There should be no way to extract the private key from the Nitrokey (any OpenPGP card). Decryption/signing happens on the card with the private key never leaving the card/key. That is the security of an OpenPGP smartcard. Definitely the way Yubikey works and I hope Nitrokey is the same.
I always generate keys seperately on an air gapped PC, backup them up to secure place, then move to Nitrokey.
I generally find this way of generating keys/importing them troublesome, but here it is, in the GPG world.
The manual is not quite wrong. You really need to backup your so-called “main” key, which is used to sign other keys (so-called “subkeys”). Subkeys are the ones used for actual encryption/signing.
If your device breaks down and you use your subkeys, one should generate new subkeys and sign them with the main key. Sure, there is some significant trouble with letting everyone else know you have new subkeys available.
I don’t fully understand why the manual does not explain how to generate subkeys directly on the hardware device. But those things are difficult to explain and write a good manual for.
The thing is if you made a expire date on the key/subkey and if it expires you made a new key/subkey. But you wouln’t buy a new Hardware Token because of expire and you can have only one key set on smartcard. The smartcard would be overwritten with the new one and that is the only option because of security. The “Main” Private Key is to sign new subkeys yes, and the 3 Private “Subkey” is to Authenticate or to Sign or to DECRYPT. That’s important, the Private key is there to decrypt. If you lose the Decrypt key you have Data loss if you do not have a Backup decrypt key.
And if you want to change the expire date you need the Backup key to do that, because in my understanding there is no way to change it on the smartcard directly. (And you have to know what you are doing)
Old E-Mail could not be important enough and/or secure enough because some reasons of the Internet. But if you have files stored encrypted what is important enough to have a backup, then you have to check that you do not lose to be able to decrypt it.