Пример генерации закрытого ключа с алгоритмом ГОСТ-2012:

$ openssl genpkey -algorithm gost2012_256 -pkeyopt paramset:TCA -out ca.key

Пример создания сертификата на 365 дней (ca.cer):

$ openssl req -new -x509 -md_gost12_256 -days 365 -key ca.key -out ca.cer \
  -subj "/C=RU/ST=Russia/L=Moscow/O=SuperPlat/OU=SuperPlat CA/CN=SuperPlat CA Root"

Проверка сертификата (ca.cer):

$ openssl x509 -in ca.cer -text -noout
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            33:16:0f:9e:ab:c5:cb:2b:97:9a:57:c5:99:f9:88:b9:7e:68:23:86
        Signature Algorithm: GOST R 34.10-2012 with GOST R 34.11-2012 (256 bit)
        Issuer: C = RU, ST = Russia, L = Moscow, O = SuperPlat, OU = SuperPlat CA, CN = SuperPlat CA Root
        Validity
            Not Before: Jun  3 16:13:22 2021 GMT
            Not After : Jun  3 16:13:22 2022 GMT
        Subject: C = RU, ST = Russia, L = Moscow, O = SuperPlat, OU = SuperPlat CA, CN = SuperPlat CA Root
        Subject Public Key Info:
            Public Key Algorithm: GOST R 34.10-2012 with 256 bit modulus
                Public key:
                   X:E50615F7CE64842F60D12F757914FE6CE02924BD4C21800B4138670494A8EE8D
                   Y:62F5C4BAC4170304CA06C3ADAC909709EB4B6888727AD11DC5D7E52E9827D2E0
                Parameter set: GOST R 34.10-2012 (256 bit) ParamSet A
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:78:10:51:27:1A:2E:BE:64:F9:71:50:B7:4F:AD:87:43:A3:73:81
            X509v3 Authority Key Identifier:
                keyid:A2:78:10:51:27:1A:2E:BE:64:F9:71:50:B7:4F:AD:87:43:A3:73:81

            X509v3 Basic Constraints:
                CA:TRUE
    Signature Algorithm: GOST R 34.10-2012 with GOST R 34.11-2012 (256 bit)
         17:72:f3:5f:01:5f:03:cb:a2:86:f3:3d:3b:ee:55:75:19:88:
         dc:3a:51:24:4b:0f:a6:1d:fe:26:7a:b4:eb:fb:10:31:1b:0f:
         27:76:8e:20:f3:b8:03:24:c5:a3:3e:71:34:e5:f5:78:02:4b:
         65:8b:37:c6:d2:e7:3f:cd:97:65