Consul service mesh certification authority - build-in

i am using service mesh with
{
connect: enable
}

but did not configure connect.privateKey, connect.RootCert

then , consul will automatically that values
so when i call “curl http://127.0.0.1:8500/v1/connect/ca/roots
i got some info like this

{
  "ActiveRootID": "",
  "TrustDomain": "l",
  "Roots": [
    {
      "NotBefore": "2023-06-07T22:42:49Z",
      "NotAfter": "2033-06-04T22:42:49Z",
      "RootCert": "-----BEGIN CERTIFICATE----------END CERTIFICATE-----\n"
    }
  ]
}

i am wondering,
before NotAfter period, consul connect will regenerate rootCert?

do you know the answer?