diff --git a/fixtures/ipns_records/README.md b/fixtures/ipns_records/README.md
index 772712820..76dfb4335 100644
--- a/fixtures/ipns_records/README.md
+++ b/fixtures/ipns_records/README.md
@@ -4,20 +4,13 @@
 
 ### Fixtures and ipns-record
 
-```sh
-# using Kubo CLI version 0.21.0-rc3 (https://dist.ipfs.tech/kubo/v0.21.0-rc3/)
-FILE_CID=$(echo "Hello IPFS" | ipfs add --cid-version 1 -q)
-IPNS_KEY=$(ipfs key gen ipns-record)
+```shell
+> go run generator/main.go
 
-ipfs dag export ${FILE_CID} > fixtures.car
-
-# publish a record valid for a 100 years
-ipfs name publish --key=ipns-record --quieter --ttl=876600h --lifetime=876600h /ipfs/${FILE_CID}
-ipfs routing get /ipns/${IPNS_KEY} > ${IPNS_KEY}.ipns-record
-
-echo IPNS_KEY=${IPNS_KEY}
-echo FILE_CID=${FILE_CID} # A file containing "Hello IPFS"
-
-# IPNS_KEY=k51qzi5uqu5dh71qgwangrt6r0nd4094i88nsady6qgd1dhjcyfsaqmpp143ab
-# FILE_CID=bafkreidfdrlkeq4m4xnxuyx6iae76fdm4wgl5d4xzsb77ixhyqwumhz244 # A file containing Hello IPFS
-```
+k51qzi5uqu5dm4tm0wt8srkg9h9suud4wuiwjimndrkydqm81cqtlb5ak6p7ku_v1.ipns-record -> /ipfs/bafkqadtwgeww63tmpeqhezldn5zgi
+k51qzi5uqu5dlkw8pxuw9qmqayfdeh4kfebhmreauqdc6a7c3y7d5i9fi8mk9w_v1-v2.ipns-record -> /ipfs/bafkqaddwgevxmmraojswg33smq
+k51qzi5uqu5dlmit2tuwdvnx4sbnyqgmvbxftl0eo3f33wwtb9gr7yozae9kpw_v1-v2-broken-v1-value.ipns-record -> /ipfs/bafkqahtwgevxmmraojswg33smqqho2lunaqge4tpnnsw4idwmfwhkzi
+k51qzi5uqu5dilgf7gorsh9vcqqq4myo6jd4zmqkuy9pxyxi5fua3uf7axph4y_v1-v2-broken-signature-v1.ipns-record -> /ipfs/bafkqahtwgevxmmrao5uxi2bamjzg623fnyqhg2lhnzqxi5lsmuqhmmi
+k51qzi5uqu5diamp7qnnvs1p1gzmku3eijkeijs3418j23j077zrkok63xdm8c_v1-v2-broken-signature-v2.ipns-record -> /ipfs/bafkqahtwgevxmmrao5uxi2bamjzg623fnyqhg2lhnzqxi5lsmuqhmmq
+k51qzi5uqu5dit2ku9mutlfgwyz8u730on38kd10m97m36bjt66my99hb6103f_v2.ipns-record -> /ipfs/bafkqadtwgiww63tmpeqhezldn5zgi
+```
\ No newline at end of file
diff --git a/fixtures/ipns_records/fixtures.car b/fixtures/ipns_records/fixtures.car
deleted file mode 100644
index 5c541e430..000000000
Binary files a/fixtures/ipns_records/fixtures.car and /dev/null differ
diff --git a/fixtures/ipns_records/generator/go.mod b/fixtures/ipns_records/generator/go.mod
new file mode 100644
index 000000000..a3c8989f0
--- /dev/null
+++ b/fixtures/ipns_records/generator/go.mod
@@ -0,0 +1,39 @@
+module generator
+
+go 1.20
+
+require (
+	github.com/ipfs/boxo v0.12.0
+	github.com/ipfs/go-cid v0.4.1
+	github.com/libp2p/go-libp2p v0.26.3
+	google.golang.org/protobuf v1.30.0
+)
+
+require (
+	github.com/decred/dcrd/dcrec/secp256k1/v4 v4.1.0 // indirect
+	github.com/gogo/protobuf v1.3.2 // indirect
+	github.com/ipfs/go-log/v2 v2.5.1 // indirect
+	github.com/ipld/go-ipld-prime v0.21.0 // indirect
+	github.com/klauspost/cpuid/v2 v2.2.3 // indirect
+	github.com/libp2p/go-buffer-pool v0.1.0 // indirect
+	github.com/libp2p/go-libp2p-record v0.2.0 // indirect
+	github.com/mattn/go-isatty v0.0.17 // indirect
+	github.com/minio/sha256-simd v1.0.0 // indirect
+	github.com/mr-tron/base58 v1.2.0 // indirect
+	github.com/multiformats/go-base32 v0.1.0 // indirect
+	github.com/multiformats/go-base36 v0.2.0 // indirect
+	github.com/multiformats/go-multiaddr v0.8.0 // indirect
+	github.com/multiformats/go-multibase v0.2.0 // indirect
+	github.com/multiformats/go-multicodec v0.9.0 // indirect
+	github.com/multiformats/go-multihash v0.2.3 // indirect
+	github.com/multiformats/go-multistream v0.4.1 // indirect
+	github.com/multiformats/go-varint v0.0.7 // indirect
+	github.com/polydawn/refmt v0.89.0 // indirect
+	github.com/spaolacci/murmur3 v1.1.0 // indirect
+	go.uber.org/atomic v1.10.0 // indirect
+	go.uber.org/multierr v1.9.0 // indirect
+	go.uber.org/zap v1.24.0 // indirect
+	golang.org/x/crypto v0.6.0 // indirect
+	golang.org/x/sys v0.6.0 // indirect
+	lukechampine.com/blake3 v1.1.7 // indirect
+)
diff --git a/fixtures/ipns_records/generator/go.sum b/fixtures/ipns_records/generator/go.sum
new file mode 100644
index 000000000..f45523856
--- /dev/null
+++ b/fixtures/ipns_records/generator/go.sum
@@ -0,0 +1,164 @@
+github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
+github.com/benbjohnson/clock v1.1.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA=
+github.com/benbjohnson/clock v1.3.0 h1:ip6w0uFQkncKQ979AypyG0ER7mqUSBdKLOgAle/AT8A=
+github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU=
+github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
+github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/decred/dcrd/crypto/blake256 v1.0.0 h1:/8DMNYp9SGi5f0w7uCm6d6M4OU2rGFK09Y2A4Xv7EE0=
+github.com/decred/dcrd/dcrec/secp256k1/v4 v4.1.0 h1:HbphB4TFFXpv7MNrT52FGrrgVXF1owhMVTHFZIlnvd4=
+github.com/decred/dcrd/dcrec/secp256k1/v4 v4.1.0/go.mod h1:DZGJHZMqrU4JJqFAWUS2UO1+lbSKsdiOoYi9Zzey7Fc=
+github.com/frankban/quicktest v1.14.6 h1:7Xjx+VpznH+oBnejlPUj8oUpdxnVs4f8XU8WnHkI4W8=
+github.com/go-yaml/yaml v2.1.0+incompatible/go.mod h1:w2MrLa16VYP0jy6N7M5kHaCkaLENm+P+Tv+MfurjSw0=
+github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q=
+github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q=
+github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk=
+github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
+github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38=
+github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY=
+github.com/gopherjs/gopherjs v0.0.0-20190430165422-3e4dfb77656c h1:7lF+Vz0LqiRidnzC1Oq86fpX1q/iEv2KJdrCtttYjT4=
+github.com/ipfs/boxo v0.12.0 h1:AXHg/1ONZdRQHQLgG5JHsSC3XoE4DjCAMgK+asZvUcQ=
+github.com/ipfs/boxo v0.12.0/go.mod h1:xAnfiU6PtxWCnRqu7dcXQ10bB5/kvI1kXRotuGqGBhg=
+github.com/ipfs/go-cid v0.4.1 h1:A/T3qGvxi4kpKWWcPC/PgbvDA2bjVLO7n4UeVwnbs/s=
+github.com/ipfs/go-cid v0.4.1/go.mod h1:uQHwDeX4c6CtyrFwdqyhpNcxVewur1M7l7fNU7LKwZk=
+github.com/ipfs/go-ipfs-util v0.0.2 h1:59Sswnk1MFaiq+VcaknX7aYEyGyGDAA73ilhEK2POp8=
+github.com/ipfs/go-log/v2 v2.5.1 h1:1XdUzF7048prq4aBjDQQ4SL5RxftpRGdXhNRwKSAlcY=
+github.com/ipfs/go-log/v2 v2.5.1/go.mod h1:prSpmC1Gpllc9UYWxDiZDreBYw7zp4Iqp1kOLU9U5UI=
+github.com/ipld/go-ipld-prime v0.21.0 h1:n4JmcpOlPDIxBcY037SVfpd1G+Sj1nKZah0m6QH9C2E=
+github.com/ipld/go-ipld-prime v0.21.0/go.mod h1:3RLqy//ERg/y5oShXXdx5YIp50cFGOanyMctpPjsvxQ=
+github.com/jtolds/gls v4.20.0+incompatible h1:xdiiI2gbIgH/gLH7ADydsJ1uDOEzR8yvV7C0MuV77Wo=
+github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU=
+github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8=
+github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
+github.com/klauspost/cpuid/v2 v2.0.4/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg=
+github.com/klauspost/cpuid/v2 v2.0.9/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg=
+github.com/klauspost/cpuid/v2 v2.2.3 h1:sxCkb+qR91z4vsqw4vGGZlDgPz3G7gjaLyK3V8y70BU=
+github.com/klauspost/cpuid/v2 v2.2.3/go.mod h1:RVVoqg1df56z8g3pUjL/3lE5UfnlrJX8tyFgg4nqhuY=
+github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
+github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE=
+github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
+github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
+github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
+github.com/libp2p/go-buffer-pool v0.1.0 h1:oK4mSFcQz7cTQIfqbe4MIj9gLW+mnanjyFtc6cdF0Y8=
+github.com/libp2p/go-buffer-pool v0.1.0/go.mod h1:N+vh8gMqimBzdKkSMVuydVDq+UV5QTWy5HSiZacSbPg=
+github.com/libp2p/go-libp2p v0.26.3 h1:6g/psubqwdaBqNNoidbRKSTBEYgaOuKBhHl8Q5tO+PM=
+github.com/libp2p/go-libp2p v0.26.3/go.mod h1:x75BN32YbwuY0Awm2Uix4d4KOz+/4piInkp4Wr3yOo8=
+github.com/libp2p/go-libp2p-record v0.2.0 h1:oiNUOCWno2BFuxt3my4i1frNrt7PerzB3queqa1NkQ0=
+github.com/libp2p/go-libp2p-record v0.2.0/go.mod h1:I+3zMkvvg5m2OcSdoL0KPljyJyvNDFGKX7QdlpYUcwk=
+github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27kJ6hsGG94=
+github.com/mattn/go-isatty v0.0.17 h1:BTarxUcIeDqL27Mc+vyvdWYSL28zpIhv3RoTdsLMPng=
+github.com/mattn/go-isatty v0.0.17/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM=
+github.com/minio/sha256-simd v1.0.0 h1:v1ta+49hkWZyvaKwrQB8elexRqm6Y0aMLjCNsrYxo6g=
+github.com/minio/sha256-simd v1.0.0/go.mod h1:OuYzVNI5vcoYIAmbIvHPl3N3jUzVedXbKy5RFepssQM=
+github.com/mr-tron/base58 v1.2.0 h1:T/HDJBh4ZCPbU39/+c3rRvE0uKBQlU27+QI8LJ4t64o=
+github.com/mr-tron/base58 v1.2.0/go.mod h1:BinMc/sQntlIE1frQmRFPUoPA1Zkr8VRgBdjWI2mNwc=
+github.com/multiformats/go-base32 v0.1.0 h1:pVx9xoSPqEIQG8o+UbAe7DNi51oej1NtK+aGkbLYxPE=
+github.com/multiformats/go-base32 v0.1.0/go.mod h1:Kj3tFY6zNr+ABYMqeUNeGvkIC/UYgtWibDcT0rExnbI=
+github.com/multiformats/go-base36 v0.2.0 h1:lFsAbNOGeKtuKozrtBsAkSVhv1p9D0/qedU9rQyccr0=
+github.com/multiformats/go-base36 v0.2.0/go.mod h1:qvnKE++v+2MWCfePClUEjE78Z7P2a1UV0xHgWc0hkp4=
+github.com/multiformats/go-multiaddr v0.8.0 h1:aqjksEcqK+iD/Foe1RRFsGZh8+XFiGo7FgUCZlpv3LU=
+github.com/multiformats/go-multiaddr v0.8.0/go.mod h1:Fs50eBDWvZu+l3/9S6xAE7ZYj6yhxlvaVZjakWN7xRs=
+github.com/multiformats/go-multiaddr-fmt v0.1.0 h1:WLEFClPycPkp4fnIzoFoV9FVd49/eQsuaL3/CWe167E=
+github.com/multiformats/go-multibase v0.2.0 h1:isdYCVLvksgWlMW9OZRYJEa9pZETFivncJHmHnnd87g=
+github.com/multiformats/go-multibase v0.2.0/go.mod h1:bFBZX4lKCA/2lyOFSAoKH5SS6oPyjtnzK/XTFDPkNuk=
+github.com/multiformats/go-multicodec v0.9.0 h1:pb/dlPnzee/Sxv/j4PmkDRxCOi3hXTz3IbPKOXWJkmg=
+github.com/multiformats/go-multicodec v0.9.0/go.mod h1:L3QTQvMIaVBkXOXXtVmYE+LI16i14xuaojr/H7Ai54k=
+github.com/multiformats/go-multihash v0.2.3 h1:7Lyc8XfX/IY2jWb/gI7JP+o7JEq9hOa7BFvVU9RSh+U=
+github.com/multiformats/go-multihash v0.2.3/go.mod h1:dXgKXCXjBzdscBLk9JkjINiEsCKRVch90MdaGiKsvSM=
+github.com/multiformats/go-multistream v0.4.1 h1:rFy0Iiyn3YT0asivDUIR05leAdwZq3de4741sbiSdfo=
+github.com/multiformats/go-multistream v0.4.1/go.mod h1:Mz5eykRVAjJWckE2U78c6xqdtyNUEhKSM0Lwar2p77Q=
+github.com/multiformats/go-varint v0.0.7 h1:sWSGR+f/eu5ABZA2ZpYKBILXTTs9JWpdEM/nEGOHFS8=
+github.com/multiformats/go-varint v0.0.7/go.mod h1:r8PUYw/fD/SjBCiKOoDlGF6QawOELpZAu9eioSos/OU=
+github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
+github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
+github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
+github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/polydawn/refmt v0.89.0 h1:ADJTApkvkeBZsN0tBTx8QjpD9JkmxbKp0cxfr9qszm4=
+github.com/polydawn/refmt v0.89.0/go.mod h1:/zvteZs/GwLtCgZ4BL6CBsk9IKIlexP43ObX9AxTqTw=
+github.com/rogpeppe/go-internal v1.9.0 h1:73kH8U+JUqXU8lRuOHeVHaa/SZPifC7BkcraZVejAe8=
+github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
+github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc=
+github.com/smartystreets/assertions v1.2.0 h1:42S6lae5dvLc7BrLu/0ugRtcFVjoJNMC/N3yZFZkDFs=
+github.com/smartystreets/assertions v1.2.0/go.mod h1:tcbTF8ujkAEcZ8TElKY+i30BzYlVhC/LOxJk7iOWnoo=
+github.com/smartystreets/goconvey v1.7.2 h1:9RBaZCeXEQ3UselpuwUQHltGVXvdwm6cv1hgR6gDIPg=
+github.com/smartystreets/goconvey v1.7.2/go.mod h1:Vw0tHAZW6lzCRk3xgdin6fKYcG+G3Pg9vgXWeJpQFMM=
+github.com/spaolacci/murmur3 v1.1.0 h1:7c1g84S4BPRrfL5Xrdp6fOJ206sU9y293DDHaoy0bLI=
+github.com/spaolacci/murmur3 v1.1.0/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA=
+github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
+github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
+github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
+github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk=
+github.com/urfave/cli v1.22.10/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0=
+github.com/warpfork/go-wish v0.0.0-20220906213052-39a1cc7a02d0 h1:GDDkbFiaK8jsSDJfjId/PEGEShv6ugrt4kYsC5UIDaQ=
+github.com/warpfork/go-wish v0.0.0-20220906213052-39a1cc7a02d0/go.mod h1:x6AKhvSSexNrVSrViXSHUEbICjmGXhtgABaHIySUSGw=
+github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
+github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
+github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k=
+go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc=
+go.uber.org/atomic v1.10.0 h1:9qC72Qh0+3MqyJbAn8YU5xVq1frD8bn3JtD2oXtafVQ=
+go.uber.org/atomic v1.10.0/go.mod h1:LUxbIzbOniOlMKjJjyPfpl4v+PKK2cNJn91OQbhoJI0=
+go.uber.org/goleak v1.1.11-0.20210813005559-691160354723/go.mod h1:cwTWslyiVhfpKIDGSZEM2HlOvcqm+tG4zioyIeLoqMQ=
+go.uber.org/goleak v1.1.12 h1:gZAh5/EyT/HQwlpkCy6wTpqfH9H8Lz8zbm3dZh+OyzA=
+go.uber.org/multierr v1.6.0/go.mod h1:cdWPpRnG4AhwMwsgIHip0KRBQjJy5kYEpYjJxpXp9iU=
+go.uber.org/multierr v1.9.0 h1:7fIwc/ZtS0q++VgcfqFDxSBZVv/Xo49/SYnDFupUwlI=
+go.uber.org/multierr v1.9.0/go.mod h1:X2jQV1h+kxSjClGpnseKVIxpmcjrj7MNnI0bnlfKTVQ=
+go.uber.org/zap v1.19.1/go.mod h1:j3DNczoxDZroyBnOT1L/Q79cfUMGZxlv/9dzN7SM1rI=
+go.uber.org/zap v1.24.0 h1:FiJd5l1UOLj0wCgbSE0rwwXHzEdAZS6hiiSnxJN/D60=
+go.uber.org/zap v1.24.0/go.mod h1:2kMP+WWQ8aoFoedH3T2sq6iJ2yDWpHbP0f6MQbS9Gkg=
+golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
+golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
+golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
+golang.org/x/crypto v0.6.0 h1:qfktjS5LUO+fFKeJXZ+ikTRijMmljikvG68fpMMruSc=
+golang.org/x/crypto v0.6.0/go.mod h1:OFC/31mSvZgRz0V1QTNCzfAI1aIRzbiufJtkMIlEp58=
+golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
+golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
+golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
+golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
+golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
+golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
+golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
+golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
+golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
+golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM=
+golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20220704084225-05e143d24a9e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.6.0 h1:MVltZSvRTcU2ljQOhs94SXPftV6DCNnZViHeQps87pQ=
+golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
+golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
+golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
+golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
+golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
+golang.org/x/tools v0.0.0-20190328211700-ab21143f2384/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
+golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
+golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
+golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
+golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
+golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
+google.golang.org/protobuf v1.30.0 h1:kPPoIgf3TsEvrm0PFe15JQ+570QVxYzEvvHqChK+cng=
+google.golang.org/protobuf v1.30.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
+gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
+gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
+gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
+gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
+gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
+lukechampine.com/blake3 v1.1.7 h1:GgRMhmdsuK8+ii6UZFDL8Nb+VyMwadAgcJyfYHxG6n0=
+lukechampine.com/blake3 v1.1.7/go.mod h1:tkKEOtDkNtklkXtLNEOGNq5tcV90tJiA1vAA12R78LA=
diff --git a/fixtures/ipns_records/generator/main.go b/fixtures/ipns_records/generator/main.go
new file mode 100644
index 000000000..df19fffd1
--- /dev/null
+++ b/fixtures/ipns_records/generator/main.go
@@ -0,0 +1,207 @@
+package main
+
+import (
+	"fmt"
+	"os"
+	"time"
+
+	"github.com/ipfs/boxo/ipns"
+	ipns_pb "github.com/ipfs/boxo/ipns/pb"
+	"github.com/ipfs/boxo/path"
+	"github.com/ipfs/boxo/util"
+	"github.com/ipfs/go-cid"
+	ic "github.com/libp2p/go-libp2p/core/crypto"
+	"github.com/libp2p/go-libp2p/core/peer"
+	"google.golang.org/protobuf/proto"
+)
+
+func makeRawPath(str string) path.Path {
+	prefix := cid.Prefix{
+		Version: 1,
+		Codec:   0x55,
+	}
+
+	cid, err := prefix.Sum([]byte(str))
+	panicOnErr(err)
+
+	return path.FromCid(cid)
+}
+
+var (
+	seq = uint64(0)
+	eol = time.Now().Add(time.Hour * 876000) // 100 years
+	ttl = time.Minute * 30
+)
+
+func panicOnErr(err error) {
+	if err != nil {
+		panic(err)
+	}
+}
+
+func makeKeyPair() (ic.PrivKey, ic.PubKey, ipns.Name) {
+	sr := util.NewTimeSeededRand()
+	sk, pk, err := ic.GenerateKeyPairWithReader(ic.Ed25519, 0, sr)
+	panicOnErr(err)
+
+	pid, err := peer.IDFromPublicKey(pk)
+	panicOnErr(err)
+
+	return sk, pk, ipns.NameFromPeer(pid)
+}
+
+func saveToFile(data []byte, filename string, value path.Path) {
+	err := os.WriteFile(filename, data, 0666)
+	panicOnErr(err)
+	fmt.Printf("%s -> %s\n", filename, value.String())
+}
+
+func makeV1Only() {
+	sk, _, name := makeKeyPair()
+
+	v := makeRawPath("v1-only record")
+
+	// Create working record
+	rec, err := ipns.NewRecord(sk, v, seq, eol, ttl, ipns.WithV1Compatibility(true))
+	panicOnErr(err)
+
+	// Marshal
+	raw, err := ipns.MarshalRecord(rec)
+	panicOnErr(err)
+
+	// Unmarshal into raw structure
+	pb := ipns_pb.IpnsRecord{}
+	err = proto.Unmarshal(raw, &pb)
+	panicOnErr(err)
+
+	// Make it V1-only
+	pb.Data = nil
+	pb.SignatureV2 = nil
+
+	// Marshal again and store it
+	raw, err = proto.Marshal(&pb)
+	panicOnErr(err)
+
+	saveToFile(raw, name.String()+"_v1.ipns-record", v)
+}
+
+func makeV1V2() {
+	sk, _, name := makeKeyPair()
+
+	v := makeRawPath("v1+v2 record")
+
+	rec, err := ipns.NewRecord(sk, v, seq, eol, ttl, ipns.WithV1Compatibility(true))
+	panicOnErr(err)
+
+	raw, err := ipns.MarshalRecord(rec)
+	panicOnErr(err)
+
+	saveToFile(raw, name.String()+"_v1-v2.ipns-record", v)
+}
+
+func makeV1V2WithBrokenValue() {
+	sk, _, name := makeKeyPair()
+
+	v := makeRawPath("v1+v2 record with broken value")
+
+	// Create working record
+	rec, err := ipns.NewRecord(sk, v, seq, eol, ttl, ipns.WithV1Compatibility(true))
+	panicOnErr(err)
+
+	// Marshal
+	raw, err := ipns.MarshalRecord(rec)
+	panicOnErr(err)
+
+	// Unmarshal into raw structure
+	pb := ipns_pb.IpnsRecord{}
+	err = proto.Unmarshal(raw, &pb)
+	panicOnErr(err)
+
+	// Make Value different
+	pb.Value = []byte("/ipfs/bafkqaglumvzxi2lom4qgeyleebuxa3ttebzgky3pojshgcq")
+
+	// Marshal again and store it
+	raw, err = proto.Marshal(&pb)
+	panicOnErr(err)
+
+	saveToFile(raw, name.String()+"_v1-v2-broken-v1-value.ipns-record", v)
+}
+
+func makeV1V2WithBrokenSignatureV1() {
+	sk, _, name := makeKeyPair()
+
+	v := makeRawPath("v1+v2 with broken signature v1")
+
+	// Create working record
+	rec, err := ipns.NewRecord(sk, v, seq, eol, ttl, ipns.WithV1Compatibility(true))
+	panicOnErr(err)
+
+	// Marshal
+	raw, err := ipns.MarshalRecord(rec)
+	panicOnErr(err)
+
+	// Unmarshal into raw structure
+	pb := ipns_pb.IpnsRecord{}
+	err = proto.Unmarshal(raw, &pb)
+	panicOnErr(err)
+
+	// Break Signature V1
+	pb.SignatureV1 = []byte("invalid stuff")
+
+	// Marshal again and store it
+	raw, err = proto.Marshal(&pb)
+	panicOnErr(err)
+
+	saveToFile(raw, name.String()+"_v1-v2-broken-signature-v1.ipns-record", v)
+}
+
+func makeV1V2WithBrokenSignatureV2() {
+	sk, _, name := makeKeyPair()
+
+	v := makeRawPath("v1+v2 with broken signature v2")
+
+	// Create working record
+	rec, err := ipns.NewRecord(sk, v, seq, eol, ttl, ipns.WithV1Compatibility(true))
+	panicOnErr(err)
+
+	// Marshal
+	raw, err := ipns.MarshalRecord(rec)
+	panicOnErr(err)
+
+	// Unmarshal into raw structure
+	pb := ipns_pb.IpnsRecord{}
+	err = proto.Unmarshal(raw, &pb)
+	panicOnErr(err)
+
+	// Break Signature V2
+	pb.SignatureV2 = []byte("invalid stuff")
+
+	// Marshal again and store it
+	raw, err = proto.Marshal(&pb)
+	panicOnErr(err)
+
+	saveToFile(raw, name.String()+"_v1-v2-broken-signature-v2.ipns-record", v)
+}
+
+func makeV2Only() {
+	sk, _, name := makeKeyPair()
+
+	v := makeRawPath("v2-only record")
+
+	rec, err := ipns.NewRecord(sk, v, seq, eol, ttl, ipns.WithV1Compatibility(false))
+	panicOnErr(err)
+
+	raw, err := ipns.MarshalRecord(rec)
+	panicOnErr(err)
+
+	saveToFile(raw, name.String()+"_v2.ipns-record", v)
+}
+
+func main() {
+	makeV1Only()
+	makeV1V2()
+	makeV1V2WithBrokenValue()
+	makeV1V2WithBrokenSignatureV1()
+	makeV1V2WithBrokenSignatureV2()
+	makeV2Only()
+}
diff --git a/fixtures/ipns_records/k51qzi5uqu5dh71qgwangrt6r0nd4094i88nsady6qgd1dhjcyfsaqmpp143ab.ipns-record b/fixtures/ipns_records/k51qzi5uqu5dh71qgwangrt6r0nd4094i88nsady6qgd1dhjcyfsaqmpp143ab.ipns-record
deleted file mode 100644
index ec13ec550..000000000
Binary files a/fixtures/ipns_records/k51qzi5uqu5dh71qgwangrt6r0nd4094i88nsady6qgd1dhjcyfsaqmpp143ab.ipns-record and /dev/null differ
diff --git a/fixtures/ipns_records/k51qzi5uqu5diamp7qnnvs1p1gzmku3eijkeijs3418j23j077zrkok63xdm8c_v1-v2-broken-signature-v2.ipns-record b/fixtures/ipns_records/k51qzi5uqu5diamp7qnnvs1p1gzmku3eijkeijs3418j23j077zrkok63xdm8c_v1-v2-broken-signature-v2.ipns-record
new file mode 100644
index 000000000..0f278c868
Binary files /dev/null and b/fixtures/ipns_records/k51qzi5uqu5diamp7qnnvs1p1gzmku3eijkeijs3418j23j077zrkok63xdm8c_v1-v2-broken-signature-v2.ipns-record differ
diff --git a/fixtures/ipns_records/k51qzi5uqu5dilgf7gorsh9vcqqq4myo6jd4zmqkuy9pxyxi5fua3uf7axph4y_v1-v2-broken-signature-v1.ipns-record b/fixtures/ipns_records/k51qzi5uqu5dilgf7gorsh9vcqqq4myo6jd4zmqkuy9pxyxi5fua3uf7axph4y_v1-v2-broken-signature-v1.ipns-record
new file mode 100644
index 000000000..cb914e989
Binary files /dev/null and b/fixtures/ipns_records/k51qzi5uqu5dilgf7gorsh9vcqqq4myo6jd4zmqkuy9pxyxi5fua3uf7axph4y_v1-v2-broken-signature-v1.ipns-record differ
diff --git a/fixtures/ipns_records/k51qzi5uqu5dit2ku9mutlfgwyz8u730on38kd10m97m36bjt66my99hb6103f_v2.ipns-record b/fixtures/ipns_records/k51qzi5uqu5dit2ku9mutlfgwyz8u730on38kd10m97m36bjt66my99hb6103f_v2.ipns-record
new file mode 100644
index 000000000..ddce7382d
Binary files /dev/null and b/fixtures/ipns_records/k51qzi5uqu5dit2ku9mutlfgwyz8u730on38kd10m97m36bjt66my99hb6103f_v2.ipns-record differ
diff --git a/fixtures/ipns_records/k51qzi5uqu5dlkw8pxuw9qmqayfdeh4kfebhmreauqdc6a7c3y7d5i9fi8mk9w_v1-v2.ipns-record b/fixtures/ipns_records/k51qzi5uqu5dlkw8pxuw9qmqayfdeh4kfebhmreauqdc6a7c3y7d5i9fi8mk9w_v1-v2.ipns-record
new file mode 100644
index 000000000..6f44adc62
Binary files /dev/null and b/fixtures/ipns_records/k51qzi5uqu5dlkw8pxuw9qmqayfdeh4kfebhmreauqdc6a7c3y7d5i9fi8mk9w_v1-v2.ipns-record differ
diff --git a/fixtures/ipns_records/k51qzi5uqu5dlmit2tuwdvnx4sbnyqgmvbxftl0eo3f33wwtb9gr7yozae9kpw_v1-v2-broken-v1-value.ipns-record b/fixtures/ipns_records/k51qzi5uqu5dlmit2tuwdvnx4sbnyqgmvbxftl0eo3f33wwtb9gr7yozae9kpw_v1-v2-broken-v1-value.ipns-record
new file mode 100644
index 000000000..9b4953e94
Binary files /dev/null and b/fixtures/ipns_records/k51qzi5uqu5dlmit2tuwdvnx4sbnyqgmvbxftl0eo3f33wwtb9gr7yozae9kpw_v1-v2-broken-v1-value.ipns-record differ
diff --git a/fixtures/ipns_records/k51qzi5uqu5dm4tm0wt8srkg9h9suud4wuiwjimndrkydqm81cqtlb5ak6p7ku_v1.ipns-record b/fixtures/ipns_records/k51qzi5uqu5dm4tm0wt8srkg9h9suud4wuiwjimndrkydqm81cqtlb5ak6p7ku_v1.ipns-record
new file mode 100644
index 000000000..c6e2a0f5c
Binary files /dev/null and b/fixtures/ipns_records/k51qzi5uqu5dm4tm0wt8srkg9h9suud4wuiwjimndrkydqm81cqtlb5ak6p7ku_v1.ipns-record differ
diff --git a/tests/path_gateway_ipns_test.go b/tests/path_gateway_ipns_test.go
index 010517ea8..f94fbb8d6 100644
--- a/tests/path_gateway_ipns_test.go
+++ b/tests/path_gateway_ipns_test.go
@@ -1,19 +1,144 @@
 package tests
 
 import (
+	"strings"
 	"testing"
 
 	"github.com/ipfs/gateway-conformance/tooling"
+	. "github.com/ipfs/gateway-conformance/tooling/ipns"
 	"github.com/ipfs/gateway-conformance/tooling/specs"
 	. "github.com/ipfs/gateway-conformance/tooling/test"
+	"github.com/ipfs/go-cid"
+	"github.com/multiformats/go-multihash"
 )
 
+var (
+	// See fixtures/ipns_records/README.md for information. These are invalid records, so we cannot load them with MustOpenIPNSRecordWithKey
+	ipnsV1                = "k51qzi5uqu5dm4tm0wt8srkg9h9suud4wuiwjimndrkydqm81cqtlb5ak6p7ku"
+	ipnsV1V2BrokenValueV1 = "k51qzi5uqu5dlmit2tuwdvnx4sbnyqgmvbxftl0eo3f33wwtb9gr7yozae9kpw"
+	ipnsV1V2BrokenSigV2   = "k51qzi5uqu5diamp7qnnvs1p1gzmku3eijkeijs3418j23j077zrkok63xdm8c"
+
+	ipnsV1V2BrokenSigV1     = MustOpenIPNSRecordWithKey("ipns_records/k51qzi5uqu5dilgf7gorsh9vcqqq4myo6jd4zmqkuy9pxyxi5fua3uf7axph4y_v1-v2-broken-signature-v1.ipns-record")
+	bodyIPNSV1V2BrokenSigV1 = mustBytesFromRawCID(strings.TrimPrefix(ipnsV1V2BrokenSigV1.Value(), "/ipfs/"))
+
+	ipnsV1V2     = MustOpenIPNSRecordWithKey("ipns_records/k51qzi5uqu5dlkw8pxuw9qmqayfdeh4kfebhmreauqdc6a7c3y7d5i9fi8mk9w_v1-v2.ipns-record")
+	bodyIPNSV1V2 = mustBytesFromRawCID(strings.TrimPrefix(ipnsV1V2.Value(), "/ipfs/"))
+
+	ipnsV2     = MustOpenIPNSRecordWithKey("ipns_records/k51qzi5uqu5dit2ku9mutlfgwyz8u730on38kd10m97m36bjt66my99hb6103f_v2.ipns-record")
+	bodyIPNSV2 = mustBytesFromRawCID(strings.TrimPrefix(ipnsV2.Value(), "/ipfs/"))
+)
+
+func mustBytesFromRawCID(c string) []byte {
+	mh, err := multihash.Decode(cid.MustParse(c).Hash())
+	if err != nil {
+		panic(err)
+	}
+	return mh.Digest
+}
+
+func TestGatewayIPNSPath(t *testing.T) {
+	tests := SugarTests{
+		{
+			Name: "GET for /ipns/name with V1-only signature MUST fail with 5XX",
+			Hint: `
+			Legacy V1 IPNS records are considered insecure. A gateway should
+			never return data when IPNS Record is missing V2 signature, EVEN
+			when V1 signature matches the payload.
+			More details in IPIP-428.
+			`,
+			Request: Request().
+				Path("/ipns/{{name}}", ipnsV1),
+			Response: Expect().
+				StatusBetween(500, 599),
+		},
+		{
+			Name: "GET for /ipns/name with valid V1+V2 signatures with V1-vs-V2 value mismatch MUST fail with 5XX",
+			Hint: `
+			Legacy V1 signatures in IPNS records are considered insecure and
+			got replaced with V2 that sings entire CBOR in the data field.
+			Producing records with both V1 and V2 signatures is valid for
+			backward-compatibility, but validation logic requires V1 (legacy
+			protobuf fields) and V2 (CBOR in data field) to match. This means
+			that even when both signatures are valid, if V1 and V2 values do
+			not match, the IPNS record should not be considered valid, as it
+			could allow signature reuse attacks against V1 users.
+			More details in IPIP-428.
+			`,
+			Request: Request().
+				Path("/ipns/{{name}}", ipnsV1V2BrokenValueV1),
+			Response: Expect().
+				StatusBetween(500, 599),
+		},
+		{
+			Name: "GET for /ipns/name with valid V2 and broken V1 signature succeeds",
+			Hint: `
+			Legacy V1 signatures in IPNS records are considered insecure and
+			got replaced with V2 that sings entire CBOR in the data field.
+			Integrity of the record is protected by SignatureV2, V1 can be
+			ignored as long V1 values match V2 ones in CBOR.
+			More details in IPIP-428.
+			`,
+			Request: Request().
+				Path("/ipns/{{name}}", ipnsV1V2BrokenSigV1.Key()),
+			Response: Expect().
+				Status(200).
+				Body(bodyIPNSV1V2BrokenSigV1),
+		},
+		{
+			Name: "GET for /ipns/name with valid V1+V2 signatures succeeds",
+			Hint: `
+			Records with legacy V1 signatures should not impact V2 verification.
+			The payload should match the content path from IPNS Record's Value field.
+			More details in IPIP-428.
+			`,
+			Request: Request().
+				Path("/ipns/{{name}}", ipnsV1V2.Key()),
+			Response: Expect().
+				Body(bodyIPNSV1V2),
+		},
+		{
+			Name: "GET for /ipns/name with valid V2-only signature succeeds",
+			Hint: `
+			Legacy V1 signatures in IPNS records are considered insecure and
+			got replaced with V2 that sings entire CBOR in the data field.
+			Gateway MUST correctly resolve IPNS records without V1 fields.
+			More details in IPIP-428.
+			`,
+			Request: Request().
+				Path("/ipns/{{name}}", ipnsV2.Key()),
+			Response: Expect().
+				Body(bodyIPNSV2),
+		},
+		{
+			Name: "GET for /ipns/name with valid V1 and broken V2 signature MUST fail with 5XX",
+			Hint: `
+			Legacy V1 IPNS records are considered insecure. A gateway should
+			never return data when IPNS Record is missing a valid V2 signature,
+			EVEN when V1 signature is valid.
+			More details in IPIP-428.
+			`,
+			Request: Request().
+				Path("/ipns/{{name}}", ipnsV1V2BrokenSigV2),
+			Response: Expect().
+				StatusBetween(500, 599),
+		},
+	}
+
+	RunWithSpecs(t, tests, specs.PathGatewayIPNS)
+}
+
 func TestRedirectCanonicalIPNS(t *testing.T) {
 	tooling.LogTestGroup(t, GroupIPNS)
 
 	tests := SugarTests{
 		{
 			Name: "GET for /ipns/{b58-multihash-of-ed25519-key} redirects to /ipns/{cidv1-libp2p-key-base36}",
+			Hint: `
+			CIDv1 in case-insensitive encoding ensures it works in contexts
+			such as authority component of URL. Base36 ensures ED25519
+			libp2p-key fits in a single DNS label, making the IPNS name
+			compatible with subdomain gateways.
+			`,
 			Request: Request().
 				Path("/ipns/12D3KooWRBy97UB99e3J6hiPesre1MZeuNQvfan4gBziswrRJsNK/root2/"),
 			Response: Expect().
@@ -24,6 +149,10 @@ func TestRedirectCanonicalIPNS(t *testing.T) {
 		},
 		{
 			Name: "GET for /ipns/{cidv0-like-b58-multihash-of-rsa-key} redirects to /ipns/{cidv1-libp2p-key-base36}",
+			Hint: `
+			CIDv1 in case-insensitive encoding ensures it works in contexts
+			such as authority component of URL.
+			`,
 			Request: Request().
 				Path("/ipns/QmcJM7PRfkSbcM5cf1QugM5R37TLRKyJGgBEhXjLTB8uA2/root2/"),
 			Response: Expect().
diff --git a/tests/trustless_gateway_ipns_test.go b/tests/trustless_gateway_ipns_test.go
index 5f0867b58..2ea2a4830 100644
--- a/tests/trustless_gateway_ipns_test.go
+++ b/tests/trustless_gateway_ipns_test.go
@@ -4,7 +4,6 @@ import (
 	"testing"
 
 	"github.com/ipfs/gateway-conformance/tooling"
-	"github.com/ipfs/gateway-conformance/tooling/car"
 	. "github.com/ipfs/gateway-conformance/tooling/ipns"
 	"github.com/ipfs/gateway-conformance/tooling/specs"
 	. "github.com/ipfs/gateway-conformance/tooling/test"
@@ -13,59 +12,79 @@ import (
 func TestGatewayIPNSRecord(t *testing.T) {
 	tooling.LogTestGroup(t, GroupIPNS)
 
-	fixture := car.MustOpenUnixfsCar("ipns_records/fixtures.car")
-	file := fixture.MustGetRoot()
-	fileCID := file.Cid()
-
-	ipns := MustOpenIPNSRecordWithKey("ipns_records/k51qzi5uqu5dh71qgwangrt6r0nd4094i88nsady6qgd1dhjcyfsaqmpp143ab.ipns-record")
-	ipnsName := ipns.Key()
-
 	tests := SugarTests{
 		{
-			Name: "GET an IPNS path from the gateway",
+			Name: "GET IPNS Record (V1+V2) with format=ipns-record has expected HTTP headers and valid key",
 			Request: Request().
-				Path("/ipns/{{name}}", ipnsName),
+				Path("/ipns/{{name}}", ipnsV1V2.Key()).
+				Query("format", "ipns-record"),
 			Response: Expect().
-				Body(file.RawData()),
+				Headers(
+					Header("Content-Disposition").Contains("attachment;"),
+					Header("Content-Type").Contains("application/vnd.ipfs.ipns-record"),
+					Header("Cache-Control").Contains("public, max-age=1800"),
+				).
+				Body(
+					IsIPNSRecord(ipnsV1V2.Key()).
+						IsValid().
+						PointsTo(ipnsV1V2.Value()),
+				),
 		},
 		{
-			Name: "GET IPNS Record with format=ipns-record has expected HTTP headers and valid key",
+			Name: "GET IPNS Record (V2) with format=ipns-record has expected HTTP headers and valid key",
 			Request: Request().
-				Path("/ipns/{{name}}", ipnsName).
+				Path("/ipns/{{name}}", ipnsV2.Key()).
 				Query("format", "ipns-record"),
 			Response: Expect().
 				Headers(
 					Header("Content-Disposition").Contains("attachment;"),
 					Header("Content-Type").Contains("application/vnd.ipfs.ipns-record"),
-					Header("Cache-Control").Contains("public, max-age=3155760000"),
+					Header("Cache-Control").Contains("public, max-age=1800"),
+				).
+				Body(
+					IsIPNSRecord(ipnsV2.Key()).
+						IsValid().
+						PointsTo(ipnsV2.Value()),
+				),
+		},
+		{
+			Name: "GET IPNS Record (V1+V2) with 'Accept: application/vnd.ipfs.ipns-record' has expected HTTP headers and valid key",
+			Request: Request().
+				Path("/ipns/{{name}}", ipnsV1V2.Key()).
+				Header("Accept", "application/vnd.ipfs.ipns-record"),
+			Response: Expect().
+				Headers(
+					Header("Content-Disposition").Contains("attachment;"),
+					Header("Content-Type").Contains("application/vnd.ipfs.ipns-record"),
+					Header("Cache-Control").Contains("public, max-age=1800"),
 				).
 				Body(
-					IsIPNSRecord(ipnsName).
+					IsIPNSRecord(ipnsV1V2.Key()).
 						IsValid().
-						PointsTo("/ipfs/{{cid}}", fileCID.String()),
+						PointsTo(ipnsV1V2.Value()),
 				),
 		},
 		{
-			Name: "GET IPNS Record with 'Accept: application/vnd.ipfs.ipns-record' has expected HTTP headers and valid key",
+			Name: "GET IPNS Record (V2) with 'Accept: application/vnd.ipfs.ipns-record' has expected HTTP headers and valid key",
 			Request: Request().
-				Path("/ipns/{{name}}", ipnsName).
+				Path("/ipns/{{name}}", ipnsV2.Key()).
 				Header("Accept", "application/vnd.ipfs.ipns-record"),
 			Response: Expect().
 				Headers(
 					Header("Content-Disposition").Contains("attachment;"),
 					Header("Content-Type").Contains("application/vnd.ipfs.ipns-record"),
-					Header("Cache-Control").Contains("public, max-age=3155760000"),
+					Header("Cache-Control").Contains("public, max-age=1800"),
 				).
 				Body(
-					IsIPNSRecord(ipnsName).
+					IsIPNSRecord(ipnsV2.Key()).
 						IsValid().
-						PointsTo("/ipfs/{{cid}}", fileCID.String()),
+						PointsTo(ipnsV2.Value()),
 				),
 		},
 		{
 			Name: "GET IPNS Record with explicit ?filename= succeeds with modified Content-Disposition header",
 			Request: Request().
-				Path("/ipns/{{name}}", ipnsName).
+				Path("/ipns/{{name}}", ipnsV1V2.Key()).
 				Query("format", "ipns-record").
 				Query("filename", "testтест.ipns-record"),
 			Response: Expect().
diff --git a/tooling/test/sugar.go b/tooling/test/sugar.go
index 3527738d5..81dc0bb63 100644
--- a/tooling/test/sugar.go
+++ b/tooling/test/sugar.go
@@ -134,10 +134,12 @@ func (r RequestBuilder) Clone() RequestBuilder {
 }
 
 type ExpectBuilder struct {
-	StatusCode_ int             `json:"statusCode,omitempty"`
-	Headers_    []HeaderBuilder `json:"headers,omitempty"`
-	Body_       interface{}     `json:"body,omitempty"`
-	Specs_      []string        `json:"specs,omitempty"`
+	StatusCode_     int             `json:"statusCode,omitempty"`
+	StatusCodeFrom_ int             `json:"statusCodeFrom,omitempty"`
+	StatusCodeTo_   int             `json:"statusCodeTo,omitempty"`
+	Headers_        []HeaderBuilder `json:"headers,omitempty"`
+	Body_           interface{}     `json:"body,omitempty"`
+	Specs_          []string        `json:"specs,omitempty"`
 }
 
 func Expect() ExpectBuilder {
@@ -153,6 +155,12 @@ func (e ExpectBuilder) Status(statusCode int) ExpectBuilder {
 	return e
 }
 
+func (e ExpectBuilder) StatusBetween(from, to int) ExpectBuilder {
+	e.StatusCodeFrom_ = from
+	e.StatusCodeTo_ = to
+	return e
+}
+
 func (e ExpectBuilder) Header(h HeaderBuilder) ExpectBuilder {
 	e.Headers_ = append(e.Headers_, h)
 	return e
diff --git a/tooling/test/validate.go b/tooling/test/validate.go
index 15bc77f57..7a71531bc 100644
--- a/tooling/test/validate.go
+++ b/tooling/test/validate.go
@@ -25,6 +25,12 @@ func validateResponse(
 				localReport(t, "Status code is not %d. It is %d", expected.StatusCode_, res.StatusCode)
 			}
 		})
+	} else if expected.StatusCodeFrom_ != 0 && expected.StatusCodeTo_ != 0 {
+		t.Run("Status code", func(t *testing.T) {
+			if res.StatusCode < expected.StatusCodeFrom_ || res.StatusCode > expected.StatusCodeTo_ {
+				localReport(t, "Status code is not between %d and %d. It is %d", expected.StatusCodeFrom_, expected.StatusCodeTo_, res.StatusCode)
+			}
+		})
 	}
 
 	for _, header := range expected.Headers_ {