Hello！ I just meet a strange thing that I deploy an istio on rke2 based k8s, but the istiod always logs

warn    serverca        Authentication failed for 10.42.3.41:55132: Authenticator ClientCertAuthenticator at index 0 got error: no verified chain is found. Authenticator KubeJWTAuthenticator at index 1 got error: failed to validate the JWT from cluster "Kubernetes": the service account authentication returns an error: [invalid bearer token, token audiences ["<https://kubernetes.default.svc.cluster.local>" "rke2"] is invalid for the target audiences ["istio-ca"]].
2022-10-19T03:09:50.279840Z     warn    serverca        Authentication failed for 10.42.4.42:41496: Authenticator ClientCertAuthenticator at index 0 got error: no verified chain is found. Authenticator KubeJWTAuthenticator at index 1 got error: failed to validate the JWT from cluster "Kubernetes": the service account authentication returns an error: [invalid bearer token, token audiences ["<https://kubernetes.default.svc.cluster.local>" "rke2"] is invalid for the target audiences ["istio-ca"]].
2022-10-19T03:09:50.285617Z     warn    serverca        Authentication failed for 10.42.4.46:50152: Authenticator ClientCertAuthenticator at index 0 got error: no verified chain is found. Authenticator KubeJWTAuthenticator at index 1 got error: failed to validate the JWT from cluster "Kubernetes": the service account authentication returns an error: [invalid bearer token, token audiences ["<https://kubernetes.default.svc.cluster.local>" "rke2"] is invalid for the target audiences ["istio-ca"]].

I google it first and it seems related with init cmd of kube-api? I'm confused right now, so has anyone encounter the same thing like me? BTW, my k8s config is

master01   Ready    control-plane,etcd,master   38h   v1.21.4+rke2r2   10.64.1.20    <none>        Ubuntu 20.04.1 LTS   5.15.0-50-generic   <containerd://1.6.2>
master02   Ready    control-plane,etcd,master   25h   v1.21.4+rke2r2   10.64.1.21    <none>        Ubuntu 20.04.1 LTS   5.15.0-50-generic   <containerd://1.6.2>
master03   Ready    control-plane,etcd,master   20h   v1.21.4+rke2r2   10.64.1.22    <none>        Ubuntu 20.04.1 LTS   5.15.0-50-generic   <containerd://1.6.2>
worker01   Ready    <none>                      23h   v1.21.4+rke2r2   10.64.1.23    <none>        Ubuntu 20.04.1 LTS   5.15.0-50-generic   <containerd://1.6.2>
worker02   Ready    <none>                      23h   v1.21.4+rke2r2   10.64.1.24    <none>        Ubuntu 20.04.1 LTS   5.15.0-50-generic   <containerd://1.6.2>
worker03   Ready    <none>                      23h   v1.21.4+rke2r2   10.64.1.25    <none>        Ubuntu 20.04.1 LTS   5.15.0-50-generic   <containerd://1.6.2>