Thanks you help, we have aware this already, the only one problem we faced is to customize extension fields I mentioned in CSR.
Per mentioned, we are using an external ASN1 structure to wrap the content we want, then put in to othername field.
It generates success, I exported as PEM format FYI.
-----BEGIN CERTIFICATE REQUEST-----
-----END CERTIFICATE REQUEST-----
Also, to demonstrate our idea is correct, we also use openssl to verify our modification. The original openssl didn't supported othername, so we have a light modify in openssl, to parser HEX data in othername field. Fortunately, it works.
Thanks all the valuable input from you, we are moving to next step now -- to have a signed certificates based on this CSR.