We will switch the openSUSE Tumbleweed signing key that signs the repositories and RPMs from 2048bit RSA key to a 4096bit RSA key early next week.
They key is already delivered for several months and in your systems.
rpm -ql openSUSE-build-key /usr/lib/rpm/gnupg/keys/gpg-pubkey-29b700a4-62b07e22.asc
fingerprint: pub rsa4096/0x35A2F86E29B700A4 2022-06-20 [SC] [expires: 2026-06-19] Key fingerprint = AD48 5664 E901 B867 051A B15F 35A2 F86E 29B7 00A4 uid openSUSE Project Signing Key firstname.lastname@example.org
and should be in trusted RPM keyring already:
rpm -qi gpg-pubkey-29b700a4-62b07e22 ... will show it ...
Tracker bug: https://bugzilla.suse.com/show_bug.cgi?id=1199184