To my knowledge there’s no automatic rotation of the certificates so under normal situations there would be no automatic change of the signing certificate; given they have a substantial lifetime this should not pose any short-term concern and any future rotation required due to expiration can be properly documented in time.
There are situations where a change of certificate could be required, however since these would not happen automatically they would be coordinated in a case by case basis.
In addition, for certain situations you can already implement your system in a way that it will respond to a change in signing keys automatically. For example, if you require the public key associated with the signing certificate for the purpose of validating issued JWT tokens then if the system obtains the key from
https://[your_account].auth0.com/.well-known/jwks.json endpoint it can cache it for performance reasons until it receives a JWT token with a key identifier that does not match the one it has on cache. At this time the system can decide to make another request to the above endpoint to check if there are new keys available and if keys changed proceed to use the new ones automatically.