In short, because of how DNS servers work. Each TLD has to be resolvable in the root servers and as far as I know ICANN doesn’t manage root DNS servers and ICANN would have to become a registrar and coordinate all those TLDs with all the root servers all over the world.
I’m still using pfsense and considered switching over to opnsense but I found out it doesn’t have something similar to pfblocker.