I'm not sure if this is the right analogy. AP ID is a URL under which you can find metadata and public signing keys for the account. It's an in-envelope concept (to borrow e-mail terminology) and has ~nothing to do with routing (in fact the metadata returned points at your inbox, outbox, and other collections, which can be hosted wherever the handler of that URL desires).
I do agree that it's bad that we have two levels of IDs and different pieces of software consider different levels as persistent.
@robryk @filippo Hmm, that is a good point. Requiring the eventual endpoint respond with a certificate for the original domain would solve that but add its own complexity. Messy.