The prerequisite before introducing the first 2016 domain controller: domain functional level needs to be 2003 or higher
I'd use dcdiag / repadmin tools to verify health correcting all errors found
before starting any
operations. Then stand up the new 2016, patch it fully, license it, join existing domain, add active directory domain services, promote it also making it a GC (recommended), transfer FSMO roles over (optional), transfer pdc emulator role (optional), use dcdiag / repadmin tools to again verify health, when all is good you can decommission / demote old one and move on to next one. I'd probably start with the child domain though it really shouldn't matter
Also at some point after I'd recommend migrating sysvol replication from older FRS technology to DFSR
https://techcommunity.microsoft.com/t5/Storage-at-Microsoft/Streamlined-Migration-of-FRS-to-DFSR-SYSVOL/ba-p/425405
I'd suggest asking the exchange and CA migration questions from subject matter experts here
https://video2.skills-academy.com/en-us/answers/topics/office-exchange-server-deployment.html
https://video2.skills-academy.com/en-us/answers/topics/windows-server-security.html
--please don't forget to Accept as answer if the reply is helpful--