During certificate validation, which component, created by the CA, is used to confirm the certificate's authenticity?

During certificate validation, the issuer's digital signature is used to confirm authenticity. The CA signs the certificate with its private key, binding the CA’s identity to the certificate and ensuring the certificate’s contents haven’t been altered. When someone or a system validates the certificate, it uses the CA’s public key (from the CA’s own certificate) to verify that signature. If the verification succeeds, the certificate is trusted as having been issued by that CA and you can trust the bound public key and identity. The other pieces don’t confirm authenticity on their own. The certificate’s private key belongs to the subject and is used for operations like proving identity or establishing encrypted sessions, not for validating the CA’s signature. The serial number is simply a unique identifier for the certificate. The validity period only indicates the time window during which the certificate is considered valid, not who issued it.