Grafana Repository Issue (2025 Version)
What’s Going On?
- The repository’s key (fingerprint
B53AE77BADB630A683046005963FA27710458545) expired on 2025‑08‑23. - This expired key causes the InRelease file signature to be invalid, resulting in the
EXPKEYSIGerror you're seeing. - This isn't a local issue—Grafana's key on their servers needs a replacement - https://apt.grafana.com/.
Grafana has already rotated and extended the key, so you just need to refresh it on your system:
# Remove old expired Grafana key (if present)
sudo apt-key del B53AE77BADB630A683046005963FA27710458545 2>/dev/null || true
sudo apt-key del 4E40DDF6D76E284A4A6780E48C8C34C524098CB6 2>/dev/null || true
sudo apt-key del 0E22EB88E39E12277A7760AE9E439B102CF3C0C6 2>/dev/null || true
# Create keyring directory
sudo mkdir -p /etc/apt/keyrings/
# Download and install the refreshed Grafana key
wget -q -O - [https://apt.grafana.com/gpg.key](https://apt.grafana.com/gpg.key) | gpg --dearmor | sudo tee /etc/apt/keyrings/grafana.gpg > /dev/null
# Update Grafana repo definition to use new keyring
echo "deb [signed-by=/etc/apt/keyrings/grafana.gpg] [https://apt.grafana.com](https://apt.grafana.com) stable main" | sudo tee /etc/apt/sources.list.d/grafana.list
# Refresh package lists
sudo apt-get update
# Upgrade Grafana (and other packages if available)
sudo apt-get upgrade
This will:
- Clean out any old/expired keys.
- Import the new extended key.
- Ensure your Grafana repo uses
/etc/apt/keyrings/grafana.gpggoing forward.
✅ Why This Works
- The error was caused because your system still had the old Grafana key cached, which expired on 2025-08-23.
- On 2025-08-22, Grafana extended the new key (
B53AE77BADB630A683046005963FA27710458545) for two more years. - By re-importing it, you’re telling
aptto trust the updated key, and the signature verification will pass again.
Updated on: 24/12/2025
Thank you!