By far, RSA is a most wide used cryptography algorithm. Both ITU-T X.509 and IETF PKIX WG define the RSA algorithm identifier, however, they are not identical.

ITU-T X.509[1] defines the algorithm as:

rsa ALGORITHM ::= {
    _IDENTIFIED BY id-ea-rsa

KeySize ::= INTEGER
id-ea-rsa OBJECT IDENTIFIER ::= {joint-iso-itu-t(2) ds(5)
      algorithm(8) encryptionAlgorithm(1) rsa(1)}

While IETF PKIX WG[2] defines the algorithm as:

rsaPublicKey ALGORITHM-ID ::= {OID rsaEncryption PARMS NULL}
rsaEncryption OBJECT IDENTIFIER ::= {iso(1) member-body(2)
              us(840) rsadsi(113549) pkcs(1) pkcs-1(1) rsaEncryption(1)}

There two differences:

  1. different OID. ITU-T defines it as “”, while PKIX WG defines it as “1.2.840.113549.1.1.1”
  2. different algorithm parameters ITU-T defines a parameter for RSA, “KeySize”, while PKIX WG defines it as null.

Indeed, the RSA encryption algorithm PKIX WG used is defined by PKCS#1 [3][4], it is the industry standard definition. Most of the world use PKCS#1 OID, but not the one of ITU-T. Because of the above differences, there is a risk of interoperability problems between ITU-T X.509 compliant implementations and PKIX compliant implementations.

[1] [2] [3] [4]