I don’t think I’ve seen this mentioned anywhere else yet, so I thought I’d bring it up.
It looks like the package signing key for both the Debian and Red Hat packages (as referenced from Linux) is set to expire very soon, March 30, 2023. This is the key downloaded from https://pkg.jenkins.io/debian/jenkins.io.key or https://pkg.jenkins.io/redhat/jenkins.io.key (or the stable versions of those repositories), which appears to be the same at all 4 locations (as verified by SHA-256).
I’m not exactly sure what happens once we pass the expiration date, but I imagine it’s not good things. We should look at rotating the key ASAP and publishing that it’s been updated. I’m not sure if existing users of the APT/RPM repositories will need to manually import the new key or not.