$tcp = New-Object Net.Sockets.TcpClient("new.vpn.apisi.ru",443)
$ssl = New-Object Net.Security.SslStream($tcp.GetStream(), $false, ({ $true }))
$ssl.AuthenticateAsClient("new.vpn.apisi.ru")
$cert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2 $ssl.RemoteCertificate
[IO.File]::WriteAllBytes("$env:TEMP\newvpn.cer", $cert.Export([System.Security.Cryptography.X509Certificates.X509ContentType]::Cert))
certutil -verify -urlfetch "$env:TEMP\newvpn.cer"