API Gateway: ForbiddenException caused by adding a wildcard path (*) to API Mapping of Custom Domain Name

Question

I have a fully functioning API Gateway custom domain name setup:

An API Gateway API with routes / (ANY) and /{proxy+} (ANY) both integrated to a lambda function, connected to a custom domain name (with wildcard subdomains ex. *.example.com) with an API mapping using the default HTTP API and $default stage and an empty path and default endpoint enabled. I've also added the corresponding A record to route traffic to the particular API in route 53. It invocates the lambda function that it's supposed to do when I go to the URL (ex. sub1.example.com), and I've verified that this works.

However, I'm looking to be able to handle wildcard paths with the same API, so I've added * as the path in the API mapping (it was blank previously). Now, it returns {"message": "Forbidden"} when I go to the URL (ex. sub1.example.com) and the URL with any path (ex. sub1.example.com/examplepath), and the header status code == 403 and x-amzn-errortype == ForbiddenException in the response headers. What am I doing wrong?