The site unboundtest.com has some errors (timeouts) in its results: https://unboundtest.com/m/A/myproxy.ccs.ornl.gov/BN7BGJVH
However, the log messages are quite technical and as I’m not an unbound (the DNS resolver used by Let’s Encrypt by the way) expert, I don’t know how to interpret them.
A possible interesting thread I found: How to reproduce CAA SERVFAIL? Works for me, doesn't for LE staging or prod Seems to be a matter of 0x20 (capitalization) randomization not going correctly.