This is expected, the policy only takes effect on the data stored against the key when the key is actually used. So you must use the key against the gateway for the policy rules to be applied.
Thanks Martin for the answer. so is this a current assumption that after updating the policy and using the key against gateway , if I look up the key, I will see the changes are affected?
Yes, if the key is actively used, the data will be copied into the token and so would update when you loked at it again in the dashboard (or used the API).