Any particular reason for doing it this way?
I’m thinking it would be simpler just setting up a second test account and importing the json there using the web vault.
There’s also BitwardenDecrypt, that’s supposed to work. I remember doing some tests a couple of weeks ago with password protected json exports that didn’t decrypt. I didn’t dig more into it, though.
But the restore on a second test account I think would be the real test, since is what you would need to do if you needed to use the backup.
I do regular backups from the CLI, I use unencrypted json exports that I pipe to gpg to encrypt them.