The answer I would provide is that a keystore file is to authenticate yourself to anyone who is asking. It isn’t restricted to just signing .apk files, you can use it to store personal certificates, sign data to be transmitted and a whole variety of authentication.
In terms of what you do with it for Android and probably what you’re looking for since you mention signing apk’s, it is your certificate. You are branding your application with your credentials. You can brand multiple applications with the same key, in fact, it is recommended that you use one certificate to brand multiple applications that you write. It easier to keep track of what applications belong to you.
I’m not sure what you mean by implications. I suppose it means that no one but the holder of your certificate can update your application. That means that if you release it into the wild, lose the cert you used to sign the application, then you cannot release updates so keep that cert safe and backed up if need be.
But apart from signing apks to release into the wild, you can use it to authenticate your device to a server over SSL if you so desire, (also Android related) among other functions.