Hi @nonZero,
The right type for CAA record is TYPE257 instead of TYPE259, in this case you should use the switch -t
$ dig mydomain.com @ns1.my-isp.com -t TYPE257
Did you try the query using TCP instead of UDP?.
$ dig mydomain.com @ns1.my-isp.com -t TYPE257 +tcp
If it is ok you can read this post from @jsha DNS problem: query timed out looking up CAA (using Netregistry) - #12 by jsha
They are taking a look into this UDP/TCP issue but no more news since a few days ago.
If you can't also query the CAA record using TCP, I'm afraid you won't be able to issue a cert :(. If you can query using TCP there is some hope... but maybe not in a near future... who knows ;).
Good luck,
sahsanu