Push notification is not arriving at my app, even though the server responds with 200/OK

I want to enable push notifications in my iOS app. I followed the resp. walkthrough as closely as possible.

To test things, I tried the command line approach first like described here: https://developer.apple.com/documentation/usernotifications/sending_push_notifications_using_command-line_tools

The APNS server responds with 200/OK, but no notification will ever arrive at my device.

I definitely assume my request is correct; if I tamper with the device token (e.g. by altering its last digit), the server responds with 400/BadDeviceToken like one would expect.

This is what I get from the APNS server:

curl -v --header "apns-topic: $TOPIC" --header "apns-push-type: alert" --header "authorization: bearer $AUTHENTICATION_TOKEN" --data '{"aps":{"alert":"test"}}' --http2 https://${APNS_HOST_NAME}/3/device/${DEVICE_TOKEN}
*  Trying 17.188.138.73...
* TCP_NODELAY set
* Connected to api.sandbox.push.apple.com (17.188.138.73) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*  CAfile: /etc/ssl/cert.pem
 CApath: none
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Request CERT (13):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Certificate (11):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* ALPN, server accepted to use h2
* Server certificate:
* subject: CN=api.development.push.apple.com; OU=management:idms.group.533599; O=Apple Inc.; ST=California; C=US
* start date: Feb 8 21:41:22 2021 GMT
* expire date: Mar 10 21:41:22 2022 GMT
* subjectAltName: host "api.sandbox.push.apple.com" matched cert's "api.sandbox.push.apple.com"
* issuer: CN=Apple Public Server RSA CA 12 - G1; O=Apple Inc.; ST=California; C=US
* SSL certificate verify ok.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0x7fe09f80f200)
> POST /3/device/49C52E009C0107AB0ACCF178703E32790B4F3F155E7897F1F4ABAA3B1D9170D8 HTTP/2
> Host: api.sandbox.push.apple.com
> User-Agent: curl/7.64.1
> Accept: */*
> apns-topic: de.nexoft.viveto
> apns-push-type: alert
> authorization: bearer eyAiYWxnIjogIkVTMjU2IiwgImtpZCI6ICJaTTNDR0hTVEQ5IiB9.eyAiaXNzIjogIjNaVzhDUVZEWUoiLCAiaWF0IjogMTYyOTI5NjI1NCB9.MEYCIQCXP7L0-v_wY8F_WGFuZ-phJomzyO-43k0b7Xl9dvosVwIhANErbCHYfnG5ccfKTl14BCEhyWbDzPZSSLkJrSaQhCSb
> Content-Length: 24
> Content-Type: application/x-www-form-urlencoded
> 
* Connection state changed (MAX_CONCURRENT_STREAMS == 1)!
* We are completely uploaded and fine
* Connection state changed (MAX_CONCURRENT_STREAMS == 1000)!
< HTTP/2 200 
< apns-id: 4C4AF738-9624-4643-8F76-18FFAD630C4F
< 
* Connection #0 to host api.sandbox.push.apple.com left intact
* Closing connection 0