After a lot of digging around, I found that Kestrel does not seem to support binding to a hostname/real url but only to IP addresses with ports. Albeit, 7 years old, it still seems to be accurate.
Even though I was setting https://psuniversal.domain.com:5001 in the Url setting in appsettings.json, it was binding to https://[::]:5001 per the log. I discovered if I set it to https://10.0.0.100:5001, the log would show it binding to that IP successfully. This seems to have been making the SPN request follow the hostname of the server, rather than utilizing the web URL hostname like how IIS works.
Overall, I have resolved the issue with a bit of a hacky work around, by utilizing Failover Clustering to create a single node role that contains a client access point resource with a new IP address/Computer Object/DNS name so that I could set up an SPN with that hostname instead. I had to utilize this method because the server I’m using hosts several sites, one of which was already using the spn for the hostname of the server.
All of that to just to say, it was a self-made issue, with a hacky workaround that will do until I can get our developer to fix some of his websites.