To find the issuer of a certificate, you should use the "Issuer DN" and match it with the "Subject DN" of the certificates in your CA store. This should reduce significantly the number of signature verification.

It is possible to have different CA certificates with the same "Subject DN" (with different public keys, validity dates, etc.), so your algorithm should be prepared to handle that. The "Subject Key Identifier" and "Authority Key Identifier" can also help to reduce the number of candidates.

Finding the issuing authority is only a small part of the "right approach" to validating certificates. I would advise you to look at part 6 of rfc5280 "Certification Path Validation". Some parts are most probably overkill (i.e. most things having to do with policies).

https://stackoverflow.com/questions/1567106/how-to-determine-the-root-of-a-certificate