I can find OnlyKey in FIDO Alliance database and there is also , but I am unable to find it in the FIDO Alliance Metadata Service (MDS) blob . After decode of the jwt blob (NO 21 from the November 2022) I am unable to find any record related to the OnlyKey or CryptoTrust or certificate No. FIDO20020220330001. This is bad because I will be probably unable to use the OnlyKey for authentication with local government services. Why there is no record in the metada blob?
I have a similar problem, key is not accepted due to being unknown / not L1 certified.
MDS explorer site  shows that OnlyKey appeared 2023-JAN-11 on the list as “OnlyKey Secp256R1 FIDO2 CTAP2 Authenticator”. However, it is specified with wrong aaguid. OnlyKey itself when queried via  (attestation=direct) is showing a different one.
MDS explorer : aaguid: “998f358b-2dd2-4cbe-a43a-e8107438dfb3”
webauth debugger : aaguid: “79d699df-0191-4b10-b903-5467e7ce8231”
If you purchased OnlyKey prior its to certification in May 2022 it is not FIDO2 certified. Only devices purchased after that time are FIDO2 certified and have the aaguid “998f358b-2dd2-4cbe-a43a-e8107438dfb3”
I have similar problem. New OnlyKey Duo (bought this month) is not recognized as L1. I loaded new firmware 3_0_4_STD and debugger said that aaguid is all zeros “00000000-0000-0000-0000-000000000000”.
@t11 Of course. I used debugger . I made today more test and when I changed Attestation to Direct or Indirect then aaguid was correct (998f358b-2dd2-4cbe-a43a-e8107438dfb3). When using Attestation None or Enterprise the aaguid is zero.
Problem is with registration at  which is our goverment site. Registration with L1 certification level ends with error that this key is not L1. I wrote to the admins of the site adn I will add their comment.
According to reply from tech support of mojeid.cz the Onlykey Duo replies with data not corresponding to certification. As detail I got information that the key has SKI c16ddb03c0de975740f696d94817bde125cbb4a4.
Is there any more information you could provide? I am not sure what SKI is referring to, generally the key sends an AAGUID and a certificate. You can view the certification information here FIDO MDS Explorer
I got only the SKI information. But now I extracted the certificate and SKI is probably Subject Key Identifier. Value is the same as from mojeid.cz. The SKI is a hash of the current certificate’s public key.