That's a tough one really ... you could poke around on the router and get the netmask being used for the WAN IP range you've been assigned to, but my experience has been that my IP address usually stays the same (as long as I leave the router on) and when an event occurs that causes my WAN IP to change, I usually seem to end up on a completely different subnet range (i.e. due to some architectural change within Vz, they move my connection to a different subnet).
You might be better off using DynDNS to get your currently assigned WAN IP to publish as a DNS entry somewhere and then write a script on a server on the remote side that could monitor that value and when it changes would automatically update the ACL on the router/server to which you need access to make your new address.
Using this latter method would also insure that only your machine could get thru the ACL, not you and anyone else in the neighborhood.
If you're not so concerned about others having access and just looking to keep illicit parts of the internet off your servers, then maybe just use ARIN to figure out the size of the CIDR block delegation for the range your IP address comes from (which is probably the whole class A range) and use that -- at least then you'd know it was a Verizon hosted site vs somewhere, say, in North Korea or some other offshore location.