That's already a thing. One can install Squid on their router, generate a CA cert, sign their server certs with it and install the CA into all the devices in the home. It's called Squid SSL Bump. [1] A small handful of sites still use public key pinning and will have to be added to exclusions in the configuration.
The router must then be configured to only allow Squid HTTPS, Unbound DNS and Chrony NTP out to the internet.
Doing this will of course break things like video games. The parents should have a way to bypass Squid and permit all traffic out during family video game time.
[1] - https://github.com/alatas/squid-alpine-ssl Not my repo, needs updating
Apps have cert pinning. What now?
Websites have public key pinning. [1] HPKP Most sites don't do this any more but enough do that anyone running a Squid SSL Bump MitM proxy needs to know.
[1] - https://en.wikipedia.org/wiki/HTTP_Public_Key_Pinning
And do you block children from accessing any of them?
Which of them specifically are you asking about?