yeah, I believe it is, why do I want to have some external tool to monitor vault related stuff.
Intermediate CA is configured in vault and certs and all related chain details are in the vault. So I think vault metrics should have at list expiry details of this path.
Anyway I contacted our Hashicorp Support team and so far nothing is available there from vault side to monitor this.
Hope Hashicorp will have this in pipeline and will see this metrix being exposed in near future.