Does anyone affected have a copy of one of the affected certificates? I'd be interested in seeing more detail on what went wrong.

The most likely thing to me would be that it attempted to issue a 1-year-long certificate, but naively produced a date of Feb 29, 2025.

Dates in certificates are encoded as `YYMMDDhhmmssZ` so it would certainly be possible to produce a certificate with an invalid date.