You got an EXPKEYSIG error.
Let's fix it.
Your package manager is refusing to install or update software because a GPG signing key has expired. Paste your error below and get the exact commands for your Linux distro.
What is EXPKEYSIG?
Every software repository is signed with a GPG key. When that key expires,
your package manager (apt, dnf, pacman) rejects
it with an EXPKEYSIG error.
Is it dangerous?
An expired key means the authenticity of the repository can't be verified — not that packages are malicious. It's usually a vendor oversight. The fix is importing the new or renewed key.
The fix
Fetch the updated key from a keyserver or official vendor URL, import it, and run your package manager update again. Use the command builder below for your exact distro.
Recognise your error?
These are the two most common forms of the EXPKEYSIG error you'll encounter.
apt / apt-get output
The following signatures were invalid: EXPKEYSIG XXXXXXXXXXXXXXXX Some App Package <package@example.com>W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: https://example.com/packages: The following signatures were invalid: EXPKEYSIG XXXXXXXXXXXXXXXX Some App Package <package@example.com>EXPKEYSIG —
for example 3B4FE6ACC0B21F32. Copy it and paste it into the
command builder below to generate your fix.
Get your fix command
Enter the key ID from your error message, select your distro, and copy the ready-to-run commands. No registration required.
Fix commands for Debian
sudo. When in doubt, check the vendor's official documentation.
Known Key Database
Common packages with pre-built fix instructions
Guides & Reference
Deeper explanations for common scenarios