If you are running Debian/Ubuntu and you are getting “The following signatures are invalid” when running apt-get commands (such as apt-get upgrade) and the error looks like:
Reading package lists... Done
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://repo.mysql.com jessie InRelease: The following signatures were invalid: KEYEXPIRED 1487236823 KEYEXPIRED 1487236823 KEYEXPIRED 1487236823
W: GPG error: http://nginx.org jessie InRelease: The following signatures were invalid: KEYEXPIRED 1471427554
W: Failed to fetch http://repo.mysql.com/apt/debian/dists/jessie/InRelease
W: Some index files failed to download. They have been ignored, or old ones used instead.
As root run:
for K in $(apt-key list | grep expired | cut -d'/' -f2 | cut -d' ' -f1); do sudo apt-key adv --recv-keys --keyserver keys.gnupg.net $K; done