get X509Certificate serial number

I need to get serial number of x509 certificate. The result of usage "certificate.getSerialNumber()" differs from the expected. As I see X509 certificate file specs, it should go in following format:

    Certificate  ::=  SEQUENCE  {
        tbsCertificate       TBSCertificate,
        signatureAlgorithm   AlgorithmIdentifier,
        signatureValue       BIT STRING  }

   TBSCertificate  ::=  SEQUENCE  {
        version         [0]  EXPLICIT Version DEFAULT v1,
        serialNumber         CertificateSerialNumber,
        signature            AlgorithmIdentifier,
        issuer               Name,
        validity             Validity,
        subject              Name,
        subjectPublicKeyInfo SubjectPublicKeyInfo,
        issuerUniqueID  [1]  IMPLICIT UniqueIdentifier OPTIONAL,
                             -- If present, version shall be v2 or v3
        subjectUniqueID [2]  IMPLICIT UniqueIdentifier OPTIONAL,
                             -- If present, version shall be v2 or v3
        extensions      [3]  EXPLICIT Extensions OPTIONAL
                             -- If present, version shall be v3
        }

And I couldn't find in the begining of the file the value that is provided by certificate.getSerialNumber() method.

And related question: When trying to display the serial with openssl it takes right value from file but adds '3' after each number.

So my question is: How can I get the stored serial value? And where to read why and how openssl and java modifies this data.

OPENSSL

Run with:

openssl x509 -serial -noout -inform DER -in mycert.cer

Result:

serial=3030303031303030303030313030373439323639

JAVA

Code:

InputStream in = new FileInputStream("mycert.cer");
BouncyCastleProvider provider = new BouncyCastleProvider();
CertificateFactory certificateFactory = CertificateFactory.getInstance("X509", provider);
X509Certificate certificate = (X509Certificate) certificateFactory.generateCertificate(in);
BigInteger serialNum = certificate.getSerialNumber();
System.out.println(serialNum);

Output:

275106190557734483187066766755592068430195471929

FILE

And viewing the file, I see:

开发者_Go百科0...0..r.......000010000001007492690
.   *.H..
..

which seems to be the serial, provided by openssl but openssl mix it with '3'(after each number).

---

I had the same problem with ruby and found the answer here in java X509 serial number using java

For those who wants the solution in ruby

serial = 275106190557734483187066766755592068430195471929
serial.to_s(16)

this will output 3030303031303030303030313030373439323639

---

Java doesn't modify this data. I'd be amazed if openssl did either. Presumably your expectations are incorrect.