Hi erealoews,
You can use for this purpose a separate product PGP Command line
PGP Command Line 10.3.2 Release Notes
http://www.symantec.com/docs/DOC7057
PGP Command Line 10.3.2 User's Guide
http://www.symantec.com/docs/DOC7066
Command like pgp -list-key-details <username>
For example:
Lists all of the keys on your keyrings using the format:
Key Details: Alice Cameron <acameron@example.com>
Key ID: 0xB2726BDF (0xAAEB5E06B2726BDF)
Type: RSA (v4) key
Size: 2048
Validity: Complete
Trust: Implicit (Axiomatic)
Created: 2003-04-22
Expires: Never
You could then right a script to extract all keys with expiry date or about to expiry
Another method would be to run a seperate script on SEMS server (PSQL script) to search and provide expiry date for the keys from the server/databse
HTH