Central AD controllers -- at the central site.
In branches - we put and we configure RODC.
About redundancy of separate Exchange for each branch - it agrees with the previous speaker.
And why "in branches different subnets" - through "but"? :-) This is exactly how it should be - each site should have its own IP subnet. And even not one, if the site is large.
It's also not clear what kind of problems you're having with hosting. What difference does it make on what the infrastructure is implemented on - on hardware, on your virtual machines or on virtual machines from a hosting provider?
Only the model you intend to use is wrong - you should not rent a physical server, but take resources from cloud providers. If your physical server sneezes, you'll have a lot of stuff. Well, yes, you will be restored from backups (perhaps it will even be restored). But time will be spent on it immeasurably, and all this time your network will be lying around. If you want to do it yourself, you need to:
- take at least two servers for backup
- provide fault-tolerant disk storage (disk storage - because you have two servers, and both will need access to a common storage. That is, it is either a storage system or distributed file system (but then you need more than 2 servers).
Therefore, there will be much more fuss with renting physical hardware than buying a small cloud from a service provider. Well, the most famous examples are Amazon, Azure, DigitalOcean. From domestic offhand - CROC, DataLine, SoftLine, Selectel, Science-Communication.

Putting your own Exch to each branch seems to me a big waste of the budget than to allocate a separate machine as a DC (AD, DHCP, DNS) to each branch and a simple gateway like MikroTik.
And so: each branch is a separate site. If you really want to - make subdomains (site1.contoso.com, site2.contoso.com, etc.)

Obvious problems are foreseen in the absence of the Internet in the branches . How to log in if the controller is not visible? How long will local resources respond if the channel is loaded?
If vpn is present, I would build a forest with physical or virtual slave controllers. Just transitive trust relationships do not provide for group policy inheritance.

For hosting, if there is money, I would recommend taking out one full-fledged node (ClientAccess + Mailbox) Exchange and at least one controller to make redundancy.
You can put RODCs in branches, or rather, you need to put them.
The scheme is like this.
1. Central office. DC01, DC02, Exchange Node.
2. Hosting. DC03 , Exchange Node.
3. Branches. RODC(1...n).
The colleague, would not recommend you to fence subdomains. Get everyone on the same domain. Create sites, and if network speed allows, do notify based replication between sites.
The simpler the circuit, the safer and clearer the system will be.