The invention relates to a certificate authorization method of a separation-mechanism mobile management system. The method comprises the steps of: firstly, carrying out identity authentication on a moving node accessed into the separation-mechanism mobile management system, after successful authentication, adding routs and establishing a tunnel by all functional entities in the system through mobile signaling interaction, acquiring home network prefix information stored in a server by the mobile node, and acquiring a network service by the mobile node at the moment so as to realize the authorization of the separation mechanism mobile management to the mobile node. The method comprises home domain initial authentication, home domain reauthentication, foreign domain initial authentication, foreign domain reauthentication and authentication to the mobile node. According to the invention, an AGW (Access Gateway), a CGW (Customer GateWay), a DGW (Data Gateway) and an AAA (Authentication, Authorization and Accounting) server are taken as main functional entities, and a series message interaction among the AGW, CGW, DGW and AAA server is used to complete the authentication of the legality of the mobile node so as to guarantee network safety.