It sounds like you may have read some old threads and gotten an incorrect impression. Let's Encrypt now treats CAA SERVFAIL as preventing issuance on both production and staging, and have since September 7: CAA SERVFAIL changes. We did our best to reach out in advance of that change; did you receive any notification emails from us? Do you have email addresses set on your account?
Using the config from unboundtest.com as a pre-check on your infrastructure is a good idea; there's also helpful information at Certificate Authority Authorization (CAA) - Let's Encrypt.
It's also worth noting that CAA is checked at validation time, so if you have a recent validation for a given domain, you can be pretty confident that that domain's CAA works.