You have good instincts! We're pretty sure that's where the error lies. Most of our queries can be clumped up so the round trips don't scale with the number of names on a certificate. However, the certificates per name rate limit queries do scale that way. Our current plan is to parallelize those queries. I'm working on that this week. Thanks for your offer of help! If we get hung up on other urgent work I may take you up on it, but for now assume we'll do it.
Generally speaking, the feature flags in test/config are what's in prod, while test/config-next is stuff that may be in prod soonish. Unfortunately AllowRenewalFirstRL is disabled because of some performance problems.