How to get a public key registered with a key server

Prerequisites

You need a personal or company GPG key. If you don't have one, this explains how to generate a GPG key.

Export your public key

gpg --export --armor john@example.com > john_doe.pub

-----BEGIN PGP PUBLIC KEY BLOCK-----
mQGiBEm7B54RBADhXaYmvUdBoyt5wAi......=vEm7B54RBADh9dmP
-----END PGP PUBLIC KEY BLOCK-----

About the arguments:

--export Export the public key information of the key belonging to john@example.com
--armor Create a base64 encoded ascii string rather than using a binary format
john@example.com The key id to export
> john_doe.pub Save the output into this file

Zrif Key Vita3k Exclusive May 2026

is a string of text used by the Vita3K emulator as a license to decrypt and play PlayStation Vita games

How to Use ZRiF Key

Input: The user provides the zRIF string in the Vita3K interface.
Decompression: Vita3K decompresses the string to reveal the raw license data.
Work.bin Generation: The emulator creates a work.bin (license file) and places it in the appropriate directory (ux0:license/app/TITLE_ID).
Decryption: When the user launches the game, Vita3K reads the generated license, retrieves the AES key, and uses it to decrypt the game binary so it can be executed.

Open VitaShell on your PS Vita.
Navigate to ux0:app/ or ux0:patch/ (where your installed games live).
Highlight the game you want to dump (e.g., PCSE00120 for Persona 4 Golden).
Press Triangle, then select "Open decrypted."
Copy the decrypted folder to your PC via USB or FTP.

On Real Hardware (PSVita): You cannot use a zRIF key directly. The console expects encrypted, console-specific licenses. To use pirated or backed-up games on a real Vita, users typically had to hack the console to install "fake" licenses or use plugins to bypass the DRM checks entirely.
On Vita3K (The Exclusive Feature): Vita3K has a distinct advantage. Because it is an emulator, it does not rely on the strict hardware-level encryption checks of the Vita security processor. Vita3K implemented a feature where it can accept this zRIF string directly.

Android vers can't paste zRIF code · Issue #375 · Vita3K/ ... - GitHub zrif key vita3k exclusive

When installing a game in Vita3K, the process generally follows these steps: Reddit·r/VitaPiracyhttps://www.reddit.com is a string of text used by the

"key"

ux0:nonpdrm/license/app/[TITLE_ID]/6488b73b912a753a492e2714e9b38bc7.rif Use a tool like rif2zrif.py to convert that file into a zRIF string. 3. Using the Key in Vita3K Once you have the key and your .pkg file: Input: The user provides the zRIF string in

Alternate way to submit your public key to the key servers using the CLI

gpg --keyid-format LONG --list-keys john@example.com
pub   rsa4096/ABCDEF0123456789 2018-01-01 [SCEA] [expires: 2021-01-01]
      ABCDEF0123456789ABCDEF0123456789
uid              [ ultimate ] John Doe <john@example.com>

This shows the 16-byte Key-ID right after the key-type and key-size. In this example it's the highlighted part of this line:

pub rsa4096/ABCDEF0123456789 2018-01-01 [SCEA] [expires: 2021-01-01]

The next step is to use this Key-ID to send it to the keyserver, in our case the MIT one.

gpg --keyserver keyserver.ubuntu.com --send-keys ABCDEF0123456789

Congratulations, you published your public key.

Please allow a couple of minutes for the servers to replicate that information before starting to use the key.

General notes on Security

A keyserver does not make any claims about authenticity. It merely provides an automated means to get a public key based on its ID. It's up to the user to decide whether the result is to be trusted, as in whether or not to import the public key to the local chain. Do not blindly import a key but at least verify its fingerprint. The phar.io fingerprint information can be found in the footer.
Instead of using a keyserver, public keys can of course also be imported directly. Linux distributions for example do that by providing their keys in release-packages or the base OS installation image. Phive will only contact a keyserver in case the key used for signing is not already known, a.k.a can not be found in the local chain.