diff --git a/tests/test_updater.py b/tests/test_updater.py
index 04291b92..f26bd4ae 100755
--- a/tests/test_updater.py
+++ b/tests/test_updater.py
@@ -533,9 +533,23 @@ def test_2__import_delegations(self):
     self.repository_updater.metadata['current']['targets']\
       ['delegations']['keys'][existing_keyid]['keytype'] = 'ed25519'
 
-    # Verify that _import_delegations() raises an exception if it fails to add
-    # one of the roles loaded from parent role's 'delegations'.
+    # Verify that _import_delegations() raises an exception if one of the
+    # delegated keys is malformed.
+    valid_keyval = self.repository_updater.metadata['current']['targets']\
+      ['delegations']['keys'][existing_keyid]['keyval']
 
+    self.repository_updater.metadata['current']['targets']\
+      ['delegations']['keys'][existing_keyid]['keyval'] = 1
+    self.assertRaises(securesystemslib.exceptions.FormatError, self.repository_updater._import_delegations, 'targets')
+
+    self.repository_updater.metadata['current']['targets']\
+      ['delegations']['keys'][existing_keyid]['keyval'] = valid_keyval
+
+    # Verify that _import_delegations() raises an exception if one of the
+    # delegated roles is malformed.
+    self.repository_updater.metadata['current']['targets']\
+      ['delegations']['roles'][0]['name'] = 1
+    self.assertRaises(securesystemslib.exceptions.FormatError, self.repository_updater._import_delegations, 'targets')
 
 
 
diff --git a/tuf/client/updater.py b/tuf/client/updater.py
index 01bd4ac1..a331ff36 100755
--- a/tuf/client/updater.py
+++ b/tuf/client/updater.py
@@ -540,11 +540,11 @@ def _import_delegations(self, parent_role):
     # Iterate the keys of the delegated roles of 'parent_role' and load them.
     for keyid, keyinfo in six.iteritems(keys_info):
       if keyinfo['keytype'] in ['rsa', 'ed25519']:
-        key, keyids = securesystemslib.keys.format_metadata_to_key(keyinfo)
 
         # We specify the keyid to ensure that it's the correct keyid
         # for the key.
         try:
+          key, keyids = securesystemslib.keys.format_metadata_to_key(keyinfo)
           for keyid in keyids:
             key['keyid'] = keyid
             tuf.keydb.add_key(key, keyid=None, repository_name=self.repository_name)
@@ -574,7 +574,7 @@ def _import_delegations(self, parent_role):
         logger.warning('Role already exists: ' + rolename)
 
       except:
-        logger.exception('Failed to add delegated role: ' + rolename + '.')
+        logger.exception('Failed to add delegated role: ' + repr(rolename) + '.')
         raise