diff --git a/smx509/x509.go b/smx509/x509.go
index a783048..6a6eae2 100644
--- a/smx509/x509.go
+++ b/smx509/x509.go
@@ -1,4 +1,22 @@
 // Package smx509 parses X.509-encoded keys and certificates include SM2/SM3 support.
+//
+// It allows parsing and generating certificates, certificate signing
+// requests, certificate revocation lists, and encoded public and private keys.
+// It provides a certificate verifier, complete with a chain builder.
+//
+// The package targets the X.509 technical profile defined by the IETF (RFC
+// 2459/3280/5280), and as further restricted by the CA/Browser Forum Baseline
+// Requirements. There is minimal support for features outside of these
+// profiles, as the primary goal of the package is to provide compatibility
+// with the publicly trusted TLS certificate ecosystem and its policies and
+// constraints.
+//
+// On Windows, certificate verification is handled by system APIs, but
+// the package aims to apply consistent validation rules across operating
+// systems.
+//
+// On macOS, we did NOT support to use system root CA yet due to too many SDK internal
+// package's dependencies.
 package smx509
 
 import (
@@ -139,7 +157,6 @@ func MarshalPKIXPublicKey(pub interface{}) ([]byte, error) {
 // These structures reflect the ASN.1 structure of X.509 certificates.:
 
 type certificate struct {
-	Raw                asn1.RawContent
 	TBSCertificate     tbsCertificate
 	SignatureAlgorithm pkix.AlgorithmIdentifier
 	SignatureValue     asn1.BitString
@@ -1454,7 +1471,6 @@ func CreateCertificate(rand io.Reader, template, parent *x509.Certificate, pub,
 	}
 
 	signedCert, err := asn1.Marshal(certificate{
-		nil,
 		c,
 		signatureAlgorithm,
 		asn1.BitString{Bytes: signature, BitLength: len(signature) * 8},