Comment 1 for bug 1192717

When downloading anew, all keyring expiry values are checked.

For cached keyrings, I will add checks similar to LP: #1195057, i.e. specifically on the image-master and image-signing keyrings. We don't need to check blacklist or device-signing since these are always downloaded, and we don't need to check archive-master for the same reasons as described in LP: #1195057