Server key generation for PIV Test Cards

[murali perumal]

Hi Team,

I am new to this PIV test card authentication. I would like to get below clarification.

1. Downloaded Self-signedTrustAnchorCertificate.cer and intermediate certificates then converted to .pem file.
   1. To verify the client certificate, do we need to generate server certificate and private key and sign it with Root CA? or Using intermediate certificate itself client certificate can be verified?
   2. Can we get the server certificate as well from NIST?
2. Is there any example of PIV certificate verification?