AWS multi account private DNS setup always fails with SERVFAIL reply

I (try to) follow this guide to setup DNS resolution through multiple AWS accounts using private Route53 zones.

I have done:

• setup central and participating account
• create inbound/outbound Resolver Endpoints in central account and assigned to the VPC there
• created a Route53 Resolver Rule to forward my domain to the Inbound Endpoint
• shared the Route53 Resolver Rule with the participating account (via RAM) and assigned it to its VPC
• associated Private HZ of participating account with VPC in central account

Result:
I always receive a SERVFAIL response from the DNS server but I have no idea why.

nslookup dev.home.internal 10.1.0.2
Server:     10.1.0.2
Address:    10.1.0.2#53

** server can't find dev.home.internal: SERVFAIL

I enabled CloudWatch logs for the central account and can even see my DNS queries come in

{
    "version": "1.000000",
    "account_id": "435949384399",
    "region": "eu-central-1",
    "vpc_id": "vpc-05c1c7bfc75241058",
    "query_timestamp": "2020-12-08T08:44:23Z",
    "query_name": "dev.home.internal.",
    "query_type": "A",
    "query_class": "IN",
    "rcode": "SERVFAIL",
    "answers": [],
    "srcaddr": "10.3.2.207",
    "srcport": "5359",
    "transport": "UDP",
    "srcids": {
        "resolver_endpoint": "rslvr-in-5ac14ee300d246f98",
        "resolver_network_interface": "rni-9f8a0a1be3494ff5a"
    }
}

srcaddr is the IP of my Outbound Endpoint and srcids.resolver_endpoint is my Inbound Endpoint.
On the first glance this looks fine to me but I’m just puzzled why the response is SERVFAIL instead NOERROR.

My DNS entry for dev.home.internal

dev.home.internal A Simple - No 1.1.1.1 60 - - -

Questions:

• Did I miss something (obvious)?
• Is there any way to find out why the server would respond with SERVFAIL?