Eugene Roshal and the WinRAR team are not stupid. They have automated bots that scrape GitHub, Reddit, and Pastebin for public keys. Once a key is published, it is usually added to the blocklist in the next WinRAR update (or sometimes instantly via the online license check).
While downloading a rarreg.key from GitHub is a common "life hack," it sits in a legal grey area. WinRAR is proprietary software, and bypassing its license is a violation of its Terms of Service. Furthermore, users should always exercise caution; even on GitHub, running unknown scripts with administrative privileges can expose a system to security risks. rarregkey github best
rarreg.key path:AppData type:file
But if the nag screen bothers you enough to hunt GitHub, consider these better options: Eugene Roshal and the WinRAR team are not stupid