AloomU Root CA — SHA-256 fingerprint
=====================================

41:13:79:E3:2B:1D:C1:5E:7D:63:AF:AE:10:83:2E:87:63:64:1F:81:25:07:AE:5C:A6:82:23:71:CE:8C:5B:EC

Verify the certificate you downloaded matches this string:

  $ openssl x509 -in aloomu-root-ca.pem -noout -fingerprint -sha256

If the fingerprint differs, the cert has been tampered with in transit.
Do not install. Contact admin@aloomu.au.

Issuer:    AloomU Root CA 2026
Subject:   AloomU Root CA 2026
Validity:  20 years from 2026-05-02
Algorithm: RSA-4096, SHA-384

This root signs only the AloomU Intermediate CA, which signs end-entity
TLS certs for *.aloomu.au, *.aloomu.com, *.aloomu.com.au, *.aloomu.io
(name-constrained intermediate). The root never signs end-entity certs
directly.

Why this matters: see https://aloomu.au/trust