AWS IPI cluster installation fails during bootstrap on existing VPC with multiple CIDRs

Issue

• Why does the cluster installation using IPI fail during bootstrap on an AWS VPC when networking.machineNetwork in install-config.yaml has multiple CIDRs?

• The bootstrap phase does not complete because master nodes cannot fetch ignition configurations. Master node serial console logs may show:

  [  *** ] A start job is running for Ignition (fetch) (1h 52min 24s / no limit)
  [*     ] A start job is running for Ignition (fetch) (1h 52min 33s / no limit)
  

• Installer logs might show bootstrap timeout errors, often with preceding connection errors to the API:

  level=debug msg=Machine <cluster-id>-master-0 is ready. Phase: Provisioned
  level=debug msg=Machine <cluster-id>-master-1 is ready. Phase: Provisioned
  level=debug msg=Machine <cluster-id>-master-2 has not yet provisioned: Pending
  level=info msg=Waiting up to 45m0s (until 5:15AM UTC) for bootstrapping to complete...
  level=debug msg=E0602 04:30:05.788155   195 controller.go:329] "Reconciler error" err="failed to create cluster accessor: error creating http client and mapper for remote cluster \"openshift-cluster-api-guests/<cluster-id>\": error creating client for remote cluster \"openshift-cluster-api-guests/<cluster-id>\": error getting rest mapping: failed to get API group resources: unable to retrieve the complete list of server APIs: v1: Get \"https://api.<cluster-id>.<base-domain>:6443/api/v1?timeout=10s\": dial tcp <api-server-ip>:6443: connect: connection refused" controller="machine" controllerGroup="cluster.x-k8s.io" controllerKind="Machine" Machine="openshift-cluster-api-guests/<cluster-id>-master-1" namespace="openshift-cluster-api-guests" name="<cluster-id>-master-1" reconcileID="<reconcile-uuid>"
  level=error msg=Bootstrap failed to complete: timed out waiting for the condition