I do something similar seems to get the job done.
for BadActor in $(curl -A Mozilla "https://api.cloudflare.com/local-ip-ranges.csv"|grep -Ev "::|/32"|awk -F "," '{print $1}'|sort | uniq); do ip route add blackhole "${BadActor}" 2>/dev/null;done
Something similar can be done with AWS EC2 https://ip-ranges.amazonaws.com/ip-ranges.json