Below is a working KeyTable and SigningTable example for OpenDKIM that uses the percent character (%) to replace the domain of the sender while generating the signature.
# If the first field contains only a "%" character, it
# will be replaced by the domain found in the From:
# header field. Similarly, within the optional second
# field, any "%" character will be replaced by the
# domain found in the From: header field.
# If the
# first value consists solely of a percent sign ("%")
# character, it will be replaced by the apparent domain
# of the sender when generating a signature. If the
# third value starts with a slash ("/") character, or
# "./" or "../", then it is presumed to refer to a file
# from which the private key should be read, otherwise
# it is itself a PEM-encoded private key or a
# base64-encoded DER private key; a "%" in the third
# value in this case will be replaced by the apparent
# domain name of the sender.
This ensures that the d=domain.tld and s=default selector gets set for any domains that you are hosting on the mail server. Adding new domains does not require any changes to the SigningTable or KeyTable files.
You however still need to add the DKIM TXT record for each domain that you have.