When a request is made against a subcustomer hostname that has policy rules set up, the rules take effect when the requested content is delivered to the end-user.

Let's assume your subcustomer's hostname is www.example.com, and an end-user request is issued for the following URL:

http://www.example.com/us-content/uploads/2014/10/file1.png

You've setup a policy for www.example.com, that includes the following rules:

{
    "rules" : [
        {
            "matches" : [
                {
                    "name" : "url-wildcard",
                    "value" : "/us-content/*",
                }
            ],
            "behaviors" : [
                {
                    "name" : "geo-whitelist",
                    "type" : "country",
                    "value" : "US"
                }
            ]
        }
    ]
}

With "value" : "US" included, requests from outside the ‘United States’ are denied. (A 403 response is issued, and the content is not served.)

To test this, you could issue a request from a non US-based client. However, using standard command line tools and adding the Akamai debug “Pragma” values can help identify the reason for the 403 response. (Contact your Account Representative for information on debug "Pragma" values.)