diff --git a/sdk/helper/certutil/certutil_test.go b/sdk/helper/certutil/certutil_test.go
index 60b4888495..9c10f38a81 100644
--- a/sdk/helper/certutil/certutil_test.go
+++ b/sdk/helper/certutil/certutil_test.go
@@ -26,7 +26,7 @@ import (
 
 // Tests converting back and forth between a CertBundle and a ParsedCertBundle.
 //
-// Also tests the GetSubjKeyID, GetHexFormatted, and
+// Also tests the GetSubjKeyID, GetHexFormatted, ParseHexFormatted and
 // ParsedCertBundle.getSigner functions.
 func TestCertBundleConversion(t *testing.T) {
 	cbuts := []*CertBundle{
@@ -245,6 +245,10 @@ func compareCertBundleToParsedCertBundle(cbut *CertBundle, pcbut *ParsedCertBund
 		return fmt.Errorf("bundle serial number does not match")
 	}
 
+	if !bytes.Equal(pcbut.Certificate.SerialNumber.Bytes(), ParseHexFormatted(cb.SerialNumber, ":")) {
+		return fmt.Errorf("failed re-parsing hex formatted number %s", cb.SerialNumber)
+	}
+
 	switch {
 	case len(pcbut.CAChain) > 0 && len(cb.CAChain) == 0:
 		return fmt.Errorf("parsed bundle ca chain has certs when cert bundle does not")
diff --git a/sdk/helper/certutil/helpers.go b/sdk/helper/certutil/helpers.go
index 58ebc06f2d..eace1aafd1 100644
--- a/sdk/helper/certutil/helpers.go
+++ b/sdk/helper/certutil/helpers.go
@@ -100,13 +100,13 @@ func GetHexFormatted(buf []byte, sep string) string {
 func ParseHexFormatted(in, sep string) []byte {
 	var ret bytes.Buffer
 	var err error
-	var inBits int64
+	var inBits uint64
 	inBytes := strings.Split(in, sep)
 	for _, inByte := range inBytes {
-		if inBits, err = strconv.ParseInt(inByte, 16, 8); err != nil {
+		if inBits, err = strconv.ParseUint(inByte, 16, 8); err != nil {
 			return nil
 		}
-		ret.WriteByte(byte(inBits))
+		ret.WriteByte(uint8(inBits))
 	}
 	return ret.Bytes()
 }