It is of course inconceivable that the NSA do not have the private keys for dozens of browser trusted certificate authorities
That nonetheless doesn't help them unless they are doing active MITM. In order to do that they'd have to have at least some physical presence at Cloudflare or on the path to Cloudflare.
My understanding is that they tapped communication nodes before. I would be surprised if they can't tap the pipes to cloudflare.
I mean, it is the CIA, but if you encrypt it before it leaves the box, and you're decent good with the key material, how are they going to get at it? Tapping the fiber then gets them encrypted flows, which isn't nothing, but, well, it would be surprising if they had access to the clear text.