In this case the security system is setup to authenticate TPXG, however the applid being presented to RACF is not the same.
You can instruct TPX to identify itself to the security system with a different name then its APPLID.
This name can be defined in SMRT(9) - Security Parameters.
The corresponding parameter is 'Alias Name:'.
This name is then passed to the security system instead of the actual TPX APPLID.
You have a generic resource named 'TPXG' with instances of 'A01TPXA' and 'A01TPXB'
Insert 'Alias Name: TPXG'. This will allow the Passticket to be generated with the alias name 'TPXG'.