But how is possible that kubectl client know all schemas for resources? I could install many CRDs throughout time without update kubectl cli.

k8s has 2 parts.. first - it has it's in-build schema for std objects, you even can download it if you have a working cluster (make sure your kubeconfig is correct):

kubectl proxy --port=8080 &
curl http://127.0.0.1:8080/openapi/v2 > k8s_openapi_schema.json

and you also can list and download all CRDs, each of them will also have openAPI scheme.

it's possible to get that data and validate your resources. https://github.com/yannh/kubeconform?tab=readme-ov-file#limits-of-kubeconform-validation is a good example of how to do this

the only thing is - there are some extra checks that k8s does outside of checks based on openAPI. this link above provides a bit more info