Generate private key:
openssl genrsa -des3 -out myCA.key 2048
Using the private key, generate a root cert:
openssl req -x509 -new -nodes -key myCA.key -sha256 -days 1825 -out myCA.pem
It doesnt matter what fields you put in. Maybe make the Common Name something you can recognize.