The test for FCS_RADIUS_EXT.1.3 tests communication between the test client and the test relying party, not the TOE.

The following note is added to FCS_RADIUS_EXT.1 Test 9 in MOD_AUTHSVR_V1.0-SD:

NOTE: This test, while not directly involving the TOE, is intended to confirm that the key provided by the TOE to the test client (via EAP-TLS negotiation) and to the test relying party (via RadSec or other encrypted messaging protocol) to enable communication between the client and relying party is valid. 

The TOE cannot expose this key directly to any other party, so this is the only way to test that the key produced by the TOE is valid.