maybe add a timer to the actual client that could output verbose or logged something like
ssl certificate issued in 10.3334 seconds
maybe log in on CA side too so ? maybe useful for diagnostics and troubleshooting ?
would also give you a precise answer to above question if you have long term data that suggests on average it took XX seconds to issue