Back in the wild west of the early internet, managing "Trusted Root Certificates" was a manual headache. Your operating system needed to know which Certificate Authorities (CAs) to trust (like VeriSign, DigiCert, etc.) so you wouldn't get security warnings when visiting HTTPS sites.
Because rootsupd.exe had a hardcoded expiration date. The logic inside the executable essentially said, "If the system date is past X, do not install these certificates." It was a security measure to prevent ancient, potentially compromised certificates from being force-fed to a modern machine, but it confused plenty of sysadmins who thought the file was broken. rootsupd.exe