You can construct a X509AsymmetricSecurityKey from a X509Certificate2 instance using the X509AsymmetricSecurityKey(X509Certificate2) constructor; but can get the X509Certificate2 instance from the security key?
As a parallel example, the InMemorySymmetricSecurityKey class exposes a GetSymmetricKey() method that can be used to retrieve the symmetric key.
I had hoped to see an equivalent method like GetCertificate() exposed by the X509AsymmetricSecurityKey class, but the closest method I see is GetAsymmetricAlgorithm(string algorithm, bool privateKey).
What I am really after is the ability to verify the digital signature of a message that was signed using the private key of the certificate, which means the signature is verified using the public key of the certificate.
Is there a way to verify the signature using the asymmetric algorithm of the security key?
While owlstead was correct that you cannot retrieve the X.509 certificate from the security key; what I should have indicated was that I was attempting to verify a digital signature of a JSON web token where the security key contained the public portion of the public-private key pair.
You can in fact use the security key to verify the signature. The following is an example of how to generally go about it: