1-- X.509 AuthorityKeyIdentifier 2-- rfc5280 section 4.2.1.1 3 4AuthorityKeyIdentifier ::= SEQUENCE { 5 keyIdentifier [0] IMPLICIT KeyIdentifier OPTIONAL, 6 authorityCertIssuer [1] IMPLICIT GeneralNames OPTIONAL, 7 authorityCertSerialNumber [2] IMPLICIT CertificateSerialNumber OPTIONAL 8 } 9 10KeyIdentifier ::= OCTET STRING ({ x509_akid_note_kid }) 11 12CertificateSerialNumber ::= INTEGER ({ x509_akid_note_serial }) 13 14GeneralNames ::= SEQUENCE OF GeneralName 15 16GeneralName ::= CHOICE { 17 otherName [0] ANY, 18 rfc822Name [1] IA5String, 19 dNSName [2] IA5String, 20 x400Address [3] ANY, 21 directoryName [4] Name ({ x509_akid_note_name }), 22 ediPartyName [5] ANY, 23 uniformResourceIdentifier [6] IA5String, 24 iPAddress [7] OCTET STRING, 25 registeredID [8] OBJECT IDENTIFIER 26 } 27 28Name ::= SEQUENCE OF RelativeDistinguishedName 29 30RelativeDistinguishedName ::= SET OF AttributeValueAssertion 31 32AttributeValueAssertion ::= SEQUENCE { 33 attributeType OBJECT IDENTIFIER ({ x509_note_OID }), 34 attributeValue ANY ({ x509_extract_name_segment }) 35 } 36