@kagal/acme 0.1.0

package/dist/schema.d.ts

@@ -0,0 +1,1331 @@
+import * as v from 'valibot';
+import { A as ACMEProtectedHeader, a as ACMERequestHeader, b as Account, e as Authorization, B as Base64url, i as CertID, j as Challenge, n as DeactivateAccount, o as DeactivateAuthorization, p as Directory, q as DirectoryMeta, F as Finalize, s as FlattenedJWS, I as Identifier, J as JWK, w as JWSProtectedHeader, K as KeyChange, N as NewAccount, x as NewAuthz, y as NewOrder, z as Order, P as Problem, M as RenewalInfo, Q as RevokeCert, S as Subproblem } from './shared/acme.DkI8KXwO.js';
+
+/**
+ * {@link Account} schema.
+ *
+ * @remarks
+ * Uses `looseObject` — unknown fields pass through.
+ * `externalAccountBinding` is validated as a
+ * {@link FlattenedJWSSchema} (structural alias).
+ *
+ * @see {@link https://datatracker.ietf.org/doc/html/rfc8555#section-7.1.2}
+ */
+declare const AccountSchema: v.LooseObjectSchema<{
+    readonly status: v.PicklistSchema<readonly ["valid", "deactivated", "revoked"], undefined>;
+    readonly contact: v.OptionalSchema<v.ArraySchema<v.StringSchema<undefined>, undefined>, undefined>;
+    readonly termsOfServiceAgreed: v.OptionalSchema<v.BooleanSchema<undefined>, undefined>;
+    readonly externalAccountBinding: v.OptionalSchema<v.StrictObjectSchema<{
+        readonly protected: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.RegexAction<string, undefined>, v.CheckAction<string, "invalid base64url length">]>;
+        readonly payload: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.RegexAction<string, undefined>, v.CheckAction<string, "invalid base64url length">]>;
+        readonly signature: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.RegexAction<string, undefined>, v.CheckAction<string, "invalid base64url length">]>;
+    }, undefined>, undefined>;
+    readonly orders: v.StringSchema<undefined>;
+}, undefined>;
+
+/**
+ * {@link Authorization} schema — discriminated on
+ * `status`.
+ *
+ * @remarks
+ * Uses `looseObject` — unknown fields pass through.
+ * `expires` is required when status is `'valid'`.
+ *
+ * @see {@link https://datatracker.ietf.org/doc/html/rfc8555#section-7.1.4}
+ */
+declare const AuthorizationSchema: v.VariantSchema<"status", [v.LooseObjectSchema<{
+    readonly status: v.LiteralSchema<"pending", undefined>;
+    readonly expires: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+    readonly identifier: v.LooseObjectSchema<{
+        type: v.PicklistSchema<readonly ["dns", "ip"], undefined>;
+        value: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.MinLengthAction<string, 1, undefined>]>;
+    }, undefined>;
+    readonly challenges: v.ArraySchema<v.VariantSchema<"type", [v.LooseObjectSchema<{
+        readonly type: v.LiteralSchema<"dns-01", undefined>;
+        readonly url: v.StringSchema<undefined>;
+        readonly status: v.PicklistSchema<readonly ["pending", "processing", "valid", "invalid"], undefined>;
+        readonly validated: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly error: v.OptionalSchema<v.LooseObjectSchema<{
+            readonly type: v.StringSchema<undefined>;
+            readonly title: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+            readonly detail: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+            readonly status: v.OptionalSchema<v.SchemaWithPipe<readonly [v.NumberSchema<undefined>, v.IntegerAction<number, undefined>, v.MinValueAction<number, 100, undefined>, v.MaxValueAction<number, 599, undefined>]>, undefined>;
+            readonly instance: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+            readonly identifier: v.OptionalSchema<v.LooseObjectSchema<{
+                type: v.PicklistSchema<readonly ["dns", "ip"], undefined>;
+                value: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.MinLengthAction<string, 1, undefined>]>;
+            }, undefined>, undefined>;
+            readonly subproblems: v.OptionalSchema<v.ArraySchema<v.LooseObjectSchema<{
+                readonly type: v.StringSchema<undefined>;
+                readonly title: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+                readonly detail: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+                readonly status: v.OptionalSchema<v.SchemaWithPipe<readonly [v.NumberSchema<undefined>, v.IntegerAction<number, undefined>, v.MinValueAction<number, 100, undefined>, v.MaxValueAction<number, 599, undefined>]>, undefined>;
+                readonly instance: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+                readonly identifier: v.OptionalSchema<v.LooseObjectSchema<{
+                    type: v.PicklistSchema<readonly ["dns", "ip"], undefined>;
+                    value: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.MinLengthAction<string, 1, undefined>]>;
+                }, undefined>, undefined>;
+            }, undefined>, undefined>, undefined>;
+        }, undefined>, undefined>;
+        readonly token: v.StringSchema<undefined>;
+    }, undefined>, v.LooseObjectSchema<{
+        readonly type: v.LiteralSchema<"http-01", undefined>;
+        readonly url: v.StringSchema<undefined>;
+        readonly status: v.PicklistSchema<readonly ["pending", "processing", "valid", "invalid"], undefined>;
+        readonly validated: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly error: v.OptionalSchema<v.LooseObjectSchema<{
+            readonly type: v.StringSchema<undefined>;
+            readonly title: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+            readonly detail: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+            readonly status: v.OptionalSchema<v.SchemaWithPipe<readonly [v.NumberSchema<undefined>, v.IntegerAction<number, undefined>, v.MinValueAction<number, 100, undefined>, v.MaxValueAction<number, 599, undefined>]>, undefined>;
+            readonly instance: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+            readonly identifier: v.OptionalSchema<v.LooseObjectSchema<{
+                type: v.PicklistSchema<readonly ["dns", "ip"], undefined>;
+                value: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.MinLengthAction<string, 1, undefined>]>;
+            }, undefined>, undefined>;
+            readonly subproblems: v.OptionalSchema<v.ArraySchema<v.LooseObjectSchema<{
+                readonly type: v.StringSchema<undefined>;
+                readonly title: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+                readonly detail: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+                readonly status: v.OptionalSchema<v.SchemaWithPipe<readonly [v.NumberSchema<undefined>, v.IntegerAction<number, undefined>, v.MinValueAction<number, 100, undefined>, v.MaxValueAction<number, 599, undefined>]>, undefined>;
+                readonly instance: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+                readonly identifier: v.OptionalSchema<v.LooseObjectSchema<{
+                    type: v.PicklistSchema<readonly ["dns", "ip"], undefined>;
+                    value: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.MinLengthAction<string, 1, undefined>]>;
+                }, undefined>, undefined>;
+            }, undefined>, undefined>, undefined>;
+        }, undefined>, undefined>;
+        readonly token: v.StringSchema<undefined>;
+    }, undefined>, v.LooseObjectSchema<{
+        readonly type: v.LiteralSchema<"tls-alpn-01", undefined>;
+        readonly url: v.StringSchema<undefined>;
+        readonly status: v.PicklistSchema<readonly ["pending", "processing", "valid", "invalid"], undefined>;
+        readonly validated: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly error: v.OptionalSchema<v.LooseObjectSchema<{
+            readonly type: v.StringSchema<undefined>;
+            readonly title: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+            readonly detail: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+            readonly status: v.OptionalSchema<v.SchemaWithPipe<readonly [v.NumberSchema<undefined>, v.IntegerAction<number, undefined>, v.MinValueAction<number, 100, undefined>, v.MaxValueAction<number, 599, undefined>]>, undefined>;
+            readonly instance: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+            readonly identifier: v.OptionalSchema<v.LooseObjectSchema<{
+                type: v.PicklistSchema<readonly ["dns", "ip"], undefined>;
+                value: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.MinLengthAction<string, 1, undefined>]>;
+            }, undefined>, undefined>;
+            readonly subproblems: v.OptionalSchema<v.ArraySchema<v.LooseObjectSchema<{
+                readonly type: v.StringSchema<undefined>;
+                readonly title: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+                readonly detail: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+                readonly status: v.OptionalSchema<v.SchemaWithPipe<readonly [v.NumberSchema<undefined>, v.IntegerAction<number, undefined>, v.MinValueAction<number, 100, undefined>, v.MaxValueAction<number, 599, undefined>]>, undefined>;
+                readonly instance: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+                readonly identifier: v.OptionalSchema<v.LooseObjectSchema<{
+                    type: v.PicklistSchema<readonly ["dns", "ip"], undefined>;
+                    value: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.MinLengthAction<string, 1, undefined>]>;
+                }, undefined>, undefined>;
+            }, undefined>, undefined>, undefined>;
+        }, undefined>, undefined>;
+        readonly token: v.StringSchema<undefined>;
+    }, undefined>], undefined>, undefined>;
+    readonly wildcard: v.OptionalSchema<v.BooleanSchema<undefined>, undefined>;
+}, undefined>, v.LooseObjectSchema<{
+    readonly status: v.LiteralSchema<"valid", undefined>;
+    readonly expires: v.StringSchema<undefined>;
+    readonly identifier: v.LooseObjectSchema<{
+        type: v.PicklistSchema<readonly ["dns", "ip"], undefined>;
+        value: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.MinLengthAction<string, 1, undefined>]>;
+    }, undefined>;
+    readonly challenges: v.ArraySchema<v.VariantSchema<"type", [v.LooseObjectSchema<{
+        readonly type: v.LiteralSchema<"dns-01", undefined>;
+        readonly url: v.StringSchema<undefined>;
+        readonly status: v.PicklistSchema<readonly ["pending", "processing", "valid", "invalid"], undefined>;
+        readonly validated: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly error: v.OptionalSchema<v.LooseObjectSchema<{
+            readonly type: v.StringSchema<undefined>;
+            readonly title: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+            readonly detail: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+            readonly status: v.OptionalSchema<v.SchemaWithPipe<readonly [v.NumberSchema<undefined>, v.IntegerAction<number, undefined>, v.MinValueAction<number, 100, undefined>, v.MaxValueAction<number, 599, undefined>]>, undefined>;
+            readonly instance: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+            readonly identifier: v.OptionalSchema<v.LooseObjectSchema<{
+                type: v.PicklistSchema<readonly ["dns", "ip"], undefined>;
+                value: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.MinLengthAction<string, 1, undefined>]>;
+            }, undefined>, undefined>;
+            readonly subproblems: v.OptionalSchema<v.ArraySchema<v.LooseObjectSchema<{
+                readonly type: v.StringSchema<undefined>;
+                readonly title: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+                readonly detail: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+                readonly status: v.OptionalSchema<v.SchemaWithPipe<readonly [v.NumberSchema<undefined>, v.IntegerAction<number, undefined>, v.MinValueAction<number, 100, undefined>, v.MaxValueAction<number, 599, undefined>]>, undefined>;
+                readonly instance: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+                readonly identifier: v.OptionalSchema<v.LooseObjectSchema<{
+                    type: v.PicklistSchema<readonly ["dns", "ip"], undefined>;
+                    value: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.MinLengthAction<string, 1, undefined>]>;
+                }, undefined>, undefined>;
+            }, undefined>, undefined>, undefined>;
+        }, undefined>, undefined>;
+        readonly token: v.StringSchema<undefined>;
+    }, undefined>, v.LooseObjectSchema<{
+        readonly type: v.LiteralSchema<"http-01", undefined>;
+        readonly url: v.StringSchema<undefined>;
+        readonly status: v.PicklistSchema<readonly ["pending", "processing", "valid", "invalid"], undefined>;
+        readonly validated: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly error: v.OptionalSchema<v.LooseObjectSchema<{
+            readonly type: v.StringSchema<undefined>;
+            readonly title: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+            readonly detail: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+            readonly status: v.OptionalSchema<v.SchemaWithPipe<readonly [v.NumberSchema<undefined>, v.IntegerAction<number, undefined>, v.MinValueAction<number, 100, undefined>, v.MaxValueAction<number, 599, undefined>]>, undefined>;
+            readonly instance: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+            readonly identifier: v.OptionalSchema<v.LooseObjectSchema<{
+                type: v.PicklistSchema<readonly ["dns", "ip"], undefined>;
+                value: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.MinLengthAction<string, 1, undefined>]>;
+            }, undefined>, undefined>;
+            readonly subproblems: v.OptionalSchema<v.ArraySchema<v.LooseObjectSchema<{
+                readonly type: v.StringSchema<undefined>;
+                readonly title: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+                readonly detail: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+                readonly status: v.OptionalSchema<v.SchemaWithPipe<readonly [v.NumberSchema<undefined>, v.IntegerAction<number, undefined>, v.MinValueAction<number, 100, undefined>, v.MaxValueAction<number, 599, undefined>]>, undefined>;
+                readonly instance: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+                readonly identifier: v.OptionalSchema<v.LooseObjectSchema<{
+                    type: v.PicklistSchema<readonly ["dns", "ip"], undefined>;
+                    value: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.MinLengthAction<string, 1, undefined>]>;
+                }, undefined>, undefined>;
+            }, undefined>, undefined>, undefined>;
+        }, undefined>, undefined>;
+        readonly token: v.StringSchema<undefined>;
+    }, undefined>, v.LooseObjectSchema<{
+        readonly type: v.LiteralSchema<"tls-alpn-01", undefined>;
+        readonly url: v.StringSchema<undefined>;
+        readonly status: v.PicklistSchema<readonly ["pending", "processing", "valid", "invalid"], undefined>;
+        readonly validated: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly error: v.OptionalSchema<v.LooseObjectSchema<{
+            readonly type: v.StringSchema<undefined>;
+            readonly title: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+            readonly detail: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+            readonly status: v.OptionalSchema<v.SchemaWithPipe<readonly [v.NumberSchema<undefined>, v.IntegerAction<number, undefined>, v.MinValueAction<number, 100, undefined>, v.MaxValueAction<number, 599, undefined>]>, undefined>;
+            readonly instance: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+            readonly identifier: v.OptionalSchema<v.LooseObjectSchema<{
+                type: v.PicklistSchema<readonly ["dns", "ip"], undefined>;
+                value: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.MinLengthAction<string, 1, undefined>]>;
+            }, undefined>, undefined>;
+            readonly subproblems: v.OptionalSchema<v.ArraySchema<v.LooseObjectSchema<{
+                readonly type: v.StringSchema<undefined>;
+                readonly title: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+                readonly detail: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+                readonly status: v.OptionalSchema<v.SchemaWithPipe<readonly [v.NumberSchema<undefined>, v.IntegerAction<number, undefined>, v.MinValueAction<number, 100, undefined>, v.MaxValueAction<number, 599, undefined>]>, undefined>;
+                readonly instance: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+                readonly identifier: v.OptionalSchema<v.LooseObjectSchema<{
+                    type: v.PicklistSchema<readonly ["dns", "ip"], undefined>;
+                    value: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.MinLengthAction<string, 1, undefined>]>;
+                }, undefined>, undefined>;
+            }, undefined>, undefined>, undefined>;
+        }, undefined>, undefined>;
+        readonly token: v.StringSchema<undefined>;
+    }, undefined>], undefined>, undefined>;
+    readonly wildcard: v.OptionalSchema<v.BooleanSchema<undefined>, undefined>;
+}, undefined>, v.LooseObjectSchema<{
+    readonly status: v.PicklistSchema<("invalid" | "deactivated" | "expired" | "revoked")[], undefined>;
+    readonly expires: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+    readonly identifier: v.LooseObjectSchema<{
+        type: v.PicklistSchema<readonly ["dns", "ip"], undefined>;
+        value: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.MinLengthAction<string, 1, undefined>]>;
+    }, undefined>;
+    readonly challenges: v.ArraySchema<v.VariantSchema<"type", [v.LooseObjectSchema<{
+        readonly type: v.LiteralSchema<"dns-01", undefined>;
+        readonly url: v.StringSchema<undefined>;
+        readonly status: v.PicklistSchema<readonly ["pending", "processing", "valid", "invalid"], undefined>;
+        readonly validated: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly error: v.OptionalSchema<v.LooseObjectSchema<{
+            readonly type: v.StringSchema<undefined>;
+            readonly title: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+            readonly detail: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+            readonly status: v.OptionalSchema<v.SchemaWithPipe<readonly [v.NumberSchema<undefined>, v.IntegerAction<number, undefined>, v.MinValueAction<number, 100, undefined>, v.MaxValueAction<number, 599, undefined>]>, undefined>;
+            readonly instance: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+            readonly identifier: v.OptionalSchema<v.LooseObjectSchema<{
+                type: v.PicklistSchema<readonly ["dns", "ip"], undefined>;
+                value: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.MinLengthAction<string, 1, undefined>]>;
+            }, undefined>, undefined>;
+            readonly subproblems: v.OptionalSchema<v.ArraySchema<v.LooseObjectSchema<{
+                readonly type: v.StringSchema<undefined>;
+                readonly title: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+                readonly detail: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+                readonly status: v.OptionalSchema<v.SchemaWithPipe<readonly [v.NumberSchema<undefined>, v.IntegerAction<number, undefined>, v.MinValueAction<number, 100, undefined>, v.MaxValueAction<number, 599, undefined>]>, undefined>;
+                readonly instance: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+                readonly identifier: v.OptionalSchema<v.LooseObjectSchema<{
+                    type: v.PicklistSchema<readonly ["dns", "ip"], undefined>;
+                    value: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.MinLengthAction<string, 1, undefined>]>;
+                }, undefined>, undefined>;
+            }, undefined>, undefined>, undefined>;
+        }, undefined>, undefined>;
+        readonly token: v.StringSchema<undefined>;
+    }, undefined>, v.LooseObjectSchema<{
+        readonly type: v.LiteralSchema<"http-01", undefined>;
+        readonly url: v.StringSchema<undefined>;
+        readonly status: v.PicklistSchema<readonly ["pending", "processing", "valid", "invalid"], undefined>;
+        readonly validated: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly error: v.OptionalSchema<v.LooseObjectSchema<{
+            readonly type: v.StringSchema<undefined>;
+            readonly title: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+            readonly detail: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+            readonly status: v.OptionalSchema<v.SchemaWithPipe<readonly [v.NumberSchema<undefined>, v.IntegerAction<number, undefined>, v.MinValueAction<number, 100, undefined>, v.MaxValueAction<number, 599, undefined>]>, undefined>;
+            readonly instance: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+            readonly identifier: v.OptionalSchema<v.LooseObjectSchema<{
+                type: v.PicklistSchema<readonly ["dns", "ip"], undefined>;
+                value: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.MinLengthAction<string, 1, undefined>]>;
+            }, undefined>, undefined>;
+            readonly subproblems: v.OptionalSchema<v.ArraySchema<v.LooseObjectSchema<{
+                readonly type: v.StringSchema<undefined>;
+                readonly title: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+                readonly detail: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+                readonly status: v.OptionalSchema<v.SchemaWithPipe<readonly [v.NumberSchema<undefined>, v.IntegerAction<number, undefined>, v.MinValueAction<number, 100, undefined>, v.MaxValueAction<number, 599, undefined>]>, undefined>;
+                readonly instance: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+                readonly identifier: v.OptionalSchema<v.LooseObjectSchema<{
+                    type: v.PicklistSchema<readonly ["dns", "ip"], undefined>;
+                    value: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.MinLengthAction<string, 1, undefined>]>;
+                }, undefined>, undefined>;
+            }, undefined>, undefined>, undefined>;
+        }, undefined>, undefined>;
+        readonly token: v.StringSchema<undefined>;
+    }, undefined>, v.LooseObjectSchema<{
+        readonly type: v.LiteralSchema<"tls-alpn-01", undefined>;
+        readonly url: v.StringSchema<undefined>;
+        readonly status: v.PicklistSchema<readonly ["pending", "processing", "valid", "invalid"], undefined>;
+        readonly validated: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly error: v.OptionalSchema<v.LooseObjectSchema<{
+            readonly type: v.StringSchema<undefined>;
+            readonly title: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+            readonly detail: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+            readonly status: v.OptionalSchema<v.SchemaWithPipe<readonly [v.NumberSchema<undefined>, v.IntegerAction<number, undefined>, v.MinValueAction<number, 100, undefined>, v.MaxValueAction<number, 599, undefined>]>, undefined>;
+            readonly instance: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+            readonly identifier: v.OptionalSchema<v.LooseObjectSchema<{
+                type: v.PicklistSchema<readonly ["dns", "ip"], undefined>;
+                value: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.MinLengthAction<string, 1, undefined>]>;
+            }, undefined>, undefined>;
+            readonly subproblems: v.OptionalSchema<v.ArraySchema<v.LooseObjectSchema<{
+                readonly type: v.StringSchema<undefined>;
+                readonly title: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+                readonly detail: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+                readonly status: v.OptionalSchema<v.SchemaWithPipe<readonly [v.NumberSchema<undefined>, v.IntegerAction<number, undefined>, v.MinValueAction<number, 100, undefined>, v.MaxValueAction<number, 599, undefined>]>, undefined>;
+                readonly instance: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+                readonly identifier: v.OptionalSchema<v.LooseObjectSchema<{
+                    type: v.PicklistSchema<readonly ["dns", "ip"], undefined>;
+                    value: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.MinLengthAction<string, 1, undefined>]>;
+                }, undefined>, undefined>;
+            }, undefined>, undefined>, undefined>;
+        }, undefined>, undefined>;
+        readonly token: v.StringSchema<undefined>;
+    }, undefined>], undefined>, undefined>;
+    readonly wildcard: v.OptionalSchema<v.BooleanSchema<undefined>, undefined>;
+}, undefined>], undefined>;
+
+/**
+ * {@link Challenge} schema — discriminated on `type`.
+ *
+ * @remarks
+ * Uses `looseObject` — unknown fields pass through.
+ * The union is closed: unknown challenge types fail
+ * validation. Consumers must upgrade to support new
+ * challenge types from future RFCs.
+ *
+ * @see {@link https://datatracker.ietf.org/doc/html/rfc8555#section-7.1.5}
+ * @see {@link https://datatracker.ietf.org/doc/html/rfc8737}
+ */
+declare const ChallengeSchema: v.VariantSchema<"type", [v.LooseObjectSchema<{
+    readonly type: v.LiteralSchema<"dns-01", undefined>;
+    readonly url: v.StringSchema<undefined>;
+    readonly status: v.PicklistSchema<readonly ["pending", "processing", "valid", "invalid"], undefined>;
+    readonly validated: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+    readonly error: v.OptionalSchema<v.LooseObjectSchema<{
+        readonly type: v.StringSchema<undefined>;
+        readonly title: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly detail: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly status: v.OptionalSchema<v.SchemaWithPipe<readonly [v.NumberSchema<undefined>, v.IntegerAction<number, undefined>, v.MinValueAction<number, 100, undefined>, v.MaxValueAction<number, 599, undefined>]>, undefined>;
+        readonly instance: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly identifier: v.OptionalSchema<v.LooseObjectSchema<{
+            type: v.PicklistSchema<readonly ["dns", "ip"], undefined>;
+            value: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.MinLengthAction<string, 1, undefined>]>;
+        }, undefined>, undefined>;
+        readonly subproblems: v.OptionalSchema<v.ArraySchema<v.LooseObjectSchema<{
+            readonly type: v.StringSchema<undefined>;
+            readonly title: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+            readonly detail: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+            readonly status: v.OptionalSchema<v.SchemaWithPipe<readonly [v.NumberSchema<undefined>, v.IntegerAction<number, undefined>, v.MinValueAction<number, 100, undefined>, v.MaxValueAction<number, 599, undefined>]>, undefined>;
+            readonly instance: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+            readonly identifier: v.OptionalSchema<v.LooseObjectSchema<{
+                type: v.PicklistSchema<readonly ["dns", "ip"], undefined>;
+                value: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.MinLengthAction<string, 1, undefined>]>;
+            }, undefined>, undefined>;
+        }, undefined>, undefined>, undefined>;
+    }, undefined>, undefined>;
+    readonly token: v.StringSchema<undefined>;
+}, undefined>, v.LooseObjectSchema<{
+    readonly type: v.LiteralSchema<"http-01", undefined>;
+    readonly url: v.StringSchema<undefined>;
+    readonly status: v.PicklistSchema<readonly ["pending", "processing", "valid", "invalid"], undefined>;
+    readonly validated: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+    readonly error: v.OptionalSchema<v.LooseObjectSchema<{
+        readonly type: v.StringSchema<undefined>;
+        readonly title: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly detail: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly status: v.OptionalSchema<v.SchemaWithPipe<readonly [v.NumberSchema<undefined>, v.IntegerAction<number, undefined>, v.MinValueAction<number, 100, undefined>, v.MaxValueAction<number, 599, undefined>]>, undefined>;
+        readonly instance: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly identifier: v.OptionalSchema<v.LooseObjectSchema<{
+            type: v.PicklistSchema<readonly ["dns", "ip"], undefined>;
+            value: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.MinLengthAction<string, 1, undefined>]>;
+        }, undefined>, undefined>;
+        readonly subproblems: v.OptionalSchema<v.ArraySchema<v.LooseObjectSchema<{
+            readonly type: v.StringSchema<undefined>;
+            readonly title: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+            readonly detail: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+            readonly status: v.OptionalSchema<v.SchemaWithPipe<readonly [v.NumberSchema<undefined>, v.IntegerAction<number, undefined>, v.MinValueAction<number, 100, undefined>, v.MaxValueAction<number, 599, undefined>]>, undefined>;
+            readonly instance: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+            readonly identifier: v.OptionalSchema<v.LooseObjectSchema<{
+                type: v.PicklistSchema<readonly ["dns", "ip"], undefined>;
+                value: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.MinLengthAction<string, 1, undefined>]>;
+            }, undefined>, undefined>;
+        }, undefined>, undefined>, undefined>;
+    }, undefined>, undefined>;
+    readonly token: v.StringSchema<undefined>;
+}, undefined>, v.LooseObjectSchema<{
+    readonly type: v.LiteralSchema<"tls-alpn-01", undefined>;
+    readonly url: v.StringSchema<undefined>;
+    readonly status: v.PicklistSchema<readonly ["pending", "processing", "valid", "invalid"], undefined>;
+    readonly validated: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+    readonly error: v.OptionalSchema<v.LooseObjectSchema<{
+        readonly type: v.StringSchema<undefined>;
+        readonly title: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly detail: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly status: v.OptionalSchema<v.SchemaWithPipe<readonly [v.NumberSchema<undefined>, v.IntegerAction<number, undefined>, v.MinValueAction<number, 100, undefined>, v.MaxValueAction<number, 599, undefined>]>, undefined>;
+        readonly instance: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly identifier: v.OptionalSchema<v.LooseObjectSchema<{
+            type: v.PicklistSchema<readonly ["dns", "ip"], undefined>;
+            value: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.MinLengthAction<string, 1, undefined>]>;
+        }, undefined>, undefined>;
+        readonly subproblems: v.OptionalSchema<v.ArraySchema<v.LooseObjectSchema<{
+            readonly type: v.StringSchema<undefined>;
+            readonly title: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+            readonly detail: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+            readonly status: v.OptionalSchema<v.SchemaWithPipe<readonly [v.NumberSchema<undefined>, v.IntegerAction<number, undefined>, v.MinValueAction<number, 100, undefined>, v.MaxValueAction<number, 599, undefined>]>, undefined>;
+            readonly instance: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+            readonly identifier: v.OptionalSchema<v.LooseObjectSchema<{
+                type: v.PicklistSchema<readonly ["dns", "ip"], undefined>;
+                value: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.MinLengthAction<string, 1, undefined>]>;
+            }, undefined>, undefined>;
+        }, undefined>, undefined>, undefined>;
+    }, undefined>, undefined>;
+    readonly token: v.StringSchema<undefined>;
+}, undefined>], undefined>;
+
+/**
+ * {@link DirectoryMeta} schema.
+ *
+ * @remarks
+ * Uses `looseObject` — unknown fields pass through.
+ * Includes Profiles `profiles`
+ * (draft-ietf-acme-profiles) extension.
+ *
+ * @see {@link https://datatracker.ietf.org/doc/html/rfc8555#section-7.1.1}
+ */
+declare const DirectoryMetaSchema: v.LooseObjectSchema<{
+    readonly termsOfService: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+    readonly website: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+    readonly caaIdentities: v.OptionalSchema<v.ArraySchema<v.StringSchema<undefined>, undefined>, undefined>;
+    readonly externalAccountRequired: v.OptionalSchema<v.BooleanSchema<undefined>, undefined>;
+    readonly profiles: v.OptionalSchema<v.RecordSchema<v.StringSchema<undefined>, v.StringSchema<undefined>, undefined>, undefined>;
+}, undefined>;
+/**
+ * {@link Directory} schema.
+ *
+ * @remarks
+ * Uses `looseObject` — unknown fields pass through.
+ *
+ * @see {@link https://datatracker.ietf.org/doc/html/rfc8555#section-7.1.1}
+ */
+declare const DirectorySchema: v.LooseObjectSchema<{
+    readonly newNonce: v.StringSchema<undefined>;
+    readonly newAccount: v.StringSchema<undefined>;
+    readonly newOrder: v.StringSchema<undefined>;
+    readonly newAuthz: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+    readonly revokeCert: v.StringSchema<undefined>;
+    readonly keyChange: v.StringSchema<undefined>;
+    readonly renewalInfo: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+    readonly meta: v.OptionalSchema<v.LooseObjectSchema<{
+        readonly termsOfService: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly website: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly caaIdentities: v.OptionalSchema<v.ArraySchema<v.StringSchema<undefined>, undefined>, undefined>;
+        readonly externalAccountRequired: v.OptionalSchema<v.BooleanSchema<undefined>, undefined>;
+        readonly profiles: v.OptionalSchema<v.RecordSchema<v.StringSchema<undefined>, v.StringSchema<undefined>, undefined>, undefined>;
+    }, undefined>, undefined>;
+}, undefined>;
+
+/**
+ * Non-empty {@link Base64url} schema.
+ *
+ * @see {@link https://datatracker.ietf.org/doc/html/rfc7515#section-2}
+ */
+declare const Base64urlSchema: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.RegexAction<string, undefined>, v.CheckAction<string, "invalid base64url length">]>;
+/**
+ * {@link Base64url} schema allowing empty string
+ * (POST-as-GET payload, RFC 8555 §6.3).
+ *
+ * @see {@link https://datatracker.ietf.org/doc/html/rfc8555#section-6.3}
+ */
+declare const Base64urlOrEmptySchema: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.RegexAction<string, undefined>, v.CheckAction<string, "invalid base64url length">]>;
+
+/**
+ * {@link Finalize} schema (RFC 8555 §7.4).
+ *
+ * @remarks
+ * Uses `strictObject` — the CSR is the only
+ * expected field. Validates base64url encoding.
+ *
+ * @see {@link https://datatracker.ietf.org/doc/html/rfc8555#section-7.4}
+ */
+declare const FinalizeSchema: v.StrictObjectSchema<{
+    readonly csr: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.RegexAction<string, undefined>, v.CheckAction<string, "invalid base64url length">]>;
+}, undefined>;
+
+/**
+ * {@link Identifier} schema.
+ *
+ * @remarks
+ * Uses `looseObject` — unknown fields pass through.
+ *
+ * @see {@link https://datatracker.ietf.org/doc/html/rfc8555#section-9.7.7}
+ * @see {@link https://datatracker.ietf.org/doc/html/rfc8738}
+ */
+declare const IdentifierSchema: v.LooseObjectSchema<{
+    type: v.PicklistSchema<readonly ["dns", "ip"], undefined>;
+    value: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.MinLengthAction<string, 1, undefined>]>;
+}, undefined>;
+/**
+ * Strict {@link Identifier} schema for request
+ * payloads.
+ *
+ * @remarks
+ * Uses `strictObject` — the client controls the
+ * structure.
+ *
+ * @see {@link https://datatracker.ietf.org/doc/html/rfc8555#section-9.7.7}
+ * @see {@link https://datatracker.ietf.org/doc/html/rfc8738}
+ */
+declare const StrictIdentifierSchema: v.StrictObjectSchema<{
+    type: v.PicklistSchema<readonly ["dns", "ip"], undefined>;
+    value: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.MinLengthAction<string, 1, undefined>]>;
+}, undefined>;
+
+/**
+ * {@link JWK} schema (RFC 7517).
+ *
+ * @remarks
+ * Uses `v.variant` on `kty` to discriminate
+ * EC, OKP, and RSA key types. Each variant uses
+ * `looseObject` — JWKs may contain additional
+ * members (RFC 7517 §4).
+ *
+ * @see {@link https://datatracker.ietf.org/doc/html/rfc7517}
+ */
+declare const JWKSchema: v.VariantSchema<"kty", [v.LooseObjectSchema<{
+    readonly kid: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+    readonly alg: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+    readonly use: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+    readonly key_ops: v.OptionalSchema<v.SchemaWithPipe<readonly [v.ArraySchema<v.StringSchema<undefined>, undefined>, v.ReadonlyAction<string[]>]>, undefined>;
+    readonly x5u: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+    readonly x5c: v.OptionalSchema<v.SchemaWithPipe<readonly [v.ArraySchema<v.StringSchema<undefined>, undefined>, v.ReadonlyAction<string[]>]>, undefined>;
+    readonly x5t: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+    readonly 'x5t#S256': v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+    readonly kty: v.LiteralSchema<"EC", undefined>;
+    readonly crv: v.StringSchema<undefined>;
+    readonly x: v.StringSchema<undefined>;
+    readonly y: v.StringSchema<undefined>;
+}, undefined>, v.LooseObjectSchema<{
+    readonly kid: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+    readonly alg: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+    readonly use: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+    readonly key_ops: v.OptionalSchema<v.SchemaWithPipe<readonly [v.ArraySchema<v.StringSchema<undefined>, undefined>, v.ReadonlyAction<string[]>]>, undefined>;
+    readonly x5u: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+    readonly x5c: v.OptionalSchema<v.SchemaWithPipe<readonly [v.ArraySchema<v.StringSchema<undefined>, undefined>, v.ReadonlyAction<string[]>]>, undefined>;
+    readonly x5t: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+    readonly 'x5t#S256': v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+    readonly kty: v.LiteralSchema<"OKP", undefined>;
+    readonly crv: v.StringSchema<undefined>;
+    readonly x: v.StringSchema<undefined>;
+}, undefined>, v.LooseObjectSchema<{
+    readonly kid: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+    readonly alg: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+    readonly use: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+    readonly key_ops: v.OptionalSchema<v.SchemaWithPipe<readonly [v.ArraySchema<v.StringSchema<undefined>, undefined>, v.ReadonlyAction<string[]>]>, undefined>;
+    readonly x5u: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+    readonly x5c: v.OptionalSchema<v.SchemaWithPipe<readonly [v.ArraySchema<v.StringSchema<undefined>, undefined>, v.ReadonlyAction<string[]>]>, undefined>;
+    readonly x5t: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+    readonly 'x5t#S256': v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+    readonly kty: v.LiteralSchema<"RSA", undefined>;
+    readonly n: v.StringSchema<undefined>;
+    readonly e: v.StringSchema<undefined>;
+}, undefined>], undefined>;
+
+/**
+ * {@link FlattenedJWS} schema (RFC 7515 §7.2.2).
+ *
+ * @remarks
+ * Uses `strictObject` — the three base64url fields
+ * are the only expected properties. `payload` may be
+ * empty for POST-as-GET requests (RFC 8555 §6.3).
+ *
+ * @see {@link https://datatracker.ietf.org/doc/html/rfc7515#section-7.2.2}
+ */
+declare const FlattenedJWSSchema: v.StrictObjectSchema<{
+    readonly protected: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.RegexAction<string, undefined>, v.CheckAction<string, "invalid base64url length">]>;
+    readonly payload: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.RegexAction<string, undefined>, v.CheckAction<string, "invalid base64url length">]>;
+    readonly signature: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.RegexAction<string, undefined>, v.CheckAction<string, "invalid base64url length">]>;
+}, undefined>;
+/**
+ * {@link JWSProtectedHeader} schema (RFC 7515 §4.1).
+ *
+ * @remarks
+ * Uses `looseObject` — JWS headers may contain
+ * additional registered or private parameters.
+ *
+ * @see {@link https://datatracker.ietf.org/doc/html/rfc7515#section-4.1}
+ */
+declare const JWSProtectedHeaderSchema: v.LooseObjectSchema<{
+    readonly alg: v.StringSchema<undefined>;
+    readonly jwk: v.OptionalSchema<v.VariantSchema<"kty", [v.LooseObjectSchema<{
+        readonly kid: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly alg: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly use: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly key_ops: v.OptionalSchema<v.SchemaWithPipe<readonly [v.ArraySchema<v.StringSchema<undefined>, undefined>, v.ReadonlyAction<string[]>]>, undefined>;
+        readonly x5u: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly x5c: v.OptionalSchema<v.SchemaWithPipe<readonly [v.ArraySchema<v.StringSchema<undefined>, undefined>, v.ReadonlyAction<string[]>]>, undefined>;
+        readonly x5t: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly 'x5t#S256': v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly kty: v.LiteralSchema<"EC", undefined>;
+        readonly crv: v.StringSchema<undefined>;
+        readonly x: v.StringSchema<undefined>;
+        readonly y: v.StringSchema<undefined>;
+    }, undefined>, v.LooseObjectSchema<{
+        readonly kid: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly alg: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly use: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly key_ops: v.OptionalSchema<v.SchemaWithPipe<readonly [v.ArraySchema<v.StringSchema<undefined>, undefined>, v.ReadonlyAction<string[]>]>, undefined>;
+        readonly x5u: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly x5c: v.OptionalSchema<v.SchemaWithPipe<readonly [v.ArraySchema<v.StringSchema<undefined>, undefined>, v.ReadonlyAction<string[]>]>, undefined>;
+        readonly x5t: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly 'x5t#S256': v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly kty: v.LiteralSchema<"OKP", undefined>;
+        readonly crv: v.StringSchema<undefined>;
+        readonly x: v.StringSchema<undefined>;
+    }, undefined>, v.LooseObjectSchema<{
+        readonly kid: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly alg: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly use: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly key_ops: v.OptionalSchema<v.SchemaWithPipe<readonly [v.ArraySchema<v.StringSchema<undefined>, undefined>, v.ReadonlyAction<string[]>]>, undefined>;
+        readonly x5u: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly x5c: v.OptionalSchema<v.SchemaWithPipe<readonly [v.ArraySchema<v.StringSchema<undefined>, undefined>, v.ReadonlyAction<string[]>]>, undefined>;
+        readonly x5t: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly 'x5t#S256': v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly kty: v.LiteralSchema<"RSA", undefined>;
+        readonly n: v.StringSchema<undefined>;
+        readonly e: v.StringSchema<undefined>;
+    }, undefined>], undefined>, undefined>;
+    readonly kid: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+}, undefined>;
+/**
+ * {@link ACMEProtectedHeader} schema (RFC 8555 §6.2).
+ *
+ * @remarks
+ * Uses `looseObject` — extends
+ * {@link JWSProtectedHeaderSchema} with ACME-required
+ * `nonce` and `url`.
+ *
+ * @see {@link https://datatracker.ietf.org/doc/html/rfc8555#section-6.2}
+ */
+declare const ACMEProtectedHeaderSchema: v.LooseObjectSchema<{
+    readonly nonce: v.StringSchema<undefined>;
+    readonly url: v.StringSchema<undefined>;
+    readonly alg: v.StringSchema<undefined>;
+    readonly jwk: v.OptionalSchema<v.VariantSchema<"kty", [v.LooseObjectSchema<{
+        readonly kid: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly alg: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly use: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly key_ops: v.OptionalSchema<v.SchemaWithPipe<readonly [v.ArraySchema<v.StringSchema<undefined>, undefined>, v.ReadonlyAction<string[]>]>, undefined>;
+        readonly x5u: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly x5c: v.OptionalSchema<v.SchemaWithPipe<readonly [v.ArraySchema<v.StringSchema<undefined>, undefined>, v.ReadonlyAction<string[]>]>, undefined>;
+        readonly x5t: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly 'x5t#S256': v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly kty: v.LiteralSchema<"EC", undefined>;
+        readonly crv: v.StringSchema<undefined>;
+        readonly x: v.StringSchema<undefined>;
+        readonly y: v.StringSchema<undefined>;
+    }, undefined>, v.LooseObjectSchema<{
+        readonly kid: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly alg: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly use: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly key_ops: v.OptionalSchema<v.SchemaWithPipe<readonly [v.ArraySchema<v.StringSchema<undefined>, undefined>, v.ReadonlyAction<string[]>]>, undefined>;
+        readonly x5u: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly x5c: v.OptionalSchema<v.SchemaWithPipe<readonly [v.ArraySchema<v.StringSchema<undefined>, undefined>, v.ReadonlyAction<string[]>]>, undefined>;
+        readonly x5t: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly 'x5t#S256': v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly kty: v.LiteralSchema<"OKP", undefined>;
+        readonly crv: v.StringSchema<undefined>;
+        readonly x: v.StringSchema<undefined>;
+    }, undefined>, v.LooseObjectSchema<{
+        readonly kid: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly alg: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly use: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly key_ops: v.OptionalSchema<v.SchemaWithPipe<readonly [v.ArraySchema<v.StringSchema<undefined>, undefined>, v.ReadonlyAction<string[]>]>, undefined>;
+        readonly x5u: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly x5c: v.OptionalSchema<v.SchemaWithPipe<readonly [v.ArraySchema<v.StringSchema<undefined>, undefined>, v.ReadonlyAction<string[]>]>, undefined>;
+        readonly x5t: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly 'x5t#S256': v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly kty: v.LiteralSchema<"RSA", undefined>;
+        readonly n: v.StringSchema<undefined>;
+        readonly e: v.StringSchema<undefined>;
+    }, undefined>], undefined>, undefined>;
+    readonly kid: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+}, undefined>;
+/**
+ * {@link ACMERequestHeader} schema (RFC 8555 §6.2).
+ *
+ * @remarks
+ * Enforces `jwk` XOR `kid` — servers MUST reject
+ * headers containing both. Uses `looseObject` for
+ * header extensibility with a `check` action for
+ * mutual exclusion.
+ *
+ * @see {@link https://datatracker.ietf.org/doc/html/rfc8555#section-6.2}
+ */
+declare const ACMERequestHeaderSchema: v.SchemaWithPipe<readonly [v.UnionSchema<[v.LooseObjectSchema<{
+    readonly jwk: v.VariantSchema<"kty", [v.LooseObjectSchema<{
+        readonly kid: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly alg: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly use: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly key_ops: v.OptionalSchema<v.SchemaWithPipe<readonly [v.ArraySchema<v.StringSchema<undefined>, undefined>, v.ReadonlyAction<string[]>]>, undefined>;
+        readonly x5u: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly x5c: v.OptionalSchema<v.SchemaWithPipe<readonly [v.ArraySchema<v.StringSchema<undefined>, undefined>, v.ReadonlyAction<string[]>]>, undefined>;
+        readonly x5t: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly 'x5t#S256': v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly kty: v.LiteralSchema<"EC", undefined>;
+        readonly crv: v.StringSchema<undefined>;
+        readonly x: v.StringSchema<undefined>;
+        readonly y: v.StringSchema<undefined>;
+    }, undefined>, v.LooseObjectSchema<{
+        readonly kid: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly alg: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly use: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly key_ops: v.OptionalSchema<v.SchemaWithPipe<readonly [v.ArraySchema<v.StringSchema<undefined>, undefined>, v.ReadonlyAction<string[]>]>, undefined>;
+        readonly x5u: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly x5c: v.OptionalSchema<v.SchemaWithPipe<readonly [v.ArraySchema<v.StringSchema<undefined>, undefined>, v.ReadonlyAction<string[]>]>, undefined>;
+        readonly x5t: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly 'x5t#S256': v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly kty: v.LiteralSchema<"OKP", undefined>;
+        readonly crv: v.StringSchema<undefined>;
+        readonly x: v.StringSchema<undefined>;
+    }, undefined>, v.LooseObjectSchema<{
+        readonly kid: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly alg: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly use: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly key_ops: v.OptionalSchema<v.SchemaWithPipe<readonly [v.ArraySchema<v.StringSchema<undefined>, undefined>, v.ReadonlyAction<string[]>]>, undefined>;
+        readonly x5u: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly x5c: v.OptionalSchema<v.SchemaWithPipe<readonly [v.ArraySchema<v.StringSchema<undefined>, undefined>, v.ReadonlyAction<string[]>]>, undefined>;
+        readonly x5t: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly 'x5t#S256': v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly kty: v.LiteralSchema<"RSA", undefined>;
+        readonly n: v.StringSchema<undefined>;
+        readonly e: v.StringSchema<undefined>;
+    }, undefined>], undefined>;
+    readonly alg: v.StringSchema<undefined>;
+    readonly nonce: v.StringSchema<undefined>;
+    readonly url: v.StringSchema<undefined>;
+}, undefined>, v.LooseObjectSchema<{
+    readonly kid: v.StringSchema<undefined>;
+    readonly alg: v.StringSchema<undefined>;
+    readonly nonce: v.StringSchema<undefined>;
+    readonly url: v.StringSchema<undefined>;
+}, undefined>], undefined>, v.CheckAction<({
+    jwk: ({
+        kid?: string | undefined;
+        alg?: string | undefined;
+        use?: string | undefined;
+        key_ops?: readonly string[] | undefined;
+        x5u?: string | undefined;
+        x5c?: readonly string[] | undefined;
+        x5t?: string | undefined;
+        'x5t#S256'?: string | undefined;
+        kty: "EC";
+        crv: string;
+        x: string;
+        y: string;
+    } & {
+        [key: string]: unknown;
+    }) | ({
+        kid?: string | undefined;
+        alg?: string | undefined;
+        use?: string | undefined;
+        key_ops?: readonly string[] | undefined;
+        x5u?: string | undefined;
+        x5c?: readonly string[] | undefined;
+        x5t?: string | undefined;
+        'x5t#S256'?: string | undefined;
+        kty: "OKP";
+        crv: string;
+        x: string;
+    } & {
+        [key: string]: unknown;
+    }) | ({
+        kid?: string | undefined;
+        alg?: string | undefined;
+        use?: string | undefined;
+        key_ops?: readonly string[] | undefined;
+        x5u?: string | undefined;
+        x5c?: readonly string[] | undefined;
+        x5t?: string | undefined;
+        'x5t#S256'?: string | undefined;
+        kty: "RSA";
+        n: string;
+        e: string;
+    } & {
+        [key: string]: unknown;
+    });
+    alg: string;
+    nonce: string;
+    url: string;
+} & {
+    [key: string]: unknown;
+}) | ({
+    kid: string;
+    alg: string;
+    nonce: string;
+    url: string;
+} & {
+    [key: string]: unknown;
+}), "Provide 'jwk' or 'kid', not both">]>;
+
+/**
+ * {@link KeyChange} schema (RFC 8555 §7.3.5).
+ *
+ * @remarks
+ * Uses `strictObject` — the inner JWS payload has
+ * exactly two fields.
+ *
+ * @see {@link https://datatracker.ietf.org/doc/html/rfc8555#section-7.3.5}
+ */
+declare const KeyChangeSchema: v.StrictObjectSchema<{
+    readonly account: v.StringSchema<undefined>;
+    readonly oldKey: v.VariantSchema<"kty", [v.LooseObjectSchema<{
+        readonly kid: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly alg: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly use: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly key_ops: v.OptionalSchema<v.SchemaWithPipe<readonly [v.ArraySchema<v.StringSchema<undefined>, undefined>, v.ReadonlyAction<string[]>]>, undefined>;
+        readonly x5u: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly x5c: v.OptionalSchema<v.SchemaWithPipe<readonly [v.ArraySchema<v.StringSchema<undefined>, undefined>, v.ReadonlyAction<string[]>]>, undefined>;
+        readonly x5t: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly 'x5t#S256': v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly kty: v.LiteralSchema<"EC", undefined>;
+        readonly crv: v.StringSchema<undefined>;
+        readonly x: v.StringSchema<undefined>;
+        readonly y: v.StringSchema<undefined>;
+    }, undefined>, v.LooseObjectSchema<{
+        readonly kid: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly alg: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly use: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly key_ops: v.OptionalSchema<v.SchemaWithPipe<readonly [v.ArraySchema<v.StringSchema<undefined>, undefined>, v.ReadonlyAction<string[]>]>, undefined>;
+        readonly x5u: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly x5c: v.OptionalSchema<v.SchemaWithPipe<readonly [v.ArraySchema<v.StringSchema<undefined>, undefined>, v.ReadonlyAction<string[]>]>, undefined>;
+        readonly x5t: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly 'x5t#S256': v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly kty: v.LiteralSchema<"OKP", undefined>;
+        readonly crv: v.StringSchema<undefined>;
+        readonly x: v.StringSchema<undefined>;
+    }, undefined>, v.LooseObjectSchema<{
+        readonly kid: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly alg: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly use: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly key_ops: v.OptionalSchema<v.SchemaWithPipe<readonly [v.ArraySchema<v.StringSchema<undefined>, undefined>, v.ReadonlyAction<string[]>]>, undefined>;
+        readonly x5u: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly x5c: v.OptionalSchema<v.SchemaWithPipe<readonly [v.ArraySchema<v.StringSchema<undefined>, undefined>, v.ReadonlyAction<string[]>]>, undefined>;
+        readonly x5t: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly 'x5t#S256': v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly kty: v.LiteralSchema<"RSA", undefined>;
+        readonly n: v.StringSchema<undefined>;
+        readonly e: v.StringSchema<undefined>;
+    }, undefined>], undefined>;
+}, undefined>;
+
+/**
+ * {@link NewAccount} schema (RFC 8555 §7.3).
+ *
+ * @remarks
+ * Uses `strictObject` — request payloads have a
+ * fixed set of fields.
+ *
+ * @see {@link https://datatracker.ietf.org/doc/html/rfc8555#section-7.3}
+ */
+declare const NewAccountSchema: v.StrictObjectSchema<{
+    readonly contact: v.OptionalSchema<v.ArraySchema<v.StringSchema<undefined>, undefined>, undefined>;
+    readonly termsOfServiceAgreed: v.OptionalSchema<v.BooleanSchema<undefined>, undefined>;
+    readonly onlyReturnExisting: v.OptionalSchema<v.BooleanSchema<undefined>, undefined>;
+    readonly externalAccountBinding: v.OptionalSchema<v.StrictObjectSchema<{
+        readonly protected: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.RegexAction<string, undefined>, v.CheckAction<string, "invalid base64url length">]>;
+        readonly payload: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.RegexAction<string, undefined>, v.CheckAction<string, "invalid base64url length">]>;
+        readonly signature: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.RegexAction<string, undefined>, v.CheckAction<string, "invalid base64url length">]>;
+    }, undefined>, undefined>;
+}, undefined>;
+/**
+ * {@link DeactivateAccount} schema
+ * (RFC 8555 §7.3.6).
+ *
+ * @remarks
+ * Uses `strictObject` — deactivation sends only
+ * `status: 'deactivated'`.
+ *
+ * @see {@link https://datatracker.ietf.org/doc/html/rfc8555#section-7.3.6}
+ */
+declare const DeactivateAccountSchema: v.StrictObjectSchema<{
+    readonly status: v.LiteralSchema<"deactivated", undefined>;
+}, undefined>;
+
+/**
+ * {@link NewAuthz} schema (RFC 8555 §7.4.1).
+ *
+ * @remarks
+ * Uses `strictObject` — request payloads have a
+ * fixed set of fields.
+ *
+ * @see {@link https://datatracker.ietf.org/doc/html/rfc8555#section-7.4.1}
+ */
+declare const NewAuthzSchema: v.StrictObjectSchema<{
+    readonly identifier: v.StrictObjectSchema<{
+        type: v.PicklistSchema<readonly ["dns", "ip"], undefined>;
+        value: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.MinLengthAction<string, 1, undefined>]>;
+    }, undefined>;
+}, undefined>;
+/**
+ * {@link DeactivateAuthorization} schema
+ * (RFC 8555 §7.5.2).
+ *
+ * @remarks
+ * Uses `strictObject` — deactivation sends only
+ * `status: 'deactivated'`.
+ *
+ * @see {@link https://datatracker.ietf.org/doc/html/rfc8555#section-7.5.2}
+ */
+declare const DeactivateAuthorizationSchema: v.StrictObjectSchema<{
+    readonly status: v.LiteralSchema<"deactivated", undefined>;
+}, undefined>;
+
+/**
+ * {@link NewOrder} schema (RFC 8555 §7.4).
+ *
+ * @remarks
+ * Uses `strictObject` — request payloads have a
+ * fixed set of fields. Includes ARI `replaces`
+ * (RFC 9773) and Profiles `profile`
+ * (draft-ietf-acme-profiles) extensions.
+ *
+ * @see {@link https://datatracker.ietf.org/doc/html/rfc8555#section-7.4}
+ */
+declare const NewOrderSchema: v.StrictObjectSchema<{
+    readonly identifiers: v.SchemaWithPipe<readonly [v.ArraySchema<v.StrictObjectSchema<{
+        type: v.PicklistSchema<readonly ["dns", "ip"], undefined>;
+        value: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.MinLengthAction<string, 1, undefined>]>;
+    }, undefined>, undefined>, v.MinLengthAction<{
+        type: "dns" | "ip";
+        value: string;
+    }[], 1, undefined>]>;
+    readonly notBefore: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+    readonly notAfter: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+    readonly profile: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+    readonly replaces: v.OptionalSchema<v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.RegexAction<string, undefined>]>, undefined>;
+}, undefined>;
+
+/**
+ * {@link Order} schema.
+ *
+ * @remarks
+ * Uses `looseObject` — unknown fields pass through.
+ * Includes ARI `replaces` (RFC 9773) and Profiles
+ * `profile` (draft-ietf-acme-profiles) extensions.
+ *
+ * @see {@link https://datatracker.ietf.org/doc/html/rfc8555#section-7.1.3}
+ */
+declare const OrderSchema: v.LooseObjectSchema<{
+    readonly status: v.PicklistSchema<readonly ["pending", "ready", "processing", "valid", "invalid"], undefined>;
+    readonly expires: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+    readonly identifiers: v.ArraySchema<v.LooseObjectSchema<{
+        type: v.PicklistSchema<readonly ["dns", "ip"], undefined>;
+        value: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.MinLengthAction<string, 1, undefined>]>;
+    }, undefined>, undefined>;
+    readonly notBefore: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+    readonly notAfter: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+    readonly error: v.OptionalSchema<v.LooseObjectSchema<{
+        readonly type: v.StringSchema<undefined>;
+        readonly title: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly detail: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly status: v.OptionalSchema<v.SchemaWithPipe<readonly [v.NumberSchema<undefined>, v.IntegerAction<number, undefined>, v.MinValueAction<number, 100, undefined>, v.MaxValueAction<number, 599, undefined>]>, undefined>;
+        readonly instance: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly identifier: v.OptionalSchema<v.LooseObjectSchema<{
+            type: v.PicklistSchema<readonly ["dns", "ip"], undefined>;
+            value: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.MinLengthAction<string, 1, undefined>]>;
+        }, undefined>, undefined>;
+        readonly subproblems: v.OptionalSchema<v.ArraySchema<v.LooseObjectSchema<{
+            readonly type: v.StringSchema<undefined>;
+            readonly title: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+            readonly detail: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+            readonly status: v.OptionalSchema<v.SchemaWithPipe<readonly [v.NumberSchema<undefined>, v.IntegerAction<number, undefined>, v.MinValueAction<number, 100, undefined>, v.MaxValueAction<number, 599, undefined>]>, undefined>;
+            readonly instance: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+            readonly identifier: v.OptionalSchema<v.LooseObjectSchema<{
+                type: v.PicklistSchema<readonly ["dns", "ip"], undefined>;
+                value: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.MinLengthAction<string, 1, undefined>]>;
+            }, undefined>, undefined>;
+        }, undefined>, undefined>, undefined>;
+    }, undefined>, undefined>;
+    readonly authorizations: v.ArraySchema<v.StringSchema<undefined>, undefined>;
+    readonly finalize: v.StringSchema<undefined>;
+    readonly certificate: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+    readonly replaces: v.OptionalSchema<v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.RegexAction<string, undefined>]>, undefined>;
+    readonly profile: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+}, undefined>;
+
+/**
+ * {@link Subproblem} schema.
+ *
+ * @remarks
+ * Uses `looseObject` — unknown fields pass through.
+ *
+ * @see {@link https://datatracker.ietf.org/doc/html/rfc8555#section-6.7.1}
+ */
+declare const SubproblemSchema: v.LooseObjectSchema<{
+    readonly type: v.StringSchema<undefined>;
+    readonly title: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+    readonly detail: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+    readonly status: v.OptionalSchema<v.SchemaWithPipe<readonly [v.NumberSchema<undefined>, v.IntegerAction<number, undefined>, v.MinValueAction<number, 100, undefined>, v.MaxValueAction<number, 599, undefined>]>, undefined>;
+    readonly instance: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+    readonly identifier: v.OptionalSchema<v.LooseObjectSchema<{
+        type: v.PicklistSchema<readonly ["dns", "ip"], undefined>;
+        value: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.MinLengthAction<string, 1, undefined>]>;
+    }, undefined>, undefined>;
+}, undefined>;
+/**
+ * {@link Problem} schema.
+ *
+ * @remarks
+ * Uses `looseObject` — unknown fields pass through.
+ * `type` is validated as a plain string, not against
+ * {@link ErrorTypes}, to accept server-defined URNs
+ * beyond the ACME namespace.
+ *
+ * @see {@link https://datatracker.ietf.org/doc/html/rfc7807}
+ * @see {@link https://datatracker.ietf.org/doc/html/rfc8555#section-6.7.1}
+ */
+declare const ProblemSchema: v.LooseObjectSchema<{
+    readonly type: v.StringSchema<undefined>;
+    readonly title: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+    readonly detail: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+    readonly status: v.OptionalSchema<v.SchemaWithPipe<readonly [v.NumberSchema<undefined>, v.IntegerAction<number, undefined>, v.MinValueAction<number, 100, undefined>, v.MaxValueAction<number, 599, undefined>]>, undefined>;
+    readonly instance: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+    readonly identifier: v.OptionalSchema<v.LooseObjectSchema<{
+        type: v.PicklistSchema<readonly ["dns", "ip"], undefined>;
+        value: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.MinLengthAction<string, 1, undefined>]>;
+    }, undefined>, undefined>;
+    readonly subproblems: v.OptionalSchema<v.ArraySchema<v.LooseObjectSchema<{
+        readonly type: v.StringSchema<undefined>;
+        readonly title: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly detail: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly status: v.OptionalSchema<v.SchemaWithPipe<readonly [v.NumberSchema<undefined>, v.IntegerAction<number, undefined>, v.MinValueAction<number, 100, undefined>, v.MaxValueAction<number, 599, undefined>]>, undefined>;
+        readonly instance: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+        readonly identifier: v.OptionalSchema<v.LooseObjectSchema<{
+            type: v.PicklistSchema<readonly ["dns", "ip"], undefined>;
+            value: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.MinLengthAction<string, 1, undefined>]>;
+        }, undefined>, undefined>;
+    }, undefined>, undefined>, undefined>;
+}, undefined>;
+
+/**
+ * {@link RenewalInfo} schema (RFC 9773 §4).
+ *
+ * @remarks
+ * Uses `looseObject` — unknown fields pass through.
+ *
+ * @see {@link https://datatracker.ietf.org/doc/html/rfc9773#section-4}
+ */
+declare const RenewalInfoSchema: v.LooseObjectSchema<{
+    readonly suggestedWindow: v.SchemaWithPipe<readonly [v.StrictObjectSchema<{
+        readonly start: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.IsoTimestampAction<string, undefined>]>;
+        readonly end: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.IsoTimestampAction<string, undefined>]>;
+    }, undefined>, v.CheckAction<{
+        start: string;
+        end: string;
+    }, "'start' must be before 'end'">]>;
+    readonly explanationURL: v.OptionalSchema<v.StringSchema<undefined>, undefined>;
+}, undefined>;
+/**
+ * {@link CertID} schema (RFC 9773 §4.1).
+ *
+ * @remarks
+ * Validates the `base64url(AKI).base64url(Serial)`
+ * format used to identify certificates in ARI.
+ *
+ * @see {@link https://datatracker.ietf.org/doc/html/rfc9773#section-4.1}
+ */
+declare const CertIDSchema: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.RegexAction<string, undefined>]>;
+
+/**
+ * {@link RevokeCert} schema (RFC 8555 §7.6).
+ *
+ * @remarks
+ * Uses `strictObject` — only `certificate` and
+ * optional `reason` are expected.
+ *
+ * @see {@link https://datatracker.ietf.org/doc/html/rfc8555#section-7.6}
+ */
+declare const RevokeCertSchema: v.StrictObjectSchema<{
+    readonly certificate: v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.RegexAction<string, undefined>, v.CheckAction<string, "invalid base64url length">]>;
+    readonly reason: v.OptionalSchema<v.SchemaWithPipe<readonly [v.NumberSchema<undefined>, v.IntegerAction<number, undefined>, v.PicklistSchema<[0, 1, 2, 3, 4, 5, 6, 8, 9, 10], undefined>]>, undefined>;
+}, undefined>;
+
+/**
+ * Successful validation — discriminate on `success`.
+ *
+ * @typeParam T - the validated type
+ */
+type ValidationSuccess<T> = {
+    success: true;
+    data: T;
+};
+/**
+ * Failed validation — discriminate on `success`.
+ *
+ * @remarks
+ * `issues` contains Valibot's structured error
+ * details (path, message, expected/received).
+ */
+type ValidationFailure = {
+    success: false;
+    issues: v.BaseIssue<unknown>[];
+};
+/**
+ * Discriminated validation result.
+ *
+ * @typeParam T - the validated type on success
+ *
+ * @example
+ * ```typescript
+ * const result = validateOrder(json);
+ * if (result.success) {
+ *   result.data; // Order
+ * } else {
+ *   result.issues; // BaseIssue<unknown>[]
+ * }
+ * ```
+ */
+type ValidationResult<T> = ValidationFailure | ValidationSuccess<T>;
+/**
+ * Validate a {@link Base64url} string.
+ *
+ * @param input - raw string
+ * @returns {@link ValidationResult} with
+ *   {@link Base64url} on success
+ */
+declare function validateBase64url(input: unknown): ValidationResult<Base64url>;
+/**
+ * Validate a {@link Base64url} string, allowing empty
+ * (POST-as-GET payload).
+ *
+ * @param input - raw string
+ * @returns {@link ValidationResult} with
+ *   {@link Base64url} or empty string on success
+ */
+declare function validateBase64urlOrEmpty(input: unknown): ValidationResult<string>;
+/**
+ * Validate an {@link Account} payload.
+ *
+ * @param input - parsed JSON
+ * @returns {@link ValidationResult} with
+ *   {@link Account} on success
+ */
+declare function validateAccount(input: unknown): ValidationResult<Account>;
+/**
+ * Validate an {@link Authorization} payload.
+ *
+ * @param input - parsed JSON
+ * @returns {@link ValidationResult} with
+ *   {@link Authorization} on success
+ */
+declare function validateAuthorization(input: unknown): ValidationResult<Authorization>;
+/**
+ * Validate a {@link Challenge} payload.
+ *
+ * @param input - parsed JSON
+ * @returns {@link ValidationResult} with
+ *   {@link Challenge} on success
+ */
+declare function validateChallenge(input: unknown): ValidationResult<Challenge>;
+/**
+ * Validate a {@link CertID} string.
+ *
+ * @param input - raw string
+ * @returns {@link ValidationResult} with
+ *   {@link CertID} on success
+ */
+declare function validateCertID(input: unknown): ValidationResult<CertID>;
+/**
+ * Validate a {@link Directory} payload.
+ *
+ * @param input - parsed JSON
+ * @returns {@link ValidationResult} with
+ *   {@link Directory} on success
+ */
+declare function validateDirectory(input: unknown): ValidationResult<Directory>;
+/**
+ * Validate a {@link DirectoryMeta} payload.
+ *
+ * @param input - parsed JSON
+ * @returns {@link ValidationResult} with
+ *   {@link DirectoryMeta} on success
+ */
+declare function validateDirectoryMeta(input: unknown): ValidationResult<DirectoryMeta>;
+/**
+ * Validate a {@link Finalize} payload.
+ *
+ * @param input - parsed JSON
+ * @returns {@link ValidationResult} with
+ *   {@link Finalize} on success
+ */
+declare function validateFinalize(input: unknown): ValidationResult<Finalize>;
+/**
+ * Validate a {@link FlattenedJWS} payload.
+ *
+ * @param input - parsed JSON
+ * @returns {@link ValidationResult} with
+ *   {@link FlattenedJWS} on success
+ */
+declare function validateFlattenedJWS(input: unknown): ValidationResult<FlattenedJWS>;
+/**
+ * Validate a {@link JWSProtectedHeader} payload.
+ *
+ * @param input - decoded protected header JSON
+ * @returns {@link ValidationResult} with
+ *   {@link JWSProtectedHeader} on success
+ */
+declare function validateJWSProtectedHeader(input: unknown): ValidationResult<JWSProtectedHeader>;
+/**
+ * Validate an {@link ACMEProtectedHeader} payload.
+ *
+ * @param input - decoded protected header JSON
+ * @returns {@link ValidationResult} with
+ *   {@link ACMEProtectedHeader} on success
+ */
+declare function validateACMEProtectedHeader(input: unknown): ValidationResult<ACMEProtectedHeader>;
+/**
+ * Validate an {@link ACMERequestHeader} payload.
+ *
+ * @param input - decoded protected header JSON
+ * @returns {@link ValidationResult} with
+ *   {@link ACMERequestHeader} on success
+ */
+declare function validateACMERequestHeader(input: unknown): ValidationResult<ACMERequestHeader>;
+/**
+ * Validate an {@link Identifier} payload.
+ *
+ * @param input - parsed JSON
+ * @returns {@link ValidationResult} with
+ *   {@link Identifier} on success
+ */
+declare function validateIdentifier(input: unknown): ValidationResult<Identifier>;
+/**
+ * Validate an {@link Order} payload.
+ *
+ * @param input - parsed JSON
+ * @returns {@link ValidationResult} with
+ *   {@link Order} on success
+ */
+declare function validateOrder(input: unknown): ValidationResult<Order>;
+/**
+ * Validate a {@link Problem} payload.
+ *
+ * @param input - parsed JSON
+ * @returns {@link ValidationResult} with
+ *   {@link Problem} on success
+ */
+declare function validateProblem(input: unknown): ValidationResult<Problem>;
+/**
+ * Validate a {@link RenewalInfo} payload.
+ *
+ * @param input - parsed JSON
+ * @returns {@link ValidationResult} with
+ *   {@link RenewalInfo} on success
+ */
+declare function validateRenewalInfo(input: unknown): ValidationResult<RenewalInfo>;
+/**
+ * Validate a {@link RevokeCert} payload.
+ *
+ * @param input - parsed JSON
+ * @returns {@link ValidationResult} with
+ *   {@link RevokeCert} on success
+ */
+declare function validateRevokeCert(input: unknown): ValidationResult<RevokeCert>;
+/**
+ * Validate a {@link Subproblem} payload.
+ *
+ * @param input - parsed JSON
+ * @returns {@link ValidationResult} with
+ *   {@link Subproblem} on success
+ */
+declare function validateSubproblem(input: unknown): ValidationResult<Subproblem>;
+/**
+ * Validate a {@link JWK} payload.
+ *
+ * @param input - parsed JSON
+ * @returns {@link ValidationResult} with
+ *   {@link JWK} on success
+ */
+declare function validateJWK(input: unknown): ValidationResult<JWK>;
+/**
+ * Validate a {@link KeyChange} payload.
+ *
+ * @param input - parsed JSON
+ * @returns {@link ValidationResult} with
+ *   {@link KeyChange} on success
+ */
+declare function validateKeyChange(input: unknown): ValidationResult<KeyChange>;
+/**
+ * Validate a {@link NewAccount} payload.
+ *
+ * @param input - parsed JSON
+ * @returns {@link ValidationResult} with
+ *   {@link NewAccount} on success
+ */
+declare function validateNewAccount(input: unknown): ValidationResult<NewAccount>;
+/**
+ * Validate a {@link DeactivateAccount} payload.
+ *
+ * @param input - parsed JSON
+ * @returns {@link ValidationResult} with
+ *   {@link DeactivateAccount} on success
+ */
+declare function validateDeactivateAccount(input: unknown): ValidationResult<DeactivateAccount>;
+/**
+ * Validate a {@link NewOrder} payload.
+ *
+ * @param input - parsed JSON
+ * @returns {@link ValidationResult} with
+ *   {@link NewOrder} on success
+ */
+declare function validateNewOrder(input: unknown): ValidationResult<NewOrder>;
+/**
+ * Validate a {@link NewAuthz} payload.
+ *
+ * @param input - parsed JSON
+ * @returns {@link ValidationResult} with
+ *   {@link NewAuthz} on success
+ */
+declare function validateNewAuthz(input: unknown): ValidationResult<NewAuthz>;
+/**
+ * Validate a {@link DeactivateAuthorization}
+ * payload.
+ *
+ * @param input - parsed JSON
+ * @returns {@link ValidationResult} with
+ *   {@link DeactivateAuthorization} on success
+ */
+declare function validateDeactivateAuthorization(input: unknown): ValidationResult<DeactivateAuthorization>;
+
+export { ACMEProtectedHeaderSchema, ACMERequestHeaderSchema, AccountSchema, AuthorizationSchema, Base64urlOrEmptySchema, Base64urlSchema, CertIDSchema, ChallengeSchema, DeactivateAccountSchema, DeactivateAuthorizationSchema, DirectoryMetaSchema, DirectorySchema, FinalizeSchema, FlattenedJWSSchema, IdentifierSchema, JWKSchema, JWSProtectedHeaderSchema, KeyChangeSchema, NewAccountSchema, NewAuthzSchema, NewOrderSchema, OrderSchema, ProblemSchema, RenewalInfoSchema, RevokeCertSchema, StrictIdentifierSchema, SubproblemSchema, validateACMEProtectedHeader, validateACMERequestHeader, validateAccount, validateAuthorization, validateBase64url, validateBase64urlOrEmpty, validateCertID, validateChallenge, validateDeactivateAccount, validateDeactivateAuthorization, validateDirectory, validateDirectoryMeta, validateFinalize, validateFlattenedJWS, validateIdentifier, validateJWK, validateJWSProtectedHeader, validateKeyChange, validateNewAccount, validateNewAuthz, validateNewOrder, validateOrder, validateProblem, validateRenewalInfo, validateRevokeCert, validateSubproblem };
+export type { ValidationFailure, ValidationResult, ValidationSuccess };