Extract PublicKey from signing keyset

I'm trying to extract the RSA public key used when creating a signature using tink but can't seem to find any easy way to do that

For example, in the following, i'm creating a public/private keyset

type.googleapis.com/google.crypto.tink.RsaSsaPkcs1PrivateKey
type.googleapis.com/google.crypto.tink.RsaSsaPkcs1PublicKey

and what i'd like to do in the last step is to extract out the actual RSA public as rsa.PublicKey

package main

import (
    "bytes"
    "encoding/json"
    "log"

    "github.com/tink-crypto/tink-go/v2/insecurecleartextkeyset"
    "github.com/tink-crypto/tink-go/v2/keyset"
    "github.com/tink-crypto/tink-go/v2/signature"

)

const ()

func main() {

    priv_kh, _ := keyset.NewHandle(signature.RSA_SSA_PKCS1_3072_SHA256_F4_RAW_Key_Template())

    buf := new(bytes.Buffer)
    w := keyset.NewJSONWriter(buf)
    _ = insecurecleartextkeyset.Write(priv_kh, w)

    var prettyJSON bytes.Buffer
    _ = json.Indent(&prettyJSON, buf.Bytes(), "", "\t")

    privateJSONKeyset := prettyJSON.String()
    log.Printf("Private Keyset: %s\n", privateJSONKeyset)

    pub_kh, _ := priv_kh.Public()

    pubuf := new(bytes.Buffer)
    pubw := keyset.NewJSONWriter(pubuf)
    _ = insecurecleartextkeyset.Write(pub_kh, pubw)

    var pubPrettyJSON bytes.Buffer
    _ = json.Indent(&pubPrettyJSON, pubuf.Bytes(), "", "\t")

    publicJSONKeyset := pubuf.String()
    log.Printf("Public Keyset: %s\n", publicJSONKeyset)
}

the only way i could make this all work is spelunking through the proto as shown here:

https://gist.github.com/salrashid123/0e42a5761d02f2f9b6fd2e3d60fc864f#file-tinkrsa-go-L95

am i missing some easy way to do all this if i want to verify a signature externally?

tink-crypto / tink-go

Extract PublicKey from signing keyset #18