It seems as though the RID Master and PDC Emulator should be able to communicate directly with all DCs in the domain, though I haven't been able to find it spelled out exactly in those terms.
This TechNet article seems to hint at that.
Place roles on domain controllers that are can be accessed by the computers that need access to a given role, especially on networks that are not fully routed. For example, to obtain a current or standby RID pool, or perform pass-through authentication, all DCs need network access to the RID and PDC role holders in their respective domains.
This other article also says:
Domain controllers in sites C and D cannot access the RID master in site A to obtain an initial RID pool after the Active Directory installation and to refresh RID pools as they become depleted.
Though, that article does make an opaque reference to site link bridging.
From what I can tell, site link bridging does not apply in the cases or RID issuance, or the services offered by the PDC emulator like failed auth forwarding or time sync, since these do not rely replication and site link bridges are only for replication. There must be direct connectivity to the DCs with these roles.
If you remove the "PS" at the end of your question, I can offer a solution :)