diff --git a/SOURCES/certdata.txt b/SOURCES/certdata.txt
index f28af46..3411432 100644
--- a/SOURCES/certdata.txt
+++ b/SOURCES/certdata.txt
@@ -56183,3 +56183,180 @@ CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
 CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
 CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
 CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "TCI GOST ROOT A1"
+#
+# Issuer: CN=TCI GOST ROOT A1
+# Serial Number:02:de:ad:c0:de:00:8c:19:78:3c:7a:d6
+# Subject: CN=TCI GOST ROOT A1
+# Not Valid Before: Wed Mar 30 09:33:18 2022
+# Not Valid After : Tue Mar 30 09:33:18 2032
+# Fingerprint (SHA-256): 66:4B:2C:6F:77:02:EB:F3:32:09:87:88:BC:FF:73:04:4E:A8:39:BC:45:06:48:16:4F:C4:8D:7C:F2:56:4A:9E
+# Fingerprint (SHA1): 1A:02:D2:5D:C1:3A:DF:20:6E:7F:E6:E8:AC:4E:E0:67:75:C6:E2:62
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "TCI GOST ROOT A1"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\033\061\031\060\027\006\003\125\004\003\014\020\124\103\111
+\040\107\117\123\124\040\122\117\117\124\040\101\061
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\033\061\031\060\027\006\003\125\004\003\014\020\124\103\111
+\040\107\117\123\124\040\122\117\117\124\040\101\061
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\014\002\336\255\300\336\000\214\031\170\074\172\326
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\001\135\060\202\001\010\240\003\002\001\002\002\014\002
+\336\255\300\336\000\214\031\170\074\172\326\060\014\006\010\052
+\205\003\007\001\001\003\002\005\000\060\033\061\031\060\027\006
+\003\125\004\003\014\020\124\103\111\040\107\117\123\124\040\122
+\117\117\124\040\101\061\060\036\027\015\062\062\060\063\063\060
+\060\071\063\063\061\070\132\027\015\063\062\060\063\063\060\060
+\071\063\063\061\070\132\060\033\061\031\060\027\006\003\125\004
+\003\014\020\124\103\111\040\107\117\123\124\040\122\117\117\124
+\040\101\061\060\146\060\037\006\010\052\205\003\007\001\001\001
+\001\060\023\006\007\052\205\003\002\002\043\001\006\010\052\205
+\003\007\001\001\002\002\003\103\000\004\100\112\041\076\073\121
+\271\311\177\011\214\204\264\106\144\066\042\155\205\051\335\021
+\205\263\255\166\066\250\002\053\301\337\054\033\034\261\233\351
+\327\220\005\027\177\063\002\317\330\212\337\041\227\025\157\204
+\017\344\364\230\242\120\377\042\357\204\305\243\043\060\041\060
+\016\006\003\125\035\017\001\001\377\004\004\003\002\001\206\060
+\017\006\003\125\035\023\001\001\377\004\005\060\003\001\001\377
+\060\014\006\010\052\205\003\007\001\001\003\002\005\000\003\101
+\000\350\272\016\176\351\305\257\322\111\265\172\076\307\321\070
+\102\263\260\031\327\350\141\240\202\217\160\070\102\356\144\247
+\303\141\334\274\363\377\166\312\275\200\152\130\276\174\110\336
+\353\165\352\204\172\031\023\021\064\010\322\350\235\303\067\001
+\027
+END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
+CKA_NSS_SERVER_DISTRUST_AFTER CK_BBOOL CK_FALSE
+CKA_NSS_EMAIL_DISTRUST_AFTER CK_BBOOL CK_FALSE
+
+# Trust for "TCI GOST ROOT A1"
+# Issuer: CN=TCI GOST ROOT A1
+# Serial Number:02:de:ad:c0:de:00:8c:19:78:3c:7a:d6
+# Subject: CN=TCI GOST ROOT A1
+# Not Valid Before: Wed Mar 30 09:33:18 2022
+# Not Valid After : Tue Mar 30 09:33:18 2032
+# Fingerprint (SHA-256): 66:4B:2C:6F:77:02:EB:F3:32:09:87:88:BC:FF:73:04:4E:A8:39:BC:45:06:48:16:4F:C4:8D:7C:F2:56:4A:9E
+# Fingerprint (SHA1): 1A:02:D2:5D:C1:3A:DF:20:6E:7F:E6:E8:AC:4E:E0:67:75:C6:E2:62
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "TCI GOST ROOT A1"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\032\002\322\135\301\072\337\040\156\177\346\350\254\116\340\147
+\165\306\342\142
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\127\150\125\352\304\302\171\075\316\310\250\022\102\122\253\002
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\033\061\031\060\027\006\003\125\004\003\014\020\124\103\111
+\040\107\117\123\124\040\122\117\117\124\040\101\061
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\014\002\336\255\300\336\000\214\031\170\074\172\326
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
+
+#
+# Certificate "TCI ECDSA ROOT A1"
+#
+# Issuer: CN=TCI ECDSA ROOT A1
+# Serial Number:01:de:ad:c0:de:00:8c:19:78:3c:7a:d6
+# Subject: CN=TCI ECDSA ROOT A1
+# Not Valid Before: Wed Mar 30 09:33:18 2022
+# Not Valid After : Tue Mar 30 09:33:18 2032
+# Fingerprint (SHA-256): 0A:3C:80:4A:CF:2E:70:22:3E:22:2D:65:99:EB:78:8D:CC:A3:EE:CC:F7:F2:66:7C:B3:71:C1:78:AD:07:DB:51
+# Fingerprint (SHA1): 4E:87:7A:C0:27:A6:3D:85:14:C0:B4:CB:FA:0F:6F:58:F6:C1:76:96
+CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "TCI ECDSA ROOT A1"
+CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509
+CKA_SUBJECT MULTILINE_OCTAL
+\060\034\061\032\060\030\006\003\125\004\003\014\021\124\103\111
+\040\105\103\104\123\101\040\122\117\117\124\040\101\061
+END
+CKA_ID UTF8 "0"
+CKA_ISSUER MULTILINE_OCTAL
+\060\034\061\032\060\030\006\003\125\004\003\014\021\124\103\111
+\040\105\103\104\123\101\040\122\117\117\124\040\101\061
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\014\001\336\255\300\336\000\214\031\170\074\172\326
+END
+CKA_VALUE MULTILINE_OCTAL
+\060\202\001\124\060\201\373\240\003\002\001\002\002\014\001\336
+\255\300\336\000\214\031\170\074\172\326\060\012\006\010\052\206
+\110\316\075\004\003\002\060\034\061\032\060\030\006\003\125\004
+\003\014\021\124\103\111\040\105\103\104\123\101\040\122\117\117
+\124\040\101\061\060\036\027\015\062\062\060\063\063\060\060\071
+\063\063\061\070\132\027\015\063\062\060\063\063\060\060\071\063
+\063\061\070\132\060\034\061\032\060\030\006\003\125\004\003\014
+\021\124\103\111\040\105\103\104\123\101\040\122\117\117\124\040
+\101\061\060\131\060\023\006\007\052\206\110\316\075\002\001\006
+\010\052\206\110\316\075\003\001\007\003\102\000\004\231\342\354
+\262\123\340\150\374\352\221\264\263\334\016\171\365\240\252\012
+\177\020\147\370\145\304\261\066\000\011\176\027\045\351\146\015
+\241\146\231\175\371\144\213\204\135\321\134\300\046\006\332\115
+\045\266\353\073\257\332\141\214\353\133\161\017\336\243\043\060
+\041\060\016\006\003\125\035\017\001\001\377\004\004\003\002\001
+\206\060\017\006\003\125\035\023\001\001\377\004\005\060\003\001
+\001\377\060\012\006\010\052\206\110\316\075\004\003\002\003\110
+\000\060\105\002\040\062\243\050\372\032\146\272\255\226\071\256
+\313\255\006\324\366\010\066\364\167\003\127\213\073\064\370\105
+\370\106\005\072\301\002\041\000\204\222\373\041\342\303\156\215
+\236\144\002\051\343\070\250\150\212\150\326\025\162\136\100\001
+\065\271\351\071\064\075\050\373
+END
+CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE
+CKA_NSS_SERVER_DISTRUST_AFTER CK_BBOOL CK_FALSE
+CKA_NSS_EMAIL_DISTRUST_AFTER CK_BBOOL CK_FALSE
+
+# Trust for "TCI ECDSA ROOT A1"
+# Issuer: CN=TCI ECDSA ROOT A1
+# Serial Number:01:de:ad:c0:de:00:8c:19:78:3c:7a:d6
+# Subject: CN=TCI ECDSA ROOT A1
+# Not Valid Before: Wed Mar 30 09:33:18 2022
+# Not Valid After : Tue Mar 30 09:33:18 2032
+# Fingerprint (SHA-256): 0A:3C:80:4A:CF:2E:70:22:3E:22:2D:65:99:EB:78:8D:CC:A3:EE:CC:F7:F2:66:7C:B3:71:C1:78:AD:07:DB:51
+# Fingerprint (SHA1): 4E:87:7A:C0:27:A6:3D:85:14:C0:B4:CB:FA:0F:6F:58:F6:C1:76:96
+CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST
+CKA_TOKEN CK_BBOOL CK_TRUE
+CKA_PRIVATE CK_BBOOL CK_FALSE
+CKA_MODIFIABLE CK_BBOOL CK_FALSE
+CKA_LABEL UTF8 "TCI ECDSA ROOT A1"
+CKA_CERT_SHA1_HASH MULTILINE_OCTAL
+\116\207\172\300\047\246\075\205\024\300\264\313\372\017\157\130
+\366\301\166\226
+END
+CKA_CERT_MD5_HASH MULTILINE_OCTAL
+\316\230\227\216\027\213\116\066\202\313\342\233\264\216\053\140
+END
+CKA_ISSUER MULTILINE_OCTAL
+\060\034\061\032\060\030\006\003\125\004\003\014\021\124\103\111
+\040\105\103\104\123\101\040\122\117\117\124\040\101\061
+END
+CKA_SERIAL_NUMBER MULTILINE_OCTAL
+\002\014\001\336\255\300\336\000\214\031\170\074\172\326
+END
+CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_TRUSTED_DELEGATOR
+CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE
diff --git a/SOURCES/ecdsa-a1.crt b/SOURCES/ecdsa-a1.crt
new file mode 100644
index 0000000..57c4503
--- /dev/null
+++ b/SOURCES/ecdsa-a1.crt
@@ -0,0 +1,12 @@
+-----BEGIN CERTIFICATE-----
+MIIBVDCB+6ADAgECAgwB3q3A3gCMGXg8etYwCgYIKoZIzj0EAw
+IwHDEaMBgGA1UEAwwRVENJIEVDRFNBIFJPT1QgQTEwHhcNMjIw
+MzMwMDkzMzE4WhcNMzIwMzMwMDkzMzE4WjAcMRowGAYDVQQDDB
+FUQ0kgRUNEU0EgUk9PVCBBMTBZMBMGByqGSM49AgEGCCqGSM49
+AwEHA0IABJni7LJT4Gj86pG0s9wOefWgqgp/EGf4ZcSxNgAJfh
+cl6WYNoWaZfflki4Rd0VzAJgbaTSW26zuv2mGM61txD96jIzAh
+MA4GA1UdDwEB/wQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MAoGCC
+qGSM49BAMCA0gAMEUCIDKjKPoaZrqtljmuy60G1PYINvR3A1eL
+OzT4RfhGBTrBAiEAhJL7IeLDbo2eZAIp4zioaIpo1hVyXkABNb
+npOTQ9KPs=
+-----END CERTIFICATE-----
diff --git a/SOURCES/gost-a1.crt b/SOURCES/gost-a1.crt
new file mode 100644
index 0000000..8c2cf0e
--- /dev/null
+++ b/SOURCES/gost-a1.crt
@@ -0,0 +1,12 @@
+-----BEGIN CERTIFICATE-----
+MIIBXTCCAQigAwIBAgIMAt6twN4AjBl4PHrWMAwGCCqFAwcBAQ
+MCBQAwGzEZMBcGA1UEAwwQVENJIEdPU1QgUk9PVCBBMTAeFw0y
+MjAzMzAwOTMzMThaFw0zMjAzMzAwOTMzMThaMBsxGTAXBgNVBA
+MMEFRDSSBHT1NUIFJPT1QgQTEwZjAfBggqhQMHAQEBATATBgcq
+hQMCAiMBBggqhQMHAQECAgNDAARASiE+O1G5yX8JjIS0RmQ2Im
+2FKd0RhbOtdjaoAivB3ywbHLGb6deQBRd/MwLP2IrfIZcVb4QP
+5PSYolD/Iu+ExaMjMCEwDgYDVR0PAQH/BAQDAgGGMA8GA1UdEw
+EB/wQFMAMBAf8wDAYIKoUDBwEBAwIFAANBAOi6Dn7pxa/SSbV6
+PsfROEKzsBnX6GGggo9wOELuZKfDYdy88/92yr2Aali+fEje63
+XqhHoZExE0CNLoncM3ARc=
+-----END CERTIFICATE-----
diff --git a/SPECS/ca-certificates.spec b/SPECS/ca-certificates.spec
index f571b29..a851a15 100644
--- a/SPECS/ca-certificates.spec
+++ b/SPECS/ca-certificates.spec
@@ -38,7 +38,7 @@ Name: ca-certificates
 Version: 2023.2.60_v7.0.306
 # for y-stream, please always use 91 <= release  < 100 (91,92,93)
 # for z-stream release branches, please use 90 <= release  < 91 (90.0, 90.1, ...)
-Release: 90.1%{?dist}.inferit.1
+Release: 90.1%{?dist}.inferit.2
 License: Public Domain
 
 URL: https://fedoraproject.org/wiki/CA-Certificates
@@ -65,6 +65,10 @@ Source18: README.src
 # Russian Ministry of Digital Development and Communications
 Source90: rootca_ssl_rsa2022.cer
 Source91: rootca_ssl_rsa2022.cer.detached.sig
+# TCI ECSDA ROOT A1
+Source92: ecdsa-a1.crt
+# TCI GOST ROOT A1
+Source93: gost-a1.crt
 
 BuildArch: noarch
 
@@ -267,6 +271,9 @@ ln -s %{catrustdir}/extracted/%{java_bundle} \
 # Russian Ministry of Digital Development and Communications
 install -m 644 %{SOURCE90} $RPM_BUILD_ROOT%{catrustdir}/source/anchors/
 install -m 644 %{SOURCE91} $RPM_BUILD_ROOT%{catrustdir}/source/anchors/
+# TCI ECDSA and GOST root certificates
+install -m 644 %{SOURCE92} $RPM_BUILD_ROOT%{catrustdir}/source/anchors/
+install -m 644 %{SOURCE93} $RPM_BUILD_ROOT%{catrustdir}/source/anchors/
 
 %pre
 if [ $1 -gt 1 ] ; then
@@ -361,6 +368,8 @@ fi
 
 %{catrustdir}/source/anchors/rootca_ssl_rsa2022.cer
 %{catrustdir}/source/anchors/rootca_ssl_rsa2022.cer.detached.sig
+%{catrustdir}/source/anchors/ecdsa-a1.crt
+%{catrustdir}/source/anchors/gost-a1.crt
 
 %config(noreplace) %{catrustdir}/ca-legacy.conf
 
@@ -405,6 +414,9 @@ fi
 
 
 %changelog
+* Tue Jul 09 2024 Sergey Cherevko <s.cherevko@msvsphere-os.ru> - 2023.2.60_v7.0.306-90.1.inferit.2
+- Added TCI ECDSA and GOST root certificates
+
 * Thu Sep 21 2023 Arkady L. Shane <tigro@msvsphere.ru> - 2023.2.60_v7.0.306-90.1.inferit.1
 - place MDDC certificates to /etc/pki/ca-trust/source/anchors