If you have an expired certificate in your keybox/keyring and import the extended pubkey the trustdb is not updated.
This is an issue in real life: it was reported (for VSD 3.2.0) that the TrustedKey of an organization expired, then extended and the extended certificate was imported by the employees. But still that certificate and all certificated signed by that key were shown as "not certified".
F5 does not help.
Currently one has to import and certify a new key as a workaround to update the trustdb or explicitly update it on the command line with `gpg --check-trustdb`.
Can we automatically update the trustdb on import of new signatures, too, and not only for a new key import as in {T6399}?
To clarify: If one does set a new Trusted Key, pressing F5 helps to mark the certificates signed by it as certified. But this has no effect in the here described case if a Trusted Key has expired and its extended certificate is imported.