I have no problem extracting the "SubjectKeyIdentifier" value from the x509certificates object, which I do by first setting the X509 object to variable $Cert and then executing the following line:
$Cert.Extensions.SubjectKeyIdentifier
That value corresponds to what I see in the MMC GUI.
However, there is no such value or option for
$Cert.Extensions.AuthorityKeyIdentifier.
I can go further into the object via:
$Cert.Extensions.Oid
And that produces two columns such as:
Value FriendlyName
2.5.29.14 Subject Key Identifier
2.4.29.35 Authority Key Identifier
However, there is no way that I have found to get the actual or true value of the Authority Key Identifier like I did for the Subject Key Identifier and which corresponds to the value in the MMC GUI.
TO confirm, this is a leaf level certificate and the GUI does show a long stringed value for the Subject Key Identifier.
How can I extract that value in the object?
The framework doesn't have a built-in decoder for Authority Key Identifier. You'd have to use an ASN.1 DER reader, such as https://dotnet.myget.org/feed/dotnet-corefxlab/package/nuget/System.Security.Cryptography.Asn1.Experimental, Bouncy Castle, or other non-built-in pieces of technology (or hand-roll it) and decode the X509Extension.RawData value according to the encoding in https://www.rfc-editor.org/rfc/rfc5280#section-4.2.1.1.