc-7+%V*Gd`!%vr%z8wSs#<K=o*~QT#pEbs0yXIJS<f+-#PqtPzon_c7{kP
z#jDQ%e&>ZZx0?;z3x_YB#d7PbTG40a7?qZZ<yEzp${JU;TPK_G>iNqmD#FfQ)0rR0
z9wfyjC5ms~K0QY-EM6OYkbXx?5wE5+M%iS%%X<6(uW6Ncg%|L6dhDm1y9l495A!Pi
z2~Zj-Pfg}uIzyBCKXTXqrhfgOo|?F3iXW^i$18*uSl7VEe=4W+FxDKRf3{0P&wXL_
zWjAt$9$xNyBS_3=vQ8G-&zA7Jb8GFN=%gXZ^iS+U_)lLPKL=7Y_#4262?soY?H7qv
zg8y!j@~X`VoEbSeMzBFUvTM<@3e<jZSb^EY<QREuk(l(KTK3co{3Ku;XnO9<2e-eN
z+SE*r_~Mv(acS)S%6z}k)9y{jBxLmBEb8YfYKIAPYcv%1D$wBcs>8j!?(TxIwxw4^
zKeJ^c7M*BeVUZz<(=#JwT#yZ|VsF^95MGqDvReP94Ie<zNYBm|=Lu<^b^gu8O`+Ey
zA)dhBJT>|=Y0-G?Q|WUZjb6<vWJUsKR1hSA0Qw#tUIU(WguYT~!|zK<%8*@3DKoQ+
z#k)3_O+vx#jERMZHx>x-^j41g`@z8hXy7;Yp;YmAV8wu)<wax0vn}9WV~&>el2uj3
zS22eCP8o*x<jJU9EFv8e3JNnD+c0>rfQe^{hMT1rZgpiB6lBU$CyrI$LqOOZMCA?z
z3wx;d=)^>Y4#i!8zt;d(xeJYNgp1=X7+b6voaf*`;^aI9pEuAmnuYIgd2RmwwP*=-
z12!3g%{>15_djrEMLKQJOR=AR>}YRSueI-QZ~w90iGpxqYttMB8?9b=%Vzz7n@s3$
zj28LhGAJo10K|8^y5JOS2On8imxPqm&F*Ktk};TM@L>Sp2b+{szAYH<V51rfJNwAc
z&?UI3!5a$Tg&RzNJe^6!#Wx#t?NLGY{`I&Rwv)n+xKv09&~NZK9#9J!fC=N@=4RNJ
z$FA%O1`Cj;z}~(!Ue?vtwp=mey5607?`ouO;qTw~1_q;W9sJi9gCir6ZSx^o!{Fj_
zI$VRhq{st>24`_{b_Tm8*d65Io+99I$<E5U*$)gZA?V7s*5W~qqn&!Gmk6xjvD+mm
z+W#sjxC&wQ-MfDujI3ZYAoGId2x5Nq$F2yloSmPa!)Eum|5&8J=Uihk|K;QpSi`|n
zR&O@L2ipl?zZ`tWU;LdJx9b3mv#axMt$Jq%Fd@K=P+Xx|1GnXE_s^}`@GC&dcLw)y
zj#6GW+{&lkg<Eh1_Wv-QDC+aW-Cr6Yp}N27d(igaA_z><H@75#^Ilje1*1z-QxkmM
zfC0;1*IIw-eg9TRFw?<~z-UQ5h^)k3v%NIca$^-ey`^-CNbn~>G@XK@B7d3_;ngvi
z*Ck6;#ZJP8b<Zu%0|)l@h8JF3zuTQZdiu0%YGcFLOBVb{n^&x#{!n|6fUCrZoLv9|
zjOIgNsX%IKZ2SO@rMm*Kr($(w<;G)L0B-iNsVT4nKWb=N0&f(r;{gd$Q-8k&aNTzW
zz)nNr1?FBMj27^DfnUzz{1oOKC<i!R2NF8KUiBN(A~Gr}1yV|BDK@l8p@6_VFgkmC
zap{j>>zJvDi4;Z)#0`ev3mpHr$6&a|nA^3_8*}M11!^90hLw#?E59Ewo)7Nc-s{TF
z&!=p#m{d#%4kmGxpH%@<3^~$m{_m^H%OgWhhzKi82YSJHs(9mtz-Nw*j!NUPPnUUk
zdcxiXkw=CsF)1lzf?{tEuZj7a>q3E+rJ$eyaQEx0CnBmN+(aYH=vTN-Eh4NwuV8qq
z00wxkk&+W#&sH-NU7I)`V`D4jzH?tUUm)9D!SC(qX*Duh_eeT~st&F0KPT&zGf|Ko
z+=T&bcCewa6`T<qvG&B}?Qg=v!@V(@=BePkfDk+Rczg$;@6x8Ze3!DLtIMAX_%2c}
zNG|3SPpIIILIectmv;OXuHOWcg9icsAtfgzkvOwMuCkeHdB7u~s(NPS=K>qCfhu$U
zjsKGh_DBcT>cCAhU>~*%+`tG}eBokf7yZ(F;}qfUIImM@cTsP<lK_JphJuE0vSbbU
zK)XoZ3k1v3I4yt%kg!3qWPrUzettJ&p=Klo(+H!(2a6oG48Z|6Zemcc?9-JdY*Kll
zgre~Ww%x(5Jy__l^I!@rqhJ(jV|$EP8V=i7Y;BKVUk_~X^Yi!r&wVIhH}h*(l{{mT
zkcbFdD=TjMo%hbp7m(5T_j?{d>yS@S9sui2^JE@ep{=o<jK%rRkZHkTx3aQA;uXQ5
zbp`u6cI|oM+;gd6qczG%o=6;rg*Idt2+aQ&jWytA3H5#cFH-XJw?Lt^Ug?7k7O=I~
z5Bm-Qv);pm6)?EHfBzSZB@;GJeqI;ZZGVtbcbNYv^NJo($3y$}gZ46USz(Da3C|}+
zbQsBG_x^|{oBmN1nK3Ey9VWYnTU%P}%b@x}qz^Ts%hJIs|3USzh{OM4?#%<ST-)wp
zrBKP#q)d^iGM2fb5Rwp;GN+JCktsv8%?U|}l7x^Xb7nFnWXzaM$q*r9GW^!1XFub9
z-giIm_x;}QyZ_oY-NSWX=XtJU9c!&a)8u&SJ#LZPJ7`XZXwmqx7fHRBc*wGWo~M_t
zC`!uN>mZl0vQfa`q3d5R%V`7z1Ylps9#h(sk7W(*O;XbS$J0Ii{ZsgKCd{14{;UuW
zet3QsN_|LnY$SB18W~AQmMQMZvJLacnk;;q&MEhE;IG*p{Q96>lidE3)jPg8f9wc-
z6gvAM;5BReH<sy%UYT9~&m>7C&*RQVbj4S({M>*5DyArLQZIF5<9Ka8V*&aRUw4V~
zdN+RzKwgE+iRt(6mC?V&O^6z(pm`gKzz8(O$-`iN94@LxpV}8<2TFE8;-SIChEJbf
zo~*I>dL{n+`Josp{xy2WE3_a@b1%EQ9g#ToK;YO^NgSRWf+Or-XbnI#RBrI&=TB-|
zrZprfLIq``;TEHP>Q6Ze$5qKk$2%krsoX9<*wwa>KuS`|4;_erz$=_8h&h2QbYjSw
zq`1EEWR32~pavUVB=^3SNu5Wle_B^o1~b8=gJV%3DT#ydFozKwn+27FrJcDz0&c9A
z-HK+`;=d^AR{ezfX1~(i?rgra$0$#%<m+vyiSkFtj*yQ<OncqDdO$II6aISWiq}`6
zf>5cU2g&0bO>AZCoFal}=j`wsk`$j*L6Mv4Edq^ai67<K+Ezgj$?wm*+J|rxd@|5*
zY4sPy^!mb8YW#H!8v8;x*c$k4>6p4{4KA;XC$LTNrXdcaFdtd_Z(V`f+vVbv7<X%F
z$vY(~XtU9kbjso{+;-q&FUKj<(QY5nHx|7na&nh#Vv(M*ZlR=s-N}=FAt4{`?$|`x
z2EijvgWkAS{Z~&0+%Cq19UG>~c_bY@bnklKx_8C>gYF+XI~lfY>BpKde7AMG-%Nu%
zi>;mA$g-8EbSidND4E0BGFs|xLN$t`pCTI0_QvZ%yK1|-mgXn>`BS$&p*Bcu!x;fl
z*4B;XI2F**E+T!d%B{fO2pPKk%QXG14IS3RdC&-Bk|+FUSD&3^r+b=#+<+NfwgU&g
zLsaMxlAeA&ikg#ygVh5DuZ375|BJP`tLs!u1Kh8^Z(#Yw6Z$i(xIFocD4T0uu#7{X
z#CAkP<Xrk=@EWC=>Lo`h$K<{v*$NvJdd<)k7A?(o65BL1&n-*+$drP_8Jp7$-&3Yb
zFBId{R@8a6pJcxW=tQ=D{c$-t={Dxg(8xpof9|DrJMMQ4jY^|*Y*X7ddbW^Cz=sW8
zo|BUU2}B+PJ((~Z(+NXzNocWmvSvUkn?KsuC%rY{%sx_5QVzN*Xo9inLI=+P)c4_o
zXNnw5<<Yu53o~CQ<B=-$^syu^yN9Zkm0+ZD%Jb)J@A<9tVn6Mnt;U;6JVQ5(5RKOf
zaLIUjd-oeUkFAk=bgX<7W^QDwY~Q+d-MV#%U_sVew5k|B8Sp|DoK#+3016NWqf_Tx
z@_BUh(SrwXp^@Y{2m7q_6=)PGSoy-7#yW(ts)bEk1nBR80f9OYAvVDZ>}2k#05<tK
z_<y3G9NbIvUub4N&&&*&ABF$pXHqnpiAhOG$mY^p{vHM^f)28l`oFE|0ElPxfTA0U
z=XSGM?9{N0<>lsPh<L$E30*4)Y(!@vIpx;TqcIKmj$x7r9DlnG$m@y_l3f@XopC+}
zEn6QATrd@PNQNLgY1j4ZQ$TWkhD071udWDM*8GqVG!kET=^g|l0VE+7Lj1;ec3s0u
zmtu5#py9kG;a;MuA}S&xM}b6<P3wMxb{1mMlA9>b_G{k<r}&ck<%;U)!3p`{ft#}m
zIS!L-%lxvj2%Qmm=ue}lppbxULPP-o4niz4IyCg!VbUO62{on7{6sH0BDf6%5mmv;
zdaJUZNy5gb>hinG2M&Y-=^Qcd$Pn#zzK&fQnqYB!*~U>WS&lO!`1C+#%RlN|l~0^#
zN3#on$fvHOU`S4K7I9zz!23fKABae$L6;58kH>3mzNk9tjT<{&T_m+Q7~x-nr3H;>
zUY-_Tn4j!Zd?*A}LK%fK5QrTj;8`RqLMhA*N5Z>z-zO(`4)c>wClrOcU;2TAZi0hf
z`pO%R4GtfkKnT~~*$H36V!Q(TRZB~*7W``{TIg8eCl<H(=;~;V;5ZePx{3<9)boqA
zqTTTLOu17_0)X?&YP(-l75oXmp^ZeOEZfWp4eqV@sO@mzBi8BKwTbY9#)#*H?d%Q>
z0P2pYy1DP)6;GTnxq9`@nomfusHve$LAMr{74q47r}2Wh&sAIa!XAc(&URWBMM}Cv
zD95kNq_}bfDG-S_(2Yga6(Rx;ft5@U+TWZduZO%^*TUkZD)$}SjDCKdu!d^rxx{4(
z((H*k59?sK5}_bQ;$?y=H;4!92J_C##FK}F2pe>hQ|?ISB~RJM&(Fm+fCK-hUwc{Y
z4iq1?nZTM4PFvw<^72|Kym1k>YB3{?vuAaRZZdI2JbdWn=m;I*qtae635m4xJRYhz
zgf3tHta{U2z?yQOQ62oYs2Namm92Y^%@S!*;c_uZxx5Q6O&M;BDU^o}?JX_aS%s|n
zWSuJ$RBp{@ad=9bSXcn}1Xo>F;@r}`9HbbB6TW1SoRP@gS;SRwe-0_LJ*_m&D|u~W
zV`Id1z?O;!?1hew3o!A*cSr<g&X`5ay-GZ@FI<VUqYg$rT50S}uUBTif8X_Ke2tfu
zE3YxCA&O`~*u#{PZV?d?t$MCZ{Ali;I9Q5G)%~~MCae)S+R`o#nMFfG!^mD7xpclB
zFe~{jV-3B1tMGCEbG<~A^AEmCexYwpc;W3$URbLX%P3)U1+^X^p9}@9j1rx1SxK*y
z<!ss9%>{Q$;U&nQiES9A0xAtH2r&mOU{FRy+HZzB<J8HM3})ttzJcIIv`ys}E2>Dr
zKIZ@>&dRbff$$pmIwji|KBAv7vs2Z|+8S;r>^Ac+lwBkR1QaB)9<70L`u>r4$(@^%
zphLNGMYX6s-Vd!+Us*L()!kb+dP-l^)a-zF1Dk3{2qcs^&GdX9!DJw-LQ%2NJ@@_N
z1BQxbW@g|jLKJ6aXJMR0v8kJO+1HzRRN`yR(Y8QT9rj3=*fK)hWL_(AmiDqZO%KsZ
za|;PIzk4@Q=em55`MoA&`oOMmy~3C=20v;2uuWe&+@4EaPYbb=qpCwyici0QzfX^i
zm9;!XIs{XS{PE)(*8K(#EPl1o^9?F&ykApuN>Tw45qMc)_=Lv?a=`g#oC5kwnT+}8
zID-?7v$C?DHC%B~gw_WBpOL-5$)SpISStlcKiZ+^43{=?Uwkw`J<#r8cCaC*{y7sA
z896pEunqYuEATq@qTqv(5cL;~Ca}XIK8N#E#F_Kw5f&2~78YNqlaFSN!@ObH5SHW_
ziTx?_x?yHf9PG=pLqUAvEJrMscv!6xvXayiv8QESEG7Hc0|yXNZ*c6L-S+`Upq|s1
z@M1`7vQ{g+^vES3XzfVFxHr`()71Bc%)gk0ucS2W%WEY)J-x%*a}hc!5xG29w4xKI
z=7L0%*Try62nh+%L>;;Qh4OS%O5ws)fct&;9*u(>6nX$eByR3~VhQ}LtgJj=k6R``
z|8R&Rc7&e1K-?-Y!aQvnp6@S9!<VKb5>_48Gz_Y0&r+@1O%rqR5&OsuxV~laG}0^c
zl~O_{wcu_Eic*eGIiCuJ)XtPf%BOHJoJ~AqCgKFMlI#Yk($DO}Cbg90h?SBGrBr<U
zAe=B|I|+Y)f<p05<TU=ARu+q_8?@}mIKhAD+Xww7YBu+8(Gc65V82J~4eUV*x(-dA
z6J5jC{dP?1KH%lFG9G>Ae=anXzvjp5OkQ!`u_PudnKT_+<OWAfH84v$BdICl{fugB
zLqqfrr3Wo7AZpZ|SMJp}H8lZxFBc0ZN3Fjky$a+j?bmE@mw56AINqkunw(xBnb){k
zjeBd+%5om;-U=FJ6DCX)$0&qFMEX3Bd5R>S=|I{=SgO@+&*M%`d3=I-$uW@z7o!6u
zt}Ly{#5dXgc+n!Md0l&xitxyk#~F&YORaE(2*rP<9C3R$@EuvMXgs3+-R?IqJ}%X4
zyDlcECG_A`_<N5QGv`gyr5op_`l<Ma&KJrsy(%*OI(m5T_BxwOUt_39D8Yn$Mi?Br
z2Qc-+HtipMlaWM#6QG!XW@<mJukzMyU+4LhU7FXp^%@%(Ag$RUzoe@Yn4RfwNS{Fj
zKLhEj7S$06CzSMmi1cM{;CK0rmp9v!{{s6|IbNR>%n2P(eFJ5y$-@4RRi7;C1+`MP
zjnr*!A2U&&;Bmq)Q!-ZZ{<DD}1^B6WzoFUc)06zl8>#q}5?$Q(%a1_MF#SE>Do*VJ
z8{Lu`SHmO|tDM}m5&S!nd^cSKJ6{Ex!B0zX4KJQ~SGFcC(>5dQb{Pj7ZT_is_zMSC
z6h(R??6eo7sqE}XjniXKhb{aZ_&h*;qvq!HP*7sx-uwc3%8fz{B*onE|BCN9w)+t)
zTII1)v?}~~Fn{=*1*HcB-`V+40cQ<69X9!Jg%gU3j$f0ry<SP`E7f<H0m=hTAjqNl
z`o66j>3nVAQw~bvA?f*Gs4997hR;8O$m?~rw6&Gun?UC;*t|wX9i|xPa3M}@Z^*l#
zghTX#OTrJa4}$$eEty~pi>o$H@q#0VNmxh(*5Uxo{$mI^(E*O?)=?yDgocMFF7Ji)
z6NN<*7GN1pGIDbAUH&3y@WQ&%yTq)2ex}t7M<Vzl>m2MaFlFhc8*O$k;f5<UFwhdO
z_~OO%+}sX|b+`s_HN%8L5sfkj6yq-civCHkLV)ZNje1lh`l@(SogE!s9>l}J$!TSP
z-xWZHfMg+x$BDIayPWX-$;-*Xk@O-j@8SHJt5-(=9H|(^p6E6M=I>!+TgFCl3K3%9
zgqeITNxe?E)^ft?#|rqv${D;jxQd`h5QSlHKL_K_w{I3X+I)1rFkJcFzKt^pnIyE*
z-~fquB_s(V0~VMDIOOnO-{Kw*coa|+$wjLIYa`-trrkKIchgXRW#Dx&MtOO8Y^wxV
zk({JmMfZg`m4t*A2NS={??Ft#nSCLyD?huDs4n+y)2-eoneBkW9(Qr>A*fjz5<4Ai
zaa2?*-Fa6*j>3RF4<|m+Ufg;cbP|8z{BL!GEI9u^7j7mg*57%i<{Q2*3yT0BA2HjJ
z``UcnI7;F0<kNobMgu<U2S_t|N-u<Kpg@c2wYqf_Ui?&}+FgrWzOo1?sV`bt8YfDR
z(%v3Ax9D9@+7p`cy|HZ~l2iH$9E=pvxU~?=dE^MKG>T1t!P0pSEXj55x7%Th=(o;s
z00R0eboe72;CsVZOaaF*Q9$6IlwNnoBC+T$)VXkB7;na){5EWNK|eK*7A=^HxTIm%
znm$p|+Pw~mC=e(ZOL2!N`pP~XMEH`fIN3HNKHNlW@aXQligCE5Kz)H5fi4AcEC|2=
z&8Y)#90VQ!><^TT<m9{-jKR+X<eb*i3v}I<g|Zj{qre6QbDx}EZ(`0#SwEdrWOT{Q
z><-Pns>>3OQ+F~jU^_)J1Dwj^A9J>-n3JyVZGxT1<AII`={sg3xKkZ*Izbl(>$G(A
zHNaO{5xChA`4z3Iut-VSiEqI)rNE1Dwct(aIZv+ll|`7ySx3j*FT&de=rteuqqd8S
z<M1wpgSh1S8=O=N@e7N-99&%cL*60%&Zpc!B9f|>j6@(~`a5F=E%Cu%c+5;sSLX{m
zNKg5w4a<<L6PN;$fm2GNr34xM@%62+^=nI>pVgrKdgXU5Kob7O*wl1Wpp2-4=EKdt
zvfywL2m>G^3u&@oNi`5OE~Z!mg5&rRN(fe239u$T9pNtR6%|IG3%8IIlVHDB=i%w-
z>`dn2)q9Y>dPWI;-bQ$gSzOn~1qC&r9`#O;)2GCyX5;*ng)^)gwMot36gH{zJfTHJ
zE2^!uBom5FCu<%LSMW)4X!iZ2vMpYInVdcqd;V~fe{!G%iNGQnKB(wXKxUhFB4vd<
zkdK^%k{4TZ+|8TdZ+xE`Fm;zFuKp>E&5$+)Rx%9V#<3HuYmkL^;p8lte{l=;b9!lk
zJYs+XJ;SdS+NEE~Tl!}741%5I8+0`g6xMTAbV&S4Ypm$BdhqF79sKoC`GeZ=!<mc6
zD$QIp6p|RyI-4Fb+PsA=i-i8gpJAR-f0@(-M1}@#^ee`t$+9oRDL?H$B;B+A1D>RK
z6E5WcjB%1I8x@p~Rz;M}9UES+|DJK;kH$7B7jwhO$y5jD%Sg{eUu8P>R+PZh#!SfK
zcL5C$_Q}8%x!mwKIx0f=>|Qdz#}JXi-tdO@KKEz)7siP!D$J}aH#08o_>p)>YJwC{
zRWRke`|Y%>X*CEZsuQK2n|2^FGbx-eNWrJ^O=+pG%`X4#J9pj~|8yk(9Yz$?kz+Uj
zjWjeTE{%vMd6K#5>Xj>aB2kOQxm)+(D=yxNL_MrvpJ|8>YaQX~pl(%OPbyf<P=!Dt
zAV72%O)H-xQfDtaD{BejFduw<qL!%Z=tnxFK8i$WDkh0(>*F{xkd0&no>%5f=IQ8|
zn9{mB%Yk<x=xV_5j78kttrxADfjJEA>9{2FN2XxrML|6_*1Kl@Nq4AwD?s_lW(P+{
zFhC$i>QRYLLg%#UG+vC7lJdR+J0kHV9jC8gLW91(zJ|sQ>4fZTd+c%}>tE^>F}q$x
zMA67F!Uq~U*7x2#S|GYR6j0eQek+1Y{31jxbrDsmYiDoI5*oQtx0vJ-Vy&`{?nb+^
zx~7Jm4t+sDdt}|<D6mpQm4FaCn1_*|1<D7y)t!`Nft8Tp9w%}n7E$-1mT7Mn7ZgOo
z4LGQ-lziJ4G9c+yRcZX?rlzJ$&CSb=E3sjjw!F9~K#u|k^=4&%!<7t_T2Y7WsaU5`
zqazm>hqFN{B2&-q3o&|EY@3Je5<AEwb6cTH-ou9s{&Fz++ge)kODkOW8=+!8jEyMw
zQY97BT<L@QmKMN)Yhp-KGE8qrx9(10;5g=6AZkV0r+Pp)&(2?r8($*!JnT5=$e_20
zo}C=DkvWl4uFNd;e+Ld`1h1`?3tZNu()|jU`n=-fN20|D`VSs*zp$SlFQsK<*x1@4
zT$F-}3P$T`H13p<q@>Z_)|RkC43Q9z-s=lAH{po*`Smv&wDvvy(q6qPo++7Ox$Q!>
z%w6!Yj`<jVYmhqs(6TTbn=UzvGZEJSG7MEnvTlI{Y(2;#2v(6q3hH6zy-+~FXM#Ue
zTJ5zTLAi!<4$VNc-w;rQa{;%d;eiXMPdA{DMU9R&W(E2mzFWv6&Wk2UywJ*i86C}v
zfdQhT8a&(kx9El|$#DiF&!Ow%$F*zM5|HEM$v~z<v%TIdpKyp+y8i40>{$Vw1@6`!
z2Mq#oEMS$1x{t4Av+9u?ZK!CEj@|+V3B4w!4|sZc@o8pob8{!uZT}#ZhiqB2Ctas%
zMP+PW%dN*?kGsT!hA#~1xS%1BEaq0JiHu=%gC8hyS`p9{rYVGHKuDm#j<{?@0|N%#
z4hSej^a6+`B!i#@=8HxtCMuvO`#X^+7Rn-Sy-x2tn+K=T12>J$xAFBN$>_|!a@X6k
zPiJTC4A9&(MK^?28o%kUSc>PGL!muA-Q2N$b3+)}o|^iXM7I|a@8I_)-`W92F~>qe
zg7%dY+PhMV6EbY+SRWfVE_@DFp^-*!0x_4!q+13``gtD_ZZA>Gppaqp0O8_e6Q|aW
zYOSeB=8o6q=Tvwr=p{zE%(kN`_LK75ct_@b5s@t1cnB3lGzdbBe!__lq?Dqa1KxwM
z;jhN8+9PL|$~z|f>CbPP*%pyUch6(3fp|s3kFe#}@;)D|jNj$Og*YfgKWyE|!N+HT
z-ZNe)Trtid9ZFmDu3^aUdomsFb2l;)j`lamrg{x~MzkuV^3IdxI}jipH!kUxdfc?S
zBnhgBBA1sST8ii#A2;QOmK)F>+{dSzKcBpd?IuVvm#L4)6!@sOV;!Y?bonSuH(-2x
zOY|WoLIvJyMRX33<MpTnZOyl4#>U<>Z(3^+v?5IrRCT#F)es+%je+@S1;k;9{>8&5
zefZc1f}L>C-^?l-t%_uU6ZhRL!}?4=;wBReuK_chm6_>VZU6+?-=B_j*j@fvxU+zu
zYqxgU@9-;svk654_7Tl&u?JmJoM>!_h>9Xo3QcT9zAz+-*#j>D&<+Kknqn5gD3stT
z+0J4oY8FG()ia@Fl#Ru_@d*h-jn_dfXr6>sR?vy6PVZ|!HeI_qS2sx1>`!cN*bOWG
z*T+AHVgeVw{x*?eH?!Y1N1N(;S0y75DY$AnUjz;v<pvM+1|mKHLvXJMr83BhUC>WK
z0hg-87PPQ`dpAqtRysO0^vlkjdv<eIk`wfqW;D`7jDFatn8&60?XV|olODnv2K5oA
z2Id{JGi<GMh*=TKW7*y4d0<)0j(4ZvwqX7`^&!LJ^ju>_0)m!kn|i7)TPrD123Nhn
zs1bbLZ1eerhdqb|hxx~u0>qdk3q3tMlh%6@EcbVh)uZlsoz);zgp^l5o4N5JsN}X{
z9C8~{WZ&bP)VV23Dz^<E4-WwF`NGk^!?zU(OM_WJ4MRc@3xX^>y95zqNVsW;#}mm?
z?KuggT_Pg2XlcxnSX)(9C3D5iR$`3%LUOTQkjy|xE}$&|hx@js27;ATU*9T>^qJW3
z+DMTFI-y|6IS{&=C;T%ktP<>66Uqmt&>>p4_STtw<`x#<*iFpL9!a@MN=D=E8gbwM
zHx>=2<ENbK@n6=gCwm5RycN`a;;zG0891ouCK#7pMo~4zsSRV-#uN(h)#8lr-*|4a
z`ts}<=ge9t05V&i7x7W3BtXCM6LB0wd=Sn7v`-*cVQ}4OxubMSr+DbHs-PD4Rz5`g
z%{RS$%gx3nji1iH+AS&hskL>7UWWnrJyLD0OJb#)(rHm_KN$f{iB>x?)&YSV0JQzx
z$LO>&($c_!&~5a*d_es0VP|}BxDv7Nqaee)4j=&JI-;{*V5AtOY5plceCZ>oNAfmO
z&Fr>r3qkr{J!PmRkfVdj8~X`pNhl}aN=7sshF3T!J49I~+j3!K%HQF83x~kSH6uh9
z#{B3}60K9p$^m?ap&=pA)nGA!&#G!_O3%-KbRK5Y1l=bK{LeR#+8lETad$7pi6xFR
z4-d$*7W*ljFFocK=jQgAe{pNcSd@g_S5{gmZO4D#sxBrnO3)bC<v&Yaz4N=oVdwe!
zckiATdB03L^BgDmc`dD^l|hJoM}~(_^UEI`h%@QxOM0?ehRogQQIePU4xpxxrf~T&
z5C%O7p{Bu#12s?VyfQK~Y8nC&SIos@LZzeU(JMe_P(GK<E3oSF)l*y*3S`?lV%1DA
zQB3#d*W;<LU_WT(Fv_;gK&df(n*5Z*)5-}mQ&n5!q>(y%$g(BsMO?akU}xRUUAuq1
z4}CORBGj#IsM{RW>aek+K0JGNn_v0&xjB{*iQgI&OsjWhqE6VYAE@K#+l~fzdA#gN
z=k92#w(d+@yT@Doz>dwFCMWUI!$|`aXJ|Np1T}Cj6{=EHB=lRrpM@>_2=S5Sx_#T$
zc}KkD2ubn8K|#S@s31PE6rkx%qWL!}?DwX(>Qn`hl0izg>Ph=+1yYJ$HJ|cCE}@c3
z$vswgERT~Z-1|a6vmNo*Otse{<#^Det2J&}F5%MKEMb(Sai#6!-LA)9*43rKW+z~j
zk9}cfp|xm%ooY6Y-{p>f>g2-%4n{{nz@@V9-CKpG>5=k}9~b#ue^j&Vz5a_U(>F`a
z&X%$rfjTe_j{J?D)dP<axCk)i8mm-rSRE2L5)zz$5Xv&XS=%c?BzyezJ-h2xRD>uR
z`YKGHjFhdk_n4j=L1l?l3|yI$vQH1qeUs<g6r;vTg~nk_!5MZwTHhXXHvGYArL&^O
z<x8>2_EkEA*h3Eg+~#h6E`An+*)|-oXfi9b8VsTThgm^ebsaa8&}U8`;O=4#Q|I2Q
zW3Bw?=uU^lMGhN#dt4H<$&yV0W|<gu7ag`EDI52F?~78b5>QABjasAB{&I+TR8@g5
z6ls<G8k%r7VvrjOLM_VzBpL|G+A`kw*J_3pi7#0eT^)^$PamsCtKL<JMNVdbwjneU
ze5Cn7*r0#0Y#DY$6FW>ALt&g<T)cCrFl8q$Tg*+e{C$M*R}3cOKOG<)eLnN*2c(cP
zBVq+R1|8jZV&~KmmM0cTR8%)&NwIZeCAFDl6%`dpN27A+LXsY0=p4TQC=Pu2($QH;
zI<bai&;RvmpfoUU?Atd~9Dm{LczHt<*ilT&#nd9h3M>ajG!6%larIY(w)<^kU_jSF
zNS*9uCmKf}9Q@~s(ZK*{#UvI)5u#B>D;=T54zb}C@Ry*%IowNtdyi5q&G!dNu!J_C
zP}wY{dJXp+GUsqsp#lIig91s00>=}MB3kk|jAM|LECeD;OKU`Nwwng8Eh?IgW4xbq
z7bBxmOoPK=-D}rgNs=jJ{Rn{<YP@ixd@lF$Paf9EZ23T&svkpEUyV2T%4F(<DB2>=
z)8noZC&oCiuf|9DD#j7<I<(SAmcol5YVp%2-8i*^$qI%u`!Zu=FJlS3Hr?(kix=#E
zZ55*!2eJ=v{Oh-Gauhcl93CCMaX><1*W9?wd2i51b)}^-Xnq_%%*bkkJj)#I0GbF?
z27pn(jguXwDHwc$4N-SDO-~@ars(fMzzQ8hZ^_l#tuyZ+1I53d*&3uE8{g!6gowm+
zrkaERX=Zx*ipA-qB9NIB(Gcd1IB3h|0I`20v-|e(f|i!wmdU-<_T4UXLk)Xo+~K85
zPF@<6TJf!OLLMwq`rm-jlZjKq7`Eop(th-Nwoo7i1!&EGT9lOJj&80ufxm(jZbF1A
z<JS)Q=*u-R+|E!zBGi<NOFmAGgOd~Kg}ubIAlaH_B)g)!1mJU<MgrH8>iFxavw`h+
z14L)3zgR8te%m>$NJ2y@>C%C0N;+G(KzB+Hp<A>s<at4X&Jm;jcW2I>WAlI#p&Nq*
zF%JNPbWqHo6$&*dC^?*&2m+J3@m==d@qz=Sm7{3S^~j1mTtZL$O4rjb%97Z=q`7%{
zPgS}fSOBpN`RpY$h394Mkh6(z3Q&zA8amY^maT`+D3_T*8?TlKTrq4Tp?g+U)s6ZH
z+6KkNx@<-a9c>QE%I{UAmdf-6@Y0~sChBcmT+mqJdfziJaQt#sdb$k7DU6Tn9ytE*
zFf)c5ey6j=umHZvfE^n>51=G`y3RRo8modL`aeg_ZG(HTVWAqvx^QrQLt^uv0%#Hv
znKw@ipbyKGWy6>)8gyc#1z?o|>8_U8{Qf-^wFw>5exs{b6?v#9`Z<83lZTNQhZn^I
zoge<w<bYfr^+>Rud?Cd6Mv!pEVk%z9!u%9ic0%zGR!yXdq1VcL<VeBOrv?xsM(oWU
zPnFa=^>zD)gFfYbxGO~^C6}xDi<({b$9#ko8rlk7&fqHCNJ^aP5T&b#IIA{8sGGPl
z{5L?nH%MVx+X}s%N_+xvAYow|2r>oC-Oj6t>22kg51?(jo#*^Dus3kn0hBmn45Un^
zxRcXQH{wAuv-3-CYe`Mb9ne-|maa}vPbw=@J>C!(P}+-y2K;^mSyq51MDCtdzZ@!d
zfQ3^^O6QU_Ju5c|sV}^?AAdZZbIaJ#w2Lh@3mO>6PI!3CFn;oN2Ebi(ThN|6b%Oxu
z6zkTaV}}t;_wF^ewTZbdJ3CA739f1;*C5kJl<?pb3L1XB!hFanYDvLAy52ojZWgWj
z8m-nomESqy*BEGpVT|Y&IGgx^axR)E*)8V&t&SQ)kldfUt8(XKy+UDwqY1JR6}F(}
z>??+b_%=AUZbWqf-l*`@aurt;1h&{CG06t)3Q$hE2jf(dp`@v~X#proI=UuVi@gOW
z5$N|<2x8^NY(d$|BL^eIB_yD+c?893tr4oh@y=|1e*QYtPq2NJ_Ci9`Bi`#W8`5$v
z=+UDWXZAtgzGu7NuubllIB^n^MOHEqa&r>2wop(k_YY9sU?LP7_%43>s3j7ueQYMa
z);akq;t_lKack(UN8BVe^WmZ3HndKiHW0UXsDZpZd8BgXR0Am2q_79>&%%tu)c%=Y
zCVHT6rpmpHwcMYRMk=%P>|v)nvDC<j>+LYxMDmws$5^y_=WB@pD$}K(t&y(uPatqD
ziLS|i2K{;(21wkZ<H8;kG}oobvP+yk^P)dbY!xL&`TA}MB=nAZbZAN3E<zh9a^Qet
zV4ZiiEdk+V-ah%VY8oM<Ty<{<i2S8Z>6J>GuJfqJwj6(?YwP~l-R_j5jJLLoWo*{J
z(>s<<SQ5=q`Xdz;ZS$utlqzTtuRwnh!bu|ijN~6*;P*c0ldwU56c}_tLtzrW0pk>c
z2Yyp00vdYO|Bvxnx9TN3U=%dX%6v&9U%NH*qyLU}&_tuD!1;RX;#UpTPi(xkm7`T{
zs>H3<8um<1h1LJAC(L{a#>e)W!({&js0&dO=;c!3Mmx-mQA2mIZ#(3}6X<dGcPjZT
z_f{yG%}q>h41X`Fr}HbPqN0Lk@R=$%niP;$%sW7z+qWACt%Un&<^XVtcPylin-GHi
zK`BguUDgDX0A(fo<uFec1810Z2S!If4!R@Pm;$U@w&XDG!}^ZR7*7SL#~`}=^Jo=X
zbUl=a^@M9i*3r!Dh0zgoX1q<~f4fEB<Nvv@4{aFTvuEQn2|hG;>%F^od%k}CX}xWp
zVCZfPMxsuGt`S8h_8|z*;JvW@_}U8i0^HW$WRN-dG$TVpm@1`($swqVbaa>=*3Qn&
zLDZ#5y~T<~{$-(l#!$-tMCwR0GB(zgddb`I7BP`7sw2(N&vD`YUiAz+ceK#vHIA&e
z)F`-g$Je*yIKUe}01H3pJ?d)Z_54r5QYV8#A|rWeC}3;8kBvDr)N2cvXS?xFykXVi
zj8w`SHf=(`5_1nNz`CNXYhrQ&_kyi0kyZ<?9p<V}E^|8Q4P%res`Lqj>rzC6pVD43
z%aDS=ADjgd0_<u5IV56@!J*)aVGBTc9TO-iO`t!>QxnfD1iCJgvf4nkga*R%sP*o>
z4Syq(j}x(l0+?6|mlK|6ULYhaj2{8?$=RO(Nj`(SoH&+`Fi4F546fqYx6j}}I9?ja
zz|_R#0)~v@C663F47E+h<*Iv9OT#LAmX_QKr(3NjG|^~;x@%@pjKK)gZjE`3OiX;6
z@W;;1&N$<(A+`noy2k_iTE<Ptv#vZd9V4>^myCxe4d~?EBcyU0fTR9bc;p?QqHu^V
z_qbCxt7F`qhxgfETrHGRzbM><Ggnc^A|nt(xi4O14N?3s^=*wN82VqGb;LYMMzL(&
zngQ|9;g;X1w**(+ueuD%LqejXtBZ+6cC{f6Y8S^WI?iZ_Bh;P<s>Py=6tjXBQegjn
zIEIX4ix}%;K+OjXK$2JzmQNAAVGC!^S$6|m7PJOJ6epwDf)WY}A`u}zrisGMLlu?v
zYpa#vDiE;{^<>()%S^|WP#ny7;DXbd%DaDP2-;a1X<!jdi~vrCz{tu9StQ_ck#qUz
z!fu*%>(^tzHH+9aeNewpXrhgSb>{N!<3Fk&*$lGO65(4w%R!b64P}}ixT#LYG>|1=
zdTGUAgA(UdW~(lW-H#b2>c@_)k$gy2it~>jlsxy=3UnvR%faycNJ=SWqgtJyOosgO
zvbS8J#3burS5VRZ45Is1Tk^19N=B_fIB0BW=-)QCru26L*H-~j+0V-cB34u7FrHoK
z^($vHIz!NF(Y-~My5|d>#RJ+=4-k~2FC?pw4{GL>L@##ef2QwP`e#lTL;To05cGiS
zW<`c~%7%d%OwtsUJ?L+-dc3`ywy?xp)6x?9wgqa_*!XA9BCwLf!)cA1+E9*Ke9BLJ
ztOn-4xj8oT4YFP#T*a&z3mB!L;Px_LaVr`AcRGT4u7_Wan1KZ44ED{kLQ1{|jfDyJ
z{t@2I^s%?Jl+oyj8$`fqMyM)6duJIR7qwIZ)Q>%0Awk08w|l#u9>dnya>RQ)&t!~j
z@=r6ieUgIT&I`_L(W3Kh)=R}xXf{Et3x*C4pH22=D0Lt;V^fa8PS%ZG7_7euFZ<!c
zi`^^B_6W)b?47JyLvQp4Dh0{*W^XkC=cQBEe%CiTP|E!~edF$DJwpja7GT8wfRo+D
z@K@bIxhq5$*T5QL+d-^1Og@-x59K}x0H)`)5CNM;N-;7pXsN0q&M)Fu{492*L6j}<
z)3G1u2_}IR#oYV|C_NOB&LGne*t+Za?OVrsr+(mQT6;?$#WK`0($TL{Q?1~7E4%o8
zVxm5d5l|lEjUpld6!kPUZ(CknOWLAWU1Dl@AlwmKnrZFc%Gm7RwE$X1Xi)6lee}ox
zx<YD+K*aI51y}m~_#r6AIXa1Hs+@hFM3}qal#Iw6NnubraRMF~=s=)4ejsF`1{czW
z3m0ITS+JY@jtZ|gj5a3pn2zx#Pw5%0H^>ad&}~Q}Ft8PyJQgWNzn5vEHMQntvf!g$
z&-Mijn5eF+D}u%b-At&{k)W-oruOt^nwg17Rqr+IyM-&uP9F7OOK7FbRs;oV&<+CI
z4!#u*0UW6qG>?&ZgCiq~jL%T2n~IPoC$ou*Ur0RjKK!6O&-SKao7$7t^%ed!t=iK4
z3JRO$+++FgN=kZBaT1(39@5flm#x+n3aZ>^+`3iP+3r;VOZ}n$igoC^WovIQg)s8K
zu$Vm1CulCuW@i-?F!4J>T#1$<Q-$N2G1wl!5Y=-9i7Dm!1O`I7^_m+P15<&^&aR8O
zM~L^p0SF;@(1zFT>Z|BeY(a~dpX0cb0cM|!>};(InuP+!TJnd=-$=9A)_ZU{Qr2Y&
zpl7+}rU6<?=tJf~l8Q_XXAW|?mS0-Ip?O&;CB881<`3!y(L+Lm7(-s7U+$sz&&Yao
zx*G0YXj)=T*XZ8UHJDWrwVT}AK-X=bKssx09vR71-WP6R=F)soiO2+AS*%-eh9Ph1
zh{?7)ya@lq_K4DiXva-WF~}^5kwDn?FJ7V22S+)BCsQhJT@?7mo-$j;?q5qHpag7=
zyJmdyhu1<DACRiPEPZo65w%<F_G|FiUp0OLA_iH0TMpj`o-IzYsJ~wS@`U`C^>uqP
z|DAB7=fW(WN7v-iC9}n6FOGR@<0m&(28LBumgJXH=&yQ>-vxyQhb^@e&xHEO7B!!+
zahCT9qJ4ykZX_fCOAmC|=(=+3rK~T|ha9kSGc#uzi(|9$Raj@ag}~;z3jBgU!z50~
zo=<R(>?&^OF=>ulzA1j=hu5xjDB5%L^0<^4hsxI9VFqb=Kv>u_OxL~Sw@^|qe_gV;
zL!YfTdOkh*-ggT(X<$^52YPF}{J)HiCEEfGC%TvVvDEdAjYU3wyxeGu0UBQ>9gK{O
zP-<27BbB|-=ClX8DVTw?IBD(1nR<Q{HlrKgFK_hh`}R#&UEQ4q0@Po?`gC35pK}bc
zMasp%sDoh<)G5|>cHgE-kQ(BF$$nZ<(<s5OjFJ6Gr_h8P0=s{?ZW=pMahB+8JfWa4
zF*D<mvysp(jOS0i2a(G`cLH14(WAwfv$f*DPo&P{V3ayfQQzFqfH9ca$n!=#4o2>Y
zJRBPzPf_KD?0IgK=<&upzVSQeo*;3qx5Vy;_6x^V2-l!>pM;nVT!lk>dATPyTs#;>
zsK|Z~`Yx6uj#!~0aJnTWZDMWi?979VVP-8h#6YP`!|Lrb(}>@~=RCV_+hmI4#!oLD
zE9w6?q#H~r`5-)yI*JA()DxJDln#@0Murf<G3MF~H=_4*BBp^*@L<xsM?I)Qepr(h
zOF+R*IULr`h9dz35}@pWdJ{eNo7jBld@lnIgA)=Gng;I1NC}vup?3K?I$Fl!3Oy?F
zW|(IaZsEWHBP;d@Enf^VBCNTUl|cKT<0x6n2COlT>kCGpLPJRAei{>VSXjEza)6d^
ze4L+#0s}LU#SS$+tu(4WjJ?A6mCAm?kA1|^=6A^WhiVQ`G0oLz+5Txg$0`Q@|4h&E
zPdHqb2P6|vGuT9sR>WMdm>3z(;NDCSACMc#c0nY9VW%3&n(zWFK&^m)mY2E(9d&j5
z!oo8+gmJt^iC;HDnF_}cKpA?v-_a~9o#{S_IOxro(7s{AYIwX9H}@6HpK*BM`Ok(Z
zu=$9|?(XVB-FBSqH1tA14R~D}n`ubIAuV-+5(-UB_}PpM4QY)p74M#DwZ6t9g<<!F
zpN~_(GrA^a*H#GcK;`twYO~X2W@m4~BGf?*<x2w}J)`J1sUtbr+1XG_wOCy9DHNi=
z=(YWCk_}9ElIF%hy#oi*^7B7dRqf^DqhiHm-QcLGz=Lpy!9WcT0mB*0FhH)gHT&gD
zK9uAt;iwS$rhcGKgi;d97TKC}`$AUjEkO$GGr<EOsNu4!&4sZz^ZD};5Ui-IaW8M#
z=n3=q>&FoUH%SCCffObbXi;@s!BwE_(A!@fIs|#@ZV!y|#ZI8{;(Sn87%}=<MZTCA
zVv3Fnqym6rc%U|Ro%x_)Cc?n_xwrQs=4L-Urmw$S@VhU}ZNXKakvial7Bn_#c)`G?
z)eRD!M_{2nvo6KgV7#1ojx(1{4HBfBq6eowItyZofOfS(s?W}C5JHv>PPbunm{rZo
z=g)I7|4A9GjX6U6vYBe2m26LCeMJT8Y*=@=Fm%J%7!lxJm7f1^V1Aq4H|r%L1Nc3m
zxXRH+d&2%hdZJ~7&j2x}XlKHnm+>(6{Xq2{0~<6%EV%Dn6J2JXV`undZ81?3(3AZ|
z!|~eXr-(E~w$MMzIF@RelmCQ><3A_~46@k&t|XXWzWWS1Ca3|@(hl^!VS0Gb_&xS4
zpQb?&MfRU=7z2*jNGt(g12N9;T7vWl_XG-w?}G;i2|e-~|JlSJkWWA-40V$d=cbJt
zcU_w!8H2hTsUDLD!j%GieF1_|WV)oy<c#}3Mf1BXc~Azj<e4AE#k+^wtjT)%`qXA0
zEnF6Q0sB;R^sUlf%ID{nY~67KLKFkz7l$?cS6{#H*(LCtzPZiecZQpL`8ud8+}`is
zzU`U%0U!nK3*J59W>PhOkLJ|ZrG7BHP(#8zT2@|;wuc!O1}0kIwA)jty8?{}VmhX9
z@<Y&H8+j-j)et^zZm#3P^e`Guq-O8i+U6mlad{>PTQ=srv0;KG4-chsxE|I?;O*OV
z6zebxD;3cY8$EwXsVn189SE-}EtLtg#+HSC`qisw;kaPzT4CY_%JZ%;^l^Mi)JMZ6
zBD;ortK!k4ZjSGMDLHWb5Tk3#cj#eY0a%>Avslg}!AkH-zP)@v*z|**=!1Lr-V9h1
z6Da{upuoVUi7$|7gpKtPB}r+`gVWVdUZ#6W_hPa5O8MWp10vo-x)<LR#+qSBI?|YZ
zGVwkBuIZS;VhM|ia>ee3X(-?Wi0yZE&MTA)$UE&@Ssq_ObPF7!;1vY1Nv!;cTG>EJ
z3HqBaL@_ffi}{HK#*=<Ts4q&4pJz<aWtb0(bbrpi8}7sZo+l6R`6HfOfSquTiC}(d
zvQf`LYv~IYc0NRB)oGR(QhwwJ;EC^9^dU#qKVNwo0V(#vSF*`{uo4rVR(yGQV9TGc
zq@AxgeENW(f$`<bLT#U@hhPLfJ^UiS&q*iECG_rmXN-LAXXokHGwB{>(H-B40WlGM
zvRGN&&;`~M_~<7)HcO0C)I*Lq*D@kg&~)YJ!I?scwOr^>Rt?!K;Cu6a`Ywg&a{$;)
zpD=?8qre0GiNrIv{b1+9v=SNZ;{y9&;EFj1CK%b$3ax7s$QU}<>8e2Wz4)tnDI{)S
z)Ag)>ly7W0h|HQrUt$jE7oY8u>eaVSCpJs&#gA-3+!7L+Ut`q;xCstFzvxN-mL-84
zZ3qnwB%|~&@Wdc>acRjrH$Y#gvBO%97d<Hh1?oHE{{@}zt>KZKJ%^q@TJg_=UQ!%&
zFgyJBQ3jV1Sjb84Y``;|Tv}9=eY)j%xkRC#I*YBtafmZ5Vv|UgQ4B#B+w0xFhNSo|
z)at(&e$nP%6#t$#|24%QeVC{Oey8}Qgm=bu68Z`op;Frj-D(z_nihM{j9k{dBefeI
z8&ZRq4-pZmsIYvu%jPZdcl2rK6cEM4?}ny-60g@+PyK@&gMMd8BGC?*Sc{JYeSD<T
z+@3Jc(|fm&zinx0(A`G|t@(rqqMAv1JkbGgO$?Ux@RVq4-~6cdo}A9ecvx^4wIIVC
zvj0aFiS;%bigmFo-G>0>=?0)M`DJ6m&WxM`>yS0MH2*^6JFGxQx+){*vQm}%FQW_o
zR|*kq=zuQ15g1+;#%=t2H8Bgal3!!X6F)?EfPIEk4V?qT^B{2w{(4X821uU~vxKQ=
zGc{$$cIGVn*6@^&x<NUfWWV-5$t(E(Es1YK0?-IpJ{BxCu^n<f>|YaAqxU#Y!gc=}
z&F#QIu6>l#u~2ugmi1nHrW^^80Agj(nnynXQ=)045l^0<?_70{!?Iwe1rwU6nIt@@
zLGEaPV8-E#DUrcd@H;<%9v-1oIHz&MeeLZP#Oc6sGIViR#dX*4IQeuOab2NGm>FJo
zO$21;xpcpy6c;o#`)qziL!nfIK*JiM0t!_449P6exJL|Y<{e`KM8kvC1BZamg4^jg
z^#*oGFgVY%{N<q~q^>_o$XQ0a@>-#qLgfkh4+i_$SXupm#u(F)1Lbdn-UO!(#&HXJ
z(F4}#dOn71H#{8aO1E%&!x)U3_Fq#A4EoA$akgB9u##}|PsT?@MZw=(thG25wSuN9
zwqBF~xkxMkj3E#@d<^#XUvESejQn9T0kbJ2XW#_U+Bgt?M~M?=Go1GQ?reVs?qlHD
zo#`-A$7T?Nsf(D3HGgjhs}QD=<zH3B9X~oY2Jhgq`hSl3CpY&%D~G`*fWBN@@lf!1
zsN&Fvbo)II4F!-3<mAK<a14M$aRPh<!cWo=v15L9gHAVY#Kp#f=b{zVN<1U!G)u`U
z%N7K&UbB=n1e8#-hR!zu6_u7=>fyD(C~`QF!6sr!!UK|%b7944)1o}ehJOtxC^t%<
z90-7?&f-r{_eCE!(+XrkqUdn;#tm`Wz2NOW>eX;s6g~i_`Vtez%I@4o?t_TX;#}<}
zum+Wac_>3*I20qYHJX~#O-04->oMG6L=)(*CjRs;=&Es9{!WVR(++Ke10w^gkZB8#
z2MunRqHg#0jt;u^W=mdh_Mqu^vO*(_hWrPqzOP?TnjP;V(ZZ|{BDn!caA@slX+1O&
zc6$tQNLF?>)YW)kWg-^U5=}A8f5SnpQTOZy^+Swssk+?f1_uEH!hs`TxyHbViJQ~{
z9|=;FG9OB7&zN`Ur$W^up<9U2bw*z3(vh!U-#dU(2=esv2UXDWva!i<yxn3!qhhL2
zq=sxkfmW9q!Gs3@5xhY}IMo%QUD67mC&yQoQ=p+rPe%b!dE;8;?Zl|IdkV43w_(C*
ziD0Iq`z>!qaz{Jqkfk36nn72AWeSoQKnK@^Cf&OhQjytjU49H?tFRkml90LgbxXQ%
z;DN$rPRtbtWWbbD-1C2tPsc861}wOIy_JJFf{+l}YL^z+ga`?>o!m*+t|zEuenk&-
zJM?dUlwMe<8^+S$cDnrU^d<ieeUHerxZVZeb)E9=?CkW-Q*}s7{o<+s@ppc5a&28*
zV6D;M;2=UzAe*&G7}-EpF*t<@oETdJFDwr)FA@;Ib`$-FoCtW}=Y)0NwzYwD#WxJC
zaTq2jK8z@KL+L%C8Lsr~F>Zie<fm=_1S>zIYY5u~#!jXa#RY0*Z9aP}6QV)Rd1@av
zH+1GOMXZ}om$0lZ9x!M=kkIY8!BhHh2_5L9+de)J1#Q~S1Il@BW+pQ=m9=FT0|WIn
zbN^mS{+eee*y&O~^c);mlLhO$<jUgpTStra1qv5N_Wz2onR!l?wf3kzFe0jy|3c`D
z5Vlq`GEHhjYwI+%#775>1J3h2YZ}g_E_O>LGE!Q})~!phUyGHJd;h|@a}`F2d3ju5
z(!>d1Y2Ze~I=#}7H}#r3V9~Nic(?cN_fOvTT)Vw)C)?9CI_ox9xXax5Z5^%NX@%{=
z498>EZ1ZQ7QebDMRZ*RUt=XGm|7E6nGfKrf4hEN1*>00N&{)vy48O6QU~3mzO}jIC
za%#C$LtRH*r%Syh8<9C&P>W|3+eKZZ^_69^b+-wD_8lz^`8)KqU~ZV1m01Fwh<=IV
zI4R$caZb7QKW`b}dis7$v%VR`)p>iuCq5+P`{x%gp6k*wH|TVZX`>28SM6a~j2I3v
zVt}SfYhM?{{m|;gob!b{<9isCp{OZj{Sd8l>colRFZ-lZnk}k_Gr^qU>vPK8zWYX3
zJ?GYqn1vmCH`R*wR4s0NCi5|kFE0|4kTiQnmZ<~I4O3gvwCvLeP1>{b$Q2B@Hjn@O
z_J^F*^XTY{SXF2e!<-6_Gs?X#9r+>u4s-E>P&9QPKh{-gU7M@GD(Do;u`++6q*A%5
zEppagcxHwxEnQyo`?k~MZrS_?4m8%*@`{SuBW4heG0Kt3HEy(95hWmTD1OsA`Nn|i
zA6k!YCy*9*BEhu}!8k)hZB5(OxD}pY71Y9~+M=Pcs0sDTQPC0gRVnm>z^ZHCXq9Bw
zCo?KDJE)#d5c!{MQxFFr*T7re92;gq{1fGItq1!v7Fz?_Z@*N{vk3VpELxs7x`w1D
zvf@taq|`~p0Rkx3hY9}D!K}()4z8kP0n%STaDR5`H%JxJ**zbl$~|c5!M(S)8IZbX
z8$LnP`rn+WnHS#A8klY#W!E~TWA3&4kk0Pn6kkB({Cm;{vn-y{EGZW_y}Tlgo4&j<
z&K0ZV;@D#(W2t)KLLySsSPHyaJwr(?{iVs`zV6xu&hm4W_%*k4gZ+a#_07!yL5z%y
z9Xbz#f-V|-A8Ab&6BCn_m$y$|3vu6z6<dsFfAolvFYM>LI?PT@9V0?~(`!=hU?gYi
z`4=xgZ0>*@!`#5&06-KtROIRI*LX=IEz8ybnJqBG<?FX)*|z)HB6;v}63;Z-Sk@yX
zl%{rw!IuwZTgNl>;Y>^*hY5KGM>@`2RCM)c5guzfQ-YQotu(eMtvD&i>4YweR~Z@i
z%MH46XS#PNdLhe-666EkW#cpwzp`d(>grsz$hS!}kz2A8V`Q<v^7E&31)SyCUahX+
z;P5&)SiN=M?(KeDry|(z_kQ^za<!Srs4DoLj-w=gWlXE;{d-A=iQPJ(3hX*b^chHu
zdEegt1Lk~uFkT)WOs>W437G)+3UHdBr_#cI&V03>pTG{9Pr@Q$CT?SnXcRLp{Y#gE
zBO(;THn4)#iK#~8qj4>2!-o$aLMaCX1w$n08=S`2&^EB*$)lsA)7HZV=W`QP;Mufc
zj7m4jW{6$#G8<>rLF7ytQ$G->$!V0G!~|%aEM&0mC*P(UO<gex41-Dl9~E(midz6)
z^Z_t1S9`|}d3A8|z%-acjf@%q6<OJJVb!)aHay(iyFD-({;`y+E;}8vP!D5cfw&Kk
z<^AKB)qVbLePiPSQd`kmP@xD1o%1U(1`!BI*}^lS`-*Q5Co1$b0M_>+A{IVq=w<G!
zuc{h`=LjuDtE6e9usN=^fHn#%T;rPtrbHu;NsJLZRTWsPPooNRv^df|Xn-L0?AZgM
z2kPbR+gqSg1aTzoQ&6x3;er<?qw1He#ikB54zjHfISDp8_x0=fA3xv=0tCl~OeYP{
z3u!Z+9Nt9a6HE(jT8ItMq|!mG#lFrB2}w!dlNt=AeQw=aql2-hLA>e^7=X=znii^K
zSiwOYAF}FOrz31Lq}sj~188NNaI2f;B2-Ym>&YVwNWF3z(vA$tjO8w?nx0d8Ki{;Y
zMu=zi`}c4<&H<w$qbM6%O*lM(x-g_(3Yq^kH3W2k!XSRnaU3CNF++6>85LM*DFhmT
z!vTyy8z%s_AY?s$<$b6!utq_=EFw>u$QeSQTJf#OQ!iqOMk&T&=K|-9e)|R+C9;DR
zvz;JOhu}4U`G_N8mf+k+AY3I8DFr4EXSi~t#94N__3PGU>?3;I;LLyxCGAEZ2u;G4
zw26`uNm(E~sHv!QbF2p-9XiyVf)t$*^wy=8=PzBn*oy!y(9ZB(zWTOIM_&QUB05-j
zAO``$xUMc2q+;2;C`ZOCF5zM36lgYOWcKXdjg*$>z-GX5a1QRKaR7Rbi-UuSZ};vV
zJUb{XXilk)OiDnQRpz_J$#L-LEs3k*LZO)89i{udG1wt@BvUOZfa7;905)xU28JEm
zwlzqtUwh2lJlSRp&x1p111o5>r3Dx?(esDe083}|S)><pORK>wq*f?Tyf-sEOG#0o
zIH9aOJ2O-J?j5?B=u)tHU~&p(WQ7~ePEB36x6e*X>j1Kg5H^KL5mr)yxqMy&Q9SWU
z-@oU>T&(<j?Oo~R29vmo6s$bklRi{^XK`Ijg*+t}G}QRFZ+v-n5IbNKj3re^ZgM>8
zHZ)Kk;?Bv;^rqa&M(5k{$;vqOJd9dUN8suZ^QnCgGmqmMz+;X9E-R2r#R`vKDJnCt
zLfk2kJ2*r<)~!7zCszTQF>ie0;8``bMv%o=F~36LkSZi<-cdF<wSg5>C*XI+&eu6P
zC*&m)u|HsT8>G;tsA)lAL6pP6QU2kB?YsMX$*CBJQkQOJ$909uXg~^eV$T4)4u@{H
zH$LP?My+`(2>p}BXCM{1^>|Jl-?)$wHvX>s8^N5I1J>ErmeIM{ZqP!eZrJovKW=XH
z4KQX8do$LxjdlX2A5~O%89_l2Yy={L-J_oVFrtK|eK2OVGp`(t%|<iqevQ+(EfC6#
z$BDXUao86(>UCsW>Lq1PTX6dkX~wMt?zbBSL)wX>!nV*9niVmzw(f2sC-m9S@bD6f
zRJ<}8^8lLD>z)QLJq=brm!ew>>FeQ7;QR<HcI)9{7ga=cf&F!Hc1GU=IgYR3V?ie+
zdr6|>Qz=rcG5NSr#sz~;q$$iza0$|QH!sA#*HT7G*gzP{>JHvs?8I03GY<s~;QD*<
zvlN5)%;Ayg*bR4bY(XtH%7)XT3h|lMx`_bz`Y#XlPbWTzjEdslx)Is7boj=$YyqK+
zp*rmdse!a|*z80{s#+RXR%A`tvpMgM@6*$S%eAKFzV7R4UyCqZmF@y37_eKRctBO3
z{OnNXHb%x8qx85vgCN6^+uc^=>I#7-)A1qaqM-{va0|23`O328;I8bP^0il$mi`SQ
zHXVfYpU3?kSP3neSxE8+)s3tkx~?a~BO=n;%_J<3;-Gv_?j?EReQ48$g9p=V!Y*^g
zoQA#)>lUOz%GsoV++)C*A`c<<HaB?>sp$>or?+(DRQ&xb%gf>S1p4w@CWK^A<yTfz
zpnS#`^5yeq<O(vOcbz9<Y-YB|IpvMjfZU;c@ZVtF3EOzo$|4rZx7L(yY?WX`hSzKF
z$2|<T0`Y4bmmu&|12p*Xfnb5bh$BS%#-J8vaTno?AQ~WnEGiU)B@{+bEQGxLO)l;b
z#lo`$7Zd&;mL4v8^}BbHixV=AFVCr|8JL^%s)$3J1>^}D6=ffq8c#%pqp80p4Af_$
zQI{4DQHvO(auOZ3W22e}tPj<oe>-z#8l@5@rIV49!#$6CDEuYz0>eIaK8rbo&Cfhp
zVuTFk6&MPl6A4^|;qpjl!M6!DLi<=FMwtKXukz7NQqeKy;^cI6ayq$kMokT=j3<<o
z9zm~k{`><3Tuv(sj9t|GasOa#{TQ`O(^~j4kuZVd_X1A~;?|j&n37jRQ64~I|5M0r
zKiKo-(e%2Z@7NKKvo&B5BS}$mzQ-L$78(}s=S<;eMj-^pRNbKKbc6is@KY2!Ma<5_
zS%O@~dFR5%k3S)V4^bDW%y7Ms5rH;{!k|aC#Pc!c&&c;nJ%1RN0Zle!s%M3LsSmSh
zwjSz0*7Ag5S!HFlI#3R0R2@3!)1alWW8r0Elh6#gyy?EnQ%yy7I@{*Wjb~SfparrB
z8pz^Ag)hKG?6*%3!a{i>U1QJ$(Kt3OAswyCmi^+9-sh?;w!?iUhH;0*_a{Bq@Q}A@
zwL8=bapKvtGhYU5Qm}g>@G~@YyNMze5!$wk9I$gG<mCLw6anC9YV9aHM1(p+{GCh(
znZN))D-X|$gan`MaY;!J;fAO^>!F+2720GfEGi0t)|?IR(eJs@r?|K3BKDB=Qom+I
z1P&L8j*gU?3+ft47>DU2k#U^MF+bA0N(FO;a7{$wx=v3jznyZ-Jco~?JGW>2H=w7C
z$a{MR8I}^T4??eoy6wxrz%VijUca`nXNnfRnmsVB3A_Tu))AdeLu{U9qd}pI{aou=
z4xPGW-_iY{xi#wTduEd=4Ou3VPlb3Hw4Jdj0)>ekI&_d|2*{}_Ae3hG5g!fXi9>vY
zmR9?oQju6jp<n|1iHW(SqOp!-fzz|h43pJWv~?y;3B^%Yf=Vqh{BWprRY~+<4IwLX
z+xdVty;f;bjTwnztp&4;84Sm>x2gy0uBOX~7g%0=S^r({kkS5J>9O3i)~z46j>FmM
zX20uTMa2rw-jF>+38YtX=fP&Y!fJqV&1$l7G3Boxp4^@D2dc5T)q}~)kBVrY#(EI?
zem4z#0_7bP-;Ov89qRN;7Je0MCTyFz^S4o(TO>uCNMN2&-00ixx^<&VzEL>+F1yF4
z9+o~H?qiI)kC!SqhOrljkh?j(OLvDRRle}Xo%dgwUIAvk$2C~IMl&)n%Kn(T`WEj}
zt83S;*qb9*$+s#=udc7BhlYu%D|6%PygUT>+xNP&1rh!~EQ~bYU*XwU<Bdo=wgq?h
zZ;Bh6X<O)Y|8JEv$+<87vubAGqvC#`6O10d0{C#Y13Lk7&-os<VR2;U9@9cU7!@%R
z7Z7V`0*Q50oxPP6_=B;VOsL5)kKt9SpspJ=Qx;>c$o~B&xl1c5IE95n__j#HS1cEX
z#D&=Ph~mci6RqliYXyl7@`ZsduxB=|eE;Lh1z9tVu7>Izb{7aBbR1fZi->u)X-5`j
zGUFKsPf7ap{=Pmiv4m*oTi5<mhp+Xx0mLEN0wSGLlgP$GX(1{)Xq^Kq78IJ=d`LD-
zg^GcOj)B1m+kcRPkn{Wm0<6$t#gWdZcVmk*#yBGw79sV>tHfTmffc02)bunA?O+z*
zn1H4Thpq<=tUqW&tIwu`h(f3@dO;~XMANUl+z{`Qk;)jn6_5<0s0Aa24sPBY$AYzv
z;uBAVO9|2J*YDq^IsUkG;a(!Lpat>XkW7i`=D-@>o}LI^dBA)XWg3<DCDcQ+qZgzV
zjvoh7C&w)c#mmHm80u%0aYk-cd0y|Ac<Ri%(FiQPd|4JnByf_=1%!cQDPdQJECibw
zHFY2|Yf!z80XEuvfT7oL6Qj@-np3!9X~a-o&_mW3@g02}sdSAC^$Yfug6^UpS`F;b
zT3DrHvr|$m5hjdP!ulDQ62jEE$;lruiNN!yavhs1Vup<2Fa_vCjlK3(4_?EArlSn#
zTn}{Wc0Wv6$1R2n3MIoMbUvC}TI{0F;gaKY`~)u;5<tZ8n{E5gozc*MWosOS0AU43
zxHU1=3pfs+e~UE4`iApG>T59m;RmFwi~TGs2`MS#`88f%WVen!dGP|5vKK`WKn>d6
z_E5AyZ(x4>csYVHp**g^0Tlb}8F+S_$VHQr-%!#}qG62(6C-2c&u@7!#iCu2-flMB
zTGBs>XqcN&#KVIJssfpKkPka1z?6Wp)(Zk=8X7cd5PgbQLRo8IWEA@NF`tt>>B3{8
zn9OrsS@!2IFDtW&b_NgvZwdsr5Px)c8@EhHF4Sq+MNqrN0VWMGY&}4pOpXj_v^DM8
zUR}f;=y4ZWWq>h=p+QF)4q559L{}*|*u)5T2AU~&M=<xmq*75;mH6rvVNFSXxA?0G
zjtR^F0Ek*4r&_GL?11#;zVc0u?l~W-toK7D+Xjrx73KUL-v;h(=;;v8e+D+Z*4FM^
zTT^Ui_)dfl8~|wF<3S`OBqnC=V`XRm44w}iB*b1Aa~U?CMX)dCld-r=pGMt>W*FxB
zh4SX1yM6O!Ax={KACT8Xp=|t~(O343L2B-B+rjhyt`adU3Lr|S+S*eR-%r4#fO%Sr
zC`wO;@?iUcU;s!R=nHXE;@5hP298nZ^NwK?LP>qn(HuRw9(-%rTE9(y@q7OKYG)=c
zU?YS{eA?W+OXK|f$OXeP*dmQ@7mbJ$Td)NJb99W6<z3H?9-Pj6fGM*;-0+7m<#goP
zV}h$C1{C`HZ?4rhHs<ngpSBLI=s6uDM=Oo^*vsQ{s;k9Fn&>^urPxJJuRw7zod{@&
zY$goV5PD!i02Bf~RXCxsieS4Lup?X^H4(x|Q>;9w`5}CPo(EtmKKOu%;n2FHBE;~M
zD-jnkF$VxTBV!u9#Izlg5OGbXkEh||fG33t5{X1mhoH7a7E<ja@#|$iv}x^st3|S`
z{#J{i_h4x+)ng8bO22a_tu&V3kbnahA-+RTupY%be|9bI8X4S6xs0&$4}|Gu)oy_n
z-1|l>F3oU;U3<_Qtg9MZ<42OhB9H%6QKD_p_*2IGhNB|@9v+G+YbC5v;Sv>@fWQRc
zEcR`iS$P?mQo>FJ;DyhE@)-^XTiv&?bwMDHjb37JFiqp^E}g3rJtceO18_hf`vzDI
z#T{@^q~){@+KT${j)n;f2_a&?s(%s%xR#;mq5F*^swfzU5`_gbU;c+BijMK0FHt@=
zEcOCj4C^G|(`lSL*XU=0)h=-!@d5DYeF8a2SZJ{S{CKI87t2MC8v~zVtdIc&!3gAN
z@zrCY?KeDO_{haZheeOXbRq@|5FD(hiM{N%$UdYhjE|2)C5&()5M$7@125wOsxH`K
zeO9Xn;77ESpcMpVgLcT!I*y@I&?7eHCr<d98DV>)@@{&*j+ZwX8{pe#^)LG&W5pt;
zq@qIfQ6#MYItWAO8#_BRq@3q|8OH(SmC)8eASo;;xKrqgD(WkIooZ_LM(u{Jp*Nnq
zESvHn{$)BUCA2K#T=(tWi#9AfC#Q0R5N1i$R8^S_)kimG;&4gH4>@_zrZ>P6_3R1<
z?lxqP!<WVvb_mrD2rhg$-J+W=V7@?ZV3;6^5XdOCGp+=oj!aG_&Ma3rM(q4BN2ndr
zuw>^vLp$9Ms0X3Fg`9KlYb!qohas*PMVrUni=|$ex`n0Tg^}mO!|*zZBRK?vau#gs
z#e0(j%=5e@5L3;wJ#gni&O?W^G&HiOE>IQQFl9345@V>GcY>MtPM8I&2B(PRc+7=j
zV0egac=$O0MElxKmkk~Y>>~*bu}PpdQA|o1l=<K;hR<)|nrtWE$%P9w_QSRw($TUO
z7sQL+2AdyuC~JDBc*FYKxw9!0fkQ9H>|TPrK%2F;dN>WN0g(SWUm%C%t7oBU@-no0
ziCZ0oNXkr*y)3$soqMJ<_2gGIue7|1V5))BA0|;0sO9m-w_dfd;DfGlSkvvZtqj2!
zqunW8QIRPmj2+K5BU3Lt{n^WNC)L$yZLeVbR&uaYf#tEzAVEilJMS;uyEnDXI`V$I
zI54e*_<GHq0{TZg_ll>?*kYeUOlH@I55oNXDmaG9%j5FCQWTsfUJ`*!C9>PUs43K-
z?2x*tHj&ySWEa1rbIN7OcNEo$^YP|2J!9~w+FZY0U0bV@Zsebye$aivibQ`M%9rr>
z?}yix1ZDJFFK>@$8zGsPMXU+LXn4%p94C2Vi6=(Uy-@aHTTu(q4DnxBwM@84QvRwz
zeibCQb_#aZY~>$VgZiS&6lpW3ZB7ab53dT6?l%40{$(TYO6H}kr~8{<YH`@to|@!C
z;Ic!!Alwpl_teC#(KDGgtXZu){-Fl>%MTlGbiY2&gQ8=Zd+WO&46KTZVzww+9M<C#
zpg#HJ?p>H((56XxsOp@$#zWS(_{#}XA{izn_U?lv`RMve(@@{&i-YYM;-lew?<Y@G
zx%{8@&OEHgeEs8Q<BQOcrBWtYLLpHUNuq^RGnTZ@P?l0?pR}0qH6c{AP?BgP6_u}1
z$P5Wdi?mJ|gHe&ClCso!JvnpEZ_YLIyXKnfcm4i4{l}Q<dA`r{x$pbE-80tA-O_#%
z*vi^EH+j;BZpTlaWIW9evAg_Ozwn#03zfE&c@7vrO>KEFa;9Et>x<UO>ztej9E1gJ
zPA|H4ZL0d$FCVXjfx)_%YZHX!W{-l-^7->ummHag9us({(aoZnY+TgTEsubV%^BEZ
zo~%HH5}dzl_wMi{RA5gL$T#U*Trj7x16ybK2QEM+L1EArQERF2=_x6pMH2?^v{bDC
zo7s|{SrVLG>jv~(;B+5TGF_E(%w(B<iHWE(S40zOM{3Nd**<zJAP3Ih=|e)hp$OIG
zhKMdY2Cv*7FhMf`J+26}SCN&IGtqcIP%XL*23Av{F?Vjai^9@|#iP!L`N0GL7|`c?
z=`6>^W2S`R8LOmi>Q-|Va0X7Q77kRBI9}5m^!fN>mXvs<Wqa+Bo8d&K(ekL9{zuRV
ze)nd92y3hhS1u4VZi+YU=pOzSL1X?MZc}&x+i_x~-Fqg-96V^;UnV%8`AI+iIc+K&
z6couOcX#Iv8^(yifB2<t4Eugv>FC$TDbv@J2FXrKsB<+R9cI)WVH#f>@h(qr^IDZ-
zULs3$QB>N=ll3>|ZC}x_O<ia5<XgqX#f62=xH`+Oa1I`biJ{@79F@wz+MqIbcXyv0
z#jc$ppMLtoLpMqd<d8@SfEaFi_)Y_EPsolPB?xXRE2CQby~Iti*~_b*sOgY`+oh#1
zT3Z(x8Ff&R;FpRI&0?@(&Yeoz4AG`AbCa-SzVPAeH*W%;|Inw+%?n`)`y&oJvMR*u
z@pHf=f*88MDK2-fU^b{7e6jOa`FQgYBSsM1YV;~tT97Ew0J+aR!~w?V6fM1v3*d)5
zdQ@<46Z9M{f2~&~CI8prxG8V$Ufi$Ur%xaEb2d1<5O@d!!R325>5DFcF;#FXl%?Sv
z_;pWSs}{WQe9`GMXJ$;BhN7NH53?TS4nk*~nAL`a+N`GeM+5M)+c|ijLH+v+Ng268
zshAZnUnT~c@8;{{Gjg`iskPn%WKJB5oL@<;vAV`~9<6E9juwig$>z;DNtbS&MCoB0
z4~P!@2%Q?G+l$R;IZhO{%ufc&P2Z8k?_BMH?U(+277Oi4j-vHh@4xO{?)?Kl#56gp
z=Tb6sbWmB;vM^CeDgOBJomZ17yKg!=1YgkfRi$A^1<f-tX#AU=L?E_b?2y)v=>XOQ
zkj!7T8OsDvGGseFc^2kw_@@;W>}vZGd^&T2htxTyf8-yZNk8{FpGVxa83^Otz%HsE
zX*vg?!$1FAU$j!P;h?1|;dncD?Gkda$%ZL+RRFrCS)Da<2`NxEHa`*Z$-zVJ)OS*{
zWfJj}ytm|k_`m@$!+PY2lsIe1Jf&>WjuCt4#E0J#Rn7Ee#@Y>HyY=++YHe%bsG#AH
zBP+#JS;P_y8AysGBRBWZY5jWgpGgSs=6e!E1Ru-o$5P5TCL~wN2R3iK@-M;&uOjI_
zC~oY}`>4kh4IDIRy!Z*qDjZ?q;lh~1o(j%9CIu8(&5G#)HjF_6W{p0Dc>!o<POkG2
z^Paj+!y<3LYv;~J{Z6V39duck+BbTqEWXS3gspN7WDHwG(^I0Q;xN!^5I2dquV%LE
zw7q=UR|%08PERfvXE32M;!scug6?kLL<Yz;@JkTuYe|uVGG-D2=eLgNq_G3atEsML
z5|4<A8Z@#a?)r10SQ%5q(!+wsZpnO$cE0r9gbA#l6$#iozhmQqyvWGqq{DC(jR(%L
zm}b|mqw(Y~h0z&dlq+SG!bdeOkM)KCEsq0m?Nh+B5g8qQf=#oMkD*23ZfJmn$8iun
z)f^fFPHnCiD%gl_#mr1=#*D<|M|}9qB$enKYZUD!M+qUgmoDkinyp`D=*g{)!+sA<
z$?mo&=nklM#zY(<wlqsnsgw+EMfa<~ZnDQu(<74Gl*hVPPaanyolqD`!E*2=C4~un
z2$q$9PLZV<m)_5J*A>Z64o5+{Zy&v_w&RU(PP(?Lu1mFLu7&Zb0vKGG1a^doU~}$R
zqm36+PMna~re<VJiM7~_t)Q%|yQ}5fvuCwp??y*OdAI&*8jWkvb@l4ou3A;GxdY}T
zXVAhI6!7eX6+Yx@*^gQh{3{#;bV2kFY@&;X&0(fq{XE6um`I6#k=8q)u{wLYHCxZ7
z`_oC&@bZ;5x($Ka_}E!Os%vR|ob-=tvKl|Wz<H*=`fB!xi0J4V25A8}{^b|K6o#yK
z)IRZ1^9*iZ_@P6ydD)hjgnB;xX%=0a?-$D{Z2~^>?oGBUKe24U8LYy^@H9}ZW#M}z
zMuoWlj}YV;bUD73bP%S8vEs!Crm`N2x8zQFxx?DE-r48Q^2&E{#*({;nr{OOO(EAo
zu!>`KDkoakZmCKeIJ|C3O&Ps~qqSU{aqQVc6s5u`rLsp{Y|ptZXdbH_m=?hYC3n%U
z7i&o$WJ;~yCe^RsM8C%1DHj`PY;V^%8ur8gIJGi%^XsKIsYrxCF@PiK=L<U*ear@E
zao{`;$(Ux#3DrZahXvoUINjD|Zq29K<Ig`>*5CUEG^o0|g=Qv};LxHqc?641|FQH6
z=uFv`M;=v&ZW$A7FQ?<Rfur2f5w2<f)x5n;Yz&_Y7GxTuNpgdi-M6aTH?Fi~p4(|l
zKbjAo@awp}REG&-TIMEDxdy-BW;?BtPv`23_B<WD^TAa%ys?7C?woBtZp>4-x(d1D
zytofu_;9YLWuD1-R@J`gJ(=}-8IWal=cSVI*Q?#M@kT{<?t9`eeIlcKb~Zp&J8F9i
zt(0TOp!~?zR4ZC(W20I;e|kwOT%E%3;mk8y#7=X>!Jpr`dpEA&e*V>~3_^{}tMK^3
z9teheZx{S3K8zT|G_9L4L}%vA@A10B(SZ?i+y?_U3>Z)+aj{Mf!QUvLb(g;R2p5*M
zpWo~`&G?O|<L@{4z`ddvc$V-Xhn%9KB6pljI>#Pt)1T8YcdW{!Npt-=%(eR&>O_wU
z=!oa%&`$sqa`*NJ79dZ-GRDfQT=TWsYlDi`1Ojq#FLgYd%30Pp<;~mcwK&iz2u+V3
zVY_WZHpYs!_cLec;qjcn*>Y74JN`9wvg!7<5FFdrq$J2wAbNn{M$5LzoEs{PoKs5g
zon_1ck>aeN1n{6n>3*ZH0gX~P%*gOrjWA4gzo3BwtL=nf!<fq<zU1Jv?E$-7qxLC$
z6I7pMmjC3+6$6qI8{<Ibc=mY`L1Y>GF_s-YRuGQ#Vti$VOwscj8`6MM-?|zu?A1%o
z$=G1tQt<5Kbbs7^M9qAEc8O}mt{-b1&YT5d4kwOM8VmvI4XFxpi2HOa58a^14c4l9
ze;!1)!UdtbSbrfL3#jB{{cD7YlMVk)xadJ-hbqi+b3isoJ>#9A7h_>!Kw6zmu9upE
zrca&r?Z;0z;FyjHgTDz{2$r6)Wo+pMR+dKY-!I^jx^XOTJIgr?@ds!NbPIb;?o}Bx
zt5<T}1*R!_&ed0UBRi@9z1p&Vpue$z{>G}W?rq<D&XmB!n>QEh#-V*`AgHINs)`gB
z;}r`G46Y4Rd1G(}2<1;k){igbk5gNzZM^_xo9C9f<}>5XRl=;7-<s0mVEw7$i|owL
z4<CwHc4yL$$~n%tu_$EtD1BSq9=w9uWP10?ZjZ7LsAdbXEluWSp>nm*l4*B_&#qC6
z&&hdB#mk%kZ;w2JE7+KswnS1j>$If}ITmWx&nCk-@P0T&fMZMw?8`Yo!OT|SjYoy<
znm)SC1Pz#7DyR`dL9+7)`zi;x&~{U=`yJFuPdrZPNmVY;(Q$5aV&ola5hQ6a2sxXj
zX2PqXy)0J^#gFm+aTIyn#&eaG=fCb1!S5um+ppTSZ<(Qa0zaie+^$u*T|3KCwfd`&
z`Y-=a<%U7^8?S{b@q&}n=)gq*iZ<vh+gdtWSs8o?47l>-%KJ~A+&sc&q7n1ZEhc5T
z=jd%3)BOFRynGnMso%!OQ}6ntoGfu!x^(GC1%<|u0ll`mCWjs%@2qWSs<ZvOGXx84
zRV+>J3Fm72>UX>v1MZrnj&o$P{>InMX^p;qxJLM24%MHXx?){thC<d*+jy_KiRYYM
zcX?NT)a#PY9@*9R10#QqeF?LczIx$JVe`@NB#!U@V1Dh*Rl3w1z2|IhxOG=#@%fK}
zUFXsyl`(5jQod50-4@%NUm;gzEQ!vkk(%d~qqo&w2ovxb%M?Ag-*#QQti@6Tbc&OT
zzAE<Eyw}WR;mz;r+4l{3K6I|{fQ<fXed^`5OPN&8n7)qujQ#FE_e#4}P@GGV+(|z_
zb0#VQW#!9P9^A=T3wgI=@7||YpD<Gu?t8%kQr0~W)(4<LDR%qJw0ZHY8o-I&dywME
z#6*rz&xbdL>hCZbV@0SH^vZ@MVMbS0oo2qNcaPX^mrxh!&Qgcv^1RlBnAp^M@Ls5y
zN*@2bX(sI;Nn1x!QJd8_ZKGKLCbzPZm;|;pSmf4yiJLGupGG)uO1Kn!kSs0%R(~co
zLMpjDJ{T9*Eg3k`BWX~*k#4}-?`d1??Cf$CQrRMs914hp(I9;p>I!N=-|cA5euVqj
zng0u2d$=?hE>mRA@^LClSbdh2)ym#zPH8Jk%WIEXZEbAu&jBuTs-U-Z)BqTJ1}kv&
zs?P_y9#x#mOeFDAfLYMuIg3Tr5*K+}O%09x!&I8JaclSjwi5XReaynfnk|1k#fEz6
zX4-~&;D#>r+Wr4S*ZFs5oM#ZDXdyg6!oey`XrLLd=XN5*BSc~3zyfM+SI{}XP9d^|
zplwhG(mG8=*NcigH*aR-y}xNDkUUcCv101^tr)G4%l8;q>0aln8$MN7_V*@B`!D_u
zD_0{xwp$2X)%I+nKR`FZgEUZKqV>;5=51T29aR`%3X1$RMLv8#zAQBpv<ekL6?r;)
zWzQeKI4lcY3ePc^E9IVGEGo`A8xqPdBK!jo-UQhhokh}sFi2~<w1DCE?5M(8Gg@3S
zE`T9}$OTSckle^f33r6yT6JY+f<&^s>xR*oeav~yck{Ygbeq(z!9*FzPAY+-95?P)
zhW~M5Rf5!t)*uyx@N#1c<vpTn`S2ThQe8DQ7sg}eGI8j?MS=H;EX;e|l*+PMl_$~{
z-T#bmd%~lye~met6kOyIa6yXF(gap7V>qQQKdsCr{FQIQkG*p9rYa$w)S+bWfifw=
z98b(n;Qd9mxf7DmGi=ykg9g1@M)a|~qmlIrSJ$WQQ3Sx1TWE>=#pWvE*VHCG8vb==
znkdA_YUKp8TQ^QL4ZZhi-5J}R2AKixd=Z%LG-!F->8=?g&_ZEG$WmB8wEjEzHzc^^
z;nBYei;U?r@#~92v5;}+2$9$g8aFzOO$9D@FUCq<(sme+4x8=&I$ZkmrAx=uEvFd4
zoW{)!tpDjJRqG&b{WZm}s0whRC29htG#fKaJri5wjCVNMS^P^S6)8cq2~?;^i90=b
z=NQ6(n8Oki31}k;haQYC*dkmq3vPY%VGDaK79imQaea3Kc@yeGNPgBdjM8OP2$e`{
zFC~npq}};wD)|ZPS_yxvKYuRym6S|sUE~*NL`6h0t+tES_B`<<S)@e7)Um>1`=ho&
zAt50fmM{lG-a^L^W}+CPwXk=y7B3}P2i=Ka86IeMhWJ-2s-m{T;5|AF;$KKkcX<W!
zcF<Kp#-OWYT$mAtXIhlkHJ)COJ+ucXXA$<Bnhv<I4#~8HOnO<eCK3*ExqX#{zDc}W
zZpJR@qw(>j?U7mJ@l2N=5LXV_!AQhc!+<d>=>%aKgfGIE5S#^#3Q);ipik|c&l>_2
zoSd4vXyaZ%h6vV@7uYk%!5t;YC+;`-59Qy4{E>Oy7Jsb#W0Oq!GKu8XDQkbzp7E?C
zG70jhw(N*m)A@%4A=?H_-~g{144QhheQ<1E#SH+t#Mp&KM%Nr=%X-Vo$SmzB`?u<E
zuMA2@LG`EdU}eVPeZNs`Ge-_o(C=tU%|N3=2|>}eP7&1~Pkfo<{~WZG7w-N{oSmb*
zV0EjIvk{PBpVvL>XOwgRL3F%C9|Jis3jwd-zG5`cj3E+cj(RutzlM~6RH^6V$o$rH
z{mDok65=XaMVe!(iBX=-amih`)Qvxsm-D(0mywZ@*IfKhI_>ze$kh%GW7hViM`zM2
zd$`=0Xe3hbXj<)4mxH4a%1RD4?*=V%;w<KjhhOjL?Hi#xRM2to(Gn82pc_A93(YqV
z62mdj1#LViG|FV`1sa-~0hc>3b9#wGnP2V+>i|HrO-+j!bsLtQImryo2Pv#1LFX+F
zg*Z#IIx`W5vFOC0?t6bmmxUfqWpw$AjG3H)BN~{Z1M2fNQ4g^jr{NDdvkPZU4ZS(D
zYOPSLEnKjGG&EvlDz02{0F(zW;|>9fWY#7Yg6b9Q|MbH0I5~N<#f#h8+atS<CnP+$
ze}Dgh1MKrjAbyZX2MMxCCA7A;n~Q0wRL0G5$r9`G+qZSx9$e!wW`sk&#yx|Xs(bn?
zw-|6Ap+bjWm*FV?Y$~AZ@xjvie{HU~80D3h^f$D62_K2Yp*>ufV_Zrk+EG68KXMm+
zCLS|(tnngtKt%;ea((AEX!>s$Xf>V}lKWYI{*Y^BSy>ANH1dQShbY)CPENj)B7BF#
zq(g?MEJJpg_I9jz`}WdVx{L`t)*iZYZD0S#K#*QE?~7|y-$y19FqgJh(mu((qWq52
zdM89~E~PsaH?FnLV6-`2r=BiBbthvV>s`6^gO6&KTn}sA6R;E_nm30hu(hQHw2vMt
zCwFg&{Fz!eUo}WE%FN;PPdvhK&KND~da?i8kl3WtI?d0VnjV`utPRP2FiDWo**iES
z#Kc%rXaq5MY^-cKn-i32f{Q)8;Dz=kC`7fMo!MhPGDC~Pd5$~@2B??+e*IMv#D(M2
z(>r>)c-Qhj@8W$XV5mR;*lx?fnmtFYcO5sLQukN7`0#d*p|tP5BQ$#aL+`yrm!0nx
zcQuyF{^m<M66JH@z#RXHb_wi_E76#$IgmD9>UWdGfB*2`8}i?WLQt;$Z_mLy-yGzq
zC9&w%&}!Yjea1%_S=<}4Y!U;z$T_6rZZ4Jcj43H8(dwMZ8>tt^zjH?_c{n{kX5XG_
z{sHimcgXVOTH#gIyUQ?8aeJAMvJjj@dt84?`X^x%@t3{-U?Bge0a5rb9U(M_vLi;c
zd8p;2(;?>WqWN*=h)OTZ=`WlF(g;a}t<Lz7&`J3~ox#|Fawj??JHfk3I-jXXT}x}q
zq)EgN?R`=J&$xHgT*VP1EGw>Br}$Cu4GgZZQ*J7y32hYlJ4a8Sw#f0q#fCuz4zDa6
z8fhPij4M_w`hpT^XQyb(M!^Ou)$~<Y*aR4i)#5FEoH!H?^?A)TdN;D8*!!1~;?qBO
zr*N;u7v~g_@&hnELSxP1O`D$6*>!-rnN%)eizm1y)Qvb4Ob<px)$){HP6aTSq2YL<
zS17x5pf@&oc?I;3=w|yFHYBYLRpv{V%AgA6j?>SZR4TroCzO=tMI+M%-m<z-Z=gDC
zh(4=#Su^$XqetFsb_;y>*q*w@;9sV(mAxSv)96*|f2_a$qs}srl!m4z%^5Rdp{0>Q
zaxH!@e%U_V+!QyJsi_O=(uAPa7e35N<O#3LbTDQNi<`4$p{TD&#4?F$kYiwB<uD^Y
z-*!#sE(jLBJztOv()u(^t5&Vza^EqNp!Gz!#VUz08XE4*UxIK$Tf6NG)Lt|jX!@=r
zrgT_T3wy(GiE%}wggvktD;?cK;{2y@LBfnt`%~_6K}NCFfO=F=Fnsv%ZhS}3W}vE+
zT8}%3JV_}cr2ywS?O!%BOmIu4sJ5(P-D4Rt>_F>cFNd*4mgPw%AEV$4ZVz`o`6PXG
z$?!Aua8}W);K$jZ6%{ga*0j}ErFdGHegHQ~7KwKK>MM09LNdjfZ-7KguF$x1+jftd
zYiAV>K1WDg!@&>KTtFl|B4|wSl6$-Tsg?BzL6I(uo!zgxyYBMaX`;R1RU#UkwStko
z)3{;qyP?u8_%Quhhm7Y6-v898P`lmW@yAhQqBl)?c*^o*<22lECmNywOm`Hm;VLAl
z7#sthRH;LQ>F)>%GW7F1Phvy*JKkN4o3B`2V*CZ>^Ti@rGMWu*;Wl);%7A4OwqE%9
z6PvXFUu2>U?YEuhTpTK_BxC5_wP%ll#+u!6aief10guv{S*l{ujAr(O!r@Jm9Wvzd
zy-ksmZGAzTd}U3Z^$QuH{)<b6AJRU$JqYfy!iUgpT%th93yhDG)6ui{gekJT+ye<R
z+0-Q)XnB!raXXXd#VUeN^I-`tl83nY^AJUNbn;Bi(b3%dn4{q{!QQ2(*UPpGmJ$r1
zH}*vlC<z9ddOmkHn_cANhHEC5@l$;~o1jVEFUU}1`2^&T{h*3N#gB&QV`rIQ3cIq&
z+dGicBTU(lNO1($!q=!#8yy|*I2{RKgBA3IM~FxXHjRPd!*BGW@6q-{oYEO@+#IC6
zt>;(5I%=Q2&VqnI?r2;6mS>%>Uq^<ABP@X0=0O3nir!QFXbP^^!iV5y!p3DbXp9!)
zCRtSY)oDw7Y?))R2XEJHIC<<?7E>@<Vn9O_GVPp2Xk!j)x<vDAAw~4%*A=k!Lj>({
zsyV%s^2YJIZQHiCVw!M7miU<npJplEV>oD36Pw-LkHt-7i_p81%(}MUv;G2v(w5+}
zD7zQlIz1o$i?%kh*;%4k_g<$<*5HNn=ZQ@iH!L{ugBaZuQxSyd7%_yu@v>!ttcrCH
z8a#=C@1|(STE}xt+;47Hkdbj%zg`wOCJQjYr<B#y_7trtyt-PuH)QGPH`VjD_3lwZ
z16+%gki)Lz2SPa;B7xahKbsXCC<xa};al_!S5muCS7#gD!Nw95SF@G+@g>OMHVZb6
zv+MD^cue#he#%mnYXw$3?Egs>u$kjpA1H$-^%txUS7w1+EHyMtuIpTvk(!fZ#o&RN
zrYQJm!?U&Contis>UlbaS8{82sL>dh_&K)0>GIPYjJ${D-`kXvn&K)xEkxb^=8OOH
zf;IawIxne9_h0zt^qWIsQ?Datd|Fm!EAE+|srjTa!?#!cHfml;ZRx8c_W~$hy?*bB
z|D8epFaAM=G2^9&0^jS121g$BpozeV!#exsOyh4$E^;CX5@h~n4Y6yS*>BKJrw}O9
qXa$CSshfSUn9$<L`ho`T?&ENHTT4!6j$pO#WxQaCLAw5z-~I!V{a9-N

literal 0
HcmV?d00001


From bca66b2358d25815078a7f6c5f092ea51c8c7ac9 Mon Sep 17 00:00:00 2001
From: spbsoluble <1661003+spbsoluble@users.noreply.github.com>
Date: Thu, 22 May 2025 19:22:14 -0700
Subject: [PATCH 12/18] chore(docs): Add `extension mechanics` and `notes`
 sections

---
 README.md           | 41 +++++++++++++++++++++++++++++++++++++++++
 docsource/akamai.md | 45 ++++++++++++++++++++++++++++++++++++++++++++-
 2 files changed, 85 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 297fa9d..3661d60 100644
--- a/README.md
+++ b/README.md
@@ -78,7 +78,21 @@ To use the Akamai Certificate Provisioning System (CPS) Universal Orchestrator e
 
 
 
+> :warning:
+> If creating the Certificate Store Type manually, be aware that you will need to save the store-type configuration without entering the custom fields and entry parameters. This is due to a UI limitation. After saving the store type, you will need to run [this SQL script](akamai-cps-orchestrator/jobproperties.sql) on the Keyfactor database to generate all the fields and parameters needed for Akamai CPS.
 
+#### Notes:
+> :note:
+> To set the `default` values for the Entry Parameters, you will need to re-open the Certificate Store Type configuration after saving and running [this SQL script](akamai-cps-orchestrator/jobproperties.sql). This is due to a UI limitation.
+
+> :note:
+> The `Contract ID` should be set to the default contract to be used for new Enrollments. 
+ 
+> :note:
+> All address information should be filled out with default expected values, as they are required fields for **each** enrollment created and should not be entered manually unless they need to be overwritten for a specific Enrollment in Akamai.
+
+> :note: 
+> The Tech contact information should be your Akamai company contact. It must be an Akamai email address (`<contact>@akamai.com`). The contact's organization name must be set to `Akamai`.
 
 
 #### Supported Operations
@@ -348,6 +362,33 @@ Please refer to the **Universal Orchestrator (remote)** usage section ([PAM prov
 > The content in this section can be supplemented by the [official Command documentation](https://software.keyfactor.com/Core-OnPrem/Current/Content/ReferenceGuide/Certificate%20Stores.htm?Highlight=certificate%20store).
 
 
+### Extension Mechanics
+
+Adding new certificates to Akamai requires generating a key in Akamai CPS via the Reenrollment process in Keyfactor. 
+To start this process, go to the Certificate Store that the certificate should be added to. Select the certificate 
+store, and click the `Reenrollment` button to bring up the reenrollment dialog.
+
+Change any `default` values as needed, and enter an `Enrollment ID` if an existing enrollment needs to be updated instead 
+of creating a new Enrollment. This is different from the `Slot ID` - the `Enrollment ID` is found by clicking on an 
+Active certificate in Akamai CPS, and looking at the `ID` value. The SAN entry needs to be filled out with the DNS value 
+you are using for the certificate's CN. If there are multiple DNS SANs, they should be separated with an ampersand (`&`). 
+Example: `www.example01.com&www.example02.com`
+
+#### Configure Renewal of Certificates using a Workflow
+Akamai does not support traditional certificate Renewal or one-click Renewal done in the Keyfactor Command platform. 
+The Renewal process creates Certificates with outside keys which are not allowed to be imported into Akamai CPS. As a 
+result, the Reenrollment Job must be used in order to renew existing certificates that reside on the Akamai system. 
+Reenrollment is required as opposed to the Renewal process as it allows Akamai to generate the keys on their platform, 
+which are used to create a certificate in Keyfactor.
+Renewing existing certificates in Akamai means running a Reenrollment Job with the same `Enrollment ID` that was used 
+for an existing Certificate Enrollment. This can be done manually through the Reenrollment prompt, but an automated 
+process can also be configured using a Keyfactor Workflow. The Workflow should be configured to target a Keyfactor 
+Collection of certificates that includes the Akamai certificates that need to be renewed. This can be done with a query 
+targeting the `CertStoreFQDN` containing `Akamai` and can be further restricted with the `CertStorePath` being equal to 
+`Production` or `Staging`. A sample workflow for ODKG / Reenrollment scheduling for renewals can be viewed in the 
+[kf-workflow-samples repo](https://github.com/Keyfactor/kf-workflow-samples). When running the sample workflow, it will 
+assume that all certs passed to the script should schedule a Reenrollment job with their existing parameters in Akamai.
+
 
 
 </details>
diff --git a/docsource/akamai.md b/docsource/akamai.md
index 0aa5d83..45e9908 100644
--- a/docsource/akamai.md
+++ b/docsource/akamai.md
@@ -1 +1,44 @@
-## Overview
\ No newline at end of file
+## Overview
+
+> :warning:
+> If creating the Certificate Store Type manually, be aware that you will need to save the store-type configuration without entering the custom fields and entry parameters. This is due to a UI limitation. After saving the store type, you will need to run [this SQL script](akamai-cps-orchestrator/jobproperties.sql) on the Keyfactor database to generate all the fields and parameters needed for Akamai CPS.
+
+### Notes:
+> :note:
+> To set the `default` values for the Entry Parameters, you will need to re-open the Certificate Store Type configuration after saving and running [this SQL script](akamai-cps-orchestrator/jobproperties.sql). This is due to a UI limitation.
+
+> :note:
+> The `Contract ID` should be set to the default contract to be used for new Enrollments. 
+ 
+> :note:
+> All address information should be filled out with default expected values, as they are required fields for **each** enrollment created and should not be entered manually unless they need to be overwritten for a specific Enrollment in Akamai.
+
+> :note: 
+> The Tech contact information should be your Akamai company contact. It must be an Akamai email address (`<contact>@akamai.com`). The contact's organization name must be set to `Akamai`.
+
+## Extension Mechanics
+
+Adding new certificates to Akamai requires generating a key in Akamai CPS via the Reenrollment process in Keyfactor. 
+To start this process, go to the Certificate Store that the certificate should be added to. Select the certificate 
+store, and click the `Reenrollment` button to bring up the reenrollment dialog.
+
+Change any `default` values as needed, and enter an `Enrollment ID` if an existing enrollment needs to be updated instead 
+of creating a new Enrollment. This is different from the `Slot ID` - the `Enrollment ID` is found by clicking on an 
+Active certificate in Akamai CPS, and looking at the `ID` value. The SAN entry needs to be filled out with the DNS value 
+you are using for the certificate's CN. If there are multiple DNS SANs, they should be separated with an ampersand (`&`). 
+Example: `www.example01.com&www.example02.com`
+
+### Configure Renewal of Certificates using a Workflow
+Akamai does not support traditional certificate Renewal or one-click Renewal done in the Keyfactor Command platform. 
+The Renewal process creates Certificates with outside keys which are not allowed to be imported into Akamai CPS. As a 
+result, the Reenrollment Job must be used in order to renew existing certificates that reside on the Akamai system. 
+Reenrollment is required as opposed to the Renewal process as it allows Akamai to generate the keys on their platform, 
+which are used to create a certificate in Keyfactor.
+Renewing existing certificates in Akamai means running a Reenrollment Job with the same `Enrollment ID` that was used 
+for an existing Certificate Enrollment. This can be done manually through the Reenrollment prompt, but an automated 
+process can also be configured using a Keyfactor Workflow. The Workflow should be configured to target a Keyfactor 
+Collection of certificates that includes the Akamai certificates that need to be renewed. This can be done with a query 
+targeting the `CertStoreFQDN` containing `Akamai` and can be further restricted with the `CertStorePath` being equal to 
+`Production` or `Staging`. A sample workflow for ODKG / Reenrollment scheduling for renewals can be viewed in the 
+[kf-workflow-samples repo](https://github.com/Keyfactor/kf-workflow-samples). When running the sample workflow, it will 
+assume that all certs passed to the script should schedule a Reenrollment job with their existing parameters in Akamai.
\ No newline at end of file

From cdd038a5f900640f6b032db11b57d619cb002ba1 Mon Sep 17 00:00:00 2001
From: spbsoluble <1661003+spbsoluble@users.noreply.github.com>
Date: Thu, 22 May 2025 19:28:48 -0700
Subject: [PATCH 13/18] chore(docs): Note styling

---
 README.md           | 12 ++++++------
 docsource/akamai.md | 12 ++++++------
 2 files changed, 12 insertions(+), 12 deletions(-)

diff --git a/README.md b/README.md
index 3661d60..e16500a 100644
--- a/README.md
+++ b/README.md
@@ -78,20 +78,20 @@ To use the Akamai Certificate Provisioning System (CPS) Universal Orchestrator e
 
 
 
-> :warning:
+#### Notes:
+> [!WARNING]
 > If creating the Certificate Store Type manually, be aware that you will need to save the store-type configuration without entering the custom fields and entry parameters. This is due to a UI limitation. After saving the store type, you will need to run [this SQL script](akamai-cps-orchestrator/jobproperties.sql) on the Keyfactor database to generate all the fields and parameters needed for Akamai CPS.
 
-#### Notes:
-> :note:
+> [!IMPORTANT]
 > To set the `default` values for the Entry Parameters, you will need to re-open the Certificate Store Type configuration after saving and running [this SQL script](akamai-cps-orchestrator/jobproperties.sql). This is due to a UI limitation.
 
-> :note:
+> [!IMPORTANT]
 > The `Contract ID` should be set to the default contract to be used for new Enrollments. 
  
-> :note:
+> [!IMPORTANT]
 > All address information should be filled out with default expected values, as they are required fields for **each** enrollment created and should not be entered manually unless they need to be overwritten for a specific Enrollment in Akamai.
 
-> :note: 
+> [!IMPORTANT]
 > The Tech contact information should be your Akamai company contact. It must be an Akamai email address (`<contact>@akamai.com`). The contact's organization name must be set to `Akamai`.
 
 
diff --git a/docsource/akamai.md b/docsource/akamai.md
index 45e9908..b4db9df 100644
--- a/docsource/akamai.md
+++ b/docsource/akamai.md
@@ -1,19 +1,19 @@
 ## Overview
 
-> :warning:
+### Notes:
+> [!WARNING]
 > If creating the Certificate Store Type manually, be aware that you will need to save the store-type configuration without entering the custom fields and entry parameters. This is due to a UI limitation. After saving the store type, you will need to run [this SQL script](akamai-cps-orchestrator/jobproperties.sql) on the Keyfactor database to generate all the fields and parameters needed for Akamai CPS.
 
-### Notes:
-> :note:
+> [!IMPORTANT]
 > To set the `default` values for the Entry Parameters, you will need to re-open the Certificate Store Type configuration after saving and running [this SQL script](akamai-cps-orchestrator/jobproperties.sql). This is due to a UI limitation.
 
-> :note:
+> [!IMPORTANT]
 > The `Contract ID` should be set to the default contract to be used for new Enrollments. 
  
-> :note:
+> [!IMPORTANT]
 > All address information should be filled out with default expected values, as they are required fields for **each** enrollment created and should not be entered manually unless they need to be overwritten for a specific Enrollment in Akamai.
 
-> :note: 
+> [!IMPORTANT]
 > The Tech contact information should be your Akamai company contact. It must be an Akamai email address (`<contact>@akamai.com`). The contact's organization name must be set to `Akamai`.
 
 ## Extension Mechanics

From 580721e81b736dfe6add4c6dd619fd8674bb31ad Mon Sep 17 00:00:00 2001
From: spbsoluble <1661003+spbsoluble@users.noreply.github.com>
Date: Thu, 22 May 2025 19:30:27 -0700
Subject: [PATCH 14/18] chore(docs): Remove `notes` header

---
 docsource/akamai.md | 1 -
 1 file changed, 1 deletion(-)

diff --git a/docsource/akamai.md b/docsource/akamai.md
index b4db9df..98ce7e9 100644
--- a/docsource/akamai.md
+++ b/docsource/akamai.md
@@ -1,6 +1,5 @@
 ## Overview
 
-### Notes:
 > [!WARNING]
 > If creating the Certificate Store Type manually, be aware that you will need to save the store-type configuration without entering the custom fields and entry parameters. This is due to a UI limitation. After saving the store type, you will need to run [this SQL script](akamai-cps-orchestrator/jobproperties.sql) on the Keyfactor database to generate all the fields and parameters needed for Akamai CPS.
 

From c9779f2d12e0a311dfadd65f4f66ee9bd63066db Mon Sep 17 00:00:00 2001
From: Keyfactor <keyfactor@keyfactor.github.io>
Date: Fri, 23 May 2025 02:32:10 +0000
Subject: [PATCH 15/18] Update generated docs

---
 README.md | 1 -
 1 file changed, 1 deletion(-)

diff --git a/README.md b/README.md
index e16500a..a9235c9 100644
--- a/README.md
+++ b/README.md
@@ -78,7 +78,6 @@ To use the Akamai Certificate Provisioning System (CPS) Universal Orchestrator e
 
 
 
-#### Notes:
 > [!WARNING]
 > If creating the Certificate Store Type manually, be aware that you will need to save the store-type configuration without entering the custom fields and entry parameters. This is due to a UI limitation. After saving the store type, you will need to run [this SQL script](akamai-cps-orchestrator/jobproperties.sql) on the Keyfactor database to generate all the fields and parameters needed for Akamai CPS.
 

From ddecc304a1435cf5d281a9eb257dff16821b592b Mon Sep 17 00:00:00 2001
From: "Matthew H. Irby" <matt.irby@outlook.com>
Date: Fri, 23 May 2025 12:18:44 -0400
Subject: [PATCH 16/18] chore(docs): Update Client Machine and Store Path
 descriptions

---
 docsource/content.md      | 3 ++-
 integration-manifest.json | 4 +++-
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/docsource/content.md b/docsource/content.md
index 4bd675c..2e22e22 100644
--- a/docsource/content.md
+++ b/docsource/content.md
@@ -30,6 +30,7 @@ already have the needed permissions to access CPS. The access of the API Client
 but the API Client should have `READ-WRITE` access.
 
 With the API Client created, a new credential should be generated by clicking `Create credential`. The contents of the 
-credential should be downloaded or saved temporarily to use for configuring the Keyfactor Certificate Store. Afterward, 
+credential should be downloaded or saved temporarily to use for configuring the Keyfactor Certificate Store. The credentials file
+will contain the `client_secret`, `host`, `access_token`, and `client_token` for the API client. Afterward, 
 it should be deleted as the credential file serves as authentication for accessing APIs, and should be treated as a 
 plaintext password and not saved long-term.
\ No newline at end of file
diff --git a/integration-manifest.json b/integration-manifest.json
index 51bc801..76a0f44 100644
--- a/integration-manifest.json
+++ b/integration-manifest.json
@@ -539,7 +539,9 @@
           "ServerRequired": false,
           "PowerShell": false,
           "BlueprintAllowed": false,
-          "CustomAliasAllowed": "Forbidden"
+          "CustomAliasAllowed": "Forbidden",
+          "ClientMachineDescription": "The Client Machine field is the Akamai REST API URL. This should be equal to the the \"host\" value from the API credentials file.",
+          "StorePathDescription": "The Akamai network the certificate will be managed from. Value can be either \"Production\" or \"Staging\"."
         }
       ]
     }

From cbee9b07a388d9ff940da712f885ce43f6e2cb2d Mon Sep 17 00:00:00 2001
From: Keyfactor <keyfactor@keyfactor.github.io>
Date: Fri, 23 May 2025 16:20:26 +0000
Subject: [PATCH 17/18] Update generated docs

---
 README.md | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/README.md b/README.md
index a9235c9..c9d8003 100644
--- a/README.md
+++ b/README.md
@@ -67,7 +67,8 @@ already have the needed permissions to access CPS. The access of the API Client
 but the API Client should have `READ-WRITE` access.
 
 With the API Client created, a new credential should be generated by clicking `Create credential`. The contents of the 
-credential should be downloaded or saved temporarily to use for configuring the Keyfactor Certificate Store. Afterward, 
+credential should be downloaded or saved temporarily to use for configuring the Keyfactor Certificate Store. The credentials file
+will contain the `client_secret`, `host`, `access_token`, and `client_token` for the API client. Afterward, 
 it should be deleted as the credential file serves as authentication for accessing APIs, and should be treated as a 
 plaintext password and not saved long-term.
 
@@ -296,8 +297,8 @@ the Keyfactor Command Portal
    | --------- | ----------- |
    | Category | Select "Akamai Certificate Provisioning Service" or the customized certificate store name from the previous step. |
    | Container | Optional container to associate certificate store with. |
-   | Client Machine |  |
-   | Store Path |  |
+   | Client Machine | The Client Machine field is the Akamai REST API URL. This should be equal to the the "host" value from the API credentials file. |
+   | Store Path | The Akamai network the certificate will be managed from. Value can be either "Production" or "Staging". |
    | Orchestrator | Select an approved orchestrator capable of managing `Akamai` certificates. Specifically, one with the `Akamai` capability. |
    | access_token | The Akamai access_token for authentication. |
    | client_token | The Akamai client_token for authentication. |
@@ -324,8 +325,8 @@ the Keyfactor Command Portal
    | --------- | ----------- |
    | Category | Select "Akamai Certificate Provisioning Service" or the customized certificate store name from the previous step. |
    | Container | Optional container to associate certificate store with. |
-   | Client Machine |  |
-   | Store Path |  |
+   | Client Machine | The Client Machine field is the Akamai REST API URL. This should be equal to the the "host" value from the API credentials file. |
+   | Store Path | The Akamai network the certificate will be managed from. Value can be either "Production" or "Staging". |
    | Orchestrator | Select an approved orchestrator capable of managing `Akamai` certificates. Specifically, one with the `Akamai` capability. |
    | Properties.access_token | The Akamai access_token for authentication. |
    | Properties.client_token | The Akamai client_token for authentication. |

From 254c125cbc33585a832036a25afda0716e989469 Mon Sep 17 00:00:00 2001
From: Macey <11599974+doebrowsk@users.noreply.github.com>
Date: Wed, 28 May 2025 11:36:49 -0400
Subject: [PATCH 18/18] set workflow version to 3.2.0 for correct build process

---
 .github/workflows/keyfactor-starter-workflow.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/keyfactor-starter-workflow.yml b/.github/workflows/keyfactor-starter-workflow.yml
index d92bd57..bd11ad0 100644
--- a/.github/workflows/keyfactor-starter-workflow.yml
+++ b/.github/workflows/keyfactor-starter-workflow.yml
@@ -11,7 +11,7 @@ on:
 
 jobs:
   call-starter-workflow:
-    uses: keyfactor/actions/.github/workflows/starter.yml@v3
+    uses: keyfactor/actions/.github/workflows/starter.yml@3.2.0
     secrets:
       token: ${{ secrets.V2BUILDTOKEN}}
       APPROVE_README_PUSH: ${{ secrets.APPROVE_README_PUSH}}