At a networking device, a method includes obtaining, according to a predefined protocol, a first plurality of attestation vectors from a corresponding plurality of candidate next-hop nodes. Each of the plurality of candidate next-hop nodes is included within a respective route between a particular node and a destination node. The method further includes determining a plurality of confidence scores. Each of the plurality of confidence scores is based on a comparison between a corresponding one of the first plurality of attestation vectors and a trusted image vector. The method further includes selecting, from the plurality of confidence scores, a particular confidence score that satisfies one or more selection criteria. Each of the particular confidence score is associated with a particular candidate next-hop node of the plurality of candidate next-hop nodes. The method further includes directing, to the particular candidate next-hop node, a data packet destined for the destination node.