Behavior of Development Certificate in Apple Developer Portal and Keychain

This is a question regarding Apple Development Certificates. There are two parts:

Part 1: create and download certificates on apple developer portal.

Background:

I can download my teammates developments certificates as well as mine on the apple developer portal certificate management page. When I download others', there is no private key linked to the certificate, When I download mine, there is. This makes total sense: I should have only access to my own private keys.

Questions:

The question is: is this determined by the developer portal? I log into developer portal, so when I download the certs, developer portal will give me the private key if the certs belong to me?

The next question is: where does the private key come from? Does developer portal generate the private keys based on the CSR I uploaded when I create the certificate?

Part 2: certificates in keychain

Background:

In keychain, there is a "My Certificates" category. After I imported the certificates for myself and my teammates, all my certificates appear under the "My Certificates" category, and my teammates' certificates are excluded from this category. This makes total sense.

Question:

How does Keychain know that these certificates belong to me? What information in the certificates are used by Keychain to achieve that? I thought it's the apple id in the certificate, but when I log out from my Macbook, Keychain still knows my certificates.