偏移量 5 处的 64 位值是自 0 年以来的微秒数：

使用这个 perl 脚本来验证：

use POSIX;
while (<DATA>) {
    if (/(.*\S)\s+->\s+(.*\S)/) {
        my ($hex, $date)= ($1,$2);

        # convert date to unix timestamp
        $date =~ s/x/0/g;
        my @f= reverse split /[. ]/, $date;
        $f[4]--;  # correct month for mktime
        $f[5]-=1900; # correct year for mktime
        my $unixtime= POSIX::mktime(@f);

        # extract qword starting at byte 5
        $hex =~ s/\s//g;
        my ($lo,$hi)= unpack("VV", substr(pack("H*", $hex), 5, 8));
        $value= $hi*0x100000000+$lo;

        printf("0x%x/1000000-%d = %d\n", $value, $unixtime, $value/1000000-$unixtime);
    }
}
__DATA__
60 03 00 00 00 F1 16 CE 18 23 8E E1 00 01 9E  ->  2011.10.29 x.x.x
38 05 00 00 00 89 70 B0 83 34 8E E1 00 01 4E  ->  2011.10.30 x.x.x
1A 06 00 00 00 89 0F 9E 71 3C 8E E1 00 01 12  ->  2011.10.31 x.x.x
24 07 00 00 00 03 45 29 A2 71 8E E1 00 01 28  ->  2011.11.02 x.x.x
1A 00 00 00 00 41 E7 A2 6E 22 DA E1 00 01 12  ->  2014.06.22 22.39.x
1A 01 00 00 00 B9 47 48 73 22 DA E1 00 01 12  ->  2014.06.22 22.40.x

导致此输出：

0xe18e2318ce16f1/1000000-1319839200 = 62168311951
0xe18e3483b07089/1000000-1319925600 = 62168300358
0xe18e3c719e0f89/1000000-1320015600 = 62168244415
0xe18e71a2294503/1000000-1320188400 = 62168300062
0xe1da226ea2e741/1000000-1403469540 = 62168241639
0xe1da22734847b9/1000000-1403469600 = 62168241657

62168241657/86400/365.2422 = 1970.03477142853579229222年