diff --git a/sa/_db/migrations/20150818171317_InitialSchema.sql b/sa/_db/migrations/20150818171317_InitialSchema.sql
deleted file mode 100644
index b52dc0267..000000000
--- a/sa/_db/migrations/20150818171317_InitialSchema.sql
+++ /dev/null
@@ -1,141 +0,0 @@
-
--- +goose Up
--- SQL in section 'Up' is executed when this migration is applied
-
-CREATE TABLE `registrations` (
-  `id` bigint(20) NOT NULL AUTO_INCREMENT,
-  `jwk` mediumblob NOT NULL,
-  `jwk_sha256` varchar(255) NOT NULL,
-  `contact` varchar(255) DEFAULT NULL,
-  `agreement` varchar(255) DEFAULT NULL,
-  `LockCol` bigint(20) DEFAULT NULL,
-  PRIMARY KEY (`id`),
-  UNIQUE KEY `jwk_sha256` (`jwk_sha256`)
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
-CREATE TABLE `authz` (
-  `id` varchar(255) NOT NULL,
-  `identifier` varchar(255) DEFAULT NULL,
-  `registrationID` bigint(20) DEFAULT NULL,
-  `status` varchar(255) DEFAULT NULL,
-  `expires` datetime DEFAULT NULL,
-  `combinations` varchar(255) DEFAULT NULL,
-  `sequence` bigint(20) DEFAULT NULL,
-  PRIMARY KEY (`id`),
-  KEY `regId_idx` (`registrationID`) COMMENT 'Common lookup',
-  CONSTRAINT `regId_authz` FOREIGN KEY (`registrationID`) REFERENCES `registrations` (`id`) ON DELETE NO ACTION ON UPDATE NO ACTION
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
-CREATE TABLE `certificates` (
-  `registrationID` bigint(20) DEFAULT NULL,
-  `status` varchar(255) DEFAULT NULL,
-  `serial` varchar(255) NOT NULL,
-  `digest` varchar(255) DEFAULT NULL,
-  `der` mediumblob,
-  `issued` datetime DEFAULT NULL,
-  `expires` datetime DEFAULT NULL,
-  PRIMARY KEY (`serial`),
-  KEY `regId_certificates_idx` (`registrationID`) COMMENT 'Common lookup',
-  CONSTRAINT `regId_certificates` FOREIGN KEY (`registrationID`) REFERENCES `registrations` (`id`) ON DELETE NO ACTION ON UPDATE NO ACTION
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
-CREATE TABLE `certificateStatus` (
-  `serial` varchar(255) NOT NULL,
-  `subscriberApproved` tinyint(1) DEFAULT NULL,
-  `status` varchar(255) DEFAULT NULL,
-  `ocspLastUpdated` datetime DEFAULT NULL,
-  `revokedDate` datetime DEFAULT NULL,
-  `revokedReason` int(11) DEFAULT NULL,
-  `lastExpirationNagSent` datetime DEFAULT NULL,
-  `LockCol` bigint(20) DEFAULT NULL,
-  PRIMARY KEY (`serial`)
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
-CREATE TABLE `challenges` (
-  `id` bigint(20) NOT NULL AUTO_INCREMENT,
-  `authorizationID` varchar(255) NOT NULL,
-  `LockCol` bigint(20) DEFAULT NULL,
-  `type` varchar(255) NOT NULL,
-  `status` varchar(255) NOT NULL,
-  `error` mediumblob DEFAULT NULL,
-  `validated` datetime DEFAULT NULL,
-  `uri` varchar(255) DEFAULT NULL,
-  `token` varchar(255) NOT NULL,
-  `tls` tinyint(1) DEFAULT NULL,
-  `validation` mediumblob,
-  `validationRecord` mediumblob,
-  PRIMARY KEY (`id`)
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
-CREATE TABLE `crls` (
-  `serial` varchar(255) NOT NULL,
-  `createdAt` datetime NOT NULL,
-  `crl` varchar(255) NOT NULL,
-  PRIMARY KEY (`serial`)
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
-CREATE TABLE `deniedCSRs` (
-  `id` int(11) NOT NULL AUTO_INCREMENT,
-  `names` varchar(255) NOT NULL,
-  PRIMARY KEY (`id`)
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
-CREATE TABLE `ocspResponses` (
-  `id` int(11) NOT NULL AUTO_INCREMENT,
-  `serial` varchar(255) NOT NULL,
-  `createdAt` datetime NOT NULL,
-  `response` mediumblob,
-  PRIMARY KEY (`id`),
-  KEY `SERIAL` (`serial`) COMMENT 'Actual lookup mechanism'
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
-CREATE TABLE `pending_authz` (
-  `id` varchar(255) NOT NULL,
-  `identifier` varchar(255) DEFAULT NULL,
-  `registrationID` bigint(20) DEFAULT NULL,
-  `status` varchar(255) DEFAULT NULL,
-  `expires` datetime DEFAULT NULL,
-  `combinations` varchar(255) DEFAULT NULL,
-  `LockCol` bigint(20) DEFAULT NULL,
-  PRIMARY KEY (`id`),
-  KEY `regId_idx` (`registrationID`),
-  CONSTRAINT `regId_pending_authz` FOREIGN KEY (`registrationID`) REFERENCES `registrations` (`id`) ON DELETE NO ACTION ON UPDATE NO ACTION
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
-
-CREATE TABLE `identifierData` (
-  `reversedName` varchar(255) NOT NULL,
-  `certSHA1` varchar(40) NOT NULL,
-  UNIQUE INDEX (certSha1, reversedName)
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
-CREATE TABLE `externalCerts` (
-  `sha1` varchar(40) NOT NULL,
-  `issuer` text DEFAULT NULL,
-  `subject` text DEFAULT NULL,
-  `notAfter` datetime DEFAULT NULL,
-  `spki` blob DEFAULT NULL,
-  `valid` tinyint(1) DEFAULT NULL,
-  `ev` tinyint(1) DEFAULT NULL,
-  `rawDERCert` blob DEFAULT NULL,
-  UNIQUE INDEX (sha1)
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
-
--- +goose Down
--- SQL section 'Down' is executed when this migration is rolled back
-
-ALTER TABLE `pending_authz` DROP FOREIGN KEY `regId_pending_authz`;
-ALTER TABLE `certificates` DROP FOREIGN KEY `regId_certificates`;
-ALTER TABLE `authz` DROP FOREIGN KEY `regId_authz`;
-DROP TABLE `registrations`;
-DROP TABLE `authz`;
-DROP TABLE `certificates`;
-DROP TABLE `certificateStatus`;
-DROP TABLE `challenges`;
-DROP TABLE `crls`;
-DROP TABLE `deniedCSRs`;
-DROP TABLE `ocspResponses`;
-DROP TABLE `pending_authz`;
-DROP TABLE `identifierData`;
-DROP TABLE `externalCerts`;
diff --git a/sa/_db/migrations/20150826211856_AddChallengeAccountKey.sql b/sa/_db/migrations/20150826211856_AddChallengeAccountKey.sql
deleted file mode 100644
index 635a82ccb..000000000
--- a/sa/_db/migrations/20150826211856_AddChallengeAccountKey.sql
+++ /dev/null
@@ -1,12 +0,0 @@
-
--- +goose Up
--- SQL in section 'Up' is executed when this migration is applied
-
-ALTER TABLE `challenges` ADD COLUMN (
-  `accountKey` mediumblob
-);
-
--- +goose Down
--- SQL section 'Down' is executed when this migration is rolled back
-
-ALTER TABLE `challenges` DROP COLUMN `accountKey`;
diff --git a/sa/_db/migrations/20150827160921_AddAuthIDIndexToChallenges.sql b/sa/_db/migrations/20150827160921_AddAuthIDIndexToChallenges.sql
deleted file mode 100644
index e5b249270..000000000
--- a/sa/_db/migrations/20150827160921_AddAuthIDIndexToChallenges.sql
+++ /dev/null
@@ -1,11 +0,0 @@
-
--- +goose Up
--- SQL in section 'Up' is executed when this migration is applied
-
-CREATE INDEX `authorizationID_challenges_idx` on `challenges` (`authorizationID`);
-
--- +goose Down
--- SQL section 'Down' is executed when this migration is rolled back
-
-DROP INDEX `authorizationID_challenges_idx` on `challenges`;
-
diff --git a/sa/_db/migrations/20150827201311_DeleteSequenceFromAuthz.sql b/sa/_db/migrations/20150827201311_DeleteSequenceFromAuthz.sql
deleted file mode 100644
index a66c60b27..000000000
--- a/sa/_db/migrations/20150827201311_DeleteSequenceFromAuthz.sql
+++ /dev/null
@@ -1,8 +0,0 @@
-
--- +goose Up
--- SQL in section 'Up' is executed when this migration is applied
-ALTER TABLE `authz` DROP COLUMN `sequence`;
-
--- +goose Down
--- SQL section 'Down' is executed when this migration is rolled back
-ALTER TABLE `authz` ADD COLUMN `sequence` bigint(20) DEFAULT NULL;
diff --git a/sa/_db/migrations/20150828005159_RegistrationsNotNullManyFields.sql b/sa/_db/migrations/20150828005159_RegistrationsNotNullManyFields.sql
deleted file mode 100644
index f3e00a450..000000000
--- a/sa/_db/migrations/20150828005159_RegistrationsNotNullManyFields.sql
+++ /dev/null
@@ -1,14 +0,0 @@
-
--- +goose Up
--- SQL in section 'Up' is executed when this migration is applied
-
-ALTER TABLE `registrations` MODIFY `contact` varchar(255) NOT NULL;
-ALTER TABLE `registrations` MODIFY `agreement` varchar(255) NOT NULL;
-ALTER TABLE `registrations` MODIFY `LockCol` bigint(20) NOT NULL;
-
--- +goose Down
--- SQL section 'Down' is executed when this migration is rolled back
-
-ALTER TABLE `registrations` MODIFY `contact` varchar(255) DEFAULT NULL;
-ALTER TABLE `registrations` MODIFY `agreement` varchar(255) DEFAULT NULL;
-ALTER TABLE `registrations` MODIFY `LockCol` bigint(20) DEFAULT NULL;
diff --git a/sa/_db/migrations/20150828155940_AuthzNotNullManyFields.sql b/sa/_db/migrations/20150828155940_AuthzNotNullManyFields.sql
deleted file mode 100644
index 365d9cac0..000000000
--- a/sa/_db/migrations/20150828155940_AuthzNotNullManyFields.sql
+++ /dev/null
@@ -1,26 +0,0 @@
-
--- +goose Up
--- SQL in section 'Up' is executed when this migration is applied
-
-ALTER TABLE `authz` MODIFY `identifier` varchar(255) NOT NULL;
-
-ALTER TABLE `authz` DROP FOREIGN KEY `regId_authz`;
-ALTER TABLE `authz` MODIFY `registrationID` bigint(20) NOT NULL;
-ALTER TABLE `authz` ADD CONSTRAINT `regId_authz` FOREIGN KEY (`registrationID`) REFERENCES `registrations` (`id`) ON DELETE NO ACTION ON UPDATE NO ACTION;
-
-ALTER TABLE `authz` MODIFY `status` varchar(255) NOT NULL;
-ALTER TABLE `authz` MODIFY `expires` datetime NOT NULL;
-ALTER TABLE `authz` MODIFY `combinations` varchar(255) NOT NULL;
-
--- +goose Down
--- SQL section 'Down' is executed when this migration is rolled back
-
-ALTER TABLE `authz` MODIFY `identifier` varchar(255) DEFAULT NULL;
-
-ALTER TABLE `authz` DROP FOREIGN KEY `regId_authz`;
-ALTER TABLE `authz` MODIFY `registrationID` bigint(20) DEFAULT NULL;
-ALTER TABLE `authz` ADD CONSTRAINT `regId_authz` FOREIGN KEY (`registrationID`) REFERENCES `registrations` (`id`) ON DELETE NO ACTION ON UPDATE NO ACTION;
-
-ALTER TABLE `authz` MODIFY `status` varchar(255) DEFAULT NULL;
-ALTER TABLE `authz` MODIFY `expires` datetime DEFAULT NULL;
-ALTER TABLE `authz` MODIFY `combinations` varchar(255) DEFAULT NULL;
diff --git a/sa/_db/migrations/20150828161056_DropStatusColumnOnCertificate.sql b/sa/_db/migrations/20150828161056_DropStatusColumnOnCertificate.sql
deleted file mode 100644
index b0eed59dd..000000000
--- a/sa/_db/migrations/20150828161056_DropStatusColumnOnCertificate.sql
+++ /dev/null
@@ -1,10 +0,0 @@
-
--- +goose Up
--- SQL in section 'Up' is executed when this migration is applied
-
-ALTER TABLE `certificates` DROP COLUMN `status`;
-
--- +goose Down
--- SQL section 'Down' is executed when this migration is rolled back
-
-ALTER TABLE `certificates` ADD COLUMN `status` varchar(255) DEFAULT NULL;
diff --git a/sa/_db/migrations/20150828163255_RemoveChallengeURI.sql b/sa/_db/migrations/20150828163255_RemoveChallengeURI.sql
deleted file mode 100644
index ed640adf9..000000000
--- a/sa/_db/migrations/20150828163255_RemoveChallengeURI.sql
+++ /dev/null
@@ -1,13 +0,0 @@
-
--- +goose Up
--- SQL in section 'Up' is executed when this migration is applied
-
-ALTER TABLE `challenges` DROP COLUMN `uri`;
-
-
--- +goose Down
--- SQL section 'Down' is executed when this migration is rolled back
-
-ALTER TABLE `challenges` ADD COLUMN (
-  `uri` varchar(255)
-);
diff --git a/sa/_db/migrations/20150904105711_CertificateNotNullManyFields.sql b/sa/_db/migrations/20150904105711_CertificateNotNullManyFields.sql
deleted file mode 100644
index cc92cde6a..000000000
--- a/sa/_db/migrations/20150904105711_CertificateNotNullManyFields.sql
+++ /dev/null
@@ -1,23 +0,0 @@
-
--- +goose Up
--- SQL in section 'Up' is executed when this migration is applied
-ALTER TABLE `certificates` DROP FOREIGN KEY `regId_certificates`;
-ALTER TABLE `certificates` MODIFY `registrationID` bigint(20) NOT NULL;
-ALTER TABLE `certificates` ADD CONSTRAINT `regId_certificates` FOREIGN KEY (`registrationID`)  REFERENCES `registrations` (`id`) ON DELETE NO ACTION ON UPDATE NO ACTION;
-
-ALTER TABLE `certificates` MODIFY `digest` varchar(255) NOT NULL;
-ALTER TABLE `certificates` MODIFY `der` mediumblob NOT NULL;
-ALTER TABLE `certificates` MODIFY `issued` datetime NOT NULL;
-ALTER TABLE `certificates` MODIFY `expires` datetime NOT NULL;
-
--- +goose Down
--- SQL section 'Down' is executed when this migration is rolled back
-ALTER TABLE `certificates` DROP FOREIGN KEY `regId_certificates`;
-ALTER TABLE `certificates` MODIFY `registrationID` bigint(20) DEFAULT NULL;
-ALTER TABLE `certificates` ADD CONSTRAINT `regId_certificates` FOREIGN KEY (`registrationID`)  REFERENCES `registrations` (`id`) ON DELETE NO ACTION ON UPDATE NO ACTION;
-
-ALTER TABLE `certificates` MODIFY `digest` varchar(255) DEFAULT NULL;
-ALTER TABLE `certificates` MODIFY `der` mediumblob DEFAULT NULL;
-ALTER TABLE `certificates` MODIFY `issued` datetime DEFAULT NULL;
-ALTER TABLE `certificates` MODIFY `expires` datetime DEFAULT NULL;
-
diff --git a/sa/_db/migrations/20150904120119_AuthzExpiresMayBeNull.sql b/sa/_db/migrations/20150904120119_AuthzExpiresMayBeNull.sql
deleted file mode 100644
index 45579b6a9..000000000
--- a/sa/_db/migrations/20150904120119_AuthzExpiresMayBeNull.sql
+++ /dev/null
@@ -1,9 +0,0 @@
-
--- +goose Up
--- SQL in section 'Up' is executed when this migration is applied
-ALTER TABLE `authz` MODIFY `expires` datetime DEFAULT NULL;
-
-
--- +goose Down
--- SQL section 'Down' is executed when this migration is rolled back
-ALTER TABLE `authz` MODIFY `expires` datetime NOT NULL;
diff --git a/sa/_db/migrations/20150904121736_CertificateStatusNotNullManyFields.sql b/sa/_db/migrations/20150904121736_CertificateStatusNotNullManyFields.sql
deleted file mode 100644
index cd7b685b3..000000000
--- a/sa/_db/migrations/20150904121736_CertificateStatusNotNullManyFields.sql
+++ /dev/null
@@ -1,23 +0,0 @@
-
--- +goose Up
--- SQL in section 'Up' is executed when this migration is applied
-
-ALTER TABLE `certificateStatus` MODIFY `subscriberApproved` tinyint(1) NOT NULL;
-ALTER TABLE `certificateStatus` MODIFY `status` varchar(255) NOT NULL;
-ALTER TABLE `certificateStatus` MODIFY `ocspLastUpdated` datetime NOT NULL;
-ALTER TABLE `certificateStatus` MODIFY `revokedDate` datetime NOT NULL;
-ALTER TABLE `certificateStatus` MODIFY `revokedReason` int(11) NOT NULL;
-ALTER TABLE `certificateStatus` MODIFY `lastExpirationNagSent` datetime NOT NULL;
-ALTER TABLE `certificateStatus` MODIFY `LockCol` bigint(20) NOT NULL;
-
-
--- +goose Down
--- SQL section 'Down' is executed when this migration is rolled back
-
-ALTER TABLE `certificateStatus` MODIFY `subscriberApproved` tinyint(1) DEFAULT NULL;
-ALTER TABLE `certificateStatus` MODIFY `status` varchar(255) DEFAULT NULL;
-ALTER TABLE `certificateStatus` MODIFY `ocspLastUpdated` datetime DEFAULT NULL;
-ALTER TABLE `certificateStatus` MODIFY `revokedDate` datetime DEFAULT NULL;
-ALTER TABLE `certificateStatus` MODIFY `revokedReason` int(11) DEFAULT NULL;
-ALTER TABLE `certificateStatus` MODIFY `lastExpirationNagSent` datetime DEFAULT NULL;
-ALTER TABLE `certificateStatus` MODIFY `LockCol` bigint(20) DEFAULT NULL;
diff --git a/sa/_db/migrations/20150904132303_OCSPResponsesNotNullManyFields.sql b/sa/_db/migrations/20150904132303_OCSPResponsesNotNullManyFields.sql
deleted file mode 100644
index e716f807a..000000000
--- a/sa/_db/migrations/20150904132303_OCSPResponsesNotNullManyFields.sql
+++ /dev/null
@@ -1,10 +0,0 @@
-
--- +goose Up
--- SQL in section 'Up' is executed when this migration is applied
-ALTER TABLE `ocspResponses` MODIFY `response` mediumblob NOT NULL;
-
-
--- +goose Down
--- SQL section 'Down' is executed when this migration is rolled back
-ALTER TABLE `ocspResponses` MODIFY `response` mediumblob DEFAULT NULL;
-
diff --git a/sa/_db/migrations/20150904143114_PendingAuthzNotNullManyFields.sql b/sa/_db/migrations/20150904143114_PendingAuthzNotNullManyFields.sql
deleted file mode 100644
index 42f8d5b5c..000000000
--- a/sa/_db/migrations/20150904143114_PendingAuthzNotNullManyFields.sql
+++ /dev/null
@@ -1,28 +0,0 @@
-
--- +goose Up
--- SQL in section 'Up' is executed when this migration is applied
-ALTER TABLE `pending_authz` MODIFY `identifier` varchar(255) NOT NULL;
-
-ALTER TABLE `pending_authz` DROP FOREIGN KEY `regId_pending_authz`;
-ALTER TABLE `pending_authz` MODIFY `registrationID` bigint(20) NOT NULL;
-ALTER TABLE `pending_authz` ADD CONSTRAINT `regId_pending_authz` FOREIGN KEY (`registrationID`) REFERENCES `registrations` (`id`) ON DELETE NO ACTION ON UPDATE NO ACTION;
-
-
-ALTER TABLE `pending_authz` MODIFY `status` varchar(255) NOT NULL;
-ALTER TABLE `pending_authz` MODIFY `combinations` varchar(255) NOT NULL;
-ALTER TABLE `pending_authz` MODIFY `LockCol` bigint(20) NOT NULL;
-
-
--- +goose Down
--- SQL section 'Down' is executed when this migration is rolled back
-ALTER TABLE `pending_authz` MODIFY `identifier` varchar(255) DEFAULT NULL;
-
-ALTER TABLE `pending_authz` DROP FOREIGN KEY `regId_pending_authz`;
-ALTER TABLE `pending_authz` MODIFY `registrationID` bigint(20) DEFAULT NULL;
-ALTER TABLE `pending_authz` ADD CONSTRAINT `regId_pending_authz` FOREIGN KEY (`registrationID`) REFERENCES `registrations` (`id`) ON DELETE NO ACTION ON UPDATE NO ACTION;
-
-
-ALTER TABLE `pending_authz` MODIFY `status` varchar(255) DEFAULT NULL;
-ALTER TABLE `pending_authz` MODIFY `combinations` varchar(255) DEFAULT NULL;
-ALTER TABLE `pending_authz` MODIFY `LockCol` bigint(20) DEFAULT NULL;
-
diff --git a/sa/_db/migrations/20150904144656_RenamePendingAuthz.sql b/sa/_db/migrations/20150904144656_RenamePendingAuthz.sql
deleted file mode 100644
index bda3c349c..000000000
--- a/sa/_db/migrations/20150904144656_RenamePendingAuthz.sql
+++ /dev/null
@@ -1,9 +0,0 @@
-
--- +goose Up
--- SQL in section 'Up' is executed when this migration is applied
-RENAME TABLE `pending_authz` to `pendingAuthorizations`;
-
--- +goose Down
--- SQL section 'Down' is executed when this migration is rolled back
-RENAME TABLE `pendingAuthorizations` to `pending_authz`;
-
diff --git a/sa/_db/migrations/20150916173200_SCTReceipts.sql b/sa/_db/migrations/20150916173200_SCTReceipts.sql
deleted file mode 100644
index fab717cf4..000000000
--- a/sa/_db/migrations/20150916173200_SCTReceipts.sql
+++ /dev/null
@@ -1,21 +0,0 @@
-
--- +goose Up
--- SQL in section 'Up' is executed when this migration is applied
-
-CREATE TABLE `sctReceipts` (
-  `id` bigint(20) NOT NULL AUTO_INCREMENT,
-  `sctVersion` tinyint(1) NOT NULL,
-  `logID` varchar(255) NOT NULL,
-  `timestamp` bigint(20) NOT NULL,
-  `extensions` blob,
-  `signature` blob,
-  `certificateSerial` varchar(255) NOT NULL,
-  `LockCol` bigint(20) DEFAULT NULL,
-  PRIMARY KEY (`id`),
-  UNIQUE KEY `certificateSerial_logID` (`certificateSerial`, `logID`)
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
--- +goose Down
--- SQL section 'Down' is executed when this migration is rolled back
-
-DROP TABLE `sctReceipts`;
diff --git a/sa/_db/migrations/20150922165824_UpdateSerialNumbersOfOldCerts.sql b/sa/_db/migrations/20150922165824_UpdateSerialNumbersOfOldCerts.sql
deleted file mode 100644
index 80b629489..000000000
--- a/sa/_db/migrations/20150922165824_UpdateSerialNumbersOfOldCerts.sql
+++ /dev/null
@@ -1,15 +0,0 @@
--- This bit of weirdness is because we had to change how long our serial ids
--- were. Fortunately, zero padding them works fine. For some details, see
--- https://github.com/letsencrypt/boulder/issues/834
-
--- +goose Up
--- SQL in section 'Up' is executed when this migration is applied
-UPDATE certificates SET serial = CONCAT('0000', serial) WHERE length(serial) = 32;
-UPDATE certificateStatus SET serial = CONCAT('0000', serial) WHERE length(serial) = 32;
-UPDATE ocspResponses SET serial = CONCAT('0000', serial) WHERE length(serial) = 32;
-
--- +goose Down
--- SQL section 'Down' is executed when this migration is rolled back
-UPDATE certificates SET serial = SUBSTR(serial, 5) WHERE length(serial) = 36 AND serial LIKE '0000%';
-UPDATE certificateStatus SET serial = SUBSTR(serial, 5) WHERE length(serial) = 36 AND serial LIKE '0000%';
-UPDATE ocspResponses SET serial = SUBSTR(serial, 5) WHERE length(serial) = 36 AND serial LIKE '0000%';
diff --git a/sa/_db/migrations/20150925184726_AddNamesTable.sql b/sa/_db/migrations/20150925184726_AddNamesTable.sql
deleted file mode 100644
index 4d9456437..000000000
--- a/sa/_db/migrations/20150925184726_AddNamesTable.sql
+++ /dev/null
@@ -1,20 +0,0 @@
-
--- +goose Up
--- SQL in section 'Up' is executed when this migration is applied
-
-CREATE TABLE `issuedNames` (
-  `id` int(11) NOT NULL AUTO_INCREMENT,
-  -- DNS names are restricted to the ASCII character set.
-  -- 640 char limit is enforced in policy-authority.go.
-  `reversedName` VARCHAR(640) CHARACTER SET ascii NOT NULL,
-  `notBefore` DATETIME NOT NULL,
-  `serial` VARCHAR(255) NOT NULL,
-  PRIMARY KEY (`id`),
-  KEY `reversedName_notBefore_Idx` (`reversedName`, `notBefore`)
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
-
--- +goose Down
--- SQL section 'Down' is executed when this migration is rolled back
-
-DROP TABLE `issuedNames`;
diff --git a/sa/_db/migrations/20150929135041_AddCertificateStatusLastOCSPUpdatedIndex.sql b/sa/_db/migrations/20150929135041_AddCertificateStatusLastOCSPUpdatedIndex.sql
deleted file mode 100644
index dc59ed55d..000000000
--- a/sa/_db/migrations/20150929135041_AddCertificateStatusLastOCSPUpdatedIndex.sql
+++ /dev/null
@@ -1,10 +0,0 @@
-
--- +goose Up
--- SQL in section 'Up' is executed when this migration is applied
-
-CREATE INDEX `ocspLastUpdated_certificateStatus_idx` on `certificateStatus` (`ocspLastUpdated`);
-
--- +goose Down
--- SQL section 'Down' is executed when this migration is rolled back
-
-DROP INDEX `ocspLastUpdated_certificateStatus_idx` on `certificateStatus`;
diff --git a/sa/_db/migrations/20151002162726_CorrectDefaultUTFCharset.sql b/sa/_db/migrations/20151002162726_CorrectDefaultUTFCharset.sql
deleted file mode 100644
index 0f0575183..000000000
--- a/sa/_db/migrations/20151002162726_CorrectDefaultUTFCharset.sql
+++ /dev/null
@@ -1,12 +0,0 @@
-
--- +goose Up
--- SQL in section 'Up' is executed when this migration is applied
-
--- Adjust utf8mb4 is the real 4-byte UTF-8. But to fit the contact column in an
--- index entirely, we need to adjust 255 down to 191.
-ALTER TABLE `registrations` MODIFY COLUMN contact varchar(191) CHARACTER SET utf8mb4 NOT NULL;
-
--- +goose Down
--- SQL section 'Down' is executed when this migration is rolled back
-
-ALTER TABLE `registrations` MODIFY COLUMN contact varchar(255) CHARACTER SET utf8 NOT NULL;
diff --git a/sa/_db/migrations/20151003141825_AddKeyAuthorization.sql b/sa/_db/migrations/20151003141825_AddKeyAuthorization.sql
deleted file mode 100644
index fdfd0ebe1..000000000
--- a/sa/_db/migrations/20151003141825_AddKeyAuthorization.sql
+++ /dev/null
@@ -1,12 +0,0 @@
-
--- +goose Up
--- SQL in section 'Up' is executed when this migration is applied
-
-ALTER TABLE `challenges` ADD COLUMN (`keyAuthorization` varchar(255));
-ALTER TABLE `challenges` DROP COLUMN `validation`;
-
--- +goose Down
--- SQL section 'Down' is executed when this migration is rolled back
-
-ALTER TABLE `challenges` DROP COLUMN `keyAuthorization`;
-ALTER TABLE `challenges` ADD COLUMN (`validation` mediumblob);
diff --git a/sa/_db/migrations/20151008234926_AddInitialIPAndCreatedAt.sql b/sa/_db/migrations/20151008234926_AddInitialIPAndCreatedAt.sql
deleted file mode 100644
index 2b225a38b..000000000
--- a/sa/_db/migrations/20151008234926_AddInitialIPAndCreatedAt.sql
+++ /dev/null
@@ -1,14 +0,0 @@
-
--- +goose Up
--- SQL in section 'Up' is executed when this migration is applied
-
-ALTER TABLE `registrations` ADD COLUMN (
-  `initialIP` BINARY(16) NOT NULL DEFAULT "",
-  `createdAt` DATETIME NOT NULL
-);
-CREATE INDEX `initialIP_createdAt` on `registrations` (`initialIP`, `createdAt`);
-
--- +goose Down
--- SQL section 'Down' is executed when this migration is rolled back
-
-DROP INDEX `initialIP_createdAt` on `registrations`;
diff --git a/sa/_db/migrations/20151009155300_MoveOCSPResponseToCertificateStatus.sql b/sa/_db/migrations/20151009155300_MoveOCSPResponseToCertificateStatus.sql
deleted file mode 100644
index fa14a8950..000000000
--- a/sa/_db/migrations/20151009155300_MoveOCSPResponseToCertificateStatus.sql
+++ /dev/null
@@ -1,12 +0,0 @@
-
--- +goose Up
--- SQL in section 'Up' is executed when this migration is applied
-
-ALTER TABLE `certificateStatus` ADD COLUMN (`ocspResponse` blob);
-CREATE INDEX `status_certificateStatus_idx` on `certificateStatus` (`status`);
-
--- +goose Down
--- SQL section 'Down' is executed when this migration is rolled back
-
-DROP INDEX `status_certificateStatus_idx` on `certificateStatus`;
-ALTER TABLE `certificateStatus` DROP COLUMN `ocspResponse`;
diff --git a/sa/_db/migrations/20151015112508_ReindexPendingAuthz.sql b/sa/_db/migrations/20151015112508_ReindexPendingAuthz.sql
deleted file mode 100644
index f94dd2b9d..000000000
--- a/sa/_db/migrations/20151015112508_ReindexPendingAuthz.sql
+++ /dev/null
@@ -1,12 +0,0 @@
-
--- +goose Up
--- SQL in section 'Up' is executed when this migration is applied
-
-CREATE INDEX `regId_expires_idx` on `pendingAuthorizations` (`registrationID`, `expires`);
-DROP INDEX `regId_idx` on `pendingAuthorizations`;
-
--- +goose Down
--- SQL section 'Down' is executed when this migration is rolled back
-
-CREATE INDEX `regId_idx` on `pendingAuthorizations` (`registrationID`);
-DROP INDEX `regId_expires_idx` on `pendingAuthorizations`;
diff --git a/sa/_db/migrations/20151025174914_AddLatestValidAuthzIndex.sql b/sa/_db/migrations/20151025174914_AddLatestValidAuthzIndex.sql
deleted file mode 100644
index 3e4ffac09..000000000
--- a/sa/_db/migrations/20151025174914_AddLatestValidAuthzIndex.sql
+++ /dev/null
@@ -1,11 +0,0 @@
-
--- +goose Up
--- SQL in section 'Up' is executed when this migration is applied
-
-CREATE INDEX `registrationID_identifier_status_expires_authz_idx` on authz (`registrationID`, `identifier`, `status`, `expires` desc);
-
-
--- +goose Down
--- SQL section 'Down' is executed when this migration is rolled back
-
-DROP INDEX `registrationID_identifier_status_expires_authz_idx` on `authz`;
diff --git a/sa/_db/migrations/20151221212759_DropOldAuthzRegIDIndex.sql b/sa/_db/migrations/20151221212759_DropOldAuthzRegIDIndex.sql
deleted file mode 100644
index d2692300f..000000000
--- a/sa/_db/migrations/20151221212759_DropOldAuthzRegIDIndex.sql
+++ /dev/null
@@ -1,8 +0,0 @@
-
--- +goose Up
--- SQL in section 'Up' is executed when this migration is applied
-DROP INDEX `regId_idx` ON `authz`;
-
--- +goose Down
--- SQL section 'Down' is executed when this migration is rolled back
-CREATE INDEX `regId_idx` ON `authz` (`registrationID`);
diff --git a/sa/_db/migrations/20160202135920_AddFQDNSetTable.sql b/sa/_db/migrations/20160202135920_AddFQDNSetTable.sql
deleted file mode 100644
index d30cb0b2d..000000000
--- a/sa/_db/migrations/20160202135920_AddFQDNSetTable.sql
+++ /dev/null
@@ -1,20 +0,0 @@
-
--- +goose Up
--- SQL in section 'Up' is executed when this migration is applied
-
-CREATE TABLE `fqdnSets` (
-       `id` INT(11) NOT NULL AUTO_INCREMENT,
-       -- SHA256 hash of alphabetically sorted, lowercased, comma joined
-       -- DNS names contained in a certificate
-       `setHash` BINARY(32) NOT NULL,
-       `serial` VARCHAR(255) UNIQUE NOT NULL,
-       `issued` DATETIME NOT NULL,
-       `expires` DATETIME NOT NULL,
-       PRIMARY KEY (`id`),
-       KEY `setHash_issued_idx` (`setHash`, `issued`)
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
--- +goose Down
--- SQL section 'Down' is executed when this migration is rolled back
-
-DROP TABLE `fqdnSets`;
diff --git a/sa/_db/migrations/20160601135920_RemoveDeniedCSRs.sql b/sa/_db/migrations/20160601135920_RemoveDeniedCSRs.sql
deleted file mode 100644
index e852760dd..000000000
--- a/sa/_db/migrations/20160601135920_RemoveDeniedCSRs.sql
+++ /dev/null
@@ -1,13 +0,0 @@
--- +goose Up
--- SQL in section 'Up' is executed when this migration is applied
-
-DROP TABLE `deniedCSRs`;
-
--- +goose Down
--- SQL section 'Down' is executed when this migration is rolled back
-
-CREATE TABLE `deniedCSRs` (
-  `id` int(11) NOT NULL AUTO_INCREMENT,
-  `names` varchar(255) NOT NULL,
-  PRIMARY KEY (`id`)
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
diff --git a/sa/_db/migrations/20160602142227_AddCertificatesIssuedIndex.sql b/sa/_db/migrations/20160602142227_AddCertificatesIssuedIndex.sql
deleted file mode 100644
index af53dee68..000000000
--- a/sa/_db/migrations/20160602142227_AddCertificatesIssuedIndex.sql
+++ /dev/null
@@ -1,10 +0,0 @@
-
--- +goose Up
--- SQL in section 'Up' is executed when this migration is applied
-
-ALTER TABLE `certificates` ADD INDEX `issued_idx` (`issued`);
-
--- +goose Down
--- SQL section 'Down' is executed when this migration is rolled back
-
-ALTER TABLE `certificates` DROP INDEX `issued_idx`;
diff --git a/sa/_db/migrations/20160817143417_CertStatusOptimizations.sql b/sa/_db/migrations/20160817143417_CertStatusOptimizations.sql
deleted file mode 100644
index 899ddfd42..000000000
--- a/sa/_db/migrations/20160817143417_CertStatusOptimizations.sql
+++ /dev/null
@@ -1,12 +0,0 @@
-
--- +goose Up
--- SQL in section 'Up' is executed when this migration is applied
-
-ALTER TABLE `certificateStatus` ADD COLUMN `notAfter` DATETIME DEFAULT NULL;
-ALTER TABLE `certificateStatus` ADD COLUMN `isExpired` BOOL DEFAULT FALSE;
-
--- +goose Down
--- SQL section 'Down' is executed when this migration is rolled back
-
-ALTER TABLE `certificateStatus` DROP COLUMN `notAfter`;
-ALTER TABLE `certificateStatus` DROP COLUMN `isExpired`;
diff --git a/sa/_db/migrations/20160818140745_AddRegStatus.sql b/sa/_db/migrations/20160818140745_AddRegStatus.sql
deleted file mode 100644
index 588c8ff0d..000000000
--- a/sa/_db/migrations/20160818140745_AddRegStatus.sql
+++ /dev/null
@@ -1,10 +0,0 @@
-
--- +goose Up
--- SQL in section 'Up' is executed when this migration is applied
-
-ALTER TABLE `registrations` ADD COLUMN (`status` varchar(255) DEFAULT "valid" NOT NULL);
-
--- +goose Down
--- SQL section 'Down' is executed when this migration is rolled back
-
-ALTER TABLE `registrations` DROP COLUMN `status`;
diff --git a/sa/_db/migrations/20160914105917_RemoveChallengesAcctKeyAndTLS.sql b/sa/_db/migrations/20160914105917_RemoveChallengesAcctKeyAndTLS.sql
deleted file mode 100644
index 9dcbd8ed3..000000000
--- a/sa/_db/migrations/20160914105917_RemoveChallengesAcctKeyAndTLS.sql
+++ /dev/null
@@ -1,17 +0,0 @@
-
--- +goose Up
--- SQL in section 'Up' is executed when this migration is applied
-
-ALTER TABLE `challenges` DROP COLUMN `accountKey`;
-ALTER TABLE `challenges` DROP COLUMN `tls`;
-
--- +goose Down
--- SQL section 'Down' is executed when this migration is rolled back
-
-ALTER TABLE `challenges` ADD COLUMN (
-  `accountKey` mediumBlob
-);
-
-ALTER TABLE `challenges` ADD COLUMN (
-  `tls` tinyint(1) DEFAULT NULL
-);
diff --git a/sa/_db/migrations/20170718114448_DBCleanup.sql b/sa/_db/migrations/20170718114448_DBCleanup.sql
deleted file mode 100644
index 83f61b300..000000000
--- a/sa/_db/migrations/20170718114448_DBCleanup.sql
+++ /dev/null
@@ -1,65 +0,0 @@
-
--- +goose Up
--- SQL in section 'Up' is executed when this migration is applied
-
--- externalCerts and identifierData were originally needed for PoP challenges
--- but were never used and can safely be removed since PoP challenges were
--- removed from the spec.
-DROP TABLE externalCerts;
-
-DROP TABLE identifierData;
-
-ALTER TABLE certificateStatus MODIFY LockCol BIGINT(20) NULL DEFAULT 0,
-  MODIFY subscriberApproved tinyint(1) NULL DEFAULT 0;
-
-START TRANSACTION;
-ALTER TABLE certificateStatus DROP PRIMARY KEY,
-	ADD id BIGINT(20) NOT NULL AUTO_INCREMENT FIRST,
-	ADD PRIMARY KEY(id),
-	ADD UNIQUE serial (serial);
-COMMIT;
-
-START TRANSACTION;
-ALTER TABLE certificates DROP PRIMARY KEY,
-	ADD id BIGINT(20) NOT NULL AUTO_INCREMENT FIRST,
-	ADD PRIMARY KEY(id),
-	ADD UNIQUE serial (serial);
-COMMIT;
-
-
--- +goose Down
--- SQL section 'Down' is executed when this migration is rolled back
-CREATE TABLE `externalCerts` (
-  `sha1` varchar(40) NOT NULL,
-  `issuer` text,
-  `subject` text,
-  `notAfter` datetime DEFAULT NULL,
-  `spki` blob,
-  `valid` tinyint(1) DEFAULT NULL,
-  `ev` tinyint(1) DEFAULT NULL,
-  `rawDERCert` blob,
-  UNIQUE KEY `sha1` (`sha1`)
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
-CREATE TABLE `identifierData` (
-  `reversedName` varchar(255) NOT NULL,
-  `certSHA1` varchar(40) NOT NULL,
-  UNIQUE KEY `certSHA1` (`certSHA1`,`reversedName`)
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
-ALTER TABLE certificateStatus MODIFY LockCol BIGINT(20) NOT NULL,
-  MODIFY subscriberApproved tinyint(1) NOT NULL;
-
-START TRANSACTION;
-ALTER TABLE certificateStatus DROP PRIMARY KEY,
-	DROP KEY (serial),
-	ADD PRIMARY KEY(serial),
-	DROP id;
-COMMIT;
-
-START TRANSACTION;
-ALTER TABLE certificates DROP PRIMARY KEY,
-	DROP KEY serial,
-	ADD PRIMARY KEY(serial),
-	DROP id;
-COMMIT;
diff --git a/sa/_db/migrations/20170731115209_AddOrders.sql b/sa/_db/migrations/20170731115209_AddOrders.sql
deleted file mode 100644
index d567cf1c7..000000000
--- a/sa/_db/migrations/20170731115209_AddOrders.sql
+++ /dev/null
@@ -1,28 +0,0 @@
-
--- +goose Up
--- SQL in section 'Up' is executed when this migration is applied
-CREATE TABLE orders (
-       id BIGINT(20) NOT NULL AUTO_INCREMENT,
-       registrationID BIGINT(20) NOT NULL,
-       expires DATETIME NOT NULL,
-       csr MEDIUMBLOB NOT NULL,
-       error MEDIUMBLOB DEFAULT NULL,
-       certificateSerial VARCHAR(255) DEFAULT NULL,
-       status VARCHAR(255) NOT NULL,
-       PRIMARY KEY(id),
-       -- We need an index on regID, status, expires to ensure the
-       -- countPendingOrdersByRegID RPC has good performance.
-       KEY reg_status_expires (registrationID, status, expires)
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
-CREATE TABLE orderToAuthz (
-       orderID BIGINT(20) NOT NULL,
-       authzID VARCHAR(255) NOT NULL,
-       PRIMARY KEY order_authz (orderID, authzID),
-       KEY authzID (authzID)
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
--- +goose Down
--- SQL section 'Down' is executed when this migration is rolled back
-DROP TABLE orders;
-DROP TABLE orderToAuthz;
diff --git a/sa/_db/migrations/20171006131843_FinalizeOrder.sql b/sa/_db/migrations/20171006131843_FinalizeOrder.sql
deleted file mode 100644
index e4232900d..000000000
--- a/sa/_db/migrations/20171006131843_FinalizeOrder.sql
+++ /dev/null
@@ -1,24 +0,0 @@
-
--- +goose Up
--- SQL in section 'Up' is executed when this migration is applied
-
-ALTER TABLE orders DROP COLUMN csr;
-
-CREATE TABLE requestedNames (
-  `id` BIGINT(20) NOT NULL AUTO_INCREMENT,
-  `orderID` BIGINT(20) NOT NULL,
-  -- 253 is the maximum allowed DNS name length
-  -- We use ASCII explicitly here since there is no expectation that un-punycode
-  -- encoded unicode names will be stored
-  `reversedName` varchar(253) CHARACTER SET ascii NOT NULL,
-  PRIMARY KEY(id),
-  KEY `orderID_idx` (`orderID`),
-  KEY `reversedName_idx` (`reversedName`),
-  CONSTRAINT `orderID_orders` FOREIGN KEY (`orderID`) REFERENCES `orders` (`id`) ON DELETE CASCADE
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
--- +goose Down
--- SQL section 'Down' is executed when this migration is rolled back
-
-ALTER TABLE orders ADD COLUMN csr MEDIUMBLOB NOT NULL;
-DROP TABLE requestedNames;
diff --git a/sa/_db/migrations/20171015225800_AddRenewalBit.sql b/sa/_db/migrations/20171015225800_AddRenewalBit.sql
deleted file mode 100644
index ec12e6bc4..000000000
--- a/sa/_db/migrations/20171015225800_AddRenewalBit.sql
+++ /dev/null
@@ -1,10 +0,0 @@
-
--- +goose Up
-ALTER TABLE issuedNames
-       ADD COLUMN renewal TINYINT(1) NOT NULL DEFAULT 0,
-       ADD INDEX `reversedName_renewal_notBefore_Idx` (`reversedName`,`renewal`,`notBefore`);
-
--- +goose Down
-ALTER TABLE issuedNames
-       DROP COLUMN renewal,
-       DROP INDEX `reversedName_renewal_notBefore_Idx`;
diff --git a/sa/_db/migrations/20171107160000_AddCertificateStatusIndexes.sql b/sa/_db/migrations/20171107160000_AddCertificateStatusIndexes.sql
deleted file mode 100644
index cecb1f245..000000000
--- a/sa/_db/migrations/20171107160000_AddCertificateStatusIndexes.sql
+++ /dev/null
@@ -1,13 +0,0 @@
--- +goose Up
-ALTER TABLE certificateStatus
-       ADD INDEX `isExpired_ocspLastUpdated_idx` (`isExpired`, `ocspLastUpdated`),
-       ADD INDEX `notAfter_idx` (`notAfter`),
-       DROP INDEX `status_certificateStatus_idx`,
-       DROP INDEX `ocspLastUpdated_certificateStatus_idx`;
-
--- +goose Down
-ALTER TABLE certificateStatus
-       DROP INDEX `isExpired_ocspLastUpdated_idx`,
-       DROP INDEX `notAfter_idx`,
-       ADD INDEX `ocspLastUpdated_certificateStatus_idx` (`ocspLastUpdated`),
-       ADD INDEX `status_certificateStatus_idx` (`status`);
diff --git a/sa/_db/migrations/20171214114506_AddOrderFQDNSets.sql b/sa/_db/migrations/20171214114506_AddOrderFQDNSets.sql
deleted file mode 100644
index 31e11445f..000000000
--- a/sa/_db/migrations/20171214114506_AddOrderFQDNSets.sql
+++ /dev/null
@@ -1,28 +0,0 @@
-
--- +goose Up
--- SQL in section 'Up' is executed when this migration is applied
-
-CREATE TABLE orderFqdnSets (
-  id BIGINT(20) NOT NULL AUTO_INCREMENT,
-  setHash BINARY(32) NOT NULL,
-  orderID BIGINT(20) NOT NULL,
-  registrationID BIGINT(20) NOT NULL,
-  expires DATETIME NOT NULL,
-  PRIMARY KEY (id),
-  KEY setHash_expires_idx (setHash,expires),
-  KEY orderID_idx (orderID),
-  CONSTRAINT orderFqdnSets_registrationID_registrations
-    FOREIGN KEY (registrationID)
-    REFERENCES registrations (id)
-    ON DELETE NO ACTION ON UPDATE NO ACTION,
-  CONSTRAINT orderFqdnSets_orderID_orders
-    FOREIGN KEY (orderID)
-    REFERENCES orders (id)
-    ON DELETE NO ACTION ON UPDATE NO ACTION
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
--- +goose Down
--- SQL section 'Down' is executed when this migration is rolled back
-
-DROP TABLE `orderFqdnSets`;
-
diff --git a/sa/_db/migrations/20180124141109_DropOrderStatusField.sql b/sa/_db/migrations/20180124141109_DropOrderStatusField.sql
deleted file mode 100644
index c18703e12..000000000
--- a/sa/_db/migrations/20180124141109_DropOrderStatusField.sql
+++ /dev/null
@@ -1,12 +0,0 @@
-
--- +goose Up
--- SQL in section 'Up' is executed when this migration is applied
-
-ALTER TABLE `orders` DROP COLUMN `status`;
-ALTER TABLE `orders` ADD COLUMN `beganProcessing` BOOL NOT NULL DEFAULT FALSE;
-
--- +goose Down
--- SQL section 'Down' is executed when this migration is rolled back
-
-ALTER TABLE `orders` ADD COLUMN `status` varchar(255) NOT NULL;
-ALTER TABLE `orders` DROP COLUMN `beganProcessing`;
diff --git a/sa/_db/migrations/20180228165129_AddOrderCreatedField.sql b/sa/_db/migrations/20180228165129_AddOrderCreatedField.sql
deleted file mode 100644
index 1a4f5e2ac..000000000
--- a/sa/_db/migrations/20180228165129_AddOrderCreatedField.sql
+++ /dev/null
@@ -1,14 +0,0 @@
-
--- +goose Up
--- SQL in section 'Up' is executed when this migration is applied
-
-ALTER TABLE `orders`
-  ADD COLUMN `created` DATETIME NOT NULL,
-  ADD INDEX `regID_created_idx` (`registrationID`, `created`);
-
--- +goose Down
--- SQL section 'Down' is executed when this migration is rolled back
-
-ALTER TABLE `orders`
-  DROP COLUMN `created`,
-  DROP INDEX `regID_created_idx`;
diff --git a/sa/_db/migrations/20180626003200_AddPendingAuthzIndex.sql b/sa/_db/migrations/20180626003200_AddPendingAuthzIndex.sql
deleted file mode 100644
index 14472ec4c..000000000
--- a/sa/_db/migrations/20180626003200_AddPendingAuthzIndex.sql
+++ /dev/null
@@ -1,18 +0,0 @@
-
--- +goose Up
--- SQL in section 'Up' is executed when this migration is applied
-
-ALTER TABLE `pendingAuthorizations`
-  ADD INDEX `identifier_registrationID_status_expires_idx` (
-    `identifier`, `registrationID`, `status`, `expires`),
-  ADD INDEX `registrationID_status_expires_idx` (
-    `registrationID`, `status`, `expires`),
-  DROP INDEX `regId_expires_idx`;
-
--- +goose Down
--- SQL section 'Down' is executed when this migration is rolled back
-
-ALTER TABLE `pendingAuthorizations`
-  DROP INDEX `identifier_registrationID_status_expires_idx`,
-  DROP INDEX `registrationID_status_expires_idx`,
-  ADD INDEX `regId_expires_idx` (`registrationID`,`expires`);
diff --git a/sa/_db/migrations/20190101000000_AddRateLimitTable.sql b/sa/_db/migrations/20190101000000_AddRateLimitTable.sql
deleted file mode 100644
index 78dc64bcb..000000000
--- a/sa/_db/migrations/20190101000000_AddRateLimitTable.sql
+++ /dev/null
@@ -1,15 +0,0 @@
--- +goose Up
--- SQL in section 'Up' is executed when this migration is applied
-
-CREATE TABLE `certificatesPerName` (
-    `id` BIGINT(20) PRIMARY KEY AUTO_INCREMENT,
-    `eTLDPlusOne` VARCHAR(255) NOT NULL,
-    `time` DATETIME NOT NULL,
-    `count` INTEGER NOT NULL,
-    UNIQUE KEY `eTLDPlusOne_time_idx` (`eTLDPlusOne`, `time`)
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
--- +goose Down
--- SQL section 'Down' is executed when this migration is rolled back
-
-DROP TABLE `certificatesPerName`;
diff --git a/sa/_db/migrations/20190221140139_AddAuthz2.sql b/sa/_db/migrations/20190221140139_AddAuthz2.sql
deleted file mode 100644
index b7a83925e..000000000
--- a/sa/_db/migrations/20190221140139_AddAuthz2.sql
+++ /dev/null
@@ -1,35 +0,0 @@
-
--- +goose Up
--- SQL in section 'Up' is executed when this migration is applied
-
-CREATE TABLE `authz2` (
-    `id` BIGINT(20) PRIMARY KEY AUTO_INCREMENT,
-    `identifierType` TINYINT NOT NULL,
-    `identifierValue` VARCHAR(255) NOT NULL,
-    `registrationID` BIGINT(20) NOT NULL,
-    `status` TINYINT NOT NULL,
-    `expires` DATETIME NOT NULL,
-    `challenges` TINYINT NOT NULL,
-    `attempted` TINYINT DEFAULT NULL,
-    `attemptedAt` DATETIME DEFAULT NULL,
-    `token` BINARY(32) UNIQUE NOT NULL,
-    `validationError` MEDIUMBLOB DEFAULT NULL,
-    `validationRecord` MEDIUMBLOB DEFAULT NULL,
-    KEY `regID_expires_idx` (`registrationID`, `status`, `expires`),
-    KEY `regID_identifier_status_expires_idx` (`registrationID`, `identifierType`, `identifierValue`, `status`, `expires`)
-
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
-CREATE TABLE `orderToAuthz2` (
-    `orderID` BIGINT(20) NOT NULL,
-    `authzID` BIGINT(20) NOT NULL,
-    PRIMARY KEY order_authz (`orderID`, `authzID`),
-    KEY `authzID` (`authzID`)
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
--- +goose Down
--- SQL section 'Down' is executed when this migration is rolled back
-
-DROP TABLE `authz2`;
-
-DROP TABLE `orderToAuthz2`;
diff --git a/sa/_db/migrations/20190524120239_AddAuthz2ExpiresIndex.sql b/sa/_db/migrations/20190524120239_AddAuthz2ExpiresIndex.sql
deleted file mode 100644
index 4e055bb85..000000000
--- a/sa/_db/migrations/20190524120239_AddAuthz2ExpiresIndex.sql
+++ /dev/null
@@ -1,8 +0,0 @@
-
--- +goose Up
--- SQL in section 'Up' is executed when this migration is applied
-CREATE INDEX `expires_idx` ON `authz2` (`expires`);
-
--- +goose Down
--- SQL section 'Down' is executed when this migration is rolled back
-DROP INDEX `expires_idx` ON `authz2`;
diff --git a/sa/_db/migrations/20190717133458_DropSCTReceipts.sql b/sa/_db/migrations/20190717133458_DropSCTReceipts.sql
deleted file mode 100644
index 5c695bfcc..000000000
--- a/sa/_db/migrations/20190717133458_DropSCTReceipts.sql
+++ /dev/null
@@ -1,21 +0,0 @@
-
--- +goose Up
--- SQL in section 'Up' is executed when this migration is applied
-
-DROP TABLE `sctReceipts`;
-
--- +goose Down
--- SQL section 'Down' is executed when this migration is rolled back
-
-CREATE TABLE `sctReceipts` (
-  `id` bigint(20) NOT NULL AUTO_INCREMENT,
-  `sctVersion` tinyint(1) NOT NULL,
-  `logID` varchar(255) NOT NULL,
-  `timestamp` bigint(20) NOT NULL,
-  `extensions` blob DEFAULT NULL,
-  `signature` blob DEFAULT NULL,
-  `certificateSerial` varchar(255) NOT NULL,
-  `LockCol` bigint(20) DEFAULT NULL,
-  PRIMARY KEY (`id`),
-  UNIQUE KEY `certificateSerial_logID` (`certificateSerial`,`logID`)
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
diff --git a/sa/_db/migrations/20190902000000_AddPrecertificatesTable.sql b/sa/_db/migrations/20190902000000_AddPrecertificatesTable.sql
deleted file mode 100644
index 7aeb39f20..000000000
--- a/sa/_db/migrations/20190902000000_AddPrecertificatesTable.sql
+++ /dev/null
@@ -1,34 +0,0 @@
--- +goose Up
--- SQL in section 'Up' is executed when this migration is applied
-
-CREATE TABLE `serials` (
-  `id` bigint(20) NOT NULL AUTO_INCREMENT,
-  `registrationID` bigint(20) NOT NULL,
-  `serial` varchar(255) NOT NULL,
-  `created` datetime NOT NULL,
-  `expires` datetime NOT NULL,
-  PRIMARY KEY (`id`),
-  UNIQUE KEY `serial` (`serial`),
-  KEY `regId_serials_idx` (`registrationID`),
-  CONSTRAINT `regId_serials` FOREIGN KEY (`registrationID`) REFERENCES `registrations` (`id`) ON DELETE NO ACTION ON UPDATE NO ACTION
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
-CREATE TABLE `precertificates` (
-  `id` bigint(20) NOT NULL AUTO_INCREMENT,
-  `registrationID` bigint(20) NOT NULL,
-  `serial` varchar(255) NOT NULL,
-  `der` mediumblob NOT NULL,
-  `issued` datetime NOT NULL,
-  `expires` datetime NOT NULL,
-  PRIMARY KEY (`id`),
-  UNIQUE KEY `serial` (`serial`),
-  KEY `regId_precertificates_idx` (`registrationID`),
-  KEY `issued_precertificates_idx` (`issued`),
-  CONSTRAINT `regId_precertificates` FOREIGN KEY (`registrationID`) REFERENCES `registrations` (`id`) ON DELETE NO ACTION ON UPDATE NO ACTION
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
--- +goose Down
--- SQL section 'Down' is executed when this migration is rolled back
-
-DROP TABLE serials;
-DROP TABLE precertificates;
diff --git a/sa/_db/migrations/20191108171706_RemoveOldAuthzTables.sql b/sa/_db/migrations/20191108171706_RemoveOldAuthzTables.sql
deleted file mode 100644
index 42ba165ab..000000000
--- a/sa/_db/migrations/20191108171706_RemoveOldAuthzTables.sql
+++ /dev/null
@@ -1,43 +0,0 @@
-
--- +goose Up
--- SQL in section 'Up' is executed when this migration is applied
-
-DROP TABLE `authz`;
-DROP TABLE `pendingAuthorizations`;
-DROP TABLE `orderToAuthz`;
-
--- +goose Down
--- SQL section 'Down' is executed when this migration is rolled back
-
-CREATE TABLE `authz` (
-  `id` varchar(255) NOT NULL,
-  `identifier` varchar(255) NOT NULL,
-  `registrationID` bigint(20) NOT NULL,
-  `status` varchar(255) NOT NULL,
-  `expires` datetime DEFAULT NULL,
-  `combinations` varchar(255) NOT NULL,
-  PRIMARY KEY (`id`),
-  KEY `registrationID_identifier_status_expires_authz_idx` (`registrationID`,`identifier`,`status`,`expires`),
-  CONSTRAINT `regId_authz` FOREIGN KEY (`registrationID`) REFERENCES `registrations` (`id`) ON DELETE NO ACTION ON UPDATE NO ACTION
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
-CREATE TABLE `pendingAuthorizations` (
-  `id` varchar(255) NOT NULL,
-  `identifier` varchar(255) NOT NULL,
-  `registrationID` bigint(20) NOT NULL,
-  `status` varchar(255) NOT NULL,
-  `expires` datetime DEFAULT NULL,
-  `combinations` varchar(255) NOT NULL,
-  `LockCol` bigint(20) NOT NULL,
-  PRIMARY KEY (`id`),
-  KEY `identifier_registrationID_status_expires_idx` (`identifier`,`registrationID`,`status`,`expires`),
-  KEY `registrationID_status_expires_idx` (`registrationID`,`status`,`expires`),
-  CONSTRAINT `regId_pending_authz` FOREIGN KEY (`registrationID`) REFERENCES `registrations` (`id`) ON DELETE NO ACTION ON UPDATE NO ACTION
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
-CREATE TABLE `orderToAuthz` (
-  `orderID` bigint(20) NOT NULL,
-  `authzID` varchar(255) NOT NULL,
-  PRIMARY KEY (`orderID`,`authzID`),
-  KEY `authzID` (`authzID`)
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
diff --git a/sa/_db/migrations/20191111151306_AddIssuerInfoCertificateStatus.sql b/sa/_db/migrations/20191111151306_AddIssuerInfoCertificateStatus.sql
deleted file mode 100644
index c2e1678e4..000000000
--- a/sa/_db/migrations/20191111151306_AddIssuerInfoCertificateStatus.sql
+++ /dev/null
@@ -1,10 +0,0 @@
-
--- +goose Up
--- SQL in section 'Up' is executed when this migration is applied
-
-ALTER TABLE certificateStatus ADD `issuerID` BIGINT(20) DEFAULT NULL;
-
--- +goose Down
--- SQL section 'Down' is executed when this migration is rolled back
-
-ALTER TABLE certificateStatus DROP `issuerID`;
diff --git a/sa/_db/migrations/20191118124728_FixFQDNSetsAndIssuedNamesID.sql b/sa/_db/migrations/20191118124728_FixFQDNSetsAndIssuedNamesID.sql
deleted file mode 100644
index d5e95cec9..000000000
--- a/sa/_db/migrations/20191118124728_FixFQDNSetsAndIssuedNamesID.sql
+++ /dev/null
@@ -1,12 +0,0 @@
-
--- +goose Up
--- SQL in section 'Up' is executed when this migration is applied
-
-ALTER TABLE `fqdnSets` MODIFY `id` BIGINT(20) NOT NULL AUTO_INCREMENT;
-ALTER TABLE `issuedNames` MODIFY `id` BIGINT(20) NOT NULL AUTO_INCREMENT;
-
--- +goose Down
--- SQL section 'Down' is executed when this migration is rolled back
-
-ALTER TABLE `fqdnSets` MODIFY `id` INT(11) NOT NULL AUTO_INCREMENT;
-ALTER TABLE `issuedNames` MODIFY `id` INT(11) NOT NULL AUTO_INCREMENT;
diff --git a/sa/_db/migrations/20191129164412_RemoveOCSPResponses.sql b/sa/_db/migrations/20191129164412_RemoveOCSPResponses.sql
deleted file mode 100644
index 31228b975..000000000
--- a/sa/_db/migrations/20191129164412_RemoveOCSPResponses.sql
+++ /dev/null
@@ -1,17 +0,0 @@
-
--- +goose Up
--- SQL in section 'Up' is executed when this migration is applied
-
-DROP TABLE ocspResponses;
-
--- +goose Down
--- SQL section 'Down' is executed when this migration is rolled back
-
-CREATE TABLE `ocspResponses` (
-  `id` int(11) NOT NULL AUTO_INCREMENT,
-  `serial` varchar(255) NOT NULL,
-  `createdAt` datetime NOT NULL,
-  `response` mediumblob NOT NULL,
-  PRIMARY KEY (`id`),
-  KEY `SERIAL` (`serial`) COMMENT 'Actual lookup mechanism'
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
diff --git a/sa/_db/migrations/20200407130407_AddKeyHashTable.sql b/sa/_db/migrations/20200407130407_AddKeyHashTable.sql
deleted file mode 100644
index 095b1a678..000000000
--- a/sa/_db/migrations/20200407130407_AddKeyHashTable.sql
+++ /dev/null
@@ -1,18 +0,0 @@
-
--- +goose Up
--- SQL in section 'Up' is executed when this migration is applied
-
-CREATE TABLE `keyHashToSerial` (
-  `id` bigint(20) NOT NULL AUTO_INCREMENT,
-  `keyHash` binary(32) NOT NULL,
-  `certNotAfter` datetime NOT NULL,
-  `certSerial` varchar(255) NOT NULL,
-  PRIMARY KEY (`id`),
-  KEY `keyHash_certNotAfter` (`keyHash`, `certNotAfter`),
-  UNIQUE KEY `unique_keyHash_certserial` (`keyHash`, `certSerial`)
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
--- +goose Down
--- SQL section 'Down' is executed when this migration is rolled back
-
-DROP TABLE `keyHashToSerial`;
diff --git a/sa/_db/migrations/20200414124347_AddBlockedKeysTable.sql b/sa/_db/migrations/20200414124347_AddBlockedKeysTable.sql
deleted file mode 100644
index fd5d3c7fb..000000000
--- a/sa/_db/migrations/20200414124347_AddBlockedKeysTable.sql
+++ /dev/null
@@ -1,17 +0,0 @@
-
--- +goose Up
--- SQL in section 'Up' is executed when this migration is applied
-
-CREATE TABLE `blockedKeys` (
-    `id` bigint(20) NOT NULL AUTO_INCREMENT,
-    `keyHash` binary(32) NOT NULL UNIQUE,
-    `added` datetime NOT NULL,
-    `source` tinyint NOT NULL,
-    `comment` varchar(255) DEFAULT NULL,
-    PRIMARY KEY (`id`)
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
--- +goose Down
--- SQL section 'Down' is executed when this migration is rolled back
-
-DROP TABLE `blockedKeys`;
diff --git a/sa/_db/migrations/20200420135619_AddRowsBlockedKeys.sql b/sa/_db/migrations/20200420135619_AddRowsBlockedKeys.sql
deleted file mode 100644
index 677fe405d..000000000
--- a/sa/_db/migrations/20200420135619_AddRowsBlockedKeys.sql
+++ /dev/null
@@ -1,14 +0,0 @@
-
--- +goose Up
--- SQL in section 'Up' is executed when this migration is applied
-
-ALTER TABLE blockedKeys ADD `revokedBy` BIGINT(20) DEFAULT 0;
-ALTER TABLE blockedKeys ADD `extantCertificatesChecked` BOOLEAN DEFAULT FALSE;
-CREATE INDEX `extantCertificatesChecked_idx` ON blockedKeys (`extantCertificatesChecked`);
-
--- +goose Down
--- SQL section 'Down' is executed when this migration is rolled back
-
-ALTER TABLE blockedKeys DROP `revokedBy`;
-ALTER TABLE blockedKeys DROP `extantCertificatesChecked`;
-DROP INDEX `extantCertificatesChecked_idx` ON blockedKeys;
diff --git a/sa/_db/migrations/20200609125504_AddNewOrdersRateLimitTable.sql b/sa/_db/migrations/20200609125504_AddNewOrdersRateLimitTable.sql
deleted file mode 100644
index 795f90adb..000000000
--- a/sa/_db/migrations/20200609125504_AddNewOrdersRateLimitTable.sql
+++ /dev/null
@@ -1,16 +0,0 @@
-
--- +goose Up
--- SQL in section 'Up' is executed when this migration is applied
-
-CREATE TABLE `newOrdersRL` (
-    `id` BIGINT(20) PRIMARY KEY AUTO_INCREMENT,
-    `regID` BIGINT(20) NOT NULL,
-    `time` DATETIME NOT NULL,
-    `count` INTEGER NOT NULL,
-    UNIQUE KEY `regID_time_idx` (`regID`, `time`)
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
--- +goose Down
--- SQL section 'Down' is executed when this migration is rolled back
-
-DROP TABLE `newOrdersRL`;
diff --git a/sa/_db/migrations/20210223140000_CombinedSchema.sql b/sa/_db/migrations/20210223140000_CombinedSchema.sql
new file mode 100644
index 000000000..f9705d018
--- /dev/null
+++ b/sa/_db/migrations/20210223140000_CombinedSchema.sql
@@ -0,0 +1,237 @@
+-- +goose Up
+-- SQL in section 'Up' is executed when this migration is applied
+
+CREATE TABLE `authz2` (
+  `id` bigint(20) NOT NULL AUTO_INCREMENT,
+  `identifierType` tinyint(4) NOT NULL,
+  `identifierValue` varchar(255) NOT NULL,
+  `registrationID` bigint(20) NOT NULL,
+  `status` tinyint(4) NOT NULL,
+  `expires` datetime NOT NULL,
+  `challenges` tinyint(4) NOT NULL,
+  `attempted` tinyint(4) DEFAULT NULL,
+  `attemptedAt` datetime DEFAULT NULL,
+  `token` binary(32) NOT NULL,
+  `validationError` mediumblob DEFAULT NULL,
+  `validationRecord` mediumblob DEFAULT NULL,
+  PRIMARY KEY (`id`),
+  UNIQUE KEY `token` (`token`),
+  KEY `regID_expires_idx` (`registrationID`,`status`,`expires`),
+  KEY `regID_identifier_status_expires_idx` (`registrationID`,`identifierType`,`identifierValue`,`status`,`expires`),
+  KEY `expires_idx` (`expires`)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+CREATE TABLE `blockedKeys` (
+  `id` bigint(20) NOT NULL AUTO_INCREMENT,
+  `keyHash` binary(32) NOT NULL,
+  `added` datetime NOT NULL,
+  `source` tinyint(4) NOT NULL,
+  `comment` varchar(255) DEFAULT NULL,
+  `revokedBy` bigint(20) DEFAULT 0,
+  `extantCertificatesChecked` tinyint(1) DEFAULT 0,
+  PRIMARY KEY (`id`),
+  UNIQUE KEY `keyHash` (`keyHash`),
+  KEY `extantCertificatesChecked_idx` (`extantCertificatesChecked`)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+CREATE TABLE `certificateStatus` (
+  `id` bigint(20) NOT NULL AUTO_INCREMENT,
+  `serial` varchar(255) NOT NULL,
+  `subscriberApproved` tinyint(1) DEFAULT 0,
+  `status` varchar(255) NOT NULL,
+  `ocspLastUpdated` datetime NOT NULL,
+  `revokedDate` datetime NOT NULL,
+  `revokedReason` int(11) NOT NULL,
+  `lastExpirationNagSent` datetime NOT NULL,
+  `LockCol` bigint(20) DEFAULT 0,
+  `ocspResponse` blob DEFAULT NULL,
+  `notAfter` datetime DEFAULT NULL,
+  `isExpired` tinyint(1) DEFAULT 0,
+  `issuerID` bigint(20) DEFAULT NULL,
+  PRIMARY KEY (`id`),
+  UNIQUE KEY `serial` (`serial`),
+  KEY `isExpired_ocspLastUpdated_idx` (`isExpired`,`ocspLastUpdated`),
+  KEY `notAfter_idx` (`notAfter`)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+CREATE TABLE `certificatesPerName` (
+  `id` bigint(20) NOT NULL AUTO_INCREMENT,
+  `eTLDPlusOne` varchar(255) NOT NULL,
+  `time` datetime NOT NULL,
+  `count` int(11) NOT NULL,
+  PRIMARY KEY (`id`),
+  UNIQUE KEY `eTLDPlusOne_time_idx` (`eTLDPlusOne`,`time`)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+CREATE TABLE `crls` (
+  `serial` varchar(255) NOT NULL,
+  `createdAt` datetime NOT NULL,
+  `crl` varchar(255) NOT NULL,
+  PRIMARY KEY (`serial`)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+CREATE TABLE `fqdnSets` (
+  `id` bigint(20) NOT NULL AUTO_INCREMENT,
+  `setHash` binary(32) NOT NULL,
+  `serial` varchar(255) NOT NULL,
+  `issued` datetime NOT NULL,
+  `expires` datetime NOT NULL,
+  PRIMARY KEY (`id`),
+  UNIQUE KEY `serial` (`serial`),
+  KEY `setHash_issued_idx` (`setHash`,`issued`)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+CREATE TABLE `issuedNames` (
+  `id` bigint(20) NOT NULL AUTO_INCREMENT,
+  `reversedName` varchar(640) CHARACTER SET ascii NOT NULL,
+  `notBefore` datetime NOT NULL,
+  `serial` varchar(255) NOT NULL,
+  `renewal` tinyint(1) NOT NULL DEFAULT 0,
+  PRIMARY KEY (`id`),
+  KEY `reversedName_notBefore_Idx` (`reversedName`,`notBefore`),
+  KEY `reversedName_renewal_notBefore_Idx` (`reversedName`,`renewal`,`notBefore`)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+CREATE TABLE `keyHashToSerial` (
+  `id` bigint(20) NOT NULL AUTO_INCREMENT,
+  `keyHash` binary(32) NOT NULL,
+  `certNotAfter` datetime NOT NULL,
+  `certSerial` varchar(255) NOT NULL,
+  PRIMARY KEY (`id`),
+  UNIQUE KEY `unique_keyHash_certserial` (`keyHash`,`certSerial`),
+  KEY `keyHash_certNotAfter` (`keyHash`,`certNotAfter`)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+CREATE TABLE `newOrdersRL` (
+  `id` bigint(20) NOT NULL AUTO_INCREMENT,
+  `regID` bigint(20) NOT NULL,
+  `time` datetime NOT NULL,
+  `count` int(11) NOT NULL,
+  PRIMARY KEY (`id`),
+  UNIQUE KEY `regID_time_idx` (`regID`,`time`)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+CREATE TABLE `orderToAuthz2` (
+  `orderID` bigint(20) NOT NULL,
+  `authzID` bigint(20) NOT NULL,
+  PRIMARY KEY (`orderID`,`authzID`),
+  KEY `authzID` (`authzID`)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+CREATE TABLE `orders` (
+  `id` bigint(20) NOT NULL AUTO_INCREMENT,
+  `registrationID` bigint(20) NOT NULL,
+  `expires` datetime NOT NULL,
+  `error` mediumblob DEFAULT NULL,
+  `certificateSerial` varchar(255) DEFAULT NULL,
+  `beganProcessing` tinyint(1) NOT NULL DEFAULT 0,
+  `created` datetime NOT NULL,
+  PRIMARY KEY (`id`),
+  KEY `reg_status_expires` (`registrationID`,`expires`),
+  KEY `regID_created_idx` (`registrationID`,`created`)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+CREATE TABLE `registrations` (
+  `id` bigint(20) NOT NULL AUTO_INCREMENT,
+  `jwk` mediumblob NOT NULL,
+  `jwk_sha256` varchar(255) NOT NULL,
+  `contact` varchar(191) CHARACTER SET utf8mb4 NOT NULL,
+  `agreement` varchar(255) NOT NULL,
+  `LockCol` bigint(20) NOT NULL,
+  `initialIP` binary(16) NOT NULL DEFAULT '\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0',
+  `createdAt` datetime NOT NULL,
+  `status` varchar(255) NOT NULL DEFAULT 'valid',
+  PRIMARY KEY (`id`),
+  UNIQUE KEY `jwk_sha256` (`jwk_sha256`),
+  KEY `initialIP_createdAt` (`initialIP`,`createdAt`)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+-- Tables below have foreign key constraints, so are created after all other tables.
+
+CREATE TABLE `certificates` (
+  `id` bigint(20) NOT NULL AUTO_INCREMENT,
+  `registrationID` bigint(20) NOT NULL,
+  `serial` varchar(255) NOT NULL,
+  `digest` varchar(255) NOT NULL,
+  `der` mediumblob NOT NULL,
+  `issued` datetime NOT NULL,
+  `expires` datetime NOT NULL,
+  PRIMARY KEY (`id`),
+  UNIQUE KEY `serial` (`serial`),
+  KEY `regId_certificates_idx` (`registrationID`) COMMENT 'Common lookup',
+  KEY `issued_idx` (`issued`),
+  CONSTRAINT `regId_certificates` FOREIGN KEY (`registrationID`) REFERENCES `registrations` (`id`) ON DELETE NO ACTION ON UPDATE NO ACTION
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+CREATE TABLE `orderFqdnSets` (
+  `id` bigint(20) NOT NULL AUTO_INCREMENT,
+  `setHash` binary(32) NOT NULL,
+  `orderID` bigint(20) NOT NULL,
+  `registrationID` bigint(20) NOT NULL,
+  `expires` datetime NOT NULL,
+  PRIMARY KEY (`id`),
+  KEY `setHash_expires_idx` (`setHash`,`expires`),
+  KEY `orderID_idx` (`orderID`),
+  KEY `orderFqdnSets_registrationID_registrations` (`registrationID`),
+  CONSTRAINT `orderFqdnSets_orderID_orders` FOREIGN KEY (`orderID`) REFERENCES `orders` (`id`) ON DELETE NO ACTION ON UPDATE NO ACTION,
+  CONSTRAINT `orderFqdnSets_registrationID_registrations` FOREIGN KEY (`registrationID`) REFERENCES `registrations` (`id`) ON DELETE NO ACTION ON UPDATE NO ACTION
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+CREATE TABLE `precertificates` (
+  `id` bigint(20) NOT NULL AUTO_INCREMENT,
+  `registrationID` bigint(20) NOT NULL,
+  `serial` varchar(255) NOT NULL,
+  `der` mediumblob NOT NULL,
+  `issued` datetime NOT NULL,
+  `expires` datetime NOT NULL,
+  PRIMARY KEY (`id`),
+  UNIQUE KEY `serial` (`serial`),
+  KEY `regId_precertificates_idx` (`registrationID`),
+  KEY `issued_precertificates_idx` (`issued`),
+  CONSTRAINT `regId_precertificates` FOREIGN KEY (`registrationID`) REFERENCES `registrations` (`id`) ON DELETE NO ACTION ON UPDATE NO ACTION
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+CREATE TABLE `requestedNames` (
+  `id` bigint(20) NOT NULL AUTO_INCREMENT,
+  `orderID` bigint(20) NOT NULL,
+  `reversedName` varchar(253) CHARACTER SET ascii NOT NULL,
+  PRIMARY KEY (`id`),
+  KEY `orderID_idx` (`orderID`),
+  KEY `reversedName_idx` (`reversedName`),
+  CONSTRAINT `orderID_orders` FOREIGN KEY (`orderID`) REFERENCES `orders` (`id`) ON DELETE CASCADE
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+CREATE TABLE `serials` (
+  `id` bigint(20) NOT NULL AUTO_INCREMENT,
+  `registrationID` bigint(20) NOT NULL,
+  `serial` varchar(255) NOT NULL,
+  `created` datetime NOT NULL,
+  `expires` datetime NOT NULL,
+  PRIMARY KEY (`id`),
+  UNIQUE KEY `serial` (`serial`),
+  KEY `regId_serials_idx` (`registrationID`),
+  CONSTRAINT `regId_serials` FOREIGN KEY (`registrationID`) REFERENCES `registrations` (`id`) ON DELETE NO ACTION ON UPDATE NO ACTION
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+-- +goose Down
+-- SQL section 'Down' is executed when this migration is rolled back
+
+-- First set of tables have foreign key constraints, so are dropped first.
+DROP TABLE `certificates`
+DROP TABLE `orderFqdnSets`
+DROP TABLE `precertificates`
+DROP TABLE `requestedNames`
+DROP TABLE `serials`
+
+DROP TABLE `authz2`
+DROP TABLE `blockedKeys`
+DROP TABLE `certificateStatus`
+DROP TABLE `certificatesPerName`
+DROP TABLE `crls`
+DROP TABLE `fqdnSets`
+DROP TABLE `issuedNames`
+DROP TABLE `keyHashToSerial`
+DROP TABLE `newOrdersRL`
+DROP TABLE `orderToAuthz2`
+DROP TABLE `orders`
+DROP TABLE `registrations`