I think that multiple regions iss solved via fourth model.

As a general rule, Route 53 Resolver and Resolver endpoints are regional services. We don't recommend using endpoints x-region. Private Hosted Zones can be associated to VPCs in multiple regions. But if you need to do forwarding to/from on-premises in multiple regions, we'd suggest putting endpoints and rules in each region individually so that the regions operate independently.

We do it manually region wise

Negative nelly over here.

The most likely limit to reach in option 4 would be that of the outbound endpoint ENIs. Each ENI has a hard limit of ~10K QPS and you can have up to six per Endpoint. It's possible to scale beyond that if you need to. The ENIs provide Cloudwatch graphs which you can use to keep track. But the outbound endpoints are only used for queries which need to be forwarded to on-premises resolvers. If you're forwarding 10Ks of queries to on-premises, you also need resolvers on-premises capable of handling that load.

You would point your DNS resolver or forwarder in the spoke to the DNS server in the spoke with selective rules, provided that your server supports it

If spoke-A's account is publishing a DNS zone and spoke-B's VPC needs to resolve it, the most scalable and reliable methods are typically either to share a private hosted zone cross-account and associate it to spoke-B's VPC (option 4 in the video). Another very simple and reliable approach (if you can do it) is to use public DNS, so there's no special config in any VPC. After that, the second approach outlined in the video can work (associate the zone to the hub and forward queries to the hub), but, as noted in the video, while easier to manage, it is something of a compromise, introduces new limits and complexity into DNS resolution.

Hater