Looking at the source code, there's a hard-wired restriction that lines of .pgpass can't be more than 320 characters long (well, NAMEDATALEN*5, but very few builds don't have NAMEDATALEN=64). I see that somebody very recently added code to make libpq print a warning for overlength lines, but I wonder why they didn't just, um, remove the restriction. We had not previously heard of a use-case for passwords with hundreds of characters in them, but I guess we need to cope.
Just FYI, the auth tokens generated by Amazon RDS appear to be 796 bytes long.
If you're in a position to rebuild libpq, could you check that changing LINELEN in fe-connect.c to something large enough (like 1K) fixes your problem? While that's clearly one issue, it'd be good to verify that there's not another one lurking behind it.
I'm not in an easy position to do that (having not contributed code to the project before), but I'd be happy to provide more information about my use case or about how IAM-based authentication works as it relates to Postgres.
