Most HSM uses PKCS11 standart. When you created AES key, if CKA_SENSITIVE is FALSE you could able to see value of the key with open source tools like pkcs11admin or with small script that is retrieving key value.