routing performance

hi,
with a hAP ac wireless router (RB962UiGS-5HacT2HnT) my home internet seems limited to some 350Mbps, using the test in fast.com. In theory my ISP offers 1Gbps on the line and I do remember with the provided wireless router I got 850Mbps, also using fast.com

According to the tests results here: https://mikrotik.com/product/RB962UiGS-5HacT2HnT#fndtn-testresults the routing speeds could go to 900Mbps on 512 byte packets, which sounds like the results I am after.

I do have some vlans and bridges, and ad couple of firewall rules (both ipv6 and ipv4, but nothing really shocking, some 20 rules for each in total).
When I run the speed test, I see the cpu spike to 95% in the profiling tool, so this is probably the reason. It only has one core too.

What stuff could I look into some more to improve this performance?? Or is it more likely that this is as good as it gets, and if I want something faster, then going with the hAP ax2 is the way to go (4 cores, arm64, wifi6 which is also nice).

The older hapac should get somewhere between 300-700 real world throughput based on the test results.
Yes, the newer arm64 devices will provide full usage of your ISP throughput.

If going for ax2, then for little difference you are better off with ax3 which should provide better wifi with the external antennas and
lower CPU temp as the box is bigger with more cooling. In addition with a lot of filter rules, the ax3 still kicks above 1 gig
whereas the ax2 falls under 1 gig… For me no brainer Ax3…