Hi @bytecamp,
You’re observing the effect of the change we made recently to validate from multiple network perspectives.
I’m not sure exactly what you’re asking. That when a validation from a remote validation authority fails that its marked as being from a remote VA?
We are not likely to include any information about the source IP of the validation. We explicitly do not advertise the IP space we perform validations from because it may change at any point
At what level are you performing this block of AWS IP space? Since you’re specifically interested in HTTP-01 is it possible that you could make an exception for requests to the the /.well-known/acme-challenge path?