I guess what we need is a utility or terminal command that will enable us to edit the certificate expiration dates.There was a thread on MR about expired certificates of system installers downloaded in the past that I can't find ATM. Basically, you got an error and couldn't install anymore macOS even from a flash drive installer.
AFAIK you had two options:
1. download again from MAS with an updated certificate (that option seems to vanish)
2. reset your Mac to some date before certificate expiration (e.g. 'sudo date 0101010116')
If the possibility to download old installers won't be given anymore for certain installers, there comes the time when you need some trick like option 2 to make use of your copy of Sierra. Other possibilities could be to disable certificate validation or exchange the expired cert with a new one. I don't know how to do that.
To check the expiration date of a certain package you double-click a package and press the lock icon in the right corner of the installer window. See https://support.apple.com/en-us/HT202369
Checking a pkg file in my recently downloaded macOS Sierra installer came up with expiration on 24th October 2019.
If the installer package isn't able to start up the installer window, you can try checking the signature's validity by:
There are various other certificates in the (key)chain that macOS will consider, too.Code:
pkgutil --check-signature path/to/installer.pkg
By the way, I'm not an early adopter anymore and will probably wait for the last release of High Sierra before installing it. That should be next year around the same time. Then I'll also have one or two bootable backups of Sierra ready...
IMO, it would be kindly, if Apple would continue to serve old operating systems with updated signatures, though.