Basically the title but in more broad context: is there a way for the terminal to verify that the AIP is the one really sent by the card and not replaced in man-in-the-middle attack?
Short answer - yes. SDA is 'embedded' in the ICC Public Key recovery process. AIP will always be included if SDA Tag list is present in the card. You can find details in EMV Book 2 chapter 6.4