If you are technically inclined, use GnuPG to validate the encryption of data in VSys.
GnuPG doesn't want to import a private key that's not signed, and the ones we generate in VSys are not signed since (a) that would require access - at the client level - to a key identity service, and (b) these keys are not used for validating the identity of the signer/encryptor. So to get it to import these keys, use the --allow-non-selfsigned-uid
option as below:
C:\Program Files (x86)\GnuPG\bin>gpg --allow-non-selfsigned-uid --import x:\temp\test0a0.asc
gpg: key 1CC65388BC60F48A: accepted non self-signed user ID "Bespoke Software, Inc."
gpg: key 1CC65388BC60F48A: public key "Bespoke Software, Inc." imported
gpg: key 1CC65388BC60F48A: secret key imported
gpg: Total number processed: 1
gpg: imported: 1
gpg: secret keys read: 1
gpg: secret keys imported: 1 <-- IMPORTANT! If this isn't present, the key was not actually imported even if it was "read"
From here you can use GnuPG to decrypt stored encrypted values in VSys.
Directly accessing or manipulating the encrypted data in VSys is not supported; assistance in validating VSys encryption or using these tools in any manner is not covered under your support agreement.