Our software uses pieces of data generated using a Yubico HSM (hardware security module) and signed using EDCSA with a private key on the HSM. I want my C# code to be able to validate these signatures against the public part of the root certificate from the HSM. (The public key can be extracted from the HSM; the private key cannot.)