Fedora 42 Download Failed:Transaction failed: Signature verification failed

package puppet-release-1.0.0-34.el8.noarch cannot be verified and repo puppet is GPG enabled: /var/cache/PackageKit/41/metadata/puppet-41-x86_64/packages/puppet-release-1.0.0-34.el8.noarch.rpm could not be verified.
/var/cache/PackageKit/41/metadata/puppet-41-x86_64/packages/puppet-release-1.0.0-34.el8.noarch.rpm: Verifying a signature using certificate D6811ED3ADEEB8441AF5AA8F4528B6CD9E61EF26 (Puppet, Inc. Release Key (Puppet, Inc. Release Key) release@puppet.com):

1. Certificate 4528B6CD9E61EF26 invalid: certificate is not alive
   because: The primary key is not live
   because: Expired on 2025-04-06T21:39:22Z
2. Key 4528B6CD9E61EF26 invalid: key is not alive
   because: The primary key is not live
   because: Expired on 2025-04-06T21:39:22Z: digest: SIGNATURE: NOT OK

Don’t use an el8 package. Fedora 42 provides a puppet package.

sudo dnf install puppet

… unless you are running RedHat Enterprice or one of its clones.

[2774/2774] Total 100% | 4.8 MiB/s | 1.0 GiB | 03m41s
Testing offline transaction
Transaction failed: Rpm transaction failed.

is this the ouput of dnf update? We need to see the verbose output, please run sudo dnf -v update --refresh

sudo dnf -v update --refresh
[sudo] password for amunir:
Unknown argument “-v” for command “dnf5”. Add “–help” for more information about the arguments.

Ok, dnf version 5 didn’t implement the -v for verbose option.

What happens if you run

 sudo dnf update && sudo dnf install puppet

The message is pretty clear.
You are using the puppet third party yum repository. And their gpg key is expired.

And yes, it looks like you have installed the one for EL8 (CentOS, Red Hat EL, Rocky Linux, etc.)
If I were you, I would uninstall puppet, remove such repository, make the update and eventually install puppet from the Fedora repository, as suggested by others.

I did uninstall puppet and remove the repo and ran Fedora update. got the following.

259/259] Total 100% | 13.8 KiB/s | 177.4 KiB | 00m13s
Running transaction
Transaction failed: Signature verification failed.
OpenPGP check for package “puppet-release-1.0.0-34.el8.noarch” (/var/cache/libdnf5/puppet-8b50862c5899408e/packages/puppet-release-1.0.0-34.el8.noarch.rpm) from repo “puppet” has failed: Problem occurred when opening the package.
[amunir@middlewareadmin yum.repos.d]$ ll
total 36
-rw-r–r–. 1 root root 376 Aug 5 2024 _copr:copr.fedorainfracloud.org:phracek:PyCharm.repo
-rw-r–r–. 1 root root 1102 Oct 17 2024 fedora-cisco-openh264.repo
-rw-r–r–. 1 root root 1239 Oct 17 2024 fedora.repo
-rw-r–r–. 1 root root 1286 Oct 17 2024 fedora-updates.repo
-rw-r–r–. 1 root root 1344 Oct 17 2024 fedora-updates-testing.repo
-rw-r–r–. 1 root root 199 Aug 5 2024 google-chrome.repo
-rw-r–r–. 1 root root 191 Jun 13 2024 puppet-release.repo
-rw-r–r–. 1 root root 1487 Aug 5 2024 rpmfusion-nonfree-nvidia-driver.repo
-rw-r–r–. 1 root root 1391 Aug 5 2024 rpmfusion-nonfree-steam.repo

Looks like that the puppet repository is still there? And that the puppet-release package is still installed as well?

What is the result of these command?
dnf repolist --enabled
rpm -qa | grep puppet

[amunir@middlewareadmin ~]$ dnf repolist --enabled
repo id repo name
copr:copr.fedorainfracloud.org:phracek:PyCharm Copr repo for PyCharm owned by phracek
fedora Fedora 41 - x86_64
fedora-cisco-openh264 Fedora 41 openh264 (From Cisco) - x86_64
google-chrome google-chrome
puppet Puppet Repository el 8 - x86_64
rpmfusion-nonfree-nvidia-driver RPM Fusion for Fedora 41 - Nonfree - NVIDIA Driver
rpmfusion-nonfree-steam RPM Fusion for Fedora 41 - Nonfree - Steam
updates Fedora 41 - x86_64 - Updates

rpm -qa |grep puppet
puppet-release-1.0.0-33.el8.noarch

As you can see, puppet repository is still there and the puppet-release package is still installed.

I would try:
sudo dnf remove puppet-release
and eventually
sudo dnf5 config-manager setopt puppet.enabled=0

upgrade my Fedora 41 to Fedora 42 thanks all for the support.