diff --git a/docs/parsers/x509_cert.md b/docs/parsers/x509_cert.md
index f1538a2f..ad4ee7b5 100644
--- a/docs/parsers/x509_cert.md
+++ b/docs/parsers/x509_cert.md
@@ -11,6 +11,11 @@ You can convert other certificate formats (e.g. PKCS #7, PKCS #12, etc.) by
 processing them through a program like `openssl` and sending the output to
 `jc`. (See examples below)
 
+> Note: `jc` does not verify the integrity of the certificate, which
+> requires calculating the hash of the certificate body and comparing it to
+> the the hash in the certificate's signature after it is decrypted with the
+> issuer certificate's public key.
+
 Usage (cli):
 
     $ cat certificate.pem | jc --x509-cert
diff --git a/jc/parsers/x509_cert.py b/jc/parsers/x509_cert.py
index e83e325d..ef7187d9 100644
--- a/jc/parsers/x509_cert.py
+++ b/jc/parsers/x509_cert.py
@@ -6,6 +6,11 @@ You can convert other certificate formats (e.g. PKCS #7, PKCS #12, etc.) by
 processing them through a program like `openssl` and sending the output to
 `jc`. (See examples below)
 
+> Note: `jc` does not verify the integrity of the certificate, which
+> requires calculating the hash of the certificate body and comparing it to
+> the the hash in the certificate's signature after it is decrypted with the
+> issuer certificate's public key.
+
 Usage (cli):
 
     $ cat certificate.pem | jc --x509-cert