为什么rsa公钥是数字但公钥是字母？

Question

当我检查.crt 文件时，我看到：

$ openssl x509 -in server.crt -text

//bla bla bla
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:b4:f0:e7:15:58:9d:3c:1a:46:45:24:2d:e8:
                    3a:2a:4b:5c:1a:2d:7f:9a:0b:28:e5:d3:cb:0d:c7:
                    a4:a4:fd:4b:4e:94:c7:dd:f0:8f:14:e5:78:c7:27:
                    a7:9a:c9:4e:6f:a9:fb:9a:68:fe:54:7e:d0:a3:69:
                    de:00:2d:7c:5d:93:87:e6:17:2a:bd:93:bb:2c:34:
                    b1:cf:23:a5:44:d2:ab:2a:e3:72:71:24:a7:cb:32:
                    b3:f7:9d:85:66:4b:d6:72:2a:e3:25:fc:c8:06:8a:
                    a1:ea:a5:65:e8:75:7d:89:3e:cd:90:24:4c:48:da:
                    a4:f5:ea:ba:b4:af:ee:55:18:b4:95:8b:00:74:98:
                    a0:00:45:57:83:4e:f5:23:9f:e1:f0:5b:47:5f:a7:
                    99:40:55:75:10:fd:c9:b3:b1:5e:17:43:b4:86:b1:
                    0f:95:5f:b0:50:45:f2:6d:7c:63:96:1d:ba:2c:97:
                    73:87:4d:54:fb:8a:72:5e:da:ea:e1:37:33:aa:ce:
                    a2:3f:07:f8:f7:96:3e:f0:c7:5e:c4:10:c7:40:0a:
                    8a:52:1b:27:0e:46:d5:7e:04:49:f4:1d:25:0a:af:
                    6a:4d:46:3c:ff:06:40:84:4e:f6:c6:af:8b:b0:0d:
                    c7:48:68:1f:ed:c9:df:13:e7:ad:7e:55:35:06:ad:
                    3a:05

显示 RSA 公钥已编号，但是，当我检查同一文件的公钥时，它会显示字母密钥：

$ openssl x509 -in server.crt -pubkey -noout

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmrTw5xVYnTwaRkUkLeg6
KktcGi1/mgso5dPLDcekpP1LTpTH3fCPFOV4xyenmslOb6n7mmj+VH7Qo2neAC18
XZOH5hcqvZO7LDSxzyOlRNKrKuNycSSnyzKz952FZkvWcirjJfzIBoqh6qVl6HV9
iT7NkCRMSNqk9eq6tK/uVRi0lYsAdJigAEVXg071I5/h8FtHX6eZQFV1EP3Js7Fe
F0O0hrEPlV+wUEXybXxjlh26LJdzh01U+4pyXtrq4Tczqs6iPwf495Y+8MdexBDH
QAqKUhsnDkbVfgRJ9B0lCq9qTUY8/wZAhE72xq+LsA3HSGgf7cnfE+etflU1Bq06
BQIDAQAB
-----END PUBLIC KEY-----

为什么其中一个是十六进制数字，而另一个相同的键是字母？

（注意：如果有帮助，我已经创建了一个自签名密钥。）

Answer 1

为什么其中一个是十六进制数字，而另一个相同的键是字母？

出于同样的原因，苹果和橙子的味道不同。

$ openssl x509 -in server.crt -text

这以人类可读的格式显示证书的属性。这包括提供算法的文本描述、密钥大小以及 RSA 模数的十六进制值。

$ openssl x509 -in server.crt -pubkey -noout

这将产生一个 PEM 编码的 X.509 SubjectPublicKeyInfo 值。它旨在由机器而非人类读取。如果您想查看相同的信息，请通过openssl pkey -pubin -text -noout 运行，例如

$ openssl x509 -in server.crt -pubkey -noout | openssl pkey -pubin -text -noout
RSA Public-Key: (2048 bit)
Modulus:
    00:9a:b4:f0:e7:15:58:9d:3c:1a:46:45:24:2d:e8:
    3a:2a:4b:5c:1a:2d:7f:9a:0b:28:e5:d3:cb:0d:c7:
    a4:a4:fd:4b:4e:94:c7:dd:f0:8f:14:e5:78:c7:27:
    a7:9a:c9:4e:6f:a9:fb:9a:68:fe:54:7e:d0:a3:69:
    de:00:2d:7c:5d:93:87:e6:17:2a:bd:93:bb:2c:34:
    b1:cf:23:a5:44:d2:ab:2a:e3:72:71:24:a7:cb:32:
    b3:f7:9d:85:66:4b:d6:72:2a:e3:25:fc:c8:06:8a:
    a1:ea:a5:65:e8:75:7d:89:3e:cd:90:24:4c:48:da:
    a4:f5:ea:ba:b4:af:ee:55:18:b4:95:8b:00:74:98:
    a0:00:45:57:83:4e:f5:23:9f:e1:f0:5b:47:5f:a7:
    99:40:55:75:10:fd:c9:b3:b1:5e:17:43:b4:86:b1:
    0f:95:5f:b0:50:45:f2:6d:7c:63:96:1d:ba:2c:97:
    73:87:4d:54:fb:8a:72:5e:da:ea:e1:37:33:aa:ce:
    a2:3f:07:f8:f7:96:3e:f0:c7:5e:c4:10:c7:40:0a:
    8a:52:1b:27:0e:46:d5:7e:04:49:f4:1d:25:0a:af:
    6a:4d:46:3c:ff:06:40:84:4e:f6:c6:af:8b:b0:0d:
    c7:48:68:1f:ed:c9:df:13:e7:ad:7e:55:35:06:ad:
    3a:05
Exponent: 65537 (0x10001)

因为该命令读取 PEM 编码的 X.509 SubjectPublicKeyInfo blob 并将其转换为人类可读的形式（呈现方式略有不同，因为它跳过了算法的标签）。