0001 -- X.509 AuthorityKeyIdentifier
0002 -- rfc5280 section 4.2.1.1
0003
0004 AuthorityKeyIdentifier ::= SEQUENCE {
0005 keyIdentifier [0] IMPLICIT KeyIdentifier OPTIONAL,
0006 authorityCertIssuer [1] IMPLICIT GeneralNames OPTIONAL,
0007 authorityCertSerialNumber [2] IMPLICIT CertificateSerialNumber OPTIONAL
0008 }
0009
0010 KeyIdentifier ::= OCTET STRING ({ x509_akid_note_kid })
0011
0012 CertificateSerialNumber ::= INTEGER ({ x509_akid_note_serial })
0013
0014 GeneralNames ::= SEQUENCE OF GeneralName
0015
0016 GeneralName ::= CHOICE {
0017 otherName [0] ANY,
0018 rfc822Name [1] IA5String,
0019 dNSName [2] IA5String,
0020 x400Address [3] ANY,
0021 directoryName [4] Name ({ x509_akid_note_name }),
0022 ediPartyName [5] ANY,
0023 uniformResourceIdentifier [6] IA5String,
0024 iPAddress [7] OCTET STRING,
0025 registeredID [8] OBJECT IDENTIFIER
0026 }
0027
0028 Name ::= SEQUENCE OF RelativeDistinguishedName
0029
0030 RelativeDistinguishedName ::= SET OF AttributeValueAssertion
0031
0032 AttributeValueAssertion ::= SEQUENCE {
0033 attributeType OBJECT IDENTIFIER ({ x509_note_OID }),
0034 attributeValue ANY ({ x509_extract_name_segment })
0035 }
