diff --git a/builtin/logical/pki/path_acme_order.go b/builtin/logical/pki/path_acme_order.go
index 19fa30b8c1..73a4011d6c 100644
--- a/builtin/logical/pki/path_acme_order.go
+++ b/builtin/logical/pki/path_acme_order.go
@@ -338,6 +338,8 @@ func (b *backend) acmeFinalizeOrderHandler(ac *acmeContext, r *logical.Request,
 		observe.NewAdditionalPKIMetadata("issuer_id", issuerId.String()),
 		observe.NewAdditionalPKIMetadata("order_id", order.OrderId),
 		observe.NewAdditionalPKIMetadata("stored", stored),
+		observe.NewAdditionalPKIMetadata("subject_key_id", signedCertBundle.Certificate.SubjectKeyId),
+		observe.NewAdditionalPKIMetadata("authority_key_id", signedCertBundle.Certificate.AuthorityKeyId),
 		observe.NewAdditionalPKIMetadata("public_key_algorithm", signedCertBundle.Certificate.PublicKeyAlgorithm.String()),
 		observe.NewAdditionalPKIMetadata("public_key_size", certutil.GetPublicKeySize(signedCertBundle.Certificate.PublicKey)),
 		observe.NewAdditionalPKIMetadata("common_name", csr.Subject.CommonName),
diff --git a/builtin/logical/pki/path_root.go b/builtin/logical/pki/path_root.go
index 40b43a7e09..f86f9efb53 100644
--- a/builtin/logical/pki/path_root.go
+++ b/builtin/logical/pki/path_root.go
@@ -479,6 +479,7 @@ func (b *backend) pathIssuerSignIntermediate(ctx context.Context, req *logical.R
 		observe.NewAdditionalPKIMetadata("not_after", parsedBundle.Certificate.NotAfter.Format(time.RFC3339)),
 		observe.NewAdditionalPKIMetadata("not_before", parsedBundle.Certificate.NotBefore.Format(time.RFC3339)),
 		observe.NewAdditionalPKIMetadata("common_name", parsedBundle.Certificate.Subject.CommonName),
+		observe.NewAdditionalPKIMetadata("serial_number", parsedBundle.Certificate.SerialNumber),
 		observe.NewAdditionalPKIMetadata("public_key_algorithm", parsedBundle.Certificate.PublicKeyAlgorithm.String()),
 		observe.NewAdditionalPKIMetadata("public_key_size", certutil.GetPublicKeySize(parsedBundle.Certificate.PublicKey)),
 		observe.NewAdditionalPKIMetadata("subject_key_id", parsedBundle.Certificate.SubjectKeyId),
diff --git a/builtin/logical/pki/storage.go b/builtin/logical/pki/storage.go
index 942d783944..822313e216 100644
--- a/builtin/logical/pki/storage.go
+++ b/builtin/logical/pki/storage.go
@@ -334,6 +334,7 @@ type ImportedIssuerInfo struct {
 	NotBefore          string `json:"not_before"`
 	NotAfter           string `json:"not_after"`
 	PublicKeyAlgorithm string `json:"public_key_algorithm"`
+	PublicKeySize      int    `json:"public_key_size"`
 }
 
 func (sc *storageContext) importIssuer(certValue string, issuerName string) (*issuing.IssuerEntry, *ImportedIssuerInfo, bool, error) {
@@ -393,6 +394,7 @@ func (sc *storageContext) importIssuer(certValue string, issuerName string) (*is
 		NotBefore:          issuerCert.NotBefore.Format(time.RFC3339),
 		NotAfter:           issuerCert.NotAfter.Format(time.RFC3339),
 		PublicKeyAlgorithm: issuerCert.PublicKeyAlgorithm.String(),
+		PublicKeySize:      certutil.GetPublicKeySize(issuerCert.PublicKey),
 	}
 
 	foundExistingIssuerWithName := false