Add some PKIX-RPKI objects

References:

RFC6482 - A Profile for Route Origin Authorizations (ROAs)
RFC6484 - Certificate Policy (CP) for the RPKI
RFC6493 - The RPKI Ghostbusters Record
RFC8182 - The RPKI Repository Delta Protocol (RRDP)
RFC8360 - RPKI Validation Reconsidered
draft-ietf-sidrops-rpki-rta - A profile for RTAs

CLA: trivial

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/13948)

crypto/objects/obj_dat.h

@@ -10,7 +10,7 @@
  */
 
 /* Serialized OID's */
-static const unsigned char so[7947] = {
+static const unsigned char so[8054] = {
     0x2A,0x86,0x48,0x86,0xF7,0x0D,                 /* [    0] OBJ_rsadsi */
     0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,            /* [    6] OBJ_pkcs */
     0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x02,       /* [   13] OBJ_md2 */
@@ -1101,9 +1101,21 @@ static const unsigned char so[7947] = {
     0x2A,0x85,0x03,0x64,0x71,0x04,                 /* [ 7928] OBJ_classSignToolKB1 */
     0x2A,0x85,0x03,0x64,0x71,0x05,                 /* [ 7934] OBJ_classSignToolKB2 */
     0x2A,0x85,0x03,0x64,0x71,0x06,                 /* [ 7940] OBJ_classSignToolKA1 */
+    0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x18,  /* [ 7946] OBJ_id_ct_routeOriginAuthz */
+    0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x1A,  /* [ 7957] OBJ_id_ct_rpkiManifest */
+    0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x23,  /* [ 7968] OBJ_id_ct_rpkiGhostbusters */
+    0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x10,0x01,0x24,  /* [ 7979] OBJ_id_ct_resourceTaggedAttest */
+    0x2B,0x06,0x01,0x05,0x05,0x07,0x0E,            /* [ 7990] OBJ_id_cp */
+    0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x1C,       /* [ 7997] OBJ_sbgp_ipAddrBlockv2 */
+    0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x1D,       /* [ 8005] OBJ_sbgp_autonomousSysNumv2 */
+    0x2B,0x06,0x01,0x05,0x05,0x07,0x0E,0x02,       /* [ 8013] OBJ_ipAddr_asNumber */
+    0x2B,0x06,0x01,0x05,0x05,0x07,0x0E,0x03,       /* [ 8021] OBJ_ipAddr_asNumberv2 */
+    0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x0A,       /* [ 8029] OBJ_rpkiManifest */
+    0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x0B,       /* [ 8037] OBJ_signedObject */
+    0x2B,0x06,0x01,0x05,0x05,0x07,0x30,0x0D,       /* [ 8045] OBJ_rpkiNotify */
 };
 
-#define NUM_NID 1234
+#define NUM_NID 1246
 static const ASN1_OBJECT nid_objs[NUM_NID] = {
     {"UNDEF", "undefined", NID_undef},
     {"rsadsi", "RSA Data Security, Inc.", NID_rsadsi, 6, &so[0]},
@@ -2339,9 +2351,21 @@ static const ASN1_OBJECT nid_objs[NUM_NID] = {
     {"classSignToolKB1", "Class of Signing Tool KB1", NID_classSignToolKB1, 6, &so[7928]},
     {"classSignToolKB2", "Class of Signing Tool KB2", NID_classSignToolKB2, 6, &so[7934]},
     {"classSignToolKA1", "Class of Signing Tool KA1", NID_classSignToolKA1, 6, &so[7940]},
+    {"id-ct-routeOriginAuthz", "id-ct-routeOriginAuthz", NID_id_ct_routeOriginAuthz, 11, &so[7946]},
+    {"id-ct-rpkiManifest", "id-ct-rpkiManifest", NID_id_ct_rpkiManifest, 11, &so[7957]},
+    {"id-ct-rpkiGhostbusters", "id-ct-rpkiGhostbusters", NID_id_ct_rpkiGhostbusters, 11, &so[7968]},
+    {"id-ct-resourceTaggedAttest", "id-ct-resourceTaggedAttest", NID_id_ct_resourceTaggedAttest, 11, &so[7979]},
+    {"id-cp", "id-cp", NID_id_cp, 7, &so[7990]},
+    {"sbgp-ipAddrBlockv2", "sbgp-ipAddrBlockv2", NID_sbgp_ipAddrBlockv2, 8, &so[7997]},
+    {"sbgp-autonomousSysNumv2", "sbgp-autonomousSysNumv2", NID_sbgp_autonomousSysNumv2, 8, &so[8005]},
+    {"ipAddr-asNumber", "ipAddr-asNumber", NID_ipAddr_asNumber, 8, &so[8013]},
+    {"ipAddr-asNumberv2", "ipAddr-asNumberv2", NID_ipAddr_asNumberv2, 8, &so[8021]},
+    {"rpkiManifest", "RPKI Manifest", NID_rpkiManifest, 8, &so[8029]},
+    {"signedObject", "Signed Object", NID_signedObject, 8, &so[8037]},
+    {"rpkiNotify", "RPKI Notify", NID_rpkiNotify, 8, &so[8045]},
 };
 
-#define NUM_SN 1225
+#define NUM_SN 1237
 static const unsigned int sn_objs[NUM_SN] = {
      364,    /* "AD_DVCS" */
      419,    /* "AES-128-CBC" */
@@ -2951,7 +2975,12 @@ static const unsigned int sn_objs[NUM_SN] = {
      332,    /* "id-cmc-senderNonce" */
      327,    /* "id-cmc-statusInfo" */
      331,    /* "id-cmc-transactionId" */
+    1238,    /* "id-cp" */
      787,    /* "id-ct-asciiTextWithCRLF" */
+    1237,    /* "id-ct-resourceTaggedAttest" */
+    1234,    /* "id-ct-routeOriginAuthz" */
+    1236,    /* "id-ct-rpkiGhostbusters" */
+    1235,    /* "id-ct-rpkiManifest" */
     1060,    /* "id-ct-xml" */
     1108,    /* "id-dsa-with-sha3-224" */
     1109,    /* "id-dsa-with-sha3-256" */
@@ -3167,6 +3196,8 @@ static const unsigned int sn_objs[NUM_SN] = {
      647,    /* "international-organizations" */
      869,    /* "internationaliSDNNumber" */
      142,    /* "invalidityDate" */
+    1241,    /* "ipAddr-asNumber" */
+    1242,    /* "ipAddr-asNumberv2" */
      294,    /* "ipsecEndSystem" */
     1022,    /* "ipsecIKE" */
      295,    /* "ipsecTunnel" */
@@ -3317,6 +3348,8 @@ static const unsigned int sn_objs[NUM_SN] = {
      877,    /* "roleOccupant" */
      448,    /* "room" */
      463,    /* "roomNumber" */
+    1243,    /* "rpkiManifest" */
+    1245,    /* "rpkiNotify" */
        6,    /* "rsaEncryption" */
      644,    /* "rsaOAEPEncryptionSET" */
      377,    /* "rsaSignature" */
@@ -3324,7 +3357,9 @@ static const unsigned int sn_objs[NUM_SN] = {
      482,    /* "sOARecord" */
      155,    /* "safeContentsBag" */
      291,    /* "sbgp-autonomousSysNum" */
+    1240,    /* "sbgp-autonomousSysNumv2" */
      290,    /* "sbgp-ipAddrBlock" */
+    1239,    /* "sbgp-ipAddrBlockv2" */
      292,    /* "sbgp-routerIdentifier" */
      159,    /* "sdsiCertificate" */
      859,    /* "searchGuide" */
@@ -3503,6 +3538,7 @@ static const unsigned int sn_objs[NUM_SN] = {
      604,    /* "setext-pinAny" */
      603,    /* "setext-pinSecure" */
      605,    /* "setext-track2" */
+    1244,    /* "signedObject" */
       52,    /* "signingTime" */
      454,    /* "simpleSecurityObject" */
      496,    /* "singleLevelQuality" */
@@ -3570,7 +3606,7 @@ static const unsigned int sn_objs[NUM_SN] = {
     1093,    /* "x509ExtAdmission" */
 };
 
-#define NUM_LN 1225
+#define NUM_LN 1237
 static const unsigned int ln_objs[NUM_LN] = {
      363,    /* "AD Time Stamping" */
      405,    /* "ANSI X9.62" */
@@ -3731,6 +3767,8 @@ static const unsigned int ln_objs[NUM_LN] = {
      385,    /* "Private" */
     1093,    /* "Professional Information or basis for Admission" */
      663,    /* "Proxy Certificate Information" */
+    1243,    /* "RPKI Manifest" */
+    1245,    /* "RPKI Notify" */
        1,    /* "RSA Data Security, Inc." */
        2,    /* "RSA Data Security, Inc. PKCS" */
     1116,    /* "RSA-SHA3-224" */
@@ -3752,6 +3790,7 @@ static const unsigned int ln_objs[NUM_LN] = {
     1030,    /* "Send Proxied Owner" */
     1028,    /* "Send Proxied Router" */
     1027,    /* "Send Router" */
+    1244,    /* "Signed Object" */
     1033,    /* "Signing KDC Response" */
     1008,    /* "Signing Tool of Issuer" */
     1007,    /* "Signing Tool of Subject" */
@@ -4195,7 +4234,12 @@ static const unsigned int ln_objs[NUM_LN] = {
      332,    /* "id-cmc-senderNonce" */
      327,    /* "id-cmc-statusInfo" */
      331,    /* "id-cmc-transactionId" */
+    1238,    /* "id-cp" */
      787,    /* "id-ct-asciiTextWithCRLF" */
+    1237,    /* "id-ct-resourceTaggedAttest" */
+    1234,    /* "id-ct-routeOriginAuthz" */
+    1236,    /* "id-ct-rpkiGhostbusters" */
+    1235,    /* "id-ct-rpkiManifest" */
     1060,    /* "id-ct-xml" */
      408,    /* "id-ecPublicKey" */
      508,    /* "id-hex-multipart-message" */
@@ -4366,6 +4410,8 @@ static const unsigned int ln_objs[NUM_LN] = {
      461,    /* "info" */
      101,    /* "initials" */
      869,    /* "internationaliSDNNumber" */
+    1241,    /* "ipAddr-asNumber" */
+    1242,    /* "ipAddr-asNumberv2" */
     1022,    /* "ipsec Internet Key Exchange" */
      749,    /* "ipsec3" */
      750,    /* "ipsec4" */
@@ -4547,7 +4593,9 @@ static const unsigned int ln_objs[NUM_LN] = {
      482,    /* "sOARecord" */
      155,    /* "safeContentsBag" */
      291,    /* "sbgp-autonomousSysNum" */
+    1240,    /* "sbgp-autonomousSysNumv2" */
      290,    /* "sbgp-ipAddrBlock" */
+    1239,    /* "sbgp-ipAddrBlockv2" */
      292,    /* "sbgp-routerIdentifier" */
      973,    /* "scrypt" */
      159,    /* "sdsiCertificate" */
@@ -4799,7 +4847,7 @@ static const unsigned int ln_objs[NUM_LN] = {
      125,    /* "zlib compression" */
 };
 
-#define NUM_OBJ 1096
+#define NUM_OBJ 1108
 static const unsigned int obj_objs[NUM_OBJ] = {
        0,    /* OBJ_undef                        0 */
      181,    /* OBJ_iso                          1 */
@@ -5241,6 +5289,7 @@ static const unsigned int obj_objs[NUM_OBJ] = {
      266,    /* OBJ_id_aca                       1 3 6 1 5 5 7 10 */
      267,    /* OBJ_id_qcs                       1 3 6 1 5 5 7 11 */
      268,    /* OBJ_id_cct                       1 3 6 1 5 5 7 12 */
+    1238,    /* OBJ_id_cp                        1 3 6 1 5 5 7 14 */
      662,    /* OBJ_id_ppl                       1 3 6 1 5 5 7 21 */
      176,    /* OBJ_id_ad                        1 3 6 1 5 5 7 48 */
      507,    /* OBJ_id_hex_partial_message       1 3 6 1 7 1 1 1 */
@@ -5389,6 +5438,8 @@ static const unsigned int obj_objs[NUM_OBJ] = {
      398,    /* OBJ_sinfo_access                 1 3 6 1 5 5 7 1 11 */
      663,    /* OBJ_proxyCertInfo                1 3 6 1 5 5 7 1 14 */
     1020,    /* OBJ_tlsfeature                   1 3 6 1 5 5 7 1 24 */
+    1239,    /* OBJ_sbgp_ipAddrBlockv2           1 3 6 1 5 5 7 1 28 */
+    1240,    /* OBJ_sbgp_autonomousSysNumv2      1 3 6 1 5 5 7 1 29 */
      164,    /* OBJ_id_qt_cps                    1 3 6 1 5 5 7 2 1 */
      165,    /* OBJ_id_qt_unotice                1 3 6 1 5 5 7 2 2 */
      293,    /* OBJ_textNotice                   1 3 6 1 5 5 7 2 3 */
@@ -5483,6 +5534,8 @@ static const unsigned int obj_objs[NUM_OBJ] = {
      360,    /* OBJ_id_cct_crs                   1 3 6 1 5 5 7 12 1 */
      361,    /* OBJ_id_cct_PKIData               1 3 6 1 5 5 7 12 2 */
      362,    /* OBJ_id_cct_PKIResponse           1 3 6 1 5 5 7 12 3 */
+    1241,    /* OBJ_ipAddr_asNumber              1 3 6 1 5 5 7 14 2 */
+    1242,    /* OBJ_ipAddr_asNumberv2            1 3 6 1 5 5 7 14 3 */
      664,    /* OBJ_id_ppl_anyLanguage           1 3 6 1 5 5 7 21 0 */
      665,    /* OBJ_id_ppl_inheritAll            1 3 6 1 5 5 7 21 1 */
      667,    /* OBJ_Independent                  1 3 6 1 5 5 7 21 2 */
@@ -5491,6 +5544,9 @@ static const unsigned int obj_objs[NUM_OBJ] = {
      363,    /* OBJ_ad_timeStamping              1 3 6 1 5 5 7 48 3 */
      364,    /* OBJ_ad_dvcs                      1 3 6 1 5 5 7 48 4 */
      785,    /* OBJ_caRepository                 1 3 6 1 5 5 7 48 5 */
+    1243,    /* OBJ_rpkiManifest                 1 3 6 1 5 5 7 48 10 */
+    1244,    /* OBJ_signedObject                 1 3 6 1 5 5 7 48 11 */
+    1245,    /* OBJ_rpkiNotify                   1 3 6 1 5 5 7 48 13 */
      780,    /* OBJ_hmac_md5                     1 3 6 1 5 5 8 1 1 */
      781,    /* OBJ_hmac_sha1                    1 3 6 1 5 5 8 1 2 */
      913,    /* OBJ_aes_128_xts                  1 3 111 2 1619 0 1 1 */
@@ -5824,8 +5880,12 @@ static const unsigned int obj_objs[NUM_OBJ] = {
      786,    /* OBJ_id_smime_ct_compressedData   1 2 840 113549 1 9 16 1 9 */
     1058,    /* OBJ_id_smime_ct_contentCollection 1 2 840 113549 1 9 16 1 19 */
     1059,    /* OBJ_id_smime_ct_authEnvelopedData 1 2 840 113549 1 9 16 1 23 */
+    1234,    /* OBJ_id_ct_routeOriginAuthz       1 2 840 113549 1 9 16 1 24 */
+    1235,    /* OBJ_id_ct_rpkiManifest           1 2 840 113549 1 9 16 1 26 */
      787,    /* OBJ_id_ct_asciiTextWithCRLF      1 2 840 113549 1 9 16 1 27 */
     1060,    /* OBJ_id_ct_xml                    1 2 840 113549 1 9 16 1 28 */
+    1236,    /* OBJ_id_ct_rpkiGhostbusters       1 2 840 113549 1 9 16 1 35 */
+    1237,    /* OBJ_id_ct_resourceTaggedAttest   1 2 840 113549 1 9 16 1 36 */
      212,    /* OBJ_id_smime_aa_receiptRequest   1 2 840 113549 1 9 16 2 1 */
      213,    /* OBJ_id_smime_aa_securityLabel    1 2 840 113549 1 9 16 2 2 */
      214,    /* OBJ_id_smime_aa_mlExpandHistory  1 2 840 113549 1 9 16 2 3 */

crypto/objects/obj_mac.num

@@ -1231,3 +1231,15 @@ classSignToolKC3		1230
 classSignToolKB1		1231
 classSignToolKB2		1232
 classSignToolKA1		1233
+id_ct_routeOriginAuthz		1234
+id_ct_rpkiManifest		1235
+id_ct_rpkiGhostbusters		1236
+id_ct_resourceTaggedAttest		1237
+id_cp		1238
+sbgp_ipAddrBlockv2		1239
+sbgp_autonomousSysNumv2		1240
+ipAddr_asNumber		1241
+ipAddr_asNumberv2		1242
+rpkiManifest		1243
+signedObject		1244
+rpkiNotify		1245

crypto/objects/objects.txt

@@ -274,8 +274,12 @@ id-smime-ct 8		: id-smime-ct-DVCSResponseData
 id-smime-ct 9		: id-smime-ct-compressedData
 id-smime-ct 19		: id-smime-ct-contentCollection
 id-smime-ct 23		: id-smime-ct-authEnvelopedData
+id-smime-ct 24		: id-ct-routeOriginAuthz
+id-smime-ct 26		: id-ct-rpkiManifest
 id-smime-ct 27		: id-ct-asciiTextWithCRLF
 id-smime-ct 28		: id-ct-xml
+id-smime-ct 35		: id-ct-rpkiGhostbusters
+id-smime-ct 36		: id-ct-resourceTaggedAttest
 
 # S/MIME Attributes
 id-smime-aa 1		: id-smime-aa-receiptRequest
@@ -465,6 +469,7 @@ id-pkix 8		: id-on
 id-pkix 9		: id-pda
 id-pkix 10		: id-aca
 id-pkix 11		: id-qcs
+id-pkix 14		: id-cp
 id-pkix 12		: id-cct
 id-pkix 21		: id-ppl
 id-pkix 48		: id-ad
@@ -503,6 +508,8 @@ id-pe 10		: ac-proxying
 id-pe 11		: subjectInfoAccess	: Subject Information Access
 id-pe 14		: proxyCertInfo		: Proxy Certificate Information
 id-pe 24		: tlsfeature		: TLS Feature
+id-pe 28		: sbgp-ipAddrBlockv2
+id-pe 29		: sbgp-autonomousSysNumv2
 
 # PKIX policyQualifiers for Internet policy qualifiers
 id-qt 1			: id-qt-cps		: Policy Qualifier CPS
@@ -642,6 +649,10 @@ id-aca 6		: id-aca-encAttrs
 # qualified certificate statements
 id-qcs 1		: id-qcs-pkixQCSyntax-v1
 
+# PKIX Certificate Policies
+id-cp 2			: ipAddr-asNumber
+id-cp 3			: ipAddr-asNumberv2
+
 # CMC content types
 id-cct 1		: id-cct-crs
 id-cct 2		: id-cct-PKIData
@@ -662,7 +673,9 @@ id-ad 3			: ad_timestamping	: AD Time Stamping
 !Cname ad-dvcs
 id-ad 4			: AD_DVCS		: ad dvcs
 id-ad 5			: caRepository		: CA Repository
-
+id-ad 10		: rpkiManifest		: RPKI Manifest
+id-ad 11		: signedObject		: Signed Object
+id-ad 13		: rpkiNotify		: RPKI Notify
 
 !Alias id-pkix-OCSP ad-OCSP
 !module id-pkix-OCSP

fuzz/oids.txt

@@ -1088,3 +1088,15 @@ OBJ_classSignToolKC3="\x2A\x85\x03\x64\x71\x03"
 OBJ_classSignToolKB1="\x2A\x85\x03\x64\x71\x04"
 OBJ_classSignToolKB2="\x2A\x85\x03\x64\x71\x05"
 OBJ_classSignToolKA1="\x2A\x85\x03\x64\x71\x06"
+OBJ_id_ct_routeOriginAuthz="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x01\x18"
+OBJ_id_ct_rpkiManifest="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x01\x1A"
+OBJ_id_ct_rpkiGhostbusters="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x01\x23"
+OBJ_id_ct_resourceTaggedAttest="\x2A\x86\x48\x86\xF7\x0D\x01\x09\x10\x01\x24"
+OBJ_id_cp="\x2B\x06\x01\x05\x05\x07\x0E"
+OBJ_sbgp_ipAddrBlockv2="\x2B\x06\x01\x05\x05\x07\x01\x1C"
+OBJ_sbgp_autonomousSysNumv2="\x2B\x06\x01\x05\x05\x07\x01\x1D"
+OBJ_ipAddr_asNumber="\x2B\x06\x01\x05\x05\x07\x0E\x02"
+OBJ_ipAddr_asNumberv2="\x2B\x06\x01\x05\x05\x07\x0E\x03"
+OBJ_rpkiManifest="\x2B\x06\x01\x05\x05\x07\x30\x0A"
+OBJ_signedObject="\x2B\x06\x01\x05\x05\x07\x30\x0B"
+OBJ_rpkiNotify="\x2B\x06\x01\x05\x05\x07\x30\x0D"

include/openssl/obj_mac.h

@@ -850,6 +850,14 @@
 #define NID_id_smime_ct_authEnvelopedData               1059
 #define OBJ_id_smime_ct_authEnvelopedData               OBJ_id_smime_ct,23L
 
+#define SN_id_ct_routeOriginAuthz               "id-ct-routeOriginAuthz"
+#define NID_id_ct_routeOriginAuthz              1234
+#define OBJ_id_ct_routeOriginAuthz              OBJ_id_smime_ct,24L
+
+#define SN_id_ct_rpkiManifest           "id-ct-rpkiManifest"
+#define NID_id_ct_rpkiManifest          1235
+#define OBJ_id_ct_rpkiManifest          OBJ_id_smime_ct,26L
+
 #define SN_id_ct_asciiTextWithCRLF              "id-ct-asciiTextWithCRLF"
 #define NID_id_ct_asciiTextWithCRLF             787
 #define OBJ_id_ct_asciiTextWithCRLF             OBJ_id_smime_ct,27L
@@ -858,6 +866,14 @@
 #define NID_id_ct_xml           1060
 #define OBJ_id_ct_xml           OBJ_id_smime_ct,28L
 
+#define SN_id_ct_rpkiGhostbusters               "id-ct-rpkiGhostbusters"
+#define NID_id_ct_rpkiGhostbusters              1236
+#define OBJ_id_ct_rpkiGhostbusters              OBJ_id_smime_ct,35L
+
+#define SN_id_ct_resourceTaggedAttest           "id-ct-resourceTaggedAttest"
+#define NID_id_ct_resourceTaggedAttest          1237
+#define OBJ_id_ct_resourceTaggedAttest          OBJ_id_smime_ct,36L
+
 #define SN_id_smime_aa_receiptRequest           "id-smime-aa-receiptRequest"
 #define NID_id_smime_aa_receiptRequest          212
 #define OBJ_id_smime_aa_receiptRequest          OBJ_id_smime_aa,1L
@@ -1395,6 +1411,10 @@
 #define NID_id_qcs              267
 #define OBJ_id_qcs              OBJ_id_pkix,11L
 
+#define SN_id_cp                "id-cp"
+#define NID_id_cp               1238
+#define OBJ_id_cp               OBJ_id_pkix,14L
+
 #define SN_id_cct               "id-cct"
 #define NID_id_cct              268
 #define OBJ_id_cct              OBJ_id_pkix,12L
@@ -1528,6 +1548,14 @@
 #define NID_tlsfeature          1020
 #define OBJ_tlsfeature          OBJ_id_pe,24L
 
+#define SN_sbgp_ipAddrBlockv2           "sbgp-ipAddrBlockv2"
+#define NID_sbgp_ipAddrBlockv2          1239
+#define OBJ_sbgp_ipAddrBlockv2          OBJ_id_pe,28L
+
+#define SN_sbgp_autonomousSysNumv2              "sbgp-autonomousSysNumv2"
+#define NID_sbgp_autonomousSysNumv2             1240
+#define OBJ_sbgp_autonomousSysNumv2             OBJ_id_pe,29L
+
 #define SN_id_qt_cps            "id-qt-cps"
 #define LN_id_qt_cps            "Policy Qualifier CPS"
 #define NID_id_qt_cps           164
@@ -1956,6 +1984,14 @@
 #define NID_id_qcs_pkixQCSyntax_v1              359
 #define OBJ_id_qcs_pkixQCSyntax_v1              OBJ_id_qcs,1L
 
+#define SN_ipAddr_asNumber              "ipAddr-asNumber"
+#define NID_ipAddr_asNumber             1241
+#define OBJ_ipAddr_asNumber             OBJ_id_cp,2L
+
+#define SN_ipAddr_asNumberv2            "ipAddr-asNumberv2"
+#define NID_ipAddr_asNumberv2           1242
+#define OBJ_ipAddr_asNumberv2           OBJ_id_cp,3L
+
 #define SN_id_cct_crs           "id-cct-crs"
 #define NID_id_cct_crs          360
 #define OBJ_id_cct_crs          OBJ_id_cct,1L
@@ -2008,6 +2044,21 @@
 #define NID_caRepository                785
 #define OBJ_caRepository                OBJ_id_ad,5L
 
+#define SN_rpkiManifest         "rpkiManifest"
+#define LN_rpkiManifest         "RPKI Manifest"
+#define NID_rpkiManifest                1243
+#define OBJ_rpkiManifest                OBJ_id_ad,10L
+
+#define SN_signedObject         "signedObject"
+#define LN_signedObject         "Signed Object"
+#define NID_signedObject                1244
+#define OBJ_signedObject                OBJ_id_ad,11L
+
+#define SN_rpkiNotify           "rpkiNotify"
+#define LN_rpkiNotify           "RPKI Notify"
+#define NID_rpkiNotify          1245
+#define OBJ_rpkiNotify          OBJ_id_ad,13L
+
 #define OBJ_id_pkix_OCSP                OBJ_ad_OCSP
 
 #define SN_id_pkix_OCSP_basic           "basicOCSPResponse"