Currently, Let's Encrypt uses US IP addresses for primary validation, and AWS instances for secondary validation located in regions in the US, Sweden, and Singapore.
That will change in the future, and may change without notice if required (eg, in the event of an AWS regional outage).