Re-signing paths

Is it possible to replace the signature on a store path with one generated by a local key?

In particular, I have a CI server building a repo, but I copied paths from my personal development machine so that it didn’t have to rebuild the build dependencies. The CI job runs nix sign-paths -k <ci-key> --all but the paths I uploaded remain signed with my personal key even after being copied to an S3 bucket. Is there a way to forcibly re-sign paths even if they were not built on the CI machine and were signed elsewhere?

I also bumped into this recently. There is an issue for this in the Nix repository as well:

Thanks. The posted workaround might be what I’m looking for.