Redo the config again like this (Remove IPv6 addresses if you don’t have IPv6 connectivity):
/ip dns
set allow-remote-requests=yes max-concurrent-queries=80 query-server-timeout=100ms query-total-timeout=5s servers=\
1.1.1.1,8.8.8.8,2001:4860:4860::8888,2606:4700:4700::1111\
use-doh-server=https://cloudflare-dns.com/dns-query verify-doh-cert=yes
/ip dns static
add address=104.16.248.249 name=cloudflare-dns.com type=A
add address=104.16.249.249 name=cloudflare-dns.com type=A
add address=2606:4700:4700::1001 name=ipv6a.cloudflare-dns.com type=AAAA
add address=2606:4700:4700::1111 name=ipv6b.cloudflare-dns.com type=AAAA
Cloudflare refuses concurrent-queries greater than 80 or so for unknown reasons: http://forum.mikrotik.com/t/doh-max-concurrent-queries-reached/141097/1
Manually download the latest CA file and import it: https://curl.haxx.se/docs/caextract.html
Don’t forget to delete all existing certs and CRLs. I don’t know why, but manual import fixed connection issues for me.
And finally, flush the DNC cache in the router and your client devices. Or just reboot everything and they’ll be cleared anyway.