How do I work out my certificate chain order manually?

The X509v3 Authority Key Identifier in the openssl output for the child key will match the X509v3 Subject Key Identifier for the signing key.

For example, for this site's SSL cert and its parent certificate:

# openssl x509 -text -noout -in subject.pem
...
        Subject: C=US, ST=NY, L=New York, O=Stack Exchange, Inc., CN=*.stackexchange.com
...
            X509v3 Authority Key Identifier:
                keyid:51:68:FF:90:AF:02:07:75:3C:CC:D9:65:64:62:A2:12:B8:59:72:3B
            X509v3 Subject Key Identifier:
                5A:C1:42:63:C2:62:13:B3:9D:94:84:AA:32:1E:17:CB:6D:A3:86:7B

# openssl x509 -text -noout -in parent.pem
...
        Subject: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert SHA2 High Assurance Server CA
...
            X509v3 Subject Key Identifier:
                51:68:FF:90:AF:02:07:75:3C:CC:D9:65:64:62:A2:12:B8:59:72:3B
            X509v3 Authority Key Identifier:
                keyid:B1:3E:C3:69:03:F8:BF:47:01:D4:98:26:1A:08:02:EF:63:64:2B:C3

51:68:FF:90:AF:02:07:75:3C:CC:D9:65:64:62:A2:12:B8:59:72:3B is what establishes on the child cert what cert signed it, you should be able to use that to find the correct authority certificates.