I went and looked in our server-side logs to try and determine what the ASUS ACME client was doing. You should definitely open a support ticket with ASUS, there is a bug with their ACME client.
I went back to the earliest requests for your domain in our logs. Here is some information you can share with them from the first failure:
At 2018-01-29T19:42:28 the ASUS ACME client POSTed new-authz for the identifier radon64.assuscomm.com, getting back a pending authorization object.
At 2018-01-29T19:42:29 the ASUS ACME client POSTed the HTTP-01 challenge of the pending authorization, asking Let’s Encrypt to validate the authorization.
At 2018-01-29T19:42:34 before the validation attempt was completed, the ASUS ACME client POSTed new-cert, sending a CSR for radon64.assuscomm.com. Since the authorization for this domain wasn’t valid, the "Error":"authorizations for these names not found or expired: radon64.asuscomm.com" result is returned to the client
At 2018-01-29T19:42:39 the validation attempt from our side fails with a timeout error: "Error":"connection :: Fetching http://radon64.asuscomm.com/.well-known/acme-challenge/<token>: Timeout"
Since then the same pattern has repeated a few times: creating a new authz, starting the HTTP-01 challenge, asking for a cert before the authorization is valid and failing, and then the HTTP-01 challenge timing out.
Most recently all further attempts have been getting back: :["429 :: rateLimited :: Error creating new authz :: too many failed authorizations recently: see https://letsencrypt.org/docs/rate-limits/"] because too many failures have occurred.
The fix for this problem will have to be provided on the ASUS side. They should not be trying to issue a certificate with new-cert until all required authorizations are valid.
I have been working with ASUS but have repeating issues thus far. Honestly maybe it’s me as in the instructions is the one liner, “Apply Signed Certificate.” Is there something I can do with shell access, Putty, and WinACP? Sorry for being a bit on the green side with this.
There are lots of tools to get a certificate, but there's no particular guarantee that they'll work with your device, especially if it doesn't allow you to either export a CSR or import a private key together with a certificate. @cpu's analysis of the interaction between the existing software on your device and the CA really seems to suggest a bug in that software—which in theory ASUS ought to be able to diagnose and fix.