Split into certs and unencrypted keys:
openssl pkcs12 -in cert.p12 -nocerts -out cert.p12.enc_keys
openssl pkcs12 -in cert.p12 -clcerts -nokeys -out cert.p12.certs
openssl rsa -in cert.p12.enc_keys -out cert.p12.keys
Check expiry date:
# openssl x509 -enddate -noout -in key.pem