Part of dns actually prevents that. So long as you are using a browser that has implemented its use, dnd entries specifify the public signing key of the destination server, so if the browser receives a packet signed using a different certificate the Browser will prevent you from navigating there.

I know for a fact that Chrome and Firefox have implemented this as standard behavior specifically to prevent this kind of man in the middle attack, and have explicitly come out against previous government attempts to subvert this guarantee of privacy.

The biggest problem isn't that your own government might swap that orange you wanted for an apple, it's that by making it possible they also make it possible for a foreign government to do so, and they're likely to replace the orange with cyanide.

The US government has tried and failed to push this kind of idiocy through every other year for the last 2 decades. Every major tech company tells them they will flat out refuse to compromise everyone's safety to accommodate idiocy and the attempt is ultimately dropped.

Which DNS record type are you talking about? CAA?

Certificate transparency should mean that those wrongly-signed certificates make it out into the world though, right?

I am not quite sure how mandatory CT is at the moment though.

True, that would be possible. Time to ban the German one in my opinion for breaking the chain of trust.