There are a few elements to having this fully working so I will separate them out.
--AWS route from your router
This you appear to have covered by sending the 10/16 network over to the SSG5 that has the tunnel to AWS
--SSG5 routes to your router
This may be in place already but you need all the subnets on your router to be reachable by the SSG5 towards your interface connected to the SSG5
--AWS routes to your router subnets
The vpn tunnel you have to AWS likely was setup with the expectation that local routers were bgroup0 on the SSG5 as you note are currently working.
You will need to expand this VPN to include all the subnets you want to use on your router.
This will take changes to both sides of the vpn and any associated routing for the vpn
--SSG5 security policy
There will need to be zone to zone policy in place on the SSG5 to permit the traffic from your router to the AWS networks. This will be from zone the interace your router link is in to the zone the AWS tunnel interface is placed into.