When I ran my own CA I issued certificates with 99-year expiry dates, and I never worried about them again.