AWS contains the region the server is located at as part of the rDNS name. I did a few cross checks with traceroute.
Here are a few very recent examples collected with tcpdump port 123
Expected traffic:
10:01:11.757275 IP ec2-3-66-40-236.eu-central-1.compute.amazonaws.com.22136 > x.ntp: NTPv4, Client, length 48
Unexpected traffic:
10:01:11.845737 IP ec2-52-61-41-166.us-gov-west-1.compute.amazonaws.com.ntp > x.ntp: NTPv4, Client, length 48
10:01:12.005623 IP ec2-3-133-31-231.us-east-2.compute.amazonaws.com.ntp > x.ntp: NTPv4, Client, length 48
10:01:12.218805 IP ec2-13-125-54-88.ap-northeast-2.compute.amazonaws.com.47891 > x.ntp: NTPv4, Client, length 48
As shown here, unexpected traffic from regions far away arrives at least every second.