The benchmark in that article comparing JWT to opaque session id's doesn't mention what database setup is used or what JWT signing scheme is used.

Presumably it's just using a HMAC, I think if it used RSA or an asymmetric signing scheme, the performance would look much different.

Yes. It was using HMAC. But I would still assume that RSA would be much faster than a db lookup (in a distributed system)?

Perhaps, at least on the JDK[0] RSA can take a few ms, probably a fair bit faster with a native implementation though.

[0] https://www.javamex.com/tutorials/cryptography/rsa_key_lengt...