Attention: this is the key used to sign the certificate requests, anyone holding this can sign certificates on your behalf. So keep it in a safe place! - Ensure you have installed OpenSSL in your system either Windows or Linux, here we're just using neutral OpenSSL commands.
openssl genrsa -des3 -out rootCA.key 4096