If you have an encrypted OPNsense configuration file then you can use the following to decrypt it. Note no password has been defined, add yours as required:
cat config.xml.aes | grep -Ev 'config.xml|:' | base64 -d | openssl enc -d -aes-256-cbc -out config.xml -pass pass: -salt -md sha512 -pbkdf2 -iter 100000