Security concern for public .well-known/apple-developer-merchantid-domain-association domain-verification file

As the document mentioned "Host your domain-verification file at the following path for each domain you’re registering:

https://[DOMAIN_NAME]/.well-known/apple-developer-merchantid-domain-association" and that file contain "pspId" and "signature" so just want to know these are not sensitive it gets in the hands of an attacker ??

Security concern for public .well-known/apple-developer-merchantid-domain-association domain-verification file
 
 
Q