diff --git a/cmd/notary/prettyprint.go b/cmd/notary/prettyprint.go
index 96a3ef8225..13b2a7e32a 100644
--- a/cmd/notary/prettyprint.go
+++ b/cmd/notary/prettyprint.go
@@ -98,7 +98,10 @@ func prettyPrintKeys(keyStores []trustmanager.KeyStore, writer io.Writer) {
 		for keyPath, role := range store.ListKeys() {
 			gun := ""
 			if role != data.CanonicalRootRole {
-				gun = filepath.Dir(keyPath)
+				dirPath := filepath.Dir(keyPath)
+				if dirPath != "." { // no gun
+					gun = dirPath
+				}
 			}
 			info = append(info, keyInfo{
 				role:     role,
@@ -108,6 +111,7 @@ func prettyPrintKeys(keyStores []trustmanager.KeyStore, writer io.Writer) {
 			})
 		}
 	}
+
 	if len(info) == 0 {
 		writer.Write([]byte("No signing keys found.\n"))
 		return
diff --git a/cmd/notary/prettyprint_test.go b/cmd/notary/prettyprint_test.go
index afb14dffcc..cd58022d70 100644
--- a/cmd/notary/prettyprint_test.go
+++ b/cmd/notary/prettyprint_test.go
@@ -93,30 +93,33 @@ func TestPrettyPrintRootAndSigningKeys(t *testing.T) {
 
 	longNameShortened := "..." + strings.Repeat("z", 37)
 
-	// just use the same key for testing
-	key, err := trustmanager.GenerateED25519Key(rand.Reader)
-	assert.NoError(t, err)
+	keys := make([]data.PrivateKey, 3)
+	for i := 0; i < 3; i++ {
+		key, err := trustmanager.GenerateED25519Key(rand.Reader)
+		assert.NoError(t, err)
+		keys[i] = key
+	}
 
 	root := data.CanonicalRootRole
 
 	// add keys to the key stores
-	err = keyStores[0].AddKey(key.ID(), root, key)
-	assert.NoError(t, err)
-
-	err = keyStores[1].AddKey(key.ID(), root, key)
-	assert.NoError(t, err)
-
-	err = keyStores[0].AddKey(strings.Repeat("a/", 30)+key.ID(), "targets", key)
-	assert.NoError(t, err)
-
-	err = keyStores[1].AddKey("short/gun/"+key.ID(), "snapshot", key)
-	assert.NoError(t, err)
+	assert.NoError(t, keyStores[0].AddKey(keys[0].ID(), root, keys[0]))
+	assert.NoError(t, keyStores[1].AddKey(keys[0].ID(), root, keys[0]))
+	assert.NoError(t, keyStores[0].AddKey(strings.Repeat("a/", 30)+keys[0].ID(), "targets", keys[0]))
+	assert.NoError(t, keyStores[1].AddKey("short/gun/"+keys[0].ID(), "snapshot", keys[0]))
+	assert.NoError(t, keyStores[0].AddKey(keys[1].ID(), "targets/a", keys[1]))
+	assert.NoError(t, keyStores[0].AddKey(keys[2].ID(), "invalidRole", keys[2]))
 
 	expected := [][]string{
-		{root, key.ID(), keyStores[0].Name()},
-		{root, key.ID(), longNameShortened},
-		{"targets", "..." + strings.Repeat("/a", 11), key.ID(), keyStores[0].Name()},
-		{"snapshot", "short/gun", key.ID(), longNameShortened},
+		// root always comes first
+		{root, keys[0].ID(), keyStores[0].Name()},
+		{root, keys[0].ID(), longNameShortened},
+		// these have no gun, so they come first
+		{"invalidRole", keys[2].ID(), keyStores[0].Name()},
+		{"targets/a", keys[1].ID(), keyStores[0].Name()},
+		// these have guns, and are sorted then by guns
+		{"targets", "..." + strings.Repeat("/a", 11), keys[0].ID(), keyStores[0].Name()},
+		{"snapshot", "short/gun", keys[0].ID(), longNameShortened},
 	}
 
 	var b bytes.Buffer