A website that I do banking on has a login page on a different subdomain than their main website, and this login page is secured with an Amazon-issued domain-validation certificate (their main website is secured with an extended-validation certificate that is logged in the CT logs). In other words, if their main website is at
https://example.com secured with an EV certificate, their login page is on the subdomain
https://login.example.com secured with a DV certificate. The certificate that their login page is secured with does not show up on certificate transparency log lookup tools such has https://crt.sh/ and https://censys.io/certificates. It is my understanding that this is normal for Amazon-issued certificates, but I will transmit very sensitive information to the website so I want to be absolutely sure that I am on the right website.
What are the risks of trusting this certificate that cannot be found on CT logs? What can a malicious actor potentially do to impersonate the website’s login page since the website has not implemented Certificate Transparency for that page? Is it possible to contact the bank to verify this certificate with them, and if so, is it necessary?