Using sys-firewall as UpdateVM to download updates for Dom0; this may take some time...
--> Running transaction check
---> Package kernel-419.x86_64 1000:4.19.182-1.pvops.qubes will be installed
--> Finished Dependency Resolution
kernel-419-4.19.182-1.pvops.qubes.x86_64.rpm | 50 MB 00:04
Successfully verified /var/lib/qubes/dom0-updates/packages/kernel-419-4.19.182-1.pvops.qubes.x86_64.rpm
Qubes OS Repository for Dom0 125 MB/s | 161 kB 00:00
Dependencies resolved.
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
kernel-419 x86_64 1000:4.19.182-1.pvops.qubes qubes-dom0-cached 50 M
Transaction Summary
================================================================================
Install 1 Package
Total size: 50 M
Installed size: 252 M
Is this ok [y/N]:
Explanations : the repomd.xml refers the repodata/0d0fc2a6e28dbf0fd656c000f93d56316f41371182301ec0587d3c781ac3433f-primary.xml.gz which contains:
@ludovic provided the right answer, but my initial thoughts from the first post were if you were sure you wanted kernel 4.9? That is quite old and is considered a 3 year old stale branch according to Github 0.
If an older kernel version branch is sought (older than 5.4), kernel version 4.19 is available and is an active branch; it is available as package kernel-419 (and kernel-419-qubes-vm).
In terms of downgrading instruction, what you tried, as well as what is documented, is the right way.
It appears the Qubes 4.0 current repo metadata only includes the latest packages, or some packages after a certain point. A quick and weak bisect shows that somewhere between November and December 2020 only the latest packages were included in the repo metadata. Perhaps this was a repo “refresh” to minimize the size of repodata? I am not sure and have not investigated any package generation changes that occurred around that time.
What this means is if you perform manual .rpm file downloads, it will be up to you to resolve any dependencies since you are no longer relying on repo data to find and install dependencies for you.
And as always, be cautious of what rpms you install, especially in dom0. Older packages that are properly signed may have vulnerabilities that were later fixed in future versions.