Your command is correct, and gives you the encrypted private key in PKCS#8 format. If you need the unencrypted private key, just add the -nodes option:
openssl pkcs12 -in filename.pfx -nocerts -nodes -out key.pem
If you need the private key in old RSA format, you should convert the given key with the openssl pkcs8 command:
openssl pkcs8 -in key.pem -out rsakey.pem
See the documentation for details:
- https://www.openssl.org/docs/manmaster/man1/openssl-pkcs12.html
- https://www.openssl.org/docs/manmaster/man1/openssl-pkcs8.html