We do know because the database owner has openly talked about how the keys are derived. That still doesn't make it a good key for your database, but I can assure you that the world doesn't revolve around you. It is someone's surrogate key – therefore it is a surrogate key.
You seem to be insisting on a semantic interpretation that makes the term less useful. A third party's surrogate key should not be considered a surrogate key when in your system. It doesn't matter how that key was generated, only that the semantic meaning of the key is outside of your control.
If you use data as a key, then that is a natural key, if you invent a value to use as an identifier, that is an artificial or surrogate key.
If an API provides you an ID for a record, that is data. If you use it as a key, that is also a natural key in your system.