Hi, @SeintDev. This actually is not true with our service:
There should only be one A record for each domain/subdomain.
We always return two IP addresses for CDN nodes closest to the source IP address for the DNS lookup.
When I checked the SSL certificate for this site, the error message was for a previous renewal attempt. It is not a current error. It is the last error which occurred (if any) for troubleshooting purposes.
I tested a renewal and it was successful.
To summarize, the duplicate A records are both intentional and working correctly. The SSL certificate renewal also worked correctly the first time I tested.
Regarding delays in DNS changes those are controlled by the time to live (TTL) values of the previous (not the current) DNS records:
If there are other questions or concerns, please let us know.