diff --git a/lib/RootCerts.js b/lib/RootCerts.js
index 8e4f772..b5512bc 100644
--- a/lib/RootCerts.js
+++ b/lib/RootCerts.js
@@ -1,4 +1,4 @@
-module.exports = [
+var RootCerts = [
 /* tools/../src/node_root_certs.h -- Bundle of CA Root Certificates
  *
  * Certificate data from Mozilla as of: Sat Nov  9 22:37:55 2013
@@ -3559,3 +3559,10 @@ module.exports = [
 + "dcGWxZ0=\n"
 + "-----END CERTIFICATE-----\n"
 ];
+// Use hash table for efficiency:
+RootCerts = RootCerts.reduce(function(trusted, cert) {
+  cert = cert.replace(/\s+/g, '');
+  trusted[cert] = true;
+  return trusted;
+}, {});
+module.exports = RootCerts;
diff --git a/test/test.PayPro.js b/test/test.PayPro.js
index 3abc0ca..ad790ed 100644
--- a/test/test.PayPro.js
+++ b/test/test.PayPro.js
@@ -339,7 +339,7 @@ describe('PayPro', function() {
 
       paypro.set('serialized_payment_details', pdbuf);
       paypro.set('pki_type', 'x509+sha256');
-      paypro.set('pki_data', [x509.crt]);
+      paypro.set('pki_data', x509.crt);
 
       paypro.sign(x509.priv);
 
@@ -362,7 +362,7 @@ describe('PayPro', function() {
       paypro.set('pki_type', 'x509+sha256');
 
       paypro.set('signature', x509.sig); // sig buffer
-      paypro.set('pki_data', [x509.crt]); // contains one or more x509 certs
+      paypro.set('pki_data', x509.crt); // contains one or more x509 certs
 
       var verify = paypro.verify();
       verify.should.equal(true);