OpenSK/tools/openssl/opensk.conf

oid_section = OIDS

[ OIDS ]
fido_attestation = 1.3.6.1.4.1.45724.2.1.1
fido_aaguid = 1.3.6.1.4.1.45724.1.1.4

[ req ]
encrypt_key = no
default_md = sha256
utf8 = yes
string_mask = utf8only
prompt = no
distinguished_name = fido_dn
req_extensions = fido_reqext

[ fido_dn ]
countryName = "US"
organizationName = "OpenSK"
organizationalUnitName = "Authenticator Attestation"
commonName = "OpenSK Hacker Edition"

[ fido_reqext ]
keyUsage                = critical,digitalSignature
subjectKeyIdentifier    = hash
fido_attestation        = ASN1:FORMAT:BITLIST,BITSTRING:${ENV::OPENSK_TRANSPORT}
fido_aaguid             = ASN1:FORMAT:HEX,OCTETSTRING:${ENV::OPENSK_AAGUID}