Now I have a certificate without extensions such as 'authority key identifier' and 'subject key identifier'. How can I add these extensions to the existing certificate using Bouncy Castle or other jars? If impossible, how can I create a certificate with all extensions listed in RFC 5280 using Java or Python?