Why F5 don't show the expired certificate in ca-bundle

tmsh run sys crypto check-cert --Only checks the FIPS module. Your CA bundle is not "saved" on your FIPS module. Therefore, you have to use the GUI to check the bundle, by clicking on it and reviewing what it contains.; also since it is not an individual cert, the GUI will not show which Certs in the bundle are expired, since a bundle is a layered cert list.