For SNMP4J you need the Cisco privacy AES256 protocol as follows:
SecurityProtocols.getInstance().addPrivacyProtocol(new PrivAES256With3DESKeyExtension());
Then use the privacy protocol OID below when you add the USM user for that protocol:
PrivAES256With3DESKeyExtension.ID
Background info: AES256 privacy protocol for SNMP is not an Internet Standard from the IETF. AES128 is a proposed standard, see https://datatracker.ietf.org/doc/rfc3826/.
Many years ago, there was a draft called “draft-blumenthal-aes-usm” which was not advanced to standard. The main reasons for that (AFAIK) had been, that to run AES192 and AES256 with SHA-1 and MD5 a so called key-extension is necessary. This key extension reduces the entropy of the key base and thus lowers the security of the privacy below the expected level for those two protocols.
Because there exists many implementations of this draft in the field, SNMP++ and SNMP4J implement those two non-standard AES privacy protocols too with the key extension defined/implied by the IETF draft mentioned before.
Cisco and other manufacturers decided to use the 3DES key extension algorithm which is incompatible with the Blumenthal draft. That’s why there is an additional set of AES privacy protocols.