ERASEALL and ERASEPROTECT.DISABLE do not delete keys stored in modem.

The documentation for ERASEPROTECT.DISABLE states:

The erase protection mechanism can be disabled in order to return a device to factory default settings upon next reset.

For ERASEALL, it says:

Erase all function gives debugger the possibility of triggering an erase of flash, user information configuration registers (UICR), RAM, including all peripheral settings, as well as removing the access port protection.

However, the command AT%CMNG=1 indicates that certificates and private keys are still stored after erasure by either method.  This is the main issue.

Additionally, regardless of whether the main issue is in software or documentation, the documentation should make it clear whether or not these two methods have the same effect.  The current wording makes it uncertain.

Related