diff --git a/lib/pleroma/signature.ex b/lib/pleroma/signature.ex
index 25fad22f7..bc3baf433 100644
--- a/lib/pleroma/signature.ex
+++ b/lib/pleroma/signature.ex
@@ -47,7 +47,7 @@ defmodule Pleroma.Signature do
 
   def sign(%User{} = user, headers) do
     with {:ok, private_key} <- SigningKey.private_key(user) do
-      HTTPSignatures.sign(private_key, user.ap_id <> "#main-key", headers)
+      HTTPSignatures.sign(private_key, SigningKey.local_key_id(user.ap_id), headers)
     end
   end
 
diff --git a/lib/pleroma/user/signing_key.ex b/lib/pleroma/user/signing_key.ex
index f88faf70f..f25489068 100644
--- a/lib/pleroma/user/signing_key.ex
+++ b/lib/pleroma/user/signing_key.ex
@@ -91,7 +91,15 @@ defmodule Pleroma.User.SigningKey do
     |> change()
     |> put_change(:public_key, local_pem)
     |> put_change(:private_key, private_pem)
-    |> put_change(:key_id, ap_id <> "#main-key")
+    |> put_change(:key_id, local_key_id(ap_id))
+  end
+
+  @spec local_key_id(String.t()) :: String.t()
+  @doc """
+  Given an AP ID, return the key ID for the local user.
+  """
+  def local_key_id(ap_id) do
+    ap_id <> "#main-key"
   end
 
   @spec private_pem_to_public_pem(binary) :: {:ok, binary()} | {:error, String.t()}
diff --git a/lib/pleroma/web/activity_pub/views/user_view.ex b/lib/pleroma/web/activity_pub/views/user_view.ex
index ad6aeaff2..2ca31fc3c 100644
--- a/lib/pleroma/web/activity_pub/views/user_view.ex
+++ b/lib/pleroma/web/activity_pub/views/user_view.ex
@@ -49,7 +49,7 @@ defmodule Pleroma.Web.ActivityPub.UserView do
       "url" => user.ap_id,
       "manuallyApprovesFollowers" => false,
       "publicKey" => %{
-        "id" => "#{user.ap_id}#main-key",
+        "id" => User.SigningKey.local_key_id(user.ap_id),
         "owner" => user.ap_id,
         "publicKeyPem" => public_key
       },
@@ -97,7 +97,7 @@ defmodule Pleroma.Web.ActivityPub.UserView do
       "url" => user.ap_id,
       "manuallyApprovesFollowers" => user.is_locked,
       "publicKey" => %{
-        "id" => "#{user.ap_id}#main-key",
+        "id" => User.SigningKey.local_key_id(user.ap_id),
         "owner" => user.ap_id,
         "publicKeyPem" => public_key
       },
diff --git a/priv/repo/migrations/20240625220752_move_signing_keys.exs b/priv/repo/migrations/20240625220752_move_signing_keys.exs
index 4e8eef6c9..9104b7c29 100644
--- a/priv/repo/migrations/20240625220752_move_signing_keys.exs
+++ b/priv/repo/migrations/20240625220752_move_signing_keys.exs
@@ -15,6 +15,7 @@ defmodule Pleroma.Repo.Migrations.MoveSigningKeys do
     Repo.stream(query, timeout: :infinity)
     |> Enum.each(fn
       %User{id: user_id, keys: private_key, local: true, ap_id: ap_id} ->
+        IO.puts("Migrating user #{user_id}")
         # we can precompute the public key here...
         # we do use it on every user view which makes it a bit of a dos attack vector
         # so we should probably cache it
@@ -23,7 +24,7 @@ defmodule Pleroma.Repo.Migrations.MoveSigningKeys do
         key = %User.SigningKey{
           user_id: user_id,
           public_key: public_key,
-          key_id: "#{ap_id}#main-key",
+          key_id: User.SigningKey.local_key_id(ap_id),
           private_key: private_key
         }