Delete of ACI generates NPE

I have created two ACI for a partition.

The first ACI has following content:
dn: cn=orrtizACISubEntry,dc=orrtiz,dc=com
objectClass: top
objectClass: accessControlSubentry
objectClass: subentry
cn: orrtizACISubEntry
prescriptiveACI: { identificationTag "directoryManagerFullAccessACI", preced
ence 11, authenticationLevel simple, itemOrUserFirst userFirst: { userClass
es { name

{ "cn=nl04748,ou=users,dc=orrtiz,dc=com" } }, userPermissions { {
protectedItems { allUserAttributeTypesAndValues, entry }, grantsAndDenials
{ grantReturnDN, grantFilterMatch, grantBrowse, grantCompare, grantAdd, gr antInvoke, grantModify, grantImport, grantDiscloseOnError, grantRename, gra ntRemove, grantRead, grantExport } } } } }
prescriptiveACI: { identificationTag "allUsersACI", precedence 10, authentic
ationLevel none, itemOrUserFirst userFirst: { userClasses { allUsers }, use
rPermissions { { protectedItems { allUserAttributeTypesAndValues, entry },
grantsAndDenials { grantReturnDN, grantFilterMatch, grantBrowse, grantCompa re, grantDiscloseOnError, grantRead } }, { protectedItems { attributeType { userPassword } }, grantsAndDenials { denyRead, denyFilterMatch, denyCompar e } } } } }
subtreeSpecification: { }
accessControlSubentries: 2.5.4.3=orrtizacisubentry,0.9.2342.19200300.100.1.2
5=orrtiz,0.9.2342.19200300.100.1.25=com
createTimestamp: 20140325202223.905Z
creatorsName: 0.9.2342.19200300.100.1.1=admin,2.5.4.11=system
entryCSN: 20140325202223.905000Z#000000#001#000000
entryDN: cn=orrtizACISubEntry,dc=orrtiz,dc=com
entryParentId: a22442b4-f41f-46bb-89d8-e567ed1a5800
entryUUID:: ZWE0MTQxNTMtMzdjYS00NWU5LWE2ZTItODhkZTU2YTUzYzE2

The second ACI has following content:
dn: cn=orrtizAuthReqACISubEntry,dc=orrtiz,dc=com
objectClass: top
objectClass: accessControlSubentry
objectClass: subentry
cn: orrtizAuthReqACISubEntry
prescriptiveACI: { identificationTag "directoryManagerFullAccessACI", preced
ence 11, authenticationLevel simple, itemOrUserFirst userFirst: { userClass
es { name { "cn=nl04748,ou=users,dc=orrtiz,dc=com" }

}, userPermissions { {
protectedItems

{ allUserAttributeTypesAndValues, entry }, grantsAndDenials
{ grantReturnDN, grantFilterMatch, grantBrowse, grantCompare, grantAdd, gr antInvoke, grantModify, grantImport, grantDiscloseOnError, grantRename, gra ntRemove, grantRead, grantExport } } } } }
prescriptiveACI: { identificationTag "allUsersACI", precedence 10, authentic
ationLevel none, itemOrUserFirst userFirst: { userClasses { allUsers }, use
rPermissions { { protectedItems { allUserAttributeTypesAndValues, entry }

,
grantsAndDenials

{ grantReturnDN, grantFilterMatch, grantBrowse, grantCompa re, grantDiscloseOnError, grantRead }

}, { protectedItems { attributeType

{ userPassword }

}, grantsAndDenials

{ denyRead, denyFilterMatch, denyCompar e }

} } } }
subtreeSpecification:

{ base "dc=orrtiz,dc=com" }
accessControlSubentries: 2.5.4.3=orrtizacisubentry,0.9.2342.19200300.100.1.2
5=orrtiz,0.9.2342.19200300.100.1.25=com
createTimestamp: 20140325182443.296Z
creatorsName: 0.9.2342.19200300.100.1.1=admin,2.5.4.11=system
entryCSN: 20140325200009.087000Z#000000#001#000000
entryDN: cn=orrtizAuthReqACISubEntry,dc=orrtiz,dc=com
entryParentId: a22442b4-f41f-46bb-89d8-e567ed1a5800
entryUUID:: MWViMTQxMDktNzEzOC00NzFkLTlmYzEtZTgyMTM1NzI1ZDU1
modifiersName: 0.9.2342.19200300.100.1.1=admin,2.5.4.11=system
modifyTimestamp: 20140325200009.087Z

The difference between the two is the subtreeSpecifications whereby the first is {}, and the second { base "dc=orrtiz,dc=com" }

Deleting the first ACI generates no problem. Deleting the second ACI generates following error:
#!RESULT ERROR

#!CONNECTION ldap://director.somonar.prd:389

#!DATE 2014-03-25T20:38:04.044

#!ERROR [LDAP: error code 80 - OTHER: failed for MessageType : DEL_REQUEST Message ID : 23 Del request Entry : 'cn=orrtizAuthReqACISubEntry,dc=orrtiz,dc=com' org.apache.directory.api.ldap.model.message.DeleteRequestImpl@90241f8: null: java.lang.NullPointerException at org.apache.directory.server.core.subtree.SubentryInterceptor.delete(SubentryInterceptor.java:1043) at org.apache.directory.server.core.api.interceptor.BaseInterceptor.next(BaseInterceptor.java:490) at org.apache.directory.server.core.operational.OperationalAttributeInterceptor.delete(OperationalAttributeInterceptor.java:462) at org.apache.directory.server.core.api.interceptor.BaseInterceptor.next(BaseInterceptor.java:490) at org.apache.directory.server.core.exception.ExceptionInterceptor.delete(ExceptionInterceptor.java:207) at org.apache.directory.server.core.api.interceptor.BaseInterceptor.next(BaseInterceptor.java:490) at org.apache.directory.server.core.admin.AdministrativePointInterceptor.delete(AdministrativePointInterceptor.java:1261) at org.apache.directory.server.core.api.interceptor.BaseInterceptor.next(BaseInterceptor.java:490) at org.apache.directory.server.core.authz.DefaultAuthorizationInterceptor.delete(DefaultAuthorizationInterceptor.java:172) at org.apache.directory.server.core.api.interceptor.BaseInterceptor.next(BaseInterceptor.java:490) at org.apache.directory.server.core.authz.AciAuthorizationInterceptor.delete(AciAuthorizationInterceptor.java:678) at org.apache.directory.server.core.api.interceptor.BaseInterceptor.next(BaseInterceptor.java:490) at org.apache.directory.server.core.referral.ReferralInterceptor.delete(ReferralInterceptor.java:288) at org.apache.directory.server.core.api.interceptor.BaseInterceptor.next(BaseInterceptor.java:490) at org.apache.directory.server.core.authn.AuthenticationInterceptor.delete(AuthenticationInterceptor.java:749) at org.apache.directory.server.core.api.interceptor.BaseInterceptor.next(BaseInterceptor.java:490) at org.apache.directory.server.core.normalization.NormalizationInterceptor.delete(NormalizationInterceptor.java:174) at org.apache.directory.server.core.DefaultOperationManager.delete(DefaultOperationManager.java:641) at org.apache.directory.server.core.shared.DefaultCoreSession.delete(DefaultCoreSession.java:923) at org.apache.directory.server.core.shared.DefaultCoreSession.delete(DefaultCoreSession.java:906) at org.apache.directory.server.ldap.handlers.request.DeleteRequestHandler.handle(DeleteRequestHandler.java:55) at org.apache.directory.server.ldap.handlers.request.DeleteRequestHandler.handle(DeleteRequestHandler.java:39) at org.apache.directory.server.ldap.handlers.LdapRequestHandler.handleMessage(LdapRequestHandler.java:207) at org.apache.directory.server.ldap.handlers.LdapRequestHandler.handleMessage(LdapRequestHandler.java:56) at org.apache.mina.handler.demux.DemuxingIoHandler.messageReceived(DemuxingIoHandler.java:221) at org.apache.directory.server.ldap.LdapProtocolHandler.messageReceived(LdapProtocolHandler.java:217) at org.apache.mina.core.filterchain.DefaultIoFilterChain$TailFilter.messageReceived(DefaultIoFilterChain.java:690) at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:417) at org.apache.mina.core.filterchain.DefaultIoFilterChain.access$1200(DefaultIoFilterChain.java:47) at org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl$1.messageReceived(DefaultIoFilterChain.java:765) at org.apache.mina.core.filterchain.IoFilterEvent.fire(IoFilterEvent.java:74) at org.apache.mina.core.session.IoEvent.run(IoEvent.java:63) at org.apache.mina.filter.executor.UnorderedThreadPoolExecutor$Worker.runTask(UnorderedThreadPoolExecutor.java:474) at org.apache.mina.filter.executor.UnorderedThreadPoolExecutor$Worker.run(UnorderedThreadPoolExecutor.java:428) at java.lang.Thread.run(Thread.java:662) ]

dn: cn=orrtizAuthReqACISubEntry,dc=orrtiz,dc=com

changetype: delete

I did this with uid=admin,ou=system.