Any experience with ASM policy affecting response stream (with no vulnerability/attack signature noted)?

It depends on your ASM Policy. Several features in ASM depend on things like injecting JavaScript into responses which may potentially break the content from rendering in the browser (should not affect the tcpdump though).

Such features include Web Scraping, CSRF protection, device fingerprinting, Bot Defense / Client-Side Human User Indicator /CAPTCHA etc...

So instead of removing the ASM policy completely the recommendation is to switch off off the features and violations which may interfere with response first.

Also try your application with the most basic policy such as Rapid Deployment Template.

Also check Support Knowledge base, for example this article:

K11040: Certain HTTP profile Response Chunking settings interfere with BIG-IP ASM and BIG-IP WebAccelerator processing