In the following example we have two rules created. test1 is added as last and test2 is added as first. In the show config acl output, we see that test2 is above test1 as defined by the first and last statement used in the command syntax.
X450a-48t.3 # create access-list test1 " ; " " deny ;" application "Cli"
X450a-48t.4 # create access-list test2 " ; " " deny ;" application "Cli"
X450a-48t.5 # configure access-list add "test1" last port 1
X450a-48t.6 # configure access-list add "test2" first port 2
X450a-48t.7 # show configuration "acl"
configure access-list add test2 last priority 0 zone SYSTEM ports 2 ingress <- test2 has been added above test1, but displays last
configure access-list add test1 last priority 0 zone SYSTEM ports 1 ingress
This is expected behaviour. The show configuration acl output will always display last for each rule created. The rule order listed in show configuration output will be precedence order, not the configured order. In the above example, test2 takes precedence on the dynamic ACL order processed.