Full takeover throught LFI.. how much worth?

I have just finished and submitted my vdp rapport for a big company..

While just chillingly browsing and reading some article online at a domain, a saw it ran a new kind of application service on the background, wich triggered my attention..

After some basic reconnaissance i could find an simple LFI bug, wich gave me acces to the logfiles for the server.. with some custom request http i was able to create an RCE .. so for that i was originally done and wanted to report it, but then i thought more about it, and after checking more and more, i was able to extract the root users, with the ssh-rsa keys… Jackpot right?

The company has an vdp and they pay out bounty’s .. how much do you guys think is reasonable as a payout for such an finding?