Which component of PKI is responsible for storing certificates long-term?

The correct answer is that the Archive is responsible for storing certificates long-term. In a Public Key Infrastructure (PKI), an Archive serves to preserve and manage certificates beyond their active usage. This long-term storage is essential for compliance, auditing, and recovery purposes. Generally, certificates may need to be retrieved after they have expired or been revoked, for example, during legal proceedings or for future reference, and the Archive ensures that this data remains accessible.

The other components of PKI play different roles. The Registration Authority is involved in verifying the identity of entities requesting certificates before they are issued but does not store them. The Repository acts as a distribution point for certificates and may temporarily store them for retrieval, but it is not designed for long-term storage as an Archive would be. The Certification Authority issues certificates and manages their lifecycle but, like the Registration Authority, it is not focused on long-term storage of certificates.