| -- X.509 AuthorityKeyIdentifier |
| -- rfc5280 section 4.2.1.1 |
| AuthorityKeyIdentifier ::= SEQUENCE { |
| keyIdentifier [0] IMPLICIT KeyIdentifier OPTIONAL, |
| authorityCertIssuer [1] IMPLICIT GeneralNames OPTIONAL, |
| authorityCertSerialNumber [2] IMPLICIT CertificateSerialNumber OPTIONAL |
| KeyIdentifier ::= OCTET STRING ({ x509_akid_note_kid }) |
| CertificateSerialNumber ::= INTEGER ({ x509_akid_note_serial }) |
| GeneralNames ::= SEQUENCE OF GeneralName |
| rfc822Name [1] IA5String, |
| directoryName [4] Name ({ x509_akid_note_name }), |
| uniformResourceIdentifier [6] IA5String, |
| iPAddress [7] OCTET STRING, |
| registeredID [8] OBJECT IDENTIFIER |
| Name ::= SEQUENCE OF RelativeDistinguishedName |
| RelativeDistinguishedName ::= SET OF AttributeValueAssertion |
| AttributeValueAssertion ::= SEQUENCE { |
| attributeType OBJECT IDENTIFIER ({ x509_note_OID }), |
| attributeValue ANY ({ x509_extract_name_segment }) |