Open Command Prompt and cd to the directory containing your .cia file
Run the following command:
CertUtil -hashfile [nameofCIAfile] SHA1
Compare the output to the SHA-1 hash for your game found in this post
If the hashes match, your CIA should be legit
Alternatively, you can use MD5 instead and check them against this post. I'm no experienced programmer so I don't fully understand the concept behind all this crypto stuff but I think that if the hashes match, it means the files are the same, and those hash lists were generated from files that myself and others have confirmed as working.