diff --git a/src/routes/activitypub/application.rs b/src/routes/activitypub/application.rs
index 57510cc..d94befa 100644
--- a/src/routes/activitypub/application.rs
+++ b/src/routes/activitypub/application.rs
@@ -1,7 +1,8 @@
 use apb::{ActorMut, BaseMut, ObjectMut, PublicKeyMut};
-use axum::{extract::State, http::HeaderMap, response::{IntoResponse, Redirect, Response}};
+use axum::{extract::{Query, State}, http::HeaderMap, response::{IntoResponse, Redirect, Response}, Json};
+use reqwest::Method;
 
-use crate::{server::Context, url};
+use crate::{errors::UpubError, server::{auth::{AuthIdentity, Identity}, fetcher::Fetcher, Context}, url};
 
 use super::{jsonld::LD, JsonLD};
 
@@ -35,3 +36,32 @@ pub async fn view(
 			.ld_context()
 	).into_response())
 }
+
+#[derive(Debug, serde::Deserialize)]
+pub struct FetchPath {
+	id: String,
+}
+
+pub async fn debug(
+	State(ctx): State<Context>,
+	Query(query): Query<FetchPath>,
+	AuthIdentity(auth): AuthIdentity,
+) -> crate::Result<Json<serde_json::Value>> {
+	// only local users can request debug fetches
+	if !matches!(auth, Identity::Local(_)) {
+		return Err(UpubError::unauthorized());
+	}
+	Ok(Json(
+		Context::request(
+			Method::GET,
+			&query.id,
+			None,
+			&ctx.base(),
+			&ctx.app().private_key,
+			ctx.domain(),
+		)
+			.await?
+			.json::<serde_json::Value>()
+			.await?
+	))
+}
diff --git a/src/routes/activitypub/mod.rs b/src/routes/activitypub/mod.rs
index dd4140f..2b9ff0d 100644
--- a/src/routes/activitypub/mod.rs
+++ b/src/routes/activitypub/mod.rs
@@ -24,6 +24,8 @@ impl ActivityPubRouter for Router<crate::server::Context> {
 		self
 			// core server inbox/outbox, maybe for feeds? TODO do we need these?
 			.route("/", get(ap::application::view))
+			// fetch route, to debug and retreive remote objects
+			.route("/dbg", get(ap::application::debug))
 			// TODO shared inboxes and instance stream will come later, just use users *boxes for now
 			.route("/inbox", post(ap::inbox::post))
 			.route("/inbox", get(ap::inbox::get))