1.1.1.1: Fast, privacy-first consumer DNS service

What browser are you using? Almost looks like it doesn't support SANs. Either that or the debug is only printing DNS.1.

  $ openssl s_client -connect 1.1.1.1:443 </dev/null 2>&1 | openssl x509 -noout -text | grep "CN=\|DNS"
          Issuer: C=US, O=DigiCert Inc, CN=DigiCert ECC Secure Server CA
          Subject: C=US, ST=CA, L=San Francisco, O=Cloudflare, Inc., CN=*.cloudflare-dns.com
                  DNS:*.cloudflare-dns.com, IP Address:1.1.1.1, IP Address:1.0.0.1, DNS:cloudflare-dns.com, IP Address:2606:4700:4700:0:0:0:0:1111, IP Address:2606:4700:4700:0:0:0:0:1001