Once in a while it is necessary to have a look at the content of a binary rpm. However, this might not be enough: some packages come along with rather important and heavy pre/post-install scripts, and in security sensitive/productive systems it might be sensible to check these if you install 3rd party/external rpms.
In contrast to the binary extraction via cpio the scripts can be displayed with
rpm -qp --scripts my_package.rpm > ListOfScripts
Just in case you wonder why I only published short tips the last posts: I simply learn quite a lot these days in my new job, and it's hard to remember all th good tips and tricks. I need to write them down somewhere, and the best place to do so for me is my blog ;)